New Case Study:See how Anthropic automated 95% of dependency reviews with Socket.Learn More →
youzanyun-open-sdk
Advanced tools
youzanyun-open-sdk - npm Package Compare versions
Comparing version 1.1.0 to 1.1.1
| const Config = require('../utils/config'); | ||
| const FormData = require('form-data'); | ||
| const fs = require('fs'); | ||
@@ -32,12 +33,12 @@ const PackageJson = require('../../package.json'); | ||
| let tokenRes; | ||
| let response; | ||
| if (files && Object.keys(files).length > 0) { | ||
| tokenRes = await this._requestMultipart(url, params, files); | ||
| response = await this._requestMultipart(url, params, files); | ||
| } else { | ||
| tokenRes = await this._requestJson(url, params); | ||
| response = await this._requestJson(url, params); | ||
| } | ||
| if (tokenRes.data.success) { | ||
| return tokenRes.data.data; | ||
| if (response.data.success) { | ||
| return response.data.data; | ||
| } else { | ||
| throw new Error(`请求${url}出错: ${response.data.message} ${response.data.error_data}`) | ||
| throw new Error(`请求${url}出错: ${JSON.stringify(response.data)}`) | ||
| } | ||
@@ -60,20 +61,20 @@ } | ||
| async _requestMultipart(url, data, files) { | ||
| let formBody = new FormData(); | ||
| let form = new FormData(); | ||
| data = data || {}; | ||
| for (let key of Object.keys(data)) { | ||
| formBody.append(key, data[key]); | ||
| form.append(key, data[key]); | ||
| } | ||
| files = files || {}; | ||
| for (let key of Object.keys(files)) { | ||
| formBody.append(key, fs.createReadStream(files[key])); | ||
| form.append(key, fs.createReadStream(files[key]), {}); | ||
| } | ||
| let response = await this.httpClient.request({ | ||
| url, | ||
| method: 'post', | ||
| data: formBody, | ||
| headers: { | ||
| 'content-type': 'multipart/form-data', | ||
| data: form, | ||
| headers: Object.assign({}, { | ||
| 'User-Agent': `YZY-Open-Client ${PackageJson.version}-NodeJs` | ||
| } | ||
| }, form.getHeaders()) | ||
| }); | ||
@@ -80,0 +81,0 @@ return response; |
| { | ||
| "name": "youzanyun-open-sdk", | ||
| "version": "1.1.0", | ||
| "version": "1.1.1", | ||
| "description": "", | ||
@@ -5,0 +5,0 @@ "main": "index.js", |
New alerts
Filesystem access
Supply chain riskAccesses the file system, and could potentially read sensitive data.
Found 1 instance in 1 package
Worsened metrics
- Total package byte prevSize
- decreased by-0.06%
25080
- Number of low supply chain risk alerts
- increased by100%
2
No dependency changes