@localnerve/csp-hashes 1.1.0 → 2.0.1

package/{dist/lib → lib}/index.js

@@ -1,20 +1,3 @@
-"use strict";
-
-Object.defineProperty(exports, "__esModule", {
-  value: true
-});
-exports.default = exports.hashstream = hashstream;
-Object.defineProperty(exports, "removeCspMeta", {
-  enumerable: true,
-  get: function () {
-    return _removeCspMeta.removeCspMeta;
-  }
-});
-var _stream = require("stream");
-var _crypto = _interopRequireDefault(require("crypto"));
-var _cheerio = _interopRequireDefault(require("cheerio"));
-var _removeCspMeta = require("./removeCspMeta.js");
-function _interopRequireDefault(obj) { return obj && obj.__esModule ? obj : { default: obj }; }
 /**
  * CSP Hashes.
  * 
@@ -24,6 +7,10 @@ function _interopRequireDefault(obj) { return obj && obj.__esModule ? obj : { de
  * Copyright (c) 2022 Alex Grant (@localnerve), LocalNerve LLC
  * Licensed under the MIT license.
  */
+import { Transform } from 'stream';
+import crypto from 'crypto';
+import cheerio from 'cheerio';
+export { removeCspMeta } from './removeCspMeta.js';
 
 /**
  * Collect all CSP Hashes and fill the given `hashes` structure.
@@ -32,21 +19,33 @@ function _interopRequireDefault(obj) { return obj && obj.__esModule ? obj : { de
  * @param {Buffer} html - The html content
  * @param {Object} hashes - The hash structure to fill
  */
-function collectHashes(hashFn, html, hashes) {
-  const $ = _cheerio.default.load(html);
+function collectHashes (hashFn, html, hashes) {
+  const $ = cheerio.load(html);
+
   Object.keys(hashes).forEach(what => {
-    hashes[what].elements = $(`${what}:not([src])`).map((i, el) => hashFn($(el).html())).toArray();
+    hashes[what].elements = $(`${what}:not([src])`).map(
+      (i, el) => hashFn($(el).html())
+    ).toArray();
   });
-  hashes.style.attributes.push(...$('[style]').map((i, el) => hashFn($(el).attr('style'))).toArray());
+
+  hashes.style.attributes.push(
+    ...$('[style]').map((i, el) => hashFn($(el).attr('style'))).toArray()
+  );
+
   const eventHandlerRe = /^on/i;
   const jsUrlRe = /^javascript:/i;
+
   $('*').each(function (i, el) {
     for (const attrName in el.attribs) {
       if (eventHandlerRe.test(attrName)) {
-        hashes.script.attributes.push(hashFn(el.attribs[attrName]));
+        hashes.script.attributes.push(
+          hashFn(el.attribs[attrName])
+        );
       }
       if (jsUrlRe.test(el.attribs[attrName])) {
-        hashes.script.attributes.push(hashFn(el.attribs[attrName].split(jsUrlRe)[1]));
+        hashes.script.attributes.push(
+          hashFn(el.attribs[attrName].split(jsUrlRe)[1])
+        );
       }
     }
   });
@@ -62,50 +61,61 @@ function collectHashes(hashFn, html, hashes) {
  * @param {Boolean} [options.replace] - True if callback is used for meta html replacements, defaults to false.
  * @returns Transform object stream to process Vinyl objects.
  */
-function hashstream({
+export function hashstream ({
   algo = 'sha256',
   replace = false,
   callback = null
 } = {}) {
+
   if (!/^sha(256|384|512)$/.test(algo)) {
     throw new Error('algo option must be one of "sha256", "sha384", or "sha512" only.');
   }
+
   if (typeof callback !== 'function') {
     throw new Error('callback option must be a valid function.');
   }
-  const createHash = r => _crypto.default.createHash(algo).update(r).digest('base64');
+
+  const createHash = r => crypto.createHash(algo).update(r).digest('base64');
   const formatHash = h => `'${algo}-${h}'`;
   const makeCSPHash = s => formatHash(createHash(s));
-  const transformObjectStream = new _stream.Transform({
+
+  const transformObjectStream = new Transform({
     objectMode: true,
     transform: (vinyl, enc, done) => {
       const path = vinyl.path;
       const content = vinyl.contents;
+  
       const hashes = {
         script: {
           elements: [],
           attributes: [],
-          get all() {
+          get all () {
             return this.elements.concat(this.attributes);
           }
         },
         style: {
           elements: [],
           attributes: [],
-          get all() {
+          get all () {
             return this.elements.concat(this.attributes);
           }
         }
       };
+  
       collectHashes(makeCSPHash, content, hashes);
+  
       if (replace) {
         const s = callback(path, hashes, content.toString());
         vinyl.contents = Buffer.from(s, enc);
       } else {
         callback(path, hashes);
       }
+  
       done(null, vinyl);
     }
   });
+
   return transformObjectStream;
-}
+}
+
+export { hashstream as default }

package/{dist/lib → lib}/removeCspMeta.js

@@ -1,10 +1,3 @@
-"use strict";
-
-Object.defineProperty(exports, "__esModule", {
-  value: true
-});
-exports.default = exports.removeCspMeta = removeCspMeta;
-var _stream = require("stream");
 /**
  * removeCspMeta.js
  * 
@@ -14,16 +7,18 @@ var _stream = require("stream");
  * Copyright (c) 2022 Alex Grant (@localnerve), LocalNerve LLC
  * Licensed under the MIT license.
  */
+import { Transform } from 'stream';
 
-function removeCspMeta() {
-  return new _stream.Transform({
+export function removeCspMeta () {
+  return new Transform({
     objectMode: true,
     transform: (vinyl, enc, done) => {
-      var _vinyl$contents;
       let e = null;
-      const input = vinyl === null || vinyl === void 0 ? void 0 : (_vinyl$contents = vinyl.contents) === null || _vinyl$contents === void 0 ? void 0 : _vinyl$contents.toString();
+      const input = vinyl?.contents?.toString();
       if (input) {
-        const output = input.replace(/("?Content-Security-Policy"?)(\s+)(content=")([^"]+)"/i, '$1$2$3$2"');
+        const output = input.replace(
+          /("?Content-Security-Policy"?)(\s+)(content=")([^"]+)"/i, '$1$2$3$2"'
+        );
         vinyl.contents = Buffer.from(output, enc);
       } else {
         e = new Error('removeCspMeta could not get Vinyl object file contents');
@@ -32,4 +27,6 @@ function removeCspMeta() {
       done(e, vinyl);
     }
   });
-}
+}
+
+export { removeCspMeta as default }

package/package.json

@@ -1,29 +1,23 @@
 {
   "name": "@localnerve/csp-hashes",
-  "version": "1.1.0",
+  "version": "2.0.1",
   "description": "Flexible library to generate CSP hashes",
-  "main": "dist/index.js",
+  "main": "index.js",
+  "type": "module",
   "exports": {
-    "import": "./dist/index.mjs",
-    "require": "./dist/index.js",
-    "default": "./dist/index.js"
+    "import": "./index.js",
+    "default": "./index.js"
   },
   "scripts": {
     "lint": "eslint .",
-    "transpile": "rimraf ./dist && babel --out-dir ./dist index.js && babel --out-dir ./dist/lib ./lib",
-    "prepublishBuild": "node -e 'try{require(\"fs\").copyFileSync(\"./index.js\", \"./dist/index.mjs\");}catch(e){}'",
-    "prepublishOnly": "npm run transpile && npm run prepublishBuild",
     "pretest": "node -e 'try{require(\"fs\").symlinkSync(\"../lib\", \"./__tests__/lib\");}catch(e){}'",
     "test": "jest",
     "test:debug": "node --inspect-brk ./node_modules/.bin/jest"
   },
   "devDependencies": {
-    "@babel/cli": "^7.19.3",
-    "@babel/preset-env": "^7.19.4",
-    "@babel/register": "^7.18.9",
-    "eslint": "^8.26.0",
-    "jest": "^29.2.2",
-    "rimraf": "^3.0.2",
+    "@babel/preset-env": "^7.20.2",
+    "eslint": "^8.30.0",
+    "jest": "^29.3.1",
     "vinyl": "^2.2.1"
   },
   "dependencies": {

package/readme.md

@@ -37,13 +37,13 @@ Stream hashstream ({
 ```
 
 ### removeCspMeta
-This library also exports a convenience helper method, `removeCspMeta` that is useful for some types of development builds. This method returns a stream that operates on [Vinyl](https://github.com/gulpjs/vinyl) objects and removes any `Content-Security-Policy` content found in the files.
+This library also exports a convenience helper method, `removeCspMeta` that is useful for some types of development builds. This method takes no options and returns a stream that operates on [Vinyl](https://github.com/gulpjs/vinyl) objects and removes any `Content-Security-Policy` content found in the files.
 
 ```
 Stream removeCspMeta ()
 ```
 
-### Options
+### Hashstream Options
 
 + {Function} **callback** - Required - A [function](#callback-function) to process the hashes. Receives file contents and must return new file contents if `replace` option is true.
 + {Boolean} **\[replace\]** - Optional - Defaults to `false`, set to true to indicate your `callback` function returns new file contents to replace the original.
@@ -138,7 +138,7 @@ export function cspMetaTags (settings) {
 }
 ```
 
-### Build step to remove CSP Meta tag content
+### Build Step to Remove CSP Meta Tag Content
 In this example, a build step removes any content from a `Content-Security-Policy` in a development build that wishes to ignore it.
 
 ```javascript

package/dist/index.js

@@ -1,24 +0,0 @@
-"use strict";
-
-Object.defineProperty(exports, "__esModule", {
-  value: true
-});
-Object.defineProperty(exports, "default", {
-  enumerable: true,
-  get: function () {
-    return _index.hashstream;
-  }
-});
-Object.defineProperty(exports, "hashstream", {
-  enumerable: true,
-  get: function () {
-    return _index.hashstream;
-  }
-});
-Object.defineProperty(exports, "removeCspMeta", {
-  enumerable: true,
-  get: function () {
-    return _index.removeCspMeta;
-  }
-});
-var _index = require("./lib/index.js");