npm - decocms - Versions diffs - 2.276.1 → 2.276.2 - Mend

decocms 2.276.1 → 2.276.2

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (333) hide show

package/dist/server/node_modules/pg-connection-string/index.js ADDED Viewed

@@ -0,0 +1,231 @@
+'use strict'
+//Parse method copied from https://github.com/brianc/node-postgres
+//Copyright (c) 2010-2014 Brian Carlson (brian.m.carlson@gmail.com)
+//MIT License
+//parses a connection string
+function parse(str, options = {}) {
+  //unix socket
+  if (str.charAt(0) === '/') {
+    const config = str.split(' ')
+    return { host: config[0], database: config[1] }
+  }
+  // Check for empty host in URL
+  const config = {}
+  let result
+  let dummyHost = false
+  if (/ |%[^a-f0-9]|%[a-f0-9][^a-f0-9]/i.test(str)) {
+    // Ensure spaces are encoded as %20
+    str = encodeURI(str).replace(/%25(\d\d)/g, '%$1')
+  }
+  try {
+    try {
+      result = new URL(str, 'postgres://base')
+    } catch (e) {
+      // The URL is invalid so try again with a dummy host
+      result = new URL(str.replace('@/', '@___DUMMY___/'), 'postgres://base')
+      dummyHost = true
+    }
+  } catch (err) {
+    // Remove the input from the error message to avoid leaking sensitive information
+    err.input && (err.input = '*****REDACTED*****')
+    throw err
+  }
+  // We'd like to use Object.fromEntries() here but Node.js 10 does not support it
+  for (const entry of result.searchParams.entries()) {
+    config[entry[0]] = entry[1]
+  }
+  config.user = config.user || decodeURIComponent(result.username)
+  config.password = config.password || decodeURIComponent(result.password)
+  if (result.protocol == 'socket:') {
+    config.host = decodeURI(result.pathname)
+    config.database = result.searchParams.get('db')
+    config.client_encoding = result.searchParams.get('encoding')
+    return config
+  }
+  const hostname = dummyHost ? '' : result.hostname
+  if (!config.host) {
+    // Only set the host if there is no equivalent query param.
+    config.host = decodeURIComponent(hostname)
+  } else if (hostname && /^%2f/i.test(hostname)) {
+    // Only prepend the hostname to the pathname if it is not a URL encoded Unix socket host.
+    result.pathname = hostname + result.pathname
+  }
+  if (!config.port) {
+    // Only set the port if there is no equivalent query param.
+    config.port = result.port
+  }
+  const pathname = result.pathname.slice(1) || null
+  config.database = pathname ? decodeURI(pathname) : null
+  if (config.ssl === 'true' || config.ssl === '1') {
+    config.ssl = true
+  }
+  if (config.ssl === '0') {
+    config.ssl = false
+  }
+  if (config.sslcert || config.sslkey || config.sslrootcert || config.sslmode) {
+    config.ssl = {}
+  }
+  // Only try to load fs if we expect to read from the disk
+  const fs = config.sslcert || config.sslkey || config.sslrootcert ? require('fs') : null
+  if (config.sslcert) {
+    config.ssl.cert = fs.readFileSync(config.sslcert).toString()
+  }
+  if (config.sslkey) {
+    config.ssl.key = fs.readFileSync(config.sslkey).toString()
+  }
+  if (config.sslrootcert) {
+    config.ssl.ca = fs.readFileSync(config.sslrootcert).toString()
+  }
+  if (options.useLibpqCompat && config.uselibpqcompat) {
+    throw new Error('Both useLibpqCompat and uselibpqcompat are set. Please use only one of them.')
+  }
+  if (config.uselibpqcompat === 'true' || options.useLibpqCompat) {
+    switch (config.sslmode) {
+      case 'disable': {
+        config.ssl = false
+        break
+      }
+      case 'prefer': {
+        config.ssl.rejectUnauthorized = false
+        break
+      }
+      case 'require': {
+        if (config.sslrootcert) {
+          // If a root CA is specified, behavior of `sslmode=require` will be the same as that of `verify-ca`
+          config.ssl.checkServerIdentity = function () {}
+        } else {
+          config.ssl.rejectUnauthorized = false
+        }
+        break
+      }
+      case 'verify-ca': {
+        if (!config.ssl.ca) {
+          throw new Error(
+            'SECURITY WARNING: Using sslmode=verify-ca requires specifying a CA with sslrootcert. If a public CA is used, verify-ca allows connections to a server that somebody else may have registered with the CA, making you vulnerable to Man-in-the-Middle attacks. Either specify a custom CA certificate with sslrootcert parameter or use sslmode=verify-full for proper security.'
+          )
+        }
+        config.ssl.checkServerIdentity = function () {}
+        break
+      }
+      case 'verify-full': {
+        break
+      }
+    }
+  } else {
+    switch (config.sslmode) {
+      case 'disable': {
+        config.ssl = false
+        break
+      }
+      case 'prefer':
+      case 'require':
+      case 'verify-ca':
+      case 'verify-full': {
+        if (config.sslmode !== 'verify-full') {
+          deprecatedSslModeWarning(config.sslmode)
+        }
+        break
+      }
+      case 'no-verify': {
+        config.ssl.rejectUnauthorized = false
+        break
+      }
+    }
+  }
+  return config
+}
+// convert pg-connection-string ssl config to a ClientConfig.ConnectionOptions
+function toConnectionOptions(sslConfig) {
+  const connectionOptions = Object.entries(sslConfig).reduce((c, [key, value]) => {
+    // we explicitly check for undefined and null instead of `if (value)` because some
+    // options accept falsy values. Example: `ssl.rejectUnauthorized = false`
+    if (value !== undefined && value !== null) {
+      c[key] = value
+    }
+    return c
+  }, {})
+  return connectionOptions
+}
+// convert pg-connection-string config to a ClientConfig
+function toClientConfig(config) {
+  const poolConfig = Object.entries(config).reduce((c, [key, value]) => {
+    if (key === 'ssl') {
+      const sslConfig = value
+      if (typeof sslConfig === 'boolean') {
+        c[key] = sslConfig
+      }
+      if (typeof sslConfig === 'object') {
+        c[key] = toConnectionOptions(sslConfig)
+      }
+    } else if (value !== undefined && value !== null) {
+      if (key === 'port') {
+        // when port is not specified, it is converted into an empty string
+        // we want to avoid NaN or empty string as a values in ClientConfig
+        if (value !== '') {
+          const v = parseInt(value, 10)
+          if (isNaN(v)) {
+            throw new Error(`Invalid ${key}: ${value}`)
+          }
+          c[key] = v
+        }
+      } else {
+        c[key] = value
+      }
+    }
+    return c
+  }, {})
+  return poolConfig
+}
+// parses a connection string into ClientConfig
+function parseIntoClientConfig(str) {
+  return toClientConfig(parse(str))
+}
+function deprecatedSslModeWarning(sslmode) {
+  if (!deprecatedSslModeWarning.warned && typeof process !== 'undefined' && process.emitWarning) {
+    deprecatedSslModeWarning.warned = true
+    process.emitWarning(`SECURITY WARNING: The SSL modes 'prefer', 'require', and 'verify-ca' are treated as aliases for 'verify-full'.
+In the next major version (pg-connection-string v3.0.0 and pg v9.0.0), these modes will adopt standard libpq semantics, which have weaker security guarantees.
+To prepare for this change:
+- If you want the current behavior, explicitly use 'sslmode=verify-full'
+- If you want libpq compatibility now, use 'uselibpqcompat=true&sslmode=${sslmode}'
+See https://www.postgresql.org/docs/current/libpq-ssl.html for libpq SSL mode definitions.`)
+  }
+}
+module.exports = parse
+parse.parse = parse
+parse.toClientConfig = toClientConfig
+parse.parseIntoClientConfig = parseIntoClientConfig

package/dist/server/node_modules/pg-connection-string/package.json ADDED Viewed

@@ -0,0 +1,52 @@
+{
+  "name": "pg-connection-string",
+  "version": "2.12.0",
+  "description": "Functions for dealing with a PostgresSQL connection string",
+  "main": "./index.js",
+  "types": "./index.d.ts",
+  "exports": {
+    ".": {
+      "types": "./index.d.ts",
+      "import": "./esm/index.mjs",
+      "require": "./index.js",
+      "default": "./index.js"
+    }
+  },
+  "scripts": {
+    "test": "nyc --reporter=lcov mocha && npm run check-coverage",
+    "check-coverage": "nyc check-coverage --statements 100 --branches 100 --lines 100 --functions 100"
+  },
+  "repository": {
+    "type": "git",
+    "url": "git://github.com/brianc/node-postgres.git",
+    "directory": "packages/pg-connection-string"
+  },
+  "keywords": [
+    "pg",
+    "connection",
+    "string",
+    "parse"
+  ],
+  "author": "Blaine Bublitz <blaine@iceddev.com> (http://iceddev.com/)",
+  "license": "MIT",
+  "bugs": {
+    "url": "https://github.com/brianc/node-postgres/issues"
+  },
+  "homepage": "https://github.com/brianc/node-postgres/tree/master/packages/pg-connection-string",
+  "devDependencies": {
+    "@types/pg": "^8.12.0",
+    "chai": "^4.1.1",
+    "coveralls": "^3.0.4",
+    "istanbul": "^0.4.5",
+    "mocha": "^11.7.5",
+    "nyc": "^15",
+    "tsx": "^4.19.4",
+    "typescript": "^4.0.3"
+  },
+  "files": [
+    "index.js",
+    "index.d.ts",
+    "esm"
+  ],
+  "gitHead": "c9070cc8d526fca65780cedc25c1966b57cf7532"
+}

package/dist/server/node_modules/pg-int8/LICENSE ADDED Viewed

@@ -0,0 +1,13 @@
+Copyright © 2017, Charmander <~@charmander.me>
+Permission to use, copy, modify, and/or distribute this software for any
+purpose with or without fee is hereby granted, provided that the above
+copyright notice and this permission notice appear in all copies.
+THE SOFTWARE IS PROVIDED “AS IS” AND THE AUTHOR DISCLAIMS ALL WARRANTIES WITH
+REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY AND
+FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY SPECIAL, DIRECT,
+INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM
+LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE OR
+OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
+PERFORMANCE OF THIS SOFTWARE.

package/dist/server/node_modules/pg-int8/README.md ADDED Viewed

@@ -0,0 +1,16 @@
+[![Build status][ci image]][ci]
+64-bit big-endian signed integer-to-string conversion designed for [pg][].
+```js
+const readInt8 = require('pg-int8');
+readInt8(Buffer.from([0, 1, 2, 3, 4, 5, 6, 7]))
+// '283686952306183'
+```
+  [pg]: https://github.com/brianc/node-postgres
+  [ci]: https://travis-ci.org/charmander/pg-int8
+  [ci image]: https://api.travis-ci.org/charmander/pg-int8.svg

package/dist/server/node_modules/pg-int8/index.js ADDED Viewed

@@ -0,0 +1,100 @@
+'use strict';
+// selected so (BASE - 1) * 0x100000000 + 0xffffffff is a safe integer
+var BASE = 1000000;
+function readInt8(buffer) {
+	var high = buffer.readInt32BE(0);
+	var low = buffer.readUInt32BE(4);
+	var sign = '';
+	if (high < 0) {
+		high = ~high + (low === 0);
+		low = (~low + 1) >>> 0;
+		sign = '-';
+	}
+	var result = '';
+	var carry;
+	var t;
+	var digits;
+	var pad;
+	var l;
+	var i;
+	{
+		carry = high % BASE;
+		high = high / BASE >>> 0;
+		t = 0x100000000 * carry + low;
+		low = t / BASE >>> 0;
+		digits = '' + (t - BASE * low);
+		if (low === 0 && high === 0) {
+			return sign + digits + result;
+		}
+		pad = '';
+		l = 6 - digits.length;
+		for (i = 0; i < l; i++) {
+			pad += '0';
+		}
+		result = pad + digits + result;
+	}
+	{
+		carry = high % BASE;
+		high = high / BASE >>> 0;
+		t = 0x100000000 * carry + low;
+		low = t / BASE >>> 0;
+		digits = '' + (t - BASE * low);
+		if (low === 0 && high === 0) {
+			return sign + digits + result;
+		}
+		pad = '';
+		l = 6 - digits.length;
+		for (i = 0; i < l; i++) {
+			pad += '0';
+		}
+		result = pad + digits + result;
+	}
+	{
+		carry = high % BASE;
+		high = high / BASE >>> 0;
+		t = 0x100000000 * carry + low;
+		low = t / BASE >>> 0;
+		digits = '' + (t - BASE * low);
+		if (low === 0 && high === 0) {
+			return sign + digits + result;
+		}
+		pad = '';
+		l = 6 - digits.length;
+		for (i = 0; i < l; i++) {
+			pad += '0';
+		}
+		result = pad + digits + result;
+	}
+	{
+		carry = high % BASE;
+		t = 0x100000000 * carry + low;
+		digits = '' + t % BASE;
+		return sign + digits + result;
+	}
+}
+module.exports = readInt8;

package/dist/server/node_modules/pg-int8/package.json ADDED Viewed

@@ -0,0 +1,24 @@
+{
+	"name": "pg-int8",
+	"version": "1.0.1",
+	"description": "64-bit big-endian signed integer-to-string conversion",
+	"bugs": "https://github.com/charmander/pg-int8/issues",
+	"license": "ISC",
+	"files": [
+		"index.js"
+	],
+	"repository": {
+		"type": "git",
+		"url": "https://github.com/charmander/pg-int8"
+	},
+	"scripts": {
+		"test": "tap test"
+	},
+	"devDependencies": {
+		"@charmander/eslint-config-base": "1.0.2",
+		"tap": "10.7.3"
+	},
+	"engines": {
+		"node": ">=4.0.0"
+	}
+}

package/dist/server/node_modules/{scheduler → pg-pool}/LICENSE RENAMED Viewed

@@ -1,6 +1,6 @@
 MIT License
-Copyright (c) Meta Platforms, Inc. and affiliates.
+Copyright (c) 2017 Brian M. Carlson
 Permission is hereby granted, free of charge, to any person obtaining a copy
 of this software and associated documentation files (the "Software"), to deal