npm - decocms - Versions diffs - 2.366.7 → 2.366.8 - Mend

decocms 2.366.7 → 2.366.8

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (249) hide show

package/dist/server/node_modules/pg/lib/connection-parameters.js DELETED Viewed

@@ -1,167 +0,0 @@
-'use strict'
-var dns = require('dns')
-var defaults = require('./defaults')
-var parse = require('pg-connection-string').parse // parses a connection string
-var val = function (key, config, envVar) {
-  if (envVar === undefined) {
-    envVar = process.env['PG' + key.toUpperCase()]
-  } else if (envVar === false) {
-    // do nothing ... use false
-  } else {
-    envVar = process.env[envVar]
-  }
-  return config[key] || envVar || defaults[key]
-}
-var readSSLConfigFromEnvironment = function () {
-  switch (process.env.PGSSLMODE) {
-    case 'disable':
-      return false
-    case 'prefer':
-    case 'require':
-    case 'verify-ca':
-    case 'verify-full':
-      return true
-    case 'no-verify':
-      return { rejectUnauthorized: false }
-  }
-  return defaults.ssl
-}
-// Convert arg to a string, surround in single quotes, and escape single quotes and backslashes
-var quoteParamValue = function (value) {
-  return "'" + ('' + value).replace(/\\/g, '\\\\').replace(/'/g, "\\'") + "'"
-}
-var add = function (params, config, paramName) {
-  var value = config[paramName]
-  if (value !== undefined && value !== null) {
-    params.push(paramName + '=' + quoteParamValue(value))
-  }
-}
-class ConnectionParameters {
-  constructor(config) {
-    // if a string is passed, it is a raw connection string so we parse it into a config
-    config = typeof config === 'string' ? parse(config) : config || {}
-    // if the config has a connectionString defined, parse IT into the config we use
-    // this will override other default values with what is stored in connectionString
-    if (config.connectionString) {
-      config = Object.assign({}, config, parse(config.connectionString))
-    }
-    this.user = val('user', config)
-    this.database = val('database', config)
-    if (this.database === undefined) {
-      this.database = this.user
-    }
-    this.port = parseInt(val('port', config), 10)
-    this.host = val('host', config)
-    // "hiding" the password so it doesn't show up in stack traces
-    // or if the client is console.logged
-    Object.defineProperty(this, 'password', {
-      configurable: true,
-      enumerable: false,
-      writable: true,
-      value: val('password', config),
-    })
-    this.binary = val('binary', config)
-    this.options = val('options', config)
-    this.ssl = typeof config.ssl === 'undefined' ? readSSLConfigFromEnvironment() : config.ssl
-    if (typeof this.ssl === 'string') {
-      if (this.ssl === 'true') {
-        this.ssl = true
-      }
-    }
-    // support passing in ssl=no-verify via connection string
-    if (this.ssl === 'no-verify') {
-      this.ssl = { rejectUnauthorized: false }
-    }
-    if (this.ssl && this.ssl.key) {
-      Object.defineProperty(this.ssl, 'key', {
-        enumerable: false,
-      })
-    }
-    this.client_encoding = val('client_encoding', config)
-    this.replication = val('replication', config)
-    // a domain socket begins with '/'
-    this.isDomainSocket = !(this.host || '').indexOf('/')
-    this.application_name = val('application_name', config, 'PGAPPNAME')
-    this.fallback_application_name = val('fallback_application_name', config, false)
-    this.statement_timeout = val('statement_timeout', config, false)
-    this.lock_timeout = val('lock_timeout', config, false)
-    this.idle_in_transaction_session_timeout = val('idle_in_transaction_session_timeout', config, false)
-    this.query_timeout = val('query_timeout', config, false)
-    if (config.connectionTimeoutMillis === undefined) {
-      this.connect_timeout = process.env.PGCONNECT_TIMEOUT || 0
-    } else {
-      this.connect_timeout = Math.floor(config.connectionTimeoutMillis / 1000)
-    }
-    if (config.keepAlive === false) {
-      this.keepalives = 0
-    } else if (config.keepAlive === true) {
-      this.keepalives = 1
-    }
-    if (typeof config.keepAliveInitialDelayMillis === 'number') {
-      this.keepalives_idle = Math.floor(config.keepAliveInitialDelayMillis / 1000)
-    }
-  }
-  getLibpqConnectionString(cb) {
-    var params = []
-    add(params, this, 'user')
-    add(params, this, 'password')
-    add(params, this, 'port')
-    add(params, this, 'application_name')
-    add(params, this, 'fallback_application_name')
-    add(params, this, 'connect_timeout')
-    add(params, this, 'options')
-    var ssl = typeof this.ssl === 'object' ? this.ssl : this.ssl ? { sslmode: this.ssl } : {}
-    add(params, ssl, 'sslmode')
-    add(params, ssl, 'sslca')
-    add(params, ssl, 'sslkey')
-    add(params, ssl, 'sslcert')
-    add(params, ssl, 'sslrootcert')
-    if (this.database) {
-      params.push('dbname=' + quoteParamValue(this.database))
-    }
-    if (this.replication) {
-      params.push('replication=' + quoteParamValue(this.replication))
-    }
-    if (this.host) {
-      params.push('host=' + quoteParamValue(this.host))
-    }
-    if (this.isDomainSocket) {
-      return cb(null, params.join(' '))
-    }
-    if (this.client_encoding) {
-      params.push('client_encoding=' + quoteParamValue(this.client_encoding))
-    }
-    dns.lookup(this.host, function (err, address) {
-      if (err) return cb(err, null)
-      params.push('hostaddr=' + quoteParamValue(address))
-      return cb(null, params.join(' '))
-    })
-  }
-}
-module.exports = ConnectionParameters

package/dist/server/node_modules/pg/lib/connection.js DELETED Viewed

@@ -1,223 +0,0 @@
-'use strict'
-var net = require('net')
-var EventEmitter = require('events').EventEmitter
-const { parse, serialize } = require('pg-protocol')
-const { getStream, getSecureStream } = require('./stream')
-const flushBuffer = serialize.flush()
-const syncBuffer = serialize.sync()
-const endBuffer = serialize.end()
-// TODO(bmc) support binary mode at some point
-class Connection extends EventEmitter {
-  constructor(config) {
-    super()
-    config = config || {}
-    this.stream = config.stream || getStream(config.ssl)
-    if (typeof this.stream === 'function') {
-      this.stream = this.stream(config)
-    }
-    this._keepAlive = config.keepAlive
-    this._keepAliveInitialDelayMillis = config.keepAliveInitialDelayMillis
-    this.lastBuffer = false
-    this.parsedStatements = {}
-    this.ssl = config.ssl || false
-    this._ending = false
-    this._emitMessage = false
-    var self = this
-    this.on('newListener', function (eventName) {
-      if (eventName === 'message') {
-        self._emitMessage = true
-      }
-    })
-  }
-  connect(port, host) {
-    var self = this
-    this._connecting = true
-    this.stream.setNoDelay(true)
-    this.stream.connect(port, host)
-    this.stream.once('connect', function () {
-      if (self._keepAlive) {
-        self.stream.setKeepAlive(true, self._keepAliveInitialDelayMillis)
-      }
-      self.emit('connect')
-    })
-    const reportStreamError = function (error) {
-      // errors about disconnections should be ignored during disconnect
-      if (self._ending && (error.code === 'ECONNRESET' || error.code === 'EPIPE')) {
-        return
-      }
-      self.emit('error', error)
-    }
-    this.stream.on('error', reportStreamError)
-    this.stream.on('close', function () {
-      self.emit('end')
-    })
-    if (!this.ssl) {
-      return this.attachListeners(this.stream)
-    }
-    this.stream.once('data', function (buffer) {
-      var responseCode = buffer.toString('utf8')
-      switch (responseCode) {
-        case 'S': // Server supports SSL connections, continue with a secure connection
-          break
-        case 'N': // Server does not support SSL connections
-          self.stream.end()
-          return self.emit('error', new Error('The server does not support SSL connections'))
-        default:
-          // Any other response byte, including 'E' (ErrorResponse) indicating a server error
-          self.stream.end()
-          return self.emit('error', new Error('There was an error establishing an SSL connection'))
-      }
-      const options = {
-        socket: self.stream,
-      }
-      if (self.ssl !== true) {
-        Object.assign(options, self.ssl)
-        if ('key' in self.ssl) {
-          options.key = self.ssl.key
-        }
-      }
-      var net = require('net')
-      if (net.isIP && net.isIP(host) === 0) {
-        options.servername = host
-      }
-      try {
-        self.stream = getSecureStream(options)
-      } catch (err) {
-        return self.emit('error', err)
-      }
-      self.attachListeners(self.stream)
-      self.stream.on('error', reportStreamError)
-      self.emit('sslconnect')
-    })
-  }
-  attachListeners(stream) {
-    parse(stream, (msg) => {
-      var eventName = msg.name === 'error' ? 'errorMessage' : msg.name
-      if (this._emitMessage) {
-        this.emit('message', msg)
-      }
-      this.emit(eventName, msg)
-    })
-  }
-  requestSsl() {
-    this.stream.write(serialize.requestSsl())
-  }
-  startup(config) {
-    this.stream.write(serialize.startup(config))
-  }
-  cancel(processID, secretKey) {
-    this._send(serialize.cancel(processID, secretKey))
-  }
-  password(password) {
-    this._send(serialize.password(password))
-  }
-  sendSASLInitialResponseMessage(mechanism, initialResponse) {
-    this._send(serialize.sendSASLInitialResponseMessage(mechanism, initialResponse))
-  }
-  sendSCRAMClientFinalMessage(additionalData) {
-    this._send(serialize.sendSCRAMClientFinalMessage(additionalData))
-  }
-  _send(buffer) {
-    if (!this.stream.writable) {
-      return false
-    }
-    return this.stream.write(buffer)
-  }
-  query(text) {
-    this._send(serialize.query(text))
-  }
-  // send parse message
-  parse(query) {
-    this._send(serialize.parse(query))
-  }
-  // send bind message
-  bind(config) {
-    this._send(serialize.bind(config))
-  }
-  // send execute message
-  execute(config) {
-    this._send(serialize.execute(config))
-  }
-  flush() {
-    if (this.stream.writable) {
-      this.stream.write(flushBuffer)
-    }
-  }
-  sync() {
-    this._ending = true
-    this._send(syncBuffer)
-  }
-  ref() {
-    this.stream.ref()
-  }
-  unref() {
-    this.stream.unref()
-  }
-  end() {
-    // 0x58 = 'X'
-    this._ending = true
-    if (!this._connecting || !this.stream.writable) {
-      this.stream.end()
-      return
-    }
-    return this.stream.write(endBuffer, () => {
-      this.stream.end()
-    })
-  }
-  close(msg) {
-    this._send(serialize.close(msg))
-  }
-  describe(msg) {
-    this._send(serialize.describe(msg))
-  }
-  sendCopyFromChunk(chunk) {
-    this._send(serialize.copyData(chunk))
-  }
-  endCopyFrom() {
-    this._send(serialize.copyDone())
-  }
-  sendCopyFail(msg) {
-    this._send(serialize.copyFail(msg))
-  }
-}
-module.exports = Connection

package/dist/server/node_modules/pg/lib/crypto/sasl.js DELETED Viewed

@@ -1,186 +0,0 @@
-'use strict'
-const crypto = require('./utils')
-function startSession(mechanisms) {
-  if (mechanisms.indexOf('SCRAM-SHA-256') === -1) {
-    throw new Error('SASL: Only mechanism SCRAM-SHA-256 is currently supported')
-  }
-  const clientNonce = crypto.randomBytes(18).toString('base64')
-  return {
-    mechanism: 'SCRAM-SHA-256',
-    clientNonce,
-    response: 'n,,n=*,r=' + clientNonce,
-    message: 'SASLInitialResponse',
-  }
-}
-async function continueSession(session, password, serverData) {
-  if (session.message !== 'SASLInitialResponse') {
-    throw new Error('SASL: Last message was not SASLInitialResponse')
-  }
-  if (typeof password !== 'string') {
-    throw new Error('SASL: SCRAM-SERVER-FIRST-MESSAGE: client password must be a string')
-  }
-  if (password === '') {
-    throw new Error('SASL: SCRAM-SERVER-FIRST-MESSAGE: client password must be a non-empty string')
-  }
-  if (typeof serverData !== 'string') {
-    throw new Error('SASL: SCRAM-SERVER-FIRST-MESSAGE: serverData must be a string')
-  }
-  const sv = parseServerFirstMessage(serverData)
-  if (!sv.nonce.startsWith(session.clientNonce)) {
-    throw new Error('SASL: SCRAM-SERVER-FIRST-MESSAGE: server nonce does not start with client nonce')
-  } else if (sv.nonce.length === session.clientNonce.length) {
-    throw new Error('SASL: SCRAM-SERVER-FIRST-MESSAGE: server nonce is too short')
-  }
-  var clientFirstMessageBare = 'n=*,r=' + session.clientNonce
-  var serverFirstMessage = 'r=' + sv.nonce + ',s=' + sv.salt + ',i=' + sv.iteration
-  var clientFinalMessageWithoutProof = 'c=biws,r=' + sv.nonce
-  var authMessage = clientFirstMessageBare + ',' + serverFirstMessage + ',' + clientFinalMessageWithoutProof
-  var saltBytes = Buffer.from(sv.salt, 'base64')
-  var saltedPassword = await crypto.deriveKey(password, saltBytes, sv.iteration)
-  var clientKey = await crypto.hmacSha256(saltedPassword, 'Client Key')
-  var storedKey = await crypto.sha256(clientKey)
-  var clientSignature = await crypto.hmacSha256(storedKey, authMessage)
-  var clientProof = xorBuffers(Buffer.from(clientKey), Buffer.from(clientSignature)).toString('base64')
-  var serverKey = await crypto.hmacSha256(saltedPassword, 'Server Key')
-  var serverSignatureBytes = await crypto.hmacSha256(serverKey, authMessage)
-  session.message = 'SASLResponse'
-  session.serverSignature = Buffer.from(serverSignatureBytes).toString('base64')
-  session.response = clientFinalMessageWithoutProof + ',p=' + clientProof
-}
-function finalizeSession(session, serverData) {
-  if (session.message !== 'SASLResponse') {
-    throw new Error('SASL: Last message was not SASLResponse')
-  }
-  if (typeof serverData !== 'string') {
-    throw new Error('SASL: SCRAM-SERVER-FINAL-MESSAGE: serverData must be a string')
-  }
-  const { serverSignature } = parseServerFinalMessage(serverData)
-  if (serverSignature !== session.serverSignature) {
-    throw new Error('SASL: SCRAM-SERVER-FINAL-MESSAGE: server signature does not match')
-  }
-}
-/**
- * printable       = %x21-2B / %x2D-7E
- *                   ;; Printable ASCII except ",".
- *                   ;; Note that any "printable" is also
- *                   ;; a valid "value".
- */
-function isPrintableChars(text) {
-  if (typeof text !== 'string') {
-    throw new TypeError('SASL: text must be a string')
-  }
-  return text
-    .split('')
-    .map((_, i) => text.charCodeAt(i))
-    .every((c) => (c >= 0x21 && c <= 0x2b) || (c >= 0x2d && c <= 0x7e))
-}
-/**
- * base64-char     = ALPHA / DIGIT / "/" / "+"
- *
- * base64-4        = 4base64-char
- *
- * base64-3        = 3base64-char "="
- *
- * base64-2        = 2base64-char "=="
- *
- * base64          = *base64-4 [base64-3 / base64-2]
- */
-function isBase64(text) {
-  return /^(?:[a-zA-Z0-9+/]{4})*(?:[a-zA-Z0-9+/]{2}==|[a-zA-Z0-9+/]{3}=)?$/.test(text)
-}
-function parseAttributePairs(text) {
-  if (typeof text !== 'string') {
-    throw new TypeError('SASL: attribute pairs text must be a string')
-  }
-  return new Map(
-    text.split(',').map((attrValue) => {
-      if (!/^.=/.test(attrValue)) {
-        throw new Error('SASL: Invalid attribute pair entry')
-      }
-      const name = attrValue[0]
-      const value = attrValue.substring(2)
-      return [name, value]
-    })
-  )
-}
-function parseServerFirstMessage(data) {
-  const attrPairs = parseAttributePairs(data)
-  const nonce = attrPairs.get('r')
-  if (!nonce) {
-    throw new Error('SASL: SCRAM-SERVER-FIRST-MESSAGE: nonce missing')
-  } else if (!isPrintableChars(nonce)) {
-    throw new Error('SASL: SCRAM-SERVER-FIRST-MESSAGE: nonce must only contain printable characters')
-  }
-  const salt = attrPairs.get('s')
-  if (!salt) {
-    throw new Error('SASL: SCRAM-SERVER-FIRST-MESSAGE: salt missing')
-  } else if (!isBase64(salt)) {
-    throw new Error('SASL: SCRAM-SERVER-FIRST-MESSAGE: salt must be base64')
-  }
-  const iterationText = attrPairs.get('i')
-  if (!iterationText) {
-    throw new Error('SASL: SCRAM-SERVER-FIRST-MESSAGE: iteration missing')
-  } else if (!/^[1-9][0-9]*$/.test(iterationText)) {
-    throw new Error('SASL: SCRAM-SERVER-FIRST-MESSAGE: invalid iteration count')
-  }
-  const iteration = parseInt(iterationText, 10)
-  return {
-    nonce,
-    salt,
-    iteration,
-  }
-}
-function parseServerFinalMessage(serverData) {
-  const attrPairs = parseAttributePairs(serverData)
-  const serverSignature = attrPairs.get('v')
-  if (!serverSignature) {
-    throw new Error('SASL: SCRAM-SERVER-FINAL-MESSAGE: server signature is missing')
-  } else if (!isBase64(serverSignature)) {
-    throw new Error('SASL: SCRAM-SERVER-FINAL-MESSAGE: server signature must be base64')
-  }
-  return {
-    serverSignature,
-  }
-}
-function xorBuffers(a, b) {
-  if (!Buffer.isBuffer(a)) {
-    throw new TypeError('first argument must be a Buffer')
-  }
-  if (!Buffer.isBuffer(b)) {
-    throw new TypeError('second argument must be a Buffer')
-  }
-  if (a.length !== b.length) {
-    throw new Error('Buffer lengths must match')
-  }
-  if (a.length === 0) {
-    throw new Error('Buffers cannot be empty')
-  }
-  return Buffer.from(a.map((_, i) => a[i] ^ b[i]))
-}
-module.exports = {
-  startSession,
-  continueSession,
-  finalizeSession,
-}

package/dist/server/node_modules/pg/lib/crypto/utils-legacy.js DELETED Viewed

@@ -1,37 +0,0 @@
-'use strict'
-// This file contains crypto utility functions for versions of Node.js < 15.0.0,
-// which does not support the WebCrypto.subtle API.
-const nodeCrypto = require('crypto')
-function md5(string) {
-  return nodeCrypto.createHash('md5').update(string, 'utf-8').digest('hex')
-}
-// See AuthenticationMD5Password at https://www.postgresql.org/docs/current/static/protocol-flow.html
-function postgresMd5PasswordHash(user, password, salt) {
-  var inner = md5(password + user)
-  var outer = md5(Buffer.concat([Buffer.from(inner), salt]))
-  return 'md5' + outer
-}
-function sha256(text) {
-  return nodeCrypto.createHash('sha256').update(text).digest()
-}
-function hmacSha256(key, msg) {
-  return nodeCrypto.createHmac('sha256', key).update(msg).digest()
-}
-async function deriveKey(password, salt, iterations) {
-  return nodeCrypto.pbkdf2Sync(password, salt, iterations, 32, 'sha256')
-}
-module.exports = {
-  postgresMd5PasswordHash,
-  randomBytes: nodeCrypto.randomBytes,
-  deriveKey,
-  sha256,
-  hmacSha256,
-  md5,
-}

package/dist/server/node_modules/pg/lib/crypto/utils-webcrypto.js DELETED Viewed

@@ -1,83 +0,0 @@
-const nodeCrypto = require('crypto')
-module.exports = {
-  postgresMd5PasswordHash,
-  randomBytes,
-  deriveKey,
-  sha256,
-  hmacSha256,
-  md5,
-}
-/**
- * The Web Crypto API - grabbed from the Node.js library or the global
- * @type Crypto
- */
-const webCrypto = nodeCrypto.webcrypto || globalThis.crypto
-/**
- * The SubtleCrypto API for low level crypto operations.
- * @type SubtleCrypto
- */
-const subtleCrypto = webCrypto.subtle
-const textEncoder = new TextEncoder()
-/**
- *
- * @param {*} length
- * @returns
- */
-function randomBytes(length) {
-  return webCrypto.getRandomValues(Buffer.alloc(length))
-}
-async function md5(string) {
-  try {
-    return nodeCrypto.createHash('md5').update(string, 'utf-8').digest('hex')
-  } catch (e) {
-    // `createHash()` failed so we are probably not in Node.js, use the WebCrypto API instead.
-    // Note that the MD5 algorithm on WebCrypto is not available in Node.js.
-    // This is why we cannot just use WebCrypto in all environments.
-    const data = typeof string === 'string' ? textEncoder.encode(string) : string
-    const hash = await subtleCrypto.digest('MD5', data)
-    return Array.from(new Uint8Array(hash))
-      .map((b) => b.toString(16).padStart(2, '0'))
-      .join('')
-  }
-}
-// See AuthenticationMD5Password at https://www.postgresql.org/docs/current/static/protocol-flow.html
-async function postgresMd5PasswordHash(user, password, salt) {
-  var inner = await md5(password + user)
-  var outer = await md5(Buffer.concat([Buffer.from(inner), salt]))
-  return 'md5' + outer
-}
-/**
- * Create a SHA-256 digest of the given data
- * @param {Buffer} data
- */
-async function sha256(text) {
-  return await subtleCrypto.digest('SHA-256', text)
-}
-/**
- * Sign the message with the given key
- * @param {ArrayBuffer} keyBuffer
- * @param {string} msg
- */
-async function hmacSha256(keyBuffer, msg) {
-  const key = await subtleCrypto.importKey('raw', keyBuffer, { name: 'HMAC', hash: 'SHA-256' }, false, ['sign'])
-  return await subtleCrypto.sign('HMAC', key, textEncoder.encode(msg))
-}
-/**
- * Derive a key from the password and salt
- * @param {string} password
- * @param {Uint8Array} salt
- * @param {number} iterations
- */
-async function deriveKey(password, salt, iterations) {
-  const key = await subtleCrypto.importKey('raw', textEncoder.encode(password), 'PBKDF2', false, ['deriveBits'])
-  const params = { name: 'PBKDF2', hash: 'SHA-256', salt: salt, iterations: iterations }
-  return await subtleCrypto.deriveBits(params, key, 32 * 8, ['deriveBits'])
-}

package/dist/server/node_modules/pg/lib/crypto/utils.js DELETED Viewed

@@ -1,9 +0,0 @@
-'use strict'
-const useLegacyCrypto = parseInt(process.versions && process.versions.node && process.versions.node.split('.')[0]) < 15
-if (useLegacyCrypto) {
-  // We are on an old version of Node.js that requires legacy crypto utilities.
-  module.exports = require('./utils-legacy')
-} else {
-  module.exports = require('./utils-webcrypto');
-}