npm - @st-gr/sail-proxy - Versions diffs - 0.9.2 → 0.9.3 - Mend

@st-gr/sail-proxy 0.9.2 → 0.9.3

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (213) hide show

package/bundled/gateway/node_modules/qs/test/stringify.js CHANGED Viewed

@@ -651,49 +651,6 @@ test('stringify()', function (t) {
         st.end();
     });
-    t.test('does not crash on null/undefined entries in arrayFormat=comma with encodeValuesOnly', function (st) {
-        st.doesNotThrow(
-            function () { qs.stringify({ a: [null, 'b'] }, { arrayFormat: 'comma', encodeValuesOnly: true }); },
-            'does not pass a raw null array entry to the encoder'
-        );
-        st.doesNotThrow(
-            function () { qs.stringify({ a: [undefined, 'b'] }, { arrayFormat: 'comma', encodeValuesOnly: true }); },
-            'does not pass a raw undefined array entry to the encoder'
-        );
-        st.doesNotThrow(
-            function () { qs.stringify({ a: [null] }, { arrayFormat: 'comma', encodeValuesOnly: true }); },
-            'does not crash on a single-null array'
-        );
-        st.equal(
-            qs.stringify({ a: [null, 'b'] }, { arrayFormat: 'comma', encodeValuesOnly: true }),
-            'a=,b',
-            'null entry joins as empty, comma stays unencoded under encodeValuesOnly'
-        );
-        st.equal(
-            qs.stringify({ a: [undefined, 'b'] }, { arrayFormat: 'comma', encodeValuesOnly: true }),
-            'a=,b',
-            'undefined entry joins as empty, comma stays unencoded under encodeValuesOnly'
-        );
-        st.equal(
-            qs.stringify({ a: [null] }, { arrayFormat: 'comma', encodeValuesOnly: true }),
-            'a=',
-            'single-null array stringifies as empty value'
-        );
-        st.equal(
-            qs.stringify({ a: [null] }, { arrayFormat: 'comma', encodeValuesOnly: true, strictNullHandling: true }),
-            'a',
-            'strictNullHandling drops the equals sign for a single-null array'
-        );
-        st.equal(
-            qs.stringify({ a: [null] }, { arrayFormat: 'comma', encodeValuesOnly: true, skipNulls: true }),
-            '',
-            'skipNulls drops a single-null array entirely'
-        );
-        st.end();
-    });
     t.test('stringifies a null object', { skip: !hasProto }, function (st) {
         st.equal(qs.stringify({ __proto__: null, a: 'b' }), 'a=b');
         st.end();
@@ -868,35 +825,6 @@ test('stringify()', function (t) {
         st.end();
     });
-    t.test('skips null/undefined entries in filter=array', function (st) {
-        st.doesNotThrow(
-            function () { qs.stringify({ a: 'b', undefined: 'x' }, { filter: ['a', undefined] }); },
-            'does not pass a raw undefined filter entry to the encoder'
-        );
-        st.doesNotThrow(
-            function () { qs.stringify({ a: 'b', 'null': 'x' }, { filter: ['a', null] }); },
-            'does not pass a raw null filter entry to the encoder'
-        );
-        st.equal(
-            qs.stringify({ a: 'b', undefined: 'x', c: 'd' }, { filter: ['a', undefined, 'c'] }),
-            'a=b&c=d',
-            'undefined filter entry is skipped, remaining keys are kept'
-        );
-        st.equal(
-            qs.stringify({ a: 'b', 'null': 'x', c: 'd' }, { filter: ['a', null, 'c'] }),
-            'a=b&c=d',
-            'null filter entry is skipped, remaining keys are kept'
-        );
-        st.equal(
-            qs.stringify({ a: 'b', 'null': 'x' }, { filter: [null] }),
-            '',
-            'filter array containing only null yields empty string'
-        );
-        st.end();
-    });
     t.test('supports custom representations when filter=function', function (st) {
         var calls = 0;
         var obj = { a: 'b', c: 'd', e: { f: new Date(1257894000000) } };
@@ -1183,28 +1111,6 @@ test('stringify()', function (t) {
         st.end();
     });
-    t.test('strictNullHandling: applies the formatter to the encoded key (RFC1738)', function (st) {
-        st.equal(
-            qs.stringify(
-                { 'a b': null, 'c d': 'e f' },
-                { strictNullHandling: false, format: 'RFC1738' }
-            ),
-            'a+b=&c+d=e+f',
-            'without: as expected'
-        );
-        st.equal(
-            qs.stringify(
-                { 'a b': null, 'c d': 'e f' },
-                { strictNullHandling: true, format: 'RFC1738' }
-            ),
-            'a+b&c+d=e+f',
-            'with: as expected'
-        );
-        st.end();
-    });
     t.test('throws if an invalid charset is specified', function (st) {
         st['throws'](function () {
             qs.stringify({ a: 'b' }, { charset: 'foobar' });
@@ -1240,12 +1146,6 @@ test('stringify()', function (t) {
             'adds the right sentinel when instructed to and the charset is iso-8859-1'
         );
-        st.equal(
-            qs.stringify({ a: 1, b: 2 }, { charsetSentinel: true, delimiter: ';' }),
-            'utf8=%E2%9C%93;a=1;b=2',
-            'uses the configured delimiter after the sentinel'
-        );
         st.end();
     });
@@ -1288,15 +1188,6 @@ test('stringify()', function (t) {
         };
         st.deepEqual(qs.stringify({ KeY: 'vAlUe' }, { encoder: encoder }), 'key=VALUE');
-        var noopEncoder = function () { return 'x'; };
-        noopEncoder();
-        st['throws'](
-            function () { encoder('x', noopEncoder, 'utf-8', 'unknown'); },
-            'this should never happen! type: unknown',
-            'encoder throws for unexpected type'
-        );
         st.end();
     });
@@ -1416,33 +1307,4 @@ test('stringifies empty keys', function (t) {
         st.end();
     });
-    t.test('round-trips keys containing percent-encoded bracket text', function (st) {
-        var cases = [
-            { 'a%5Bb': 'c' },
-            { 'a%5Db': 'c' },
-            { 'a%255Bb': 'c' },
-            { 'a%255Db': 'c' },
-            { a: { 'b%5Bc': 'd' } },
-            { a: { 'b%255Bc': 'd' } },
-            { 'a%5B%255Bb': 'c' }
-        ];
-        for (var i = 0; i < cases.length; i++) {
-            st.deepEqual(
-                qs.parse(qs.stringify(cases[i])),
-                cases[i],
-                'round-trips ' + JSON.stringify(cases[i])
-            );
-        }
-        st.end();
-    });
-    t.test('parses input containing percent-encoded bracket text without mangling', function (st) {
-        st.deepEqual(qs.parse('a%25255Bb=c'), { 'a%255Bb': 'c' }, 'a%25255Bb decodes to a%255Bb, not a%5Bb');
-        st.deepEqual(qs.parse('a%25255Db=c'), { 'a%255Db': 'c' }, 'a%25255Db decodes to a%255Db, not a%5Db');
-        st.deepEqual(qs.parse('a%5Bb%25255Bc%5D=d'), { a: { 'b%255Bc': 'd' } }, 'nested %25255B decodes to %255B inside segment, not %5B');
-        st.end();
-    });
 });

package/bundled/gateway/node_modules/qs/test/utils.js CHANGED Viewed

@@ -31,7 +31,6 @@ test('merge()', function (t) {
     t.deepEqual(noOptionsNonObjectSource, { foo: 'baz', bar: true });
     var func = function f() {};
-    func();
     t.deepEqual(
         utils.merge(func, { foo: 'bar' }),
         [func, { foo: 'bar' }],
@@ -113,15 +112,6 @@ test('merge()', function (t) {
             s2t.end();
         });
-        st.test('merges overflow object into primitive with plainObjects', function (s2t) {
-            var overflow = utils.combine(['a'], 'b', 0, false);
-            s2t.ok(utils.isOverflow(overflow), 'overflow object is marked');
-            var merged = utils.merge('c', overflow, { plainObjects: true });
-            s2t.ok(utils.isOverflow(merged), 'result is also marked as overflow');
-            s2t.deepEqual(merged, { __proto__: null, 0: 'c', 1: 'a', 2: 'b' }, 'creates null-proto object with primitive at 0');
-            s2t.end();
-        });
         st.test('merges overflow object with multiple values into primitive', function (s2t) {
             // Create an overflow object via combine: 3 elements (indices 0-2) with limit 0
             var overflow = utils.combine(['b', 'c'], 'd', 0, false);
@@ -138,21 +128,6 @@ test('merge()', function (t) {
             s2t.end();
         });
-        st.test('merges primitive into array that exceeds arrayLimit', function (s2t) {
-            var arr = ['a', 'b', 'c'];
-            var merged = utils.merge(arr, 'd', { arrayLimit: 1 });
-            s2t.ok(utils.isOverflow(merged), 'result is marked as overflow');
-            s2t.deepEqual(merged, { 0: 'a', 1: 'b', 2: 'c', 3: 'd' }, 'converts to overflow object with primitive appended');
-            s2t.end();
-        });
-        st.test('merges array into primitive that exceeds arrayLimit', function (s2t) {
-            var merged = utils.merge('a', ['b', 'c'], { arrayLimit: 1 });
-            s2t.ok(utils.isOverflow(merged), 'result is marked as overflow');
-            s2t.deepEqual(merged, { 0: 'a', 1: 'b', 2: 'c' }, 'converts to overflow object');
-            s2t.end();
-        });
         st.end();
     });
@@ -401,9 +376,7 @@ test('encode', function (t) {
 });
 test('isBuffer()', function (t) {
-    var fn = function () {};
-    fn();
-    forEach([null, undefined, true, false, '', 'abc', 42, 0, NaN, {}, [], fn, /a/g], function (x) {
+    forEach([null, undefined, true, false, '', 'abc', 42, 0, NaN, {}, [], function () {}, /a/g], function (x) {
         t.equal(utils.isBuffer(x), false, inspect(x) + ' is not a buffer');
     });
@@ -413,9 +386,8 @@ test('isBuffer()', function (t) {
     var saferBuffer = SaferBuffer.from('abc');
     t.equal(utils.isBuffer(saferBuffer), true, 'SaferBuffer instance is a buffer');
-    var buffer = SaferBuffer.from('abc');
-    t.notEqual(saferBuffer, buffer, 'different buffer instances');
-    t.equal(utils.isBuffer(buffer), true, 'another Buffer instance is a buffer');
+    var buffer = Buffer.from && Buffer.alloc ? Buffer.from('abc') : new Buffer('abc');
+    t.equal(utils.isBuffer(buffer), true, 'real Buffer instance is a buffer');
     t.end();
 });

package/bundled/gateway/node_modules/raw-body/HISTORY.md ADDED Viewed

@@ -0,0 +1,308 @@
+2.5.2 / 2023-02-21
+==================
+  * Fix error message for non-stream argument
+2.5.1 / 2022-02-28
+==================
+  * Fix error on early async hooks implementations
+2.5.0 / 2022-02-21
+==================
+  * Prevent loss of async hooks context
+  * Prevent hanging when stream is not readable
+  * deps: http-errors@2.0.0
+    - deps: depd@2.0.0
+    - deps: statuses@2.0.1
+2.4.3 / 2022-02-14
+==================
+  * deps: bytes@3.1.2
+2.4.2 / 2021-11-16
+==================
+  * deps: bytes@3.1.1
+  * deps: http-errors@1.8.1
+    - deps: setprototypeof@1.2.0
+    - deps: toidentifier@1.0.1
+2.4.1 / 2019-06-25
+==================
+  * deps: http-errors@1.7.3
+    - deps: inherits@2.0.4
+2.4.0 / 2019-04-17
+==================
+  * deps: bytes@3.1.0
+    - Add petabyte (`pb`) support
+  * deps: http-errors@1.7.2
+    - Set constructor name when possible
+    - deps: setprototypeof@1.1.1
+    - deps: statuses@'>= 1.5.0 < 2'
+  * deps: iconv-lite@0.4.24
+    - Added encoding MIK
+2.3.3 / 2018-05-08
+==================
+  * deps: http-errors@1.6.3
+    - deps: depd@~1.1.2
+    - deps: setprototypeof@1.1.0
+    - deps: statuses@'>= 1.3.1 < 2'
+  * deps: iconv-lite@0.4.23
+    - Fix loading encoding with year appended
+    - Fix deprecation warnings on Node.js 10+
+2.3.2 / 2017-09-09
+==================
+  * deps: iconv-lite@0.4.19
+    - Fix ISO-8859-1 regression
+    - Update Windows-1255
+2.3.1 / 2017-09-07
+==================
+  * deps: bytes@3.0.0
+  * deps: http-errors@1.6.2
+    - deps: depd@1.1.1
+  * perf: skip buffer decoding on overage chunk
+2.3.0 / 2017-08-04
+==================
+  * Add TypeScript definitions
+  * Use `http-errors` for standard emitted errors
+  * deps: bytes@2.5.0
+  * deps: iconv-lite@0.4.18
+    - Add support for React Native
+    - Add a warning if not loaded as utf-8
+    - Fix CESU-8 decoding in Node.js 8
+    - Improve speed of ISO-8859-1 encoding
+2.2.0 / 2017-01-02
+==================
+  * deps: iconv-lite@0.4.15
+    - Added encoding MS-31J
+    - Added encoding MS-932
+    - Added encoding MS-936
+    - Added encoding MS-949
+    - Added encoding MS-950
+    - Fix GBK/GB18030 handling of Euro character
+2.1.7 / 2016-06-19
+==================
+  * deps: bytes@2.4.0
+  * perf: remove double-cleanup on happy path
+2.1.6 / 2016-03-07
+==================
+  * deps: bytes@2.3.0
+    - Drop partial bytes on all parsed units
+    - Fix parsing byte string that looks like hex
+2.1.5 / 2015-11-30
+==================
+  * deps: bytes@2.2.0
+  * deps: iconv-lite@0.4.13
+2.1.4 / 2015-09-27
+==================
+  * Fix masking critical errors from `iconv-lite`
+  * deps: iconv-lite@0.4.12
+    - Fix CESU-8 decoding in Node.js 4.x
+2.1.3 / 2015-09-12
+==================
+  * Fix sync callback when attaching data listener causes sync read
+    - Node.js 0.10 compatibility issue
+2.1.2 / 2015-07-05
+==================
+  * Fix error stack traces to skip `makeError`
+  * deps: iconv-lite@0.4.11
+    - Add encoding CESU-8
+2.1.1 / 2015-06-14
+==================
+  * Use `unpipe` module for unpiping requests
+2.1.0 / 2015-05-28
+==================
+  * deps: iconv-lite@0.4.10
+    - Improved UTF-16 endianness detection
+    - Leading BOM is now removed when decoding
+    - The encoding UTF-16 without BOM now defaults to UTF-16LE when detection fails
+2.0.2 / 2015-05-21
+==================
+  * deps: bytes@2.1.0
+    - Slight optimizations
+2.0.1 / 2015-05-10
+==================
+  * Fix a false-positive when unpiping in Node.js 0.8
+2.0.0 / 2015-05-08
+==================
+  * Return a promise without callback instead of thunk
+  * deps: bytes@2.0.1
+    - units no longer case sensitive when parsing
+1.3.4 / 2015-04-15
+==================
+  * Fix hanging callback if request aborts during read
+  * deps: iconv-lite@0.4.8
+    - Add encoding alias UNICODE-1-1-UTF-7
+1.3.3 / 2015-02-08
+==================
+  * deps: iconv-lite@0.4.7
+    - Gracefully support enumerables on `Object.prototype`
+1.3.2 / 2015-01-20
+==================
+  * deps: iconv-lite@0.4.6
+    - Fix rare aliases of single-byte encodings
+1.3.1 / 2014-11-21
+==================
+  * deps: iconv-lite@0.4.5
+    - Fix Windows-31J and X-SJIS encoding support
+1.3.0 / 2014-07-20
+==================
+  * Fully unpipe the stream on error
+    - Fixes `Cannot switch to old mode now` error on Node.js 0.10+
+1.2.3 / 2014-07-20
+==================
+  * deps: iconv-lite@0.4.4
+    - Added encoding UTF-7
+1.2.2 / 2014-06-19
+==================
+  * Send invalid encoding error to callback
+1.2.1 / 2014-06-15
+==================
+  * deps: iconv-lite@0.4.3
+    - Added encodings UTF-16BE and UTF-16 with BOM
+1.2.0 / 2014-06-13
+==================
+  * Passing string as `options` interpreted as encoding
+  * Support all encodings from `iconv-lite`
+1.1.7 / 2014-06-12
+==================
+  * use `string_decoder` module from npm
+1.1.6 / 2014-05-27
+==================
+  * check encoding for old streams1
+  * support node.js < 0.10.6
+1.1.5 / 2014-05-14
+==================
+  * bump bytes
+1.1.4 / 2014-04-19
+==================
+  * allow true as an option
+  * bump bytes
+1.1.3 / 2014-03-02
+==================
+  * fix case when length=null
+1.1.2 / 2013-12-01
+==================
+  * be less strict on state.encoding check
+1.1.1 / 2013-11-27
+==================
+  * add engines
+1.1.0 / 2013-11-27
+==================
+  * add err.statusCode and err.type
+  * allow for encoding option to be true
+  * pause the stream instead of dumping on error
+  * throw if the stream's encoding is set
+1.0.1 / 2013-11-19
+==================
+  * dont support streams1, throw if dev set encoding
+1.0.0 / 2013-11-17
+==================
+  * rename `expected` option to `length`
+0.2.0 / 2013-11-15
+==================
+  * republish
+0.1.1 / 2013-11-15
+==================
+  * use bytes
+0.1.0 / 2013-11-11
+==================
+  * generator support
+0.0.3 / 2013-10-10
+==================
+  * update repo
+0.0.2 / 2013-09-14
+==================
+  * dump stream on bad headers
+  * listen to events after defining received and buffers
+0.0.1 / 2013-09-14
+==================
+  * Initial release

package/bundled/gateway/node_modules/raw-body/SECURITY.md ADDED Viewed

@@ -0,0 +1,24 @@
+# Security Policies and Procedures
+## Reporting a Bug
+The `raw-body` team and community take all security bugs seriously. Thank you
+for improving the security of Express. We appreciate your efforts and
+responsible disclosure and will make every effort to acknowledge your
+contributions.
+Report security bugs by emailing the current owners of `raw-body`. This information
+can be found in the npm registry using the command `npm owner ls raw-body`.
+If unsure or unable to get the information from the above, open an issue
+in the [project issue tracker](https://github.com/stream-utils/raw-body/issues)
+asking for the current contact information.
+To ensure the timely response to your report, please ensure that the entirety
+of the report is contained within the email body and not solely behind a web
+link or an attachment.
+At least one owner will acknowledge your email within 48 hours, and will send a
+more detailed response within 48 hours indicating the next steps in handling
+your report. After the initial reply to your report, the owners will
+endeavor to keep you informed of the progress towards a fix and full
+announcement, and may ask for additional information or guidance.

package/bundled/gateway/node_modules/raw-body/package.json CHANGED Viewed

@@ -1,7 +1,7 @@
 {
   "name": "raw-body",
   "description": "Get and validate the raw body of a readable stream.",
-  "version": "2.5.3",
+  "version": "2.5.2",
   "author": "Jonathan Ong <me@jongleberry.com> (http://jongleberry.com)",
   "contributors": [
     "Douglas Christopher Wilson <doug@somethingdoug.com>",
@@ -10,10 +10,10 @@
   "license": "MIT",
   "repository": "stream-utils/raw-body",
   "dependencies": {
-    "bytes": "~3.1.2",
-    "http-errors": "~2.0.1",
-    "iconv-lite": "~0.4.24",
-    "unpipe": "~1.0.0"
+    "bytes": "3.1.2",
+    "http-errors": "2.0.0",
+    "iconv-lite": "0.4.24",
+    "unpipe": "1.0.0"
   },
   "devDependencies": {
     "bluebird": "3.7.2",
@@ -33,8 +33,10 @@
     "node": ">= 0.8"
   },
   "files": [
+    "HISTORY.md",
     "LICENSE",
     "README.md",
+    "SECURITY.md",
     "index.d.ts",
     "index.js"
   ],

package/bundled/gateway/node_modules/send/HISTORY.md CHANGED Viewed

@@ -1,15 +1,3 @@
-0.19.2 / 2025-12-15
-===================
-* deps: use tilde notation for dependencies
-* deps: http-errors@~2.0.1
-* deps: statuses@~2.0.2
-0.19.1 / 2024-10-09
-===================
-* deps: encodeurl@~2.0.0
 0.19.0 / 2024-09-10
 ===================
@@ -497,37 +485,37 @@
  * update range-parser and fresh
-0.1.4 / 2013-08-11
+0.1.4 / 2013-08-11
 ==================
  * update fresh
-0.1.3 / 2013-07-08
+0.1.3 / 2013-07-08
 ==================
  * Revert "Fix fd leak"
-0.1.2 / 2013-07-03
+0.1.2 / 2013-07-03
 ==================
  * Fix fd leak
-0.1.0 / 2012-08-25
+0.1.0 / 2012-08-25
 ==================
   * add options parameter to send() that is passed to fs.createReadStream() [kanongil]
-0.0.4 / 2012-08-16
+0.0.4 / 2012-08-16
 ==================
   * allow custom "Accept-Ranges" definition
-0.0.3 / 2012-07-16
+0.0.3 / 2012-07-16
 ==================
   * fix normalization of the root directory. Closes #3
-0.0.2 / 2012-07-09
+0.0.2 / 2012-07-09
 ==================
   * add passing of req explicitly for now (YUCK)

package/bundled/gateway/node_modules/send/node_modules/encodeurl/HISTORY.md ADDED Viewed

@@ -0,0 +1,14 @@
+1.0.2 / 2018-01-21
+==================
+  * Fix encoding `%` as last character
+1.0.1 / 2016-06-09
+==================
+  * Fix encoding unpaired surrogates at start/end of string
+1.0.0 / 2016-06-08
+==================
+  * Initial release