fsevents 1.2.0 → 1.2.2
Sign up to get free protection for your applications and to get access to all the features.
Potentially problematic release.
This version of fsevents might be problematic. Click here for more details.
- package/node_modules/abbrev/LICENSE +31 -0
- package/node_modules/abbrev/package.json +18 -18
- package/node_modules/ansi-regex/package.json +13 -14
- package/node_modules/aproba/README.md +16 -11
- package/node_modules/aproba/index.js +11 -9
- package/node_modules/aproba/package.json +19 -20
- package/node_modules/are-we-there-yet/package.json +13 -14
- package/node_modules/balanced-match/index.js +1 -0
- package/node_modules/balanced-match/package.json +19 -18
- package/node_modules/{asynckit → brace-expansion}/LICENSE +2 -2
- package/node_modules/brace-expansion/README.md +7 -1
- package/node_modules/brace-expansion/package.json +18 -19
- package/node_modules/{block-stream → chownr}/LICENSE +0 -0
- package/node_modules/chownr/README.md +3 -0
- package/node_modules/chownr/chownr.js +52 -0
- package/node_modules/chownr/package.json +56 -0
- package/node_modules/code-point-at/package.json +13 -14
- package/node_modules/concat-map/package.json +8 -9
- package/node_modules/console-control-strings/package.json +14 -14
- package/node_modules/core-util-is/package.json +13 -14
- package/node_modules/debug/CHANGELOG.md +5 -0
- package/node_modules/debug/component.json +1 -1
- package/node_modules/debug/package.json +17 -18
- package/node_modules/debug/src/inspector-log.js +15 -0
- package/node_modules/debug/src/node.js +3 -1
- package/node_modules/deep-extend/package.json +13 -14
- package/node_modules/delegates/package.json +13 -14
- package/node_modules/detect-libc/lib/detect-libc.js +21 -14
- package/node_modules/detect-libc/package.json +17 -18
- package/node_modules/{fstream-ignore → fs-minipass}/LICENSE +0 -0
- package/node_modules/fs-minipass/README.md +70 -0
- package/node_modules/fs-minipass/index.js +386 -0
- package/node_modules/fs-minipass/package.json +62 -0
- package/node_modules/fs.realpath/package.json +13 -14
- package/node_modules/gauge/package.json +13 -14
- package/node_modules/glob/package.json +13 -14
- package/node_modules/has-unicode/package.json +13 -14
- package/node_modules/iconv-lite/.travis.yml +23 -0
- package/node_modules/iconv-lite/Changelog.md +146 -0
- package/node_modules/{punycode/LICENSE-MIT.txt → iconv-lite/LICENSE} +2 -1
- package/node_modules/iconv-lite/README.md +156 -0
- package/node_modules/iconv-lite/encodings/dbcs-codec.js +555 -0
- package/node_modules/iconv-lite/encodings/dbcs-data.js +176 -0
- package/node_modules/iconv-lite/encodings/index.js +22 -0
- package/node_modules/iconv-lite/encodings/internal.js +188 -0
- package/node_modules/iconv-lite/encodings/sbcs-codec.js +72 -0
- package/node_modules/iconv-lite/encodings/sbcs-data-generated.js +451 -0
- package/node_modules/iconv-lite/encodings/sbcs-data.js +169 -0
- package/node_modules/iconv-lite/encodings/tables/big5-added.json +122 -0
- package/node_modules/iconv-lite/encodings/tables/cp936.json +264 -0
- package/node_modules/iconv-lite/encodings/tables/cp949.json +273 -0
- package/node_modules/iconv-lite/encodings/tables/cp950.json +177 -0
- package/node_modules/iconv-lite/encodings/tables/eucjp.json +182 -0
- package/node_modules/iconv-lite/encodings/tables/gb18030-ranges.json +1 -0
- package/node_modules/iconv-lite/encodings/tables/gbk-added.json +55 -0
- package/node_modules/iconv-lite/encodings/tables/shiftjis.json +125 -0
- package/node_modules/iconv-lite/encodings/utf16.js +177 -0
- package/node_modules/iconv-lite/encodings/utf7.js +290 -0
- package/node_modules/iconv-lite/lib/bom-handling.js +52 -0
- package/node_modules/iconv-lite/lib/extend-node.js +217 -0
- package/node_modules/iconv-lite/lib/index.d.ts +24 -0
- package/node_modules/iconv-lite/lib/index.js +153 -0
- package/node_modules/iconv-lite/lib/streams.js +121 -0
- package/node_modules/iconv-lite/package.json +76 -0
- package/node_modules/{fstream → ignore-walk}/LICENSE +0 -0
- package/node_modules/ignore-walk/README.md +60 -0
- package/node_modules/ignore-walk/index.js +265 -0
- package/node_modules/ignore-walk/package.json +71 -0
- package/node_modules/inflight/package.json +13 -14
- package/node_modules/inherits/package.json +16 -14
- package/node_modules/ini/ini.js +66 -62
- package/node_modules/ini/package.json +24 -20
- package/node_modules/is-fullwidth-code-point/package.json +13 -14
- package/node_modules/isarray/package.json +13 -14
- package/node_modules/minimatch/package.json +14 -14
- package/node_modules/minimist/package.json +8 -9
- package/node_modules/minipass/README.md +46 -0
- package/node_modules/minipass/index.js +304 -0
- package/node_modules/minipass/package.json +69 -0
- package/node_modules/minizlib/LICENSE +26 -0
- package/node_modules/minizlib/README.md +44 -0
- package/node_modules/minizlib/constants.js +46 -0
- package/node_modules/minizlib/index.js +364 -0
- package/node_modules/minizlib/package.json +71 -0
- package/node_modules/mkdirp/package.json +15 -14
- package/node_modules/ms/package.json +8 -9
- package/node_modules/needle/README.md +593 -0
- package/node_modules/needle/bin/needle +40 -0
- package/node_modules/needle/examples/deflated-stream.js +22 -0
- package/node_modules/needle/examples/digest-auth.js +16 -0
- package/node_modules/needle/examples/download-to-file.js +18 -0
- package/node_modules/needle/examples/multipart-stream.js +25 -0
- package/node_modules/needle/examples/parsed-stream.js +23 -0
- package/node_modules/needle/examples/parsed-stream2.js +21 -0
- package/node_modules/needle/examples/stream-events.js +23 -0
- package/node_modules/needle/examples/stream-to-file.js +14 -0
- package/node_modules/needle/examples/upload-image.js +51 -0
- package/node_modules/needle/lib/auth.js +110 -0
- package/node_modules/needle/lib/cookies.js +77 -0
- package/node_modules/needle/lib/decoder.js +53 -0
- package/node_modules/needle/lib/multipart.js +98 -0
- package/node_modules/needle/lib/needle.js +783 -0
- package/node_modules/needle/lib/parsers.js +120 -0
- package/node_modules/needle/lib/querystring.js +49 -0
- package/node_modules/{delayed-stream/License → needle/license.txt} +2 -2
- package/node_modules/needle/package.json +102 -0
- package/node_modules/needle/test/basic_auth_spec.js +196 -0
- package/node_modules/needle/test/compression_spec.js +94 -0
- package/node_modules/needle/test/cookies_spec.js +305 -0
- package/node_modules/needle/test/decoder_spec.js +86 -0
- package/node_modules/needle/test/errors_spec.js +286 -0
- package/node_modules/needle/test/headers_spec.js +198 -0
- package/node_modules/needle/test/helpers.js +72 -0
- package/node_modules/needle/test/long_string_spec.js +34 -0
- package/node_modules/needle/test/output_spec.js +254 -0
- package/node_modules/needle/test/parsing_spec.js +494 -0
- package/node_modules/needle/test/post_data_spec.js +1021 -0
- package/node_modules/needle/test/proxy_spec.js +202 -0
- package/node_modules/needle/test/querystring_spec.js +128 -0
- package/node_modules/needle/test/redirect_spec.js +392 -0
- package/node_modules/needle/test/redirect_with_timeout.js +45 -0
- package/node_modules/needle/test/request_stream_spec.js +202 -0
- package/node_modules/needle/test/response_stream_spec.js +139 -0
- package/node_modules/needle/test/socket_pool_spec.js +66 -0
- package/node_modules/needle/test/url_spec.js +147 -0
- package/node_modules/needle/test/utils/formidable.js +17 -0
- package/node_modules/needle/test/utils/proxy.js +62 -0
- package/node_modules/needle/test/utils/test.js +104 -0
- package/node_modules/node-pre-gyp/CHANGELOG.md +25 -0
- package/node_modules/node-pre-gyp/README.md +83 -8
- package/node_modules/node-pre-gyp/appveyor.yml +4 -13
- package/node_modules/node-pre-gyp/lib/build.js +8 -0
- package/node_modules/node-pre-gyp/lib/clean.js +17 -8
- package/node_modules/node-pre-gyp/lib/configure.js +4 -0
- package/node_modules/node-pre-gyp/lib/install.js +58 -34
- package/node_modules/node-pre-gyp/lib/node-pre-gyp.js +9 -0
- package/node_modules/node-pre-gyp/lib/package.js +20 -13
- package/node_modules/node-pre-gyp/lib/pre-binding.js +6 -1
- package/node_modules/node-pre-gyp/lib/publish.js +3 -1
- package/node_modules/node-pre-gyp/lib/rebuild.js +12 -4
- package/node_modules/node-pre-gyp/lib/reinstall.js +8 -1
- package/node_modules/node-pre-gyp/lib/reveal.js +4 -2
- package/node_modules/node-pre-gyp/lib/testbinary.js +3 -1
- package/node_modules/node-pre-gyp/lib/testpackage.js +22 -16
- package/node_modules/node-pre-gyp/lib/unpublish.js +3 -1
- package/node_modules/node-pre-gyp/lib/util/abi_crosswalk.json +104 -0
- package/node_modules/node-pre-gyp/lib/util/handle_gyp_opts.js +8 -2
- package/node_modules/node-pre-gyp/lib/util/napi.js +156 -0
- package/node_modules/node-pre-gyp/lib/util/versioning.js +7 -2
- package/node_modules/node-pre-gyp/package.json +19 -22
- package/node_modules/nopt/package.json +13 -14
- package/node_modules/npm-bundled/README.md +46 -0
- package/node_modules/npm-bundled/index.js +227 -0
- package/node_modules/npm-bundled/package.json +60 -0
- package/node_modules/{json-stringify-safe → npm-packlist}/LICENSE +0 -0
- package/node_modules/npm-packlist/README.md +68 -0
- package/node_modules/npm-packlist/index.js +220 -0
- package/node_modules/npm-packlist/package.json +66 -0
- package/node_modules/npmlog/log.js +6 -1
- package/node_modules/npmlog/package.json +17 -18
- package/node_modules/number-is-nan/package.json +13 -14
- package/node_modules/object-assign/package.json +13 -14
- package/node_modules/once/package.json +14 -14
- package/node_modules/os-homedir/package.json +13 -14
- package/node_modules/os-tmpdir/package.json +13 -14
- package/node_modules/osenv/package.json +24 -19
- package/node_modules/path-is-absolute/package.json +13 -14
- package/node_modules/process-nextick-args/index.js +3 -2
- package/node_modules/process-nextick-args/package.json +20 -18
- package/node_modules/process-nextick-args/readme.md +2 -2
- package/node_modules/rc/README.md +80 -2
- package/node_modules/rc/cli.js +4 -0
- package/node_modules/rc/index.js +0 -7
- package/node_modules/rc/node_modules/minimist/package.json +13 -14
- package/node_modules/rc/package.json +19 -20
- package/node_modules/readable-stream/.travis.yml +26 -20
- package/node_modules/readable-stream/README.md +3 -2
- package/node_modules/readable-stream/lib/_stream_duplex.js +69 -13
- package/node_modules/readable-stream/lib/_stream_passthrough.js +21 -0
- package/node_modules/readable-stream/lib/_stream_readable.js +194 -110
- package/node_modules/readable-stream/lib/_stream_transform.js +64 -32
- package/node_modules/readable-stream/lib/_stream_writable.js +198 -55
- package/node_modules/readable-stream/lib/internal/streams/BufferList.js +68 -53
- package/node_modules/readable-stream/lib/internal/streams/destroy.js +74 -0
- package/node_modules/readable-stream/package.json +27 -30
- package/node_modules/readable-stream/writable.js +2 -2
- package/node_modules/rimraf/package.json +17 -18
- package/node_modules/rimraf/rimraf.js +3 -2
- package/node_modules/safe-buffer/README.md +12 -9
- package/node_modules/safe-buffer/index.js +10 -6
- package/node_modules/safe-buffer/package.json +21 -20
- package/node_modules/safe-buffer/test.js +2 -0
- package/node_modules/{ajv → safer-buffer}/LICENSE +2 -3
- package/node_modules/safer-buffer/Porting-Buffer.md +268 -0
- package/node_modules/safer-buffer/Readme.md +156 -0
- package/node_modules/safer-buffer/dangerous.js +58 -0
- package/node_modules/safer-buffer/package.json +60 -0
- package/node_modules/safer-buffer/safer.js +77 -0
- package/node_modules/safer-buffer/tests.js +406 -0
- package/node_modules/sax/LICENSE +41 -0
- package/node_modules/sax/README.md +225 -0
- package/node_modules/sax/lib/sax.js +1565 -0
- package/node_modules/sax/package.json +61 -0
- package/node_modules/semver/README.md +75 -37
- package/node_modules/semver/bin/semver +12 -2
- package/node_modules/semver/package.json +19 -20
- package/node_modules/semver/range.bnf +2 -2
- package/node_modules/semver/semver.js +134 -13
- package/node_modules/set-blocking/package.json +13 -14
- package/node_modules/signal-exit/package.json +13 -14
- package/node_modules/string-width/package.json +14 -14
- package/node_modules/string_decoder/.travis.yml +50 -0
- package/node_modules/string_decoder/README.md +22 -3
- package/node_modules/string_decoder/lib/string_decoder.js +35 -11
- package/node_modules/string_decoder/package.json +25 -23
- package/node_modules/strip-ansi/package.json +14 -14
- package/node_modules/strip-json-comments/package.json +13 -14
- package/node_modules/tar/LICENSE +3 -0
- package/node_modules/tar/README.md +929 -30
- package/node_modules/tar/index.js +18 -0
- package/node_modules/tar/lib/buffer.js +11 -0
- package/node_modules/tar/lib/create.js +105 -0
- package/node_modules/tar/lib/extract.js +97 -79
- package/node_modules/tar/lib/header.js +236 -348
- package/node_modules/tar/lib/high-level-opt.js +29 -0
- package/node_modules/tar/lib/large-numbers.js +92 -0
- package/node_modules/tar/lib/list.js +130 -0
- package/node_modules/tar/lib/mkdir.js +206 -0
- package/node_modules/tar/lib/pack.js +354 -187
- package/node_modules/tar/lib/parse.js +393 -246
- package/node_modules/tar/lib/pax.js +146 -0
- package/node_modules/tar/lib/read-entry.js +94 -0
- package/node_modules/tar/lib/replace.js +220 -0
- package/node_modules/tar/lib/types.js +44 -0
- package/node_modules/tar/lib/unpack.js +560 -0
- package/node_modules/tar/lib/update.js +36 -0
- package/node_modules/tar/lib/warn-mixin.js +14 -0
- package/node_modules/tar/lib/winchars.js +23 -0
- package/node_modules/tar/lib/write-entry.js +403 -0
- package/node_modules/tar/package.json +48 -30
- package/node_modules/util-deprecate/package.json +13 -14
- package/node_modules/wide-align/package.json +13 -14
- package/node_modules/wrappy/package.json +14 -14
- package/node_modules/yallist/LICENSE +15 -0
- package/node_modules/yallist/README.md +204 -0
- package/node_modules/yallist/iterator.js +8 -0
- package/node_modules/yallist/package.json +63 -0
- package/node_modules/yallist/yallist.js +376 -0
- package/package.json +1 -1
- package/node_modules/ajv/.tonic_example.js +0 -20
- package/node_modules/ajv/README.md +0 -1213
- package/node_modules/ajv/dist/ajv.bundle.js +0 -8023
- package/node_modules/ajv/dist/ajv.min.js +0 -6
- package/node_modules/ajv/dist/ajv.min.js.map +0 -1
- package/node_modules/ajv/dist/nodent.min.js +0 -8
- package/node_modules/ajv/dist/regenerator.min.js +0 -32
- package/node_modules/ajv/lib/ajv.d.ts +0 -284
- package/node_modules/ajv/lib/ajv.js +0 -420
- package/node_modules/ajv/lib/async.js +0 -218
- package/node_modules/ajv/lib/cache.js +0 -26
- package/node_modules/ajv/lib/compile/_rules.js +0 -28
- package/node_modules/ajv/lib/compile/equal.js +0 -45
- package/node_modules/ajv/lib/compile/formats.js +0 -164
- package/node_modules/ajv/lib/compile/index.js +0 -390
- package/node_modules/ajv/lib/compile/resolve.js +0 -267
- package/node_modules/ajv/lib/compile/rules.js +0 -40
- package/node_modules/ajv/lib/compile/schema_obj.js +0 -9
- package/node_modules/ajv/lib/compile/ucs2length.js +0 -20
- package/node_modules/ajv/lib/compile/util.js +0 -257
- package/node_modules/ajv/lib/compile/validation_error.js +0 -14
- package/node_modules/ajv/lib/dot/_limit.jst +0 -49
- package/node_modules/ajv/lib/dot/_limitItems.jst +0 -10
- package/node_modules/ajv/lib/dot/_limitLength.jst +0 -10
- package/node_modules/ajv/lib/dot/_limitProperties.jst +0 -10
- package/node_modules/ajv/lib/dot/allOf.jst +0 -34
- package/node_modules/ajv/lib/dot/anyOf.jst +0 -48
- package/node_modules/ajv/lib/dot/coerce.def +0 -61
- package/node_modules/ajv/lib/dot/custom.jst +0 -184
- package/node_modules/ajv/lib/dot/defaults.def +0 -32
- package/node_modules/ajv/lib/dot/definitions.def +0 -182
- package/node_modules/ajv/lib/dot/dependencies.jst +0 -69
- package/node_modules/ajv/lib/dot/enum.jst +0 -30
- package/node_modules/ajv/lib/dot/errors.def +0 -185
- package/node_modules/ajv/lib/dot/format.jst +0 -100
- package/node_modules/ajv/lib/dot/items.jst +0 -101
- package/node_modules/ajv/lib/dot/missing.def +0 -34
- package/node_modules/ajv/lib/dot/multipleOf.jst +0 -20
- package/node_modules/ajv/lib/dot/not.jst +0 -43
- package/node_modules/ajv/lib/dot/oneOf.jst +0 -44
- package/node_modules/ajv/lib/dot/pattern.jst +0 -14
- package/node_modules/ajv/lib/dot/properties.jst +0 -319
- package/node_modules/ajv/lib/dot/ref.jst +0 -86
- package/node_modules/ajv/lib/dot/required.jst +0 -96
- package/node_modules/ajv/lib/dot/uniqueItems.jst +0 -38
- package/node_modules/ajv/lib/dot/v5/_formatLimit.jst +0 -116
- package/node_modules/ajv/lib/dot/v5/constant.jst +0 -10
- package/node_modules/ajv/lib/dot/v5/patternRequired.jst +0 -28
- package/node_modules/ajv/lib/dot/v5/switch.jst +0 -73
- package/node_modules/ajv/lib/dot/validate.jst +0 -210
- package/node_modules/ajv/lib/dotjs/README.md +0 -3
- package/node_modules/ajv/lib/dotjs/_formatLimit.js +0 -176
- package/node_modules/ajv/lib/dotjs/_limit.js +0 -124
- package/node_modules/ajv/lib/dotjs/_limitItems.js +0 -76
- package/node_modules/ajv/lib/dotjs/_limitLength.js +0 -81
- package/node_modules/ajv/lib/dotjs/_limitProperties.js +0 -76
- package/node_modules/ajv/lib/dotjs/allOf.js +0 -43
- package/node_modules/ajv/lib/dotjs/anyOf.js +0 -65
- package/node_modules/ajv/lib/dotjs/constant.js +0 -52
- package/node_modules/ajv/lib/dotjs/custom.js +0 -220
- package/node_modules/ajv/lib/dotjs/dependencies.js +0 -147
- package/node_modules/ajv/lib/dotjs/enum.js +0 -65
- package/node_modules/ajv/lib/dotjs/format.js +0 -138
- package/node_modules/ajv/lib/dotjs/items.js +0 -144
- package/node_modules/ajv/lib/dotjs/multipleOf.js +0 -76
- package/node_modules/ajv/lib/dotjs/not.js +0 -83
- package/node_modules/ajv/lib/dotjs/oneOf.js +0 -76
- package/node_modules/ajv/lib/dotjs/pattern.js +0 -74
- package/node_modules/ajv/lib/dotjs/patternRequired.js +0 -51
- package/node_modules/ajv/lib/dotjs/properties.js +0 -445
- package/node_modules/ajv/lib/dotjs/ref.js +0 -119
- package/node_modules/ajv/lib/dotjs/required.js +0 -249
- package/node_modules/ajv/lib/dotjs/switch.js +0 -128
- package/node_modules/ajv/lib/dotjs/uniqueItems.js +0 -71
- package/node_modules/ajv/lib/dotjs/validate.js +0 -375
- package/node_modules/ajv/lib/keyword.js +0 -129
- package/node_modules/ajv/lib/refs/json-schema-draft-04.json +0 -150
- package/node_modules/ajv/lib/refs/json-schema-v5.json +0 -328
- package/node_modules/ajv/lib/v5.js +0 -52
- package/node_modules/ajv/package.json +0 -132
- package/node_modules/ajv/scripts/.eslintrc.yml +0 -3
- package/node_modules/ajv/scripts/bundle.js +0 -54
- package/node_modules/ajv/scripts/compile-dots.js +0 -73
- package/node_modules/ajv/scripts/info +0 -10
- package/node_modules/ajv/scripts/prepare-tests +0 -9
- package/node_modules/ajv/scripts/travis-gh-pages +0 -23
- package/node_modules/asn1/.npmignore +0 -2
- package/node_modules/asn1/.travis.yml +0 -4
- package/node_modules/asn1/LICENSE +0 -19
- package/node_modules/asn1/README.md +0 -50
- package/node_modules/asn1/lib/ber/errors.js +0 -13
- package/node_modules/asn1/lib/ber/index.js +0 -27
- package/node_modules/asn1/lib/ber/reader.js +0 -261
- package/node_modules/asn1/lib/ber/types.js +0 -36
- package/node_modules/asn1/lib/ber/writer.js +0 -316
- package/node_modules/asn1/lib/index.js +0 -20
- package/node_modules/asn1/package.json +0 -66
- package/node_modules/asn1/tst/ber/reader.test.js +0 -208
- package/node_modules/asn1/tst/ber/writer.test.js +0 -370
- package/node_modules/assert-plus/AUTHORS +0 -6
- package/node_modules/assert-plus/CHANGES.md +0 -8
- package/node_modules/assert-plus/README.md +0 -155
- package/node_modules/assert-plus/assert.js +0 -206
- package/node_modules/assert-plus/package.json +0 -83
- package/node_modules/asynckit/README.md +0 -233
- package/node_modules/asynckit/bench.js +0 -76
- package/node_modules/asynckit/index.js +0 -6
- package/node_modules/asynckit/lib/abort.js +0 -29
- package/node_modules/asynckit/lib/async.js +0 -34
- package/node_modules/asynckit/lib/defer.js +0 -26
- package/node_modules/asynckit/lib/iterate.js +0 -75
- package/node_modules/asynckit/lib/readable_asynckit.js +0 -91
- package/node_modules/asynckit/lib/readable_parallel.js +0 -25
- package/node_modules/asynckit/lib/readable_serial.js +0 -25
- package/node_modules/asynckit/lib/readable_serial_ordered.js +0 -29
- package/node_modules/asynckit/lib/state.js +0 -37
- package/node_modules/asynckit/lib/streamify.js +0 -141
- package/node_modules/asynckit/lib/terminator.js +0 -29
- package/node_modules/asynckit/package.json +0 -92
- package/node_modules/asynckit/parallel.js +0 -43
- package/node_modules/asynckit/serial.js +0 -17
- package/node_modules/asynckit/serialOrdered.js +0 -75
- package/node_modules/asynckit/stream.js +0 -21
- package/node_modules/aws-sign2/LICENSE +0 -55
- package/node_modules/aws-sign2/README.md +0 -4
- package/node_modules/aws-sign2/index.js +0 -212
- package/node_modules/aws-sign2/package.json +0 -51
- package/node_modules/aws4/.npmignore +0 -4
- package/node_modules/aws4/.tern-port +0 -1
- package/node_modules/aws4/.travis.yml +0 -5
- package/node_modules/aws4/LICENSE +0 -19
- package/node_modules/aws4/README.md +0 -523
- package/node_modules/aws4/aws4.js +0 -332
- package/node_modules/aws4/lru.js +0 -96
- package/node_modules/aws4/package.json +0 -105
- package/node_modules/bcrypt-pbkdf/README.md +0 -39
- package/node_modules/bcrypt-pbkdf/index.js +0 -556
- package/node_modules/bcrypt-pbkdf/package.json +0 -38
- package/node_modules/block-stream/LICENCE +0 -25
- package/node_modules/block-stream/README.md +0 -14
- package/node_modules/block-stream/block-stream.js +0 -209
- package/node_modules/block-stream/package.json +0 -61
- package/node_modules/boom/.npmignore +0 -18
- package/node_modules/boom/.travis.yml +0 -8
- package/node_modules/boom/CONTRIBUTING.md +0 -1
- package/node_modules/boom/LICENSE +0 -28
- package/node_modules/boom/README.md +0 -652
- package/node_modules/boom/images/boom.png +0 -0
- package/node_modules/boom/lib/index.js +0 -318
- package/node_modules/boom/package.json +0 -59
- package/node_modules/boom/test/index.js +0 -654
- package/node_modules/buffer-shims/index.js +0 -108
- package/node_modules/buffer-shims/license.md +0 -19
- package/node_modules/buffer-shims/package.json +0 -50
- package/node_modules/buffer-shims/readme.md +0 -21
- package/node_modules/caseless/LICENSE +0 -28
- package/node_modules/caseless/README.md +0 -45
- package/node_modules/caseless/index.js +0 -67
- package/node_modules/caseless/package.json +0 -57
- package/node_modules/caseless/test.js +0 -67
- package/node_modules/co/History.md +0 -172
- package/node_modules/co/LICENSE +0 -22
- package/node_modules/co/Readme.md +0 -212
- package/node_modules/co/index.js +0 -237
- package/node_modules/co/package.json +0 -67
- package/node_modules/combined-stream/License +0 -19
- package/node_modules/combined-stream/Readme.md +0 -138
- package/node_modules/combined-stream/lib/combined_stream.js +0 -188
- package/node_modules/combined-stream/package.json +0 -58
- package/node_modules/cryptiles/.npmignore +0 -18
- package/node_modules/cryptiles/.travis.yml +0 -8
- package/node_modules/cryptiles/LICENSE +0 -28
- package/node_modules/cryptiles/README.md +0 -16
- package/node_modules/cryptiles/lib/index.js +0 -68
- package/node_modules/cryptiles/package.json +0 -60
- package/node_modules/cryptiles/test/index.js +0 -102
- package/node_modules/dashdash/CHANGES.md +0 -364
- package/node_modules/dashdash/LICENSE.txt +0 -24
- package/node_modules/dashdash/README.md +0 -574
- package/node_modules/dashdash/etc/dashdash.bash_completion.in +0 -389
- package/node_modules/dashdash/lib/dashdash.js +0 -1055
- package/node_modules/dashdash/node_modules/assert-plus/AUTHORS +0 -6
- package/node_modules/dashdash/node_modules/assert-plus/CHANGES.md +0 -14
- package/node_modules/dashdash/node_modules/assert-plus/README.md +0 -162
- package/node_modules/dashdash/node_modules/assert-plus/assert.js +0 -211
- package/node_modules/dashdash/node_modules/assert-plus/package.json +0 -83
- package/node_modules/dashdash/package.json +0 -68
- package/node_modules/delayed-stream/.npmignore +0 -1
- package/node_modules/delayed-stream/Makefile +0 -7
- package/node_modules/delayed-stream/Readme.md +0 -141
- package/node_modules/delayed-stream/lib/delayed_stream.js +0 -107
- package/node_modules/delayed-stream/package.json +0 -63
- package/node_modules/ecc-jsbn/.npmignore +0 -15
- package/node_modules/ecc-jsbn/LICENSE +0 -21
- package/node_modules/ecc-jsbn/README.md +0 -8
- package/node_modules/ecc-jsbn/index.js +0 -57
- package/node_modules/ecc-jsbn/lib/LICENSE-jsbn +0 -40
- package/node_modules/ecc-jsbn/lib/ec.js +0 -561
- package/node_modules/ecc-jsbn/lib/sec.js +0 -170
- package/node_modules/ecc-jsbn/package.json +0 -66
- package/node_modules/ecc-jsbn/test.js +0 -14
- package/node_modules/extend/.eslintrc +0 -17
- package/node_modules/extend/.jscs.json +0 -175
- package/node_modules/extend/.npmignore +0 -1
- package/node_modules/extend/.travis.yml +0 -179
- package/node_modules/extend/CHANGELOG.md +0 -77
- package/node_modules/extend/LICENSE +0 -23
- package/node_modules/extend/README.md +0 -81
- package/node_modules/extend/component.json +0 -32
- package/node_modules/extend/index.js +0 -86
- package/node_modules/extend/package.json +0 -76
- package/node_modules/extsprintf/.gitmodules +0 -6
- package/node_modules/extsprintf/LICENSE +0 -19
- package/node_modules/extsprintf/Makefile +0 -23
- package/node_modules/extsprintf/Makefile.deps +0 -39
- package/node_modules/extsprintf/Makefile.targ +0 -285
- package/node_modules/extsprintf/README.md +0 -39
- package/node_modules/extsprintf/examples/simple.js +0 -2
- package/node_modules/extsprintf/jsl.node.conf +0 -137
- package/node_modules/extsprintf/lib/extsprintf.js +0 -166
- package/node_modules/extsprintf/package.json +0 -43
- package/node_modules/forever-agent/LICENSE +0 -55
- package/node_modules/forever-agent/README.md +0 -4
- package/node_modules/forever-agent/index.js +0 -138
- package/node_modules/forever-agent/package.json +0 -51
- package/node_modules/form-data/License +0 -19
- package/node_modules/form-data/README.md +0 -217
- package/node_modules/form-data/lib/browser.js +0 -2
- package/node_modules/form-data/lib/form_data.js +0 -444
- package/node_modules/form-data/lib/populate.js +0 -10
- package/node_modules/form-data/package.json +0 -99
- package/node_modules/fstream/.npmignore +0 -5
- package/node_modules/fstream/.travis.yml +0 -9
- package/node_modules/fstream/README.md +0 -76
- package/node_modules/fstream/examples/filter-pipe.js +0 -134
- package/node_modules/fstream/examples/pipe.js +0 -118
- package/node_modules/fstream/examples/reader.js +0 -68
- package/node_modules/fstream/examples/symlink-write.js +0 -27
- package/node_modules/fstream/fstream.js +0 -35
- package/node_modules/fstream/lib/abstract.js +0 -85
- package/node_modules/fstream/lib/collect.js +0 -70
- package/node_modules/fstream/lib/dir-reader.js +0 -252
- package/node_modules/fstream/lib/dir-writer.js +0 -174
- package/node_modules/fstream/lib/file-reader.js +0 -150
- package/node_modules/fstream/lib/file-writer.js +0 -107
- package/node_modules/fstream/lib/get-type.js +0 -33
- package/node_modules/fstream/lib/link-reader.js +0 -53
- package/node_modules/fstream/lib/link-writer.js +0 -95
- package/node_modules/fstream/lib/proxy-reader.js +0 -95
- package/node_modules/fstream/lib/proxy-writer.js +0 -111
- package/node_modules/fstream/lib/reader.js +0 -255
- package/node_modules/fstream/lib/socket-reader.js +0 -36
- package/node_modules/fstream/lib/writer.js +0 -390
- package/node_modules/fstream/package.json +0 -62
- package/node_modules/fstream-ignore/README.md +0 -22
- package/node_modules/fstream-ignore/ignore.js +0 -275
- package/node_modules/fstream-ignore/package.json +0 -62
- package/node_modules/getpass/.npmignore +0 -8
- package/node_modules/getpass/.travis.yml +0 -9
- package/node_modules/getpass/LICENSE +0 -18
- package/node_modules/getpass/README.md +0 -32
- package/node_modules/getpass/lib/index.js +0 -123
- package/node_modules/getpass/node_modules/assert-plus/AUTHORS +0 -6
- package/node_modules/getpass/node_modules/assert-plus/CHANGES.md +0 -14
- package/node_modules/getpass/node_modules/assert-plus/README.md +0 -162
- package/node_modules/getpass/node_modules/assert-plus/assert.js +0 -211
- package/node_modules/getpass/node_modules/assert-plus/package.json +0 -83
- package/node_modules/getpass/package.json +0 -51
- package/node_modules/graceful-fs/LICENSE +0 -15
- package/node_modules/graceful-fs/README.md +0 -133
- package/node_modules/graceful-fs/fs.js +0 -21
- package/node_modules/graceful-fs/graceful-fs.js +0 -262
- package/node_modules/graceful-fs/legacy-streams.js +0 -118
- package/node_modules/graceful-fs/package.json +0 -77
- package/node_modules/graceful-fs/polyfills.js +0 -330
- package/node_modules/har-schema/LICENSE +0 -13
- package/node_modules/har-schema/README.md +0 -49
- package/node_modules/har-schema/lib/afterRequest.json +0 -29
- package/node_modules/har-schema/lib/beforeRequest.json +0 -29
- package/node_modules/har-schema/lib/browser.json +0 -19
- package/node_modules/har-schema/lib/cache.json +0 -20
- package/node_modules/har-schema/lib/content.json +0 -28
- package/node_modules/har-schema/lib/cookie.json +0 -35
- package/node_modules/har-schema/lib/creator.json +0 -19
- package/node_modules/har-schema/lib/entry.json +0 -52
- package/node_modules/har-schema/lib/har.json +0 -12
- package/node_modules/har-schema/lib/header.json +0 -19
- package/node_modules/har-schema/lib/index.js +0 -22
- package/node_modules/har-schema/lib/log.json +0 -35
- package/node_modules/har-schema/lib/page.json +0 -31
- package/node_modules/har-schema/lib/pageTimings.json +0 -17
- package/node_modules/har-schema/lib/postData.json +0 -42
- package/node_modules/har-schema/lib/query.json +0 -19
- package/node_modules/har-schema/lib/request.json +0 -56
- package/node_modules/har-schema/lib/response.json +0 -53
- package/node_modules/har-schema/lib/timings.json +0 -41
- package/node_modules/har-schema/package.json +0 -87
- package/node_modules/har-validator/LICENSE +0 -13
- package/node_modules/har-validator/README.md +0 -75
- package/node_modules/har-validator/lib/browser/async.js +0 -96
- package/node_modules/har-validator/lib/browser/error.js +0 -15
- package/node_modules/har-validator/lib/browser/promise.js +0 -93
- package/node_modules/har-validator/lib/node4/async.js +0 -136
- package/node_modules/har-validator/lib/node4/error.js +0 -22
- package/node_modules/har-validator/lib/node4/promise.js +0 -132
- package/node_modules/har-validator/lib/node6/async.js +0 -133
- package/node_modules/har-validator/lib/node6/error.js +0 -22
- package/node_modules/har-validator/lib/node6/promise.js +0 -130
- package/node_modules/har-validator/lib/node7/async.js +0 -133
- package/node_modules/har-validator/lib/node7/error.js +0 -22
- package/node_modules/har-validator/lib/node7/promise.js +0 -130
- package/node_modules/har-validator/package.json +0 -102
- package/node_modules/har-validator/src/async.js +0 -96
- package/node_modules/har-validator/src/error.js +0 -15
- package/node_modules/har-validator/src/promise.js +0 -93
- package/node_modules/hawk/.npmignore +0 -20
- package/node_modules/hawk/.travis.yml +0 -5
- package/node_modules/hawk/LICENSE +0 -28
- package/node_modules/hawk/README.md +0 -634
- package/node_modules/hawk/bower.json +0 -24
- package/node_modules/hawk/component.json +0 -19
- package/node_modules/hawk/dist/client.js +0 -343
- package/node_modules/hawk/example/usage.js +0 -78
- package/node_modules/hawk/images/hawk.png +0 -0
- package/node_modules/hawk/images/logo.png +0 -0
- package/node_modules/hawk/lib/browser.js +0 -637
- package/node_modules/hawk/lib/client.js +0 -369
- package/node_modules/hawk/lib/crypto.js +0 -126
- package/node_modules/hawk/lib/index.js +0 -15
- package/node_modules/hawk/lib/server.js +0 -548
- package/node_modules/hawk/lib/utils.js +0 -184
- package/node_modules/hawk/package.json +0 -71
- package/node_modules/hawk/test/browser.js +0 -1492
- package/node_modules/hawk/test/client.js +0 -440
- package/node_modules/hawk/test/crypto.js +0 -70
- package/node_modules/hawk/test/index.js +0 -378
- package/node_modules/hawk/test/readme.js +0 -95
- package/node_modules/hawk/test/server.js +0 -1329
- package/node_modules/hawk/test/uri.js +0 -838
- package/node_modules/hawk/test/utils.js +0 -149
- package/node_modules/hoek/.npmignore +0 -18
- package/node_modules/hoek/.travis.yml +0 -7
- package/node_modules/hoek/CONTRIBUTING.md +0 -1
- package/node_modules/hoek/LICENSE +0 -31
- package/node_modules/hoek/README.md +0 -584
- package/node_modules/hoek/images/hoek.png +0 -0
- package/node_modules/hoek/lib/escape.js +0 -132
- package/node_modules/hoek/lib/index.js +0 -993
- package/node_modules/hoek/package.json +0 -56
- package/node_modules/hoek/test/escaper.js +0 -88
- package/node_modules/hoek/test/index.js +0 -2513
- package/node_modules/hoek/test/modules/ignore.txt +0 -0
- package/node_modules/hoek/test/modules/test1.js +0 -1
- package/node_modules/hoek/test/modules/test2.js +0 -1
- package/node_modules/hoek/test/modules/test3.js +0 -1
- package/node_modules/http-signature/.dir-locals.el +0 -6
- package/node_modules/http-signature/.npmignore +0 -7
- package/node_modules/http-signature/CHANGES.md +0 -46
- package/node_modules/http-signature/LICENSE +0 -18
- package/node_modules/http-signature/README.md +0 -79
- package/node_modules/http-signature/http_signing.md +0 -363
- package/node_modules/http-signature/lib/index.js +0 -29
- package/node_modules/http-signature/lib/parser.js +0 -318
- package/node_modules/http-signature/lib/signer.js +0 -399
- package/node_modules/http-signature/lib/utils.js +0 -112
- package/node_modules/http-signature/lib/verify.js +0 -88
- package/node_modules/http-signature/package.json +0 -78
- package/node_modules/is-typedarray/LICENSE.md +0 -18
- package/node_modules/is-typedarray/README.md +0 -16
- package/node_modules/is-typedarray/index.js +0 -41
- package/node_modules/is-typedarray/package.json +0 -60
- package/node_modules/is-typedarray/test.js +0 -34
- package/node_modules/isstream/.jshintrc +0 -59
- package/node_modules/isstream/.npmignore +0 -1
- package/node_modules/isstream/.travis.yml +0 -12
- package/node_modules/isstream/LICENSE.md +0 -11
- package/node_modules/isstream/README.md +0 -66
- package/node_modules/isstream/isstream.js +0 -27
- package/node_modules/isstream/package.json +0 -62
- package/node_modules/isstream/test.js +0 -168
- package/node_modules/jodid25519/.npmignore +0 -11
- package/node_modules/jodid25519/.travis.yml +0 -7
- package/node_modules/jodid25519/AUTHORS.md +0 -3
- package/node_modules/jodid25519/LICENSE +0 -23
- package/node_modules/jodid25519/README.md +0 -51
- package/node_modules/jodid25519/almond.0 +0 -42
- package/node_modules/jodid25519/almond.1 +0 -13
- package/node_modules/jodid25519/index.js +0 -35
- package/node_modules/jodid25519/jsdoc.json +0 -19
- package/node_modules/jodid25519/lib/core.js +0 -481
- package/node_modules/jodid25519/lib/curve255.js +0 -221
- package/node_modules/jodid25519/lib/dh.js +0 -111
- package/node_modules/jodid25519/lib/eddsa.js +0 -573
- package/node_modules/jodid25519/lib/utils.js +0 -198
- package/node_modules/jodid25519/package.json +0 -76
- package/node_modules/jsbn/.npmignore +0 -2
- package/node_modules/jsbn/LICENSE +0 -40
- package/node_modules/jsbn/README.md +0 -175
- package/node_modules/jsbn/example.html +0 -12
- package/node_modules/jsbn/example.js +0 -3
- package/node_modules/jsbn/index.js +0 -1357
- package/node_modules/jsbn/package.json +0 -54
- package/node_modules/json-schema/README.md +0 -5
- package/node_modules/json-schema/draft-00/hyper-schema +0 -68
- package/node_modules/json-schema/draft-00/json-ref +0 -26
- package/node_modules/json-schema/draft-00/links +0 -33
- package/node_modules/json-schema/draft-00/schema +0 -155
- package/node_modules/json-schema/draft-01/hyper-schema +0 -68
- package/node_modules/json-schema/draft-01/json-ref +0 -26
- package/node_modules/json-schema/draft-01/links +0 -33
- package/node_modules/json-schema/draft-01/schema +0 -155
- package/node_modules/json-schema/draft-02/hyper-schema +0 -68
- package/node_modules/json-schema/draft-02/json-ref +0 -26
- package/node_modules/json-schema/draft-02/links +0 -35
- package/node_modules/json-schema/draft-02/schema +0 -166
- package/node_modules/json-schema/draft-03/examples/address +0 -20
- package/node_modules/json-schema/draft-03/examples/calendar +0 -53
- package/node_modules/json-schema/draft-03/examples/card +0 -105
- package/node_modules/json-schema/draft-03/examples/geo +0 -8
- package/node_modules/json-schema/draft-03/examples/interfaces +0 -23
- package/node_modules/json-schema/draft-03/hyper-schema +0 -60
- package/node_modules/json-schema/draft-03/json-ref +0 -26
- package/node_modules/json-schema/draft-03/links +0 -35
- package/node_modules/json-schema/draft-03/schema +0 -174
- package/node_modules/json-schema/draft-04/hyper-schema +0 -60
- package/node_modules/json-schema/draft-04/links +0 -41
- package/node_modules/json-schema/draft-04/schema +0 -189
- package/node_modules/json-schema/draft-zyp-json-schema-03.xml +0 -1120
- package/node_modules/json-schema/draft-zyp-json-schema-04.xml +0 -1072
- package/node_modules/json-schema/lib/links.js +0 -66
- package/node_modules/json-schema/lib/validate.js +0 -273
- package/node_modules/json-schema/package.json +0 -72
- package/node_modules/json-schema/test/tests.js +0 -95
- package/node_modules/json-stable-stringify/.npmignore +0 -1
- package/node_modules/json-stable-stringify/.travis.yml +0 -4
- package/node_modules/json-stable-stringify/LICENSE +0 -18
- package/node_modules/json-stable-stringify/example/key_cmp.js +0 -7
- package/node_modules/json-stable-stringify/example/nested.js +0 -3
- package/node_modules/json-stable-stringify/example/str.js +0 -3
- package/node_modules/json-stable-stringify/example/value_cmp.js +0 -7
- package/node_modules/json-stable-stringify/index.js +0 -84
- package/node_modules/json-stable-stringify/package.json +0 -75
- package/node_modules/json-stable-stringify/readme.markdown +0 -130
- package/node_modules/json-stable-stringify/test/cmp.js +0 -11
- package/node_modules/json-stable-stringify/test/nested.js +0 -35
- package/node_modules/json-stable-stringify/test/replacer.js +0 -74
- package/node_modules/json-stable-stringify/test/space.js +0 -59
- package/node_modules/json-stable-stringify/test/str.js +0 -32
- package/node_modules/json-stable-stringify/test/to-json.js +0 -20
- package/node_modules/json-stringify-safe/.npmignore +0 -1
- package/node_modules/json-stringify-safe/CHANGELOG.md +0 -14
- package/node_modules/json-stringify-safe/Makefile +0 -35
- package/node_modules/json-stringify-safe/README.md +0 -52
- package/node_modules/json-stringify-safe/package.json +0 -67
- package/node_modules/json-stringify-safe/stringify.js +0 -27
- package/node_modules/json-stringify-safe/test/mocha.opts +0 -2
- package/node_modules/json-stringify-safe/test/stringify_test.js +0 -246
- package/node_modules/jsonify/README.markdown +0 -34
- package/node_modules/jsonify/index.js +0 -2
- package/node_modules/jsonify/lib/parse.js +0 -273
- package/node_modules/jsonify/lib/stringify.js +0 -154
- package/node_modules/jsonify/package.json +0 -60
- package/node_modules/jsonify/test/parse.js +0 -16
- package/node_modules/jsonify/test/stringify.js +0 -15
- package/node_modules/jsprim/CHANGES.md +0 -43
- package/node_modules/jsprim/LICENSE +0 -19
- package/node_modules/jsprim/README.md +0 -292
- package/node_modules/jsprim/lib/jsprim.js +0 -735
- package/node_modules/jsprim/node_modules/assert-plus/AUTHORS +0 -6
- package/node_modules/jsprim/node_modules/assert-plus/CHANGES.md +0 -14
- package/node_modules/jsprim/node_modules/assert-plus/README.md +0 -162
- package/node_modules/jsprim/node_modules/assert-plus/assert.js +0 -211
- package/node_modules/jsprim/node_modules/assert-plus/package.json +0 -83
- package/node_modules/jsprim/package.json +0 -50
- package/node_modules/mime-db/HISTORY.md +0 -412
- package/node_modules/mime-db/LICENSE +0 -22
- package/node_modules/mime-db/README.md +0 -82
- package/node_modules/mime-db/db.json +0 -6805
- package/node_modules/mime-db/index.js +0 -11
- package/node_modules/mime-db/package.json +0 -99
- package/node_modules/mime-types/HISTORY.md +0 -223
- package/node_modules/mime-types/LICENSE +0 -23
- package/node_modules/mime-types/README.md +0 -108
- package/node_modules/mime-types/index.js +0 -188
- package/node_modules/mime-types/package.json +0 -85
- package/node_modules/oauth-sign/LICENSE +0 -55
- package/node_modules/oauth-sign/README.md +0 -4
- package/node_modules/oauth-sign/index.js +0 -136
- package/node_modules/oauth-sign/package.json +0 -57
- package/node_modules/osenv/.npmignore +0 -13
- package/node_modules/osenv/.travis.yml +0 -9
- package/node_modules/osenv/test/unix.js +0 -71
- package/node_modules/osenv/test/windows.js +0 -74
- package/node_modules/osenv/x.tap +0 -39
- package/node_modules/performance-now/.npmignore +0 -1
- package/node_modules/performance-now/.tm_properties +0 -7
- package/node_modules/performance-now/.travis.yml +0 -4
- package/node_modules/performance-now/Makefile +0 -25
- package/node_modules/performance-now/README.md +0 -30
- package/node_modules/performance-now/lib/performance-now.js +0 -32
- package/node_modules/performance-now/license.txt +0 -7
- package/node_modules/performance-now/package.json +0 -58
- package/node_modules/performance-now/src/performance-now.coffee +0 -15
- package/node_modules/performance-now/test/mocha.opts +0 -3
- package/node_modules/performance-now/test/performance-now.coffee +0 -38
- package/node_modules/process-nextick-args/.travis.yml +0 -12
- package/node_modules/process-nextick-args/test.js +0 -24
- package/node_modules/punycode/README.md +0 -176
- package/node_modules/punycode/package.json +0 -88
- package/node_modules/punycode/punycode.js +0 -533
- package/node_modules/qs/.eslintignore +0 -1
- package/node_modules/qs/.eslintrc +0 -18
- package/node_modules/qs/.jscs.json +0 -176
- package/node_modules/qs/CHANGELOG.md +0 -175
- package/node_modules/qs/LICENSE +0 -28
- package/node_modules/qs/README.md +0 -440
- package/node_modules/qs/dist/qs.js +0 -597
- package/node_modules/qs/lib/formats.js +0 -18
- package/node_modules/qs/lib/index.js +0 -11
- package/node_modules/qs/lib/parse.js +0 -167
- package/node_modules/qs/lib/stringify.js +0 -207
- package/node_modules/qs/lib/utils.js +0 -182
- package/node_modules/qs/package.json +0 -79
- package/node_modules/qs/test/.eslintrc +0 -11
- package/node_modules/qs/test/index.js +0 -7
- package/node_modules/qs/test/parse.js +0 -519
- package/node_modules/qs/test/stringify.js +0 -567
- package/node_modules/qs/test/utils.js +0 -22
- package/node_modules/readable-stream/.npmignore +0 -9
- package/node_modules/request/CHANGELOG.md +0 -674
- package/node_modules/request/LICENSE +0 -55
- package/node_modules/request/README.md +0 -1115
- package/node_modules/request/index.js +0 -156
- package/node_modules/request/lib/auth.js +0 -168
- package/node_modules/request/lib/cookies.js +0 -39
- package/node_modules/request/lib/getProxyFromURI.js +0 -79
- package/node_modules/request/lib/har.js +0 -215
- package/node_modules/request/lib/helpers.js +0 -66
- package/node_modules/request/lib/multipart.js +0 -113
- package/node_modules/request/lib/oauth.js +0 -148
- package/node_modules/request/lib/querystring.js +0 -51
- package/node_modules/request/lib/redirect.js +0 -157
- package/node_modules/request/lib/tunnel.js +0 -176
- package/node_modules/request/package.json +0 -119
- package/node_modules/request/request.js +0 -1565
- package/node_modules/safe-buffer/browser.js +0 -1
- package/node_modules/sntp/.npmignore +0 -18
- package/node_modules/sntp/.travis.yml +0 -5
- package/node_modules/sntp/LICENSE +0 -28
- package/node_modules/sntp/Makefile +0 -9
- package/node_modules/sntp/README.md +0 -68
- package/node_modules/sntp/examples/offset.js +0 -16
- package/node_modules/sntp/examples/time.js +0 -25
- package/node_modules/sntp/index.js +0 -1
- package/node_modules/sntp/lib/index.js +0 -412
- package/node_modules/sntp/package.json +0 -69
- package/node_modules/sntp/test/index.js +0 -435
- package/node_modules/sshpk/.npmignore +0 -9
- package/node_modules/sshpk/.travis.yml +0 -11
- package/node_modules/sshpk/LICENSE +0 -18
- package/node_modules/sshpk/README.md +0 -698
- package/node_modules/sshpk/bin/sshpk-conv +0 -201
- package/node_modules/sshpk/bin/sshpk-sign +0 -191
- package/node_modules/sshpk/bin/sshpk-verify +0 -166
- package/node_modules/sshpk/lib/algs.js +0 -168
- package/node_modules/sshpk/lib/certificate.js +0 -377
- package/node_modules/sshpk/lib/dhe.js +0 -410
- package/node_modules/sshpk/lib/ed-compat.js +0 -96
- package/node_modules/sshpk/lib/errors.js +0 -84
- package/node_modules/sshpk/lib/fingerprint.js +0 -161
- package/node_modules/sshpk/lib/formats/auto.js +0 -73
- package/node_modules/sshpk/lib/formats/openssh-cert.js +0 -322
- package/node_modules/sshpk/lib/formats/pem.js +0 -186
- package/node_modules/sshpk/lib/formats/pkcs1.js +0 -320
- package/node_modules/sshpk/lib/formats/pkcs8.js +0 -505
- package/node_modules/sshpk/lib/formats/rfc4253.js +0 -146
- package/node_modules/sshpk/lib/formats/ssh-private.js +0 -261
- package/node_modules/sshpk/lib/formats/ssh.js +0 -114
- package/node_modules/sshpk/lib/formats/x509-pem.js +0 -77
- package/node_modules/sshpk/lib/formats/x509.js +0 -726
- package/node_modules/sshpk/lib/identity.js +0 -277
- package/node_modules/sshpk/lib/index.js +0 -39
- package/node_modules/sshpk/lib/key.js +0 -274
- package/node_modules/sshpk/lib/private-key.js +0 -255
- package/node_modules/sshpk/lib/signature.js +0 -313
- package/node_modules/sshpk/lib/ssh-buffer.js +0 -148
- package/node_modules/sshpk/lib/utils.js +0 -288
- package/node_modules/sshpk/man/man1/sshpk-conv.1 +0 -135
- package/node_modules/sshpk/man/man1/sshpk-sign.1 +0 -81
- package/node_modules/sshpk/man/man1/sshpk-verify.1 +0 -68
- package/node_modules/sshpk/node_modules/assert-plus/AUTHORS +0 -6
- package/node_modules/sshpk/node_modules/assert-plus/CHANGES.md +0 -14
- package/node_modules/sshpk/node_modules/assert-plus/README.md +0 -162
- package/node_modules/sshpk/node_modules/assert-plus/assert.js +0 -211
- package/node_modules/sshpk/node_modules/assert-plus/package.json +0 -83
- package/node_modules/sshpk/package.json +0 -103
- package/node_modules/string_decoder/.npmignore +0 -2
- package/node_modules/stringstream/.npmignore +0 -15
- package/node_modules/stringstream/.travis.yml +0 -4
- package/node_modules/stringstream/LICENSE.txt +0 -22
- package/node_modules/stringstream/README.md +0 -38
- package/node_modules/stringstream/example.js +0 -27
- package/node_modules/stringstream/package.json +0 -52
- package/node_modules/stringstream/stringstream.js +0 -102
- package/node_modules/tar/.npmignore +0 -5
- package/node_modules/tar/.travis.yml +0 -4
- package/node_modules/tar/examples/extracter.js +0 -19
- package/node_modules/tar/examples/packer.js +0 -24
- package/node_modules/tar/examples/reader.js +0 -36
- package/node_modules/tar/lib/buffer-entry.js +0 -30
- package/node_modules/tar/lib/entry-writer.js +0 -169
- package/node_modules/tar/lib/entry.js +0 -220
- package/node_modules/tar/lib/extended-header-writer.js +0 -191
- package/node_modules/tar/lib/extended-header.js +0 -140
- package/node_modules/tar/lib/global-header-writer.js +0 -14
- package/node_modules/tar/tar.js +0 -173
- package/node_modules/tar/test/00-setup-fixtures.js +0 -53
- package/node_modules/tar/test/cb-never-called-1.0.1.tgz +0 -0
- package/node_modules/tar/test/dir-normalization.js +0 -177
- package/node_modules/tar/test/dir-normalization.tar +0 -0
- package/node_modules/tar/test/error-on-broken.js +0 -33
- package/node_modules/tar/test/extract-move.js +0 -132
- package/node_modules/tar/test/extract.js +0 -367
- package/node_modules/tar/test/fixtures.tgz +0 -0
- package/node_modules/tar/test/header.js +0 -183
- package/node_modules/tar/test/pack-no-proprietary.js +0 -886
- package/node_modules/tar/test/pack.js +0 -952
- package/node_modules/tar/test/parse-discard.js +0 -29
- package/node_modules/tar/test/parse.js +0 -359
- package/node_modules/tar/test/zz-cleanup.js +0 -20
- package/node_modules/tar-pack/.npmignore +0 -14
- package/node_modules/tar-pack/.travis.yml +0 -7
- package/node_modules/tar-pack/LICENSE +0 -23
- package/node_modules/tar-pack/README.md +0 -84
- package/node_modules/tar-pack/index.js +0 -245
- package/node_modules/tar-pack/package.json +0 -58
- package/node_modules/tar-pack/test/fixtures/packed-file.txt +0 -1
- package/node_modules/tar-pack/test/fixtures/packed.tar +0 -0
- package/node_modules/tar-pack/test/fixtures/packed.tar.gz +0 -0
- package/node_modules/tar-pack/test/fixtures/to-pack/bar.txt +0 -1
- package/node_modules/tar-pack/test/fixtures/to-pack/foo.txt +0 -1
- package/node_modules/tar-pack/test/index.js +0 -109
- package/node_modules/tough-cookie/LICENSE +0 -27
- package/node_modules/tough-cookie/README.md +0 -506
- package/node_modules/tough-cookie/lib/cookie.js +0 -1336
- package/node_modules/tough-cookie/lib/memstore.js +0 -170
- package/node_modules/tough-cookie/lib/pathMatch.js +0 -61
- package/node_modules/tough-cookie/lib/permuteDomain.js +0 -56
- package/node_modules/tough-cookie/lib/pubsuffix.js +0 -98
- package/node_modules/tough-cookie/lib/store.js +0 -71
- package/node_modules/tough-cookie/package.json +0 -93
- package/node_modules/tunnel-agent/LICENSE +0 -55
- package/node_modules/tunnel-agent/README.md +0 -4
- package/node_modules/tunnel-agent/index.js +0 -244
- package/node_modules/tunnel-agent/package.json +0 -56
- package/node_modules/tweetnacl/.npmignore +0 -4
- package/node_modules/tweetnacl/AUTHORS.md +0 -28
- package/node_modules/tweetnacl/CHANGELOG.md +0 -221
- package/node_modules/tweetnacl/LICENSE +0 -24
- package/node_modules/tweetnacl/PULL_REQUEST_TEMPLATE.md +0 -20
- package/node_modules/tweetnacl/README.md +0 -459
- package/node_modules/tweetnacl/nacl-fast.js +0 -2388
- package/node_modules/tweetnacl/nacl-fast.min.js +0 -2
- package/node_modules/tweetnacl/nacl.d.ts +0 -98
- package/node_modules/tweetnacl/nacl.js +0 -1175
- package/node_modules/tweetnacl/nacl.min.js +0 -1
- package/node_modules/tweetnacl/package.json +0 -87
- package/node_modules/uid-number/LICENSE +0 -15
- package/node_modules/uid-number/README.md +0 -17
- package/node_modules/uid-number/get-uid-gid.js +0 -24
- package/node_modules/uid-number/package.json +0 -52
- package/node_modules/uid-number/uid-number.js +0 -59
- package/node_modules/uuid/.npmignore +0 -8
- package/node_modules/uuid/.travis.yml +0 -5
- package/node_modules/uuid/AUTHORS +0 -5
- package/node_modules/uuid/HISTORY.md +0 -28
- package/node_modules/uuid/LICENSE.md +0 -21
- package/node_modules/uuid/README.md +0 -132
- package/node_modules/uuid/bin/uuid +0 -26
- package/node_modules/uuid/index.js +0 -8
- package/node_modules/uuid/lib/bytesToUuid.js +0 -23
- package/node_modules/uuid/lib/rng-browser.js +0 -33
- package/node_modules/uuid/lib/rng.js +0 -10
- package/node_modules/uuid/package.json +0 -79
- package/node_modules/uuid/test/mocha.opts +0 -3
- package/node_modules/uuid/test/test.js +0 -96
- package/node_modules/uuid/v1.js +0 -103
- package/node_modules/uuid/v4.js +0 -29
- package/node_modules/verror/.gitmodules +0 -0
- package/node_modules/verror/.npmignore +0 -1
- package/node_modules/verror/LICENSE +0 -19
- package/node_modules/verror/Makefile +0 -35
- package/node_modules/verror/Makefile.targ +0 -285
- package/node_modules/verror/README.md +0 -120
- package/node_modules/verror/examples/levels-verror.js +0 -36
- package/node_modules/verror/examples/levels-werror.js +0 -34
- package/node_modules/verror/examples/varargs.js +0 -6
- package/node_modules/verror/examples/verror.js +0 -13
- package/node_modules/verror/examples/werror.js +0 -14
- package/node_modules/verror/jsl.node.conf +0 -139
- package/node_modules/verror/lib/verror.js +0 -157
- package/node_modules/verror/package.json +0 -49
- package/node_modules/verror/tests/tst.inherit.js +0 -100
- package/node_modules/verror/tests/tst.verror.js +0 -156
- package/node_modules/verror/tests/tst.werror.js +0 -179
@@ -0,0 +1,268 @@
|
|
1
|
+
# Porting to the Buffer.from/Buffer.alloc API
|
2
|
+
|
3
|
+
<a id="overview"></a>
|
4
|
+
## Overview
|
5
|
+
|
6
|
+
- [Variant 1: Drop support for Node.js ≤ 4.4.x and 5.0.0 — 5.9.x.](#variant-1) (*recommended*)
|
7
|
+
- [Variant 2: Use a polyfill](#variant-2)
|
8
|
+
- [Variant 3: manual detection, with safeguards](#variant-3)
|
9
|
+
|
10
|
+
### Finding problematic bits of code using grep
|
11
|
+
|
12
|
+
Just run `grep -nrE '[^a-zA-Z](Slow)?Buffer\s*\(' --exclude-dir node_modules`.
|
13
|
+
|
14
|
+
It will find all the potentially unsafe places in your own code (with some considerably unlikely
|
15
|
+
exceptions).
|
16
|
+
|
17
|
+
### Finding problematic bits of code using Node.js 8
|
18
|
+
|
19
|
+
If you’re using Node.js ≥ 8.0.0 (which is recommended), Node.js exposes multiple options that help with finding the relevant pieces of code:
|
20
|
+
|
21
|
+
- `--trace-warnings` will make Node.js show a stack trace for this warning and other warnings that are printed by Node.js.
|
22
|
+
- `--trace-deprecation` does the same thing, but only for deprecation warnings.
|
23
|
+
- `--pending-deprecation` will show more types of deprecation warnings. In particular, it will show the `Buffer()` deprecation warning, even on Node.js 8.
|
24
|
+
|
25
|
+
You can set these flags using an environment variable:
|
26
|
+
|
27
|
+
```console
|
28
|
+
$ export NODE_OPTIONS='--trace-warnings --pending-deprecation'
|
29
|
+
$ cat example.js
|
30
|
+
'use strict';
|
31
|
+
const foo = new Buffer('foo');
|
32
|
+
$ node example.js
|
33
|
+
(node:7147) [DEP0005] DeprecationWarning: The Buffer() and new Buffer() constructors are not recommended for use due to security and usability concerns. Please use the new Buffer.alloc(), Buffer.allocUnsafe(), or Buffer.from() construction methods instead.
|
34
|
+
at showFlaggedDeprecation (buffer.js:127:13)
|
35
|
+
at new Buffer (buffer.js:148:3)
|
36
|
+
at Object.<anonymous> (/path/to/example.js:2:13)
|
37
|
+
[... more stack trace lines ...]
|
38
|
+
```
|
39
|
+
|
40
|
+
### Finding problematic bits of code using linters
|
41
|
+
|
42
|
+
Eslint rules [no-buffer-constructor](https://eslint.org/docs/rules/no-buffer-constructor)
|
43
|
+
or
|
44
|
+
[node/no-deprecated-api](https://github.com/mysticatea/eslint-plugin-node/blob/master/docs/rules/no-deprecated-api.md)
|
45
|
+
also find calls to deprecated `Buffer()` API. Those rules are included in some pre-sets.
|
46
|
+
|
47
|
+
There is a drawback, though, that it doesn't always
|
48
|
+
[work correctly](https://github.com/chalker/safer-buffer#why-not-safe-buffer) when `Buffer` is
|
49
|
+
overriden e.g. with a polyfill, so recommended is a combination of this and some other method
|
50
|
+
described above.
|
51
|
+
|
52
|
+
<a id="variant-1"></a>
|
53
|
+
## Variant 1: Drop support for Node.js ≤ 4.4.x and 5.0.0 — 5.9.x.
|
54
|
+
|
55
|
+
This is the recommended solution nowadays that would imply only minimal overhead.
|
56
|
+
|
57
|
+
The Node.js 5.x release line has been unsupported since July 2016, and the Node.js 4.x release line reaches its End of Life in April 2018 (→ [Schedule](https://github.com/nodejs/Release#release-schedule)). This means that these versions of Node.js will *not* receive any updates, even in case of security issues, so using these release lines should be avoided, if at all possible.
|
58
|
+
|
59
|
+
What you would do in this case is to convert all `new Buffer()` or `Buffer()` calls to use `Buffer.alloc()` or `Buffer.from()`, in the following way:
|
60
|
+
|
61
|
+
- For `new Buffer(number)`, replace it with `Buffer.alloc(number)`.
|
62
|
+
- For `new Buffer(string)` (or `new Buffer(string, encoding)`), replace it with `Buffer.from(string)` (or `Buffer.from(string, encoding)`).
|
63
|
+
- For all other combinations of arguments (these are much rarer), also replace `new Buffer(...arguments)` with `Buffer.from(...arguments)`.
|
64
|
+
|
65
|
+
Note that `Buffer.alloc()` is also _faster_ on the current Node.js versions than
|
66
|
+
`new Buffer(size).fill(0)`, which is what you would otherwise need to ensure zero-filling.
|
67
|
+
|
68
|
+
Enabling eslint rule [no-buffer-constructor](https://eslint.org/docs/rules/no-buffer-constructor)
|
69
|
+
or
|
70
|
+
[node/no-deprecated-api](https://github.com/mysticatea/eslint-plugin-node/blob/master/docs/rules/no-deprecated-api.md)
|
71
|
+
is recommended to avoid accidential unsafe Buffer API usage.
|
72
|
+
|
73
|
+
There is also a [JSCodeshift codemod](https://github.com/joyeecheung/node-dep-codemod#dep005)
|
74
|
+
for automatically migrating Buffer constructors to `Buffer.alloc()` or `Buffer.from()`.
|
75
|
+
Note that it currently only works with cases where the arguments are literals or where the
|
76
|
+
constructor is invoked with two arguments.
|
77
|
+
|
78
|
+
_If you currently support those older Node.js versions and dropping them would be a semver-major change
|
79
|
+
for you, or if you support older branches of your packages, consider using [Variant 2](#variant-2)
|
80
|
+
or [Variant 3](#variant-3) on older branches, so people using those older branches will also receive
|
81
|
+
the fix. That way, you will eradicate potential issues caused by unguarded Buffer API usage and
|
82
|
+
your users will not observe a runtime deprecation warning when running your code on Node.js 10._
|
83
|
+
|
84
|
+
<a id="variant-2"></a>
|
85
|
+
## Variant 2: Use a polyfill
|
86
|
+
|
87
|
+
Utilize [safer-buffer](https://www.npmjs.com/package/safer-buffer) as a polyfill to support older
|
88
|
+
Node.js versions.
|
89
|
+
|
90
|
+
You would take exacly the same steps as in [Variant 1](#variant-1), but with a polyfill
|
91
|
+
`const Buffer = require('safer-buffer').Buffer` in all files where you use the new `Buffer` api.
|
92
|
+
|
93
|
+
Make sure that you do not use old `new Buffer` API — in any files where the line above is added,
|
94
|
+
using old `new Buffer()` API will _throw_. It will be easy to notice that in CI, though.
|
95
|
+
|
96
|
+
Alternatively, you could use [buffer-from](https://www.npmjs.com/package/buffer-from) and/or
|
97
|
+
[buffer-alloc](https://www.npmjs.com/package/buffer-alloc) [ponyfills](https://ponyfill.com/) —
|
98
|
+
those are great, the only downsides being 4 deps in the tree and slightly more code changes to
|
99
|
+
migrate off them (as you would be using e.g. `Buffer.from` under a different name). If you need only
|
100
|
+
`Buffer.from` polyfilled — `buffer-from` alone which comes with no extra dependencies.
|
101
|
+
|
102
|
+
_Alternatively, you could use [safe-buffer](https://www.npmjs.com/package/safe-buffer) — it also
|
103
|
+
provides a polyfill, but takes a different approach which has
|
104
|
+
[it's drawbacks](https://github.com/chalker/safer-buffer#why-not-safe-buffer). It will allow you
|
105
|
+
to also use the older `new Buffer()` API in your code, though — but that's arguably a benefit, as
|
106
|
+
it is problematic, can cause issues in your code, and will start emitting runtime deprecation
|
107
|
+
warnings starting with Node.js 10._
|
108
|
+
|
109
|
+
Note that in either case, it is important that you also remove all calls to the old Buffer
|
110
|
+
API manually — just throwing in `safe-buffer` doesn't fix the problem by itself, it just provides
|
111
|
+
a polyfill for the new API. I have seen people doing that mistake.
|
112
|
+
|
113
|
+
Enabling eslint rule [no-buffer-constructor](https://eslint.org/docs/rules/no-buffer-constructor)
|
114
|
+
or
|
115
|
+
[node/no-deprecated-api](https://github.com/mysticatea/eslint-plugin-node/blob/master/docs/rules/no-deprecated-api.md)
|
116
|
+
is recommended.
|
117
|
+
|
118
|
+
_Don't forget to drop the polyfill usage once you drop support for Node.js < 4.5.0._
|
119
|
+
|
120
|
+
<a id="variant-3"></a>
|
121
|
+
## Variant 3 — manual detection, with safeguards
|
122
|
+
|
123
|
+
This is useful if you create Buffer instances in only a few places (e.g. one), or you have your own
|
124
|
+
wrapper around them.
|
125
|
+
|
126
|
+
### Buffer(0)
|
127
|
+
|
128
|
+
This special case for creating empty buffers can be safely replaced with `Buffer.concat([])`, which
|
129
|
+
returns the same result all the way down to Node.js 0.8.x.
|
130
|
+
|
131
|
+
### Buffer(notNumber)
|
132
|
+
|
133
|
+
Before:
|
134
|
+
|
135
|
+
```js
|
136
|
+
var buf = new Buffer(notNumber, encoding);
|
137
|
+
```
|
138
|
+
|
139
|
+
After:
|
140
|
+
|
141
|
+
```js
|
142
|
+
var buf;
|
143
|
+
if (Buffer.from && Buffer.from !== Uint8Array.from) {
|
144
|
+
buf = Buffer.from(notNumber, encoding);
|
145
|
+
} else {
|
146
|
+
if (typeof notNumber === 'number')
|
147
|
+
throw new Error('The "size" argument must be of type number.');
|
148
|
+
buf = new Buffer(notNumber, encoding);
|
149
|
+
}
|
150
|
+
```
|
151
|
+
|
152
|
+
`encoding` is optional.
|
153
|
+
|
154
|
+
Note that the `typeof notNumber` before `new Buffer` is required (for cases when `notNumber` argument is not
|
155
|
+
hard-coded) and _is not caused by the deprecation of Buffer constructor_ — it's exactly _why_ the
|
156
|
+
Buffer constructor is deprecated. Ecosystem packages lacking this type-check caused numereous
|
157
|
+
security issues — situations when unsanitized user input could end up in the `Buffer(arg)` create
|
158
|
+
problems ranging from DoS to leaking sensitive information to the attacker from the process memory.
|
159
|
+
|
160
|
+
When `notNumber` argument is hardcoded (e.g. literal `"abc"` or `[0,1,2]`), the `typeof` check can
|
161
|
+
be omitted.
|
162
|
+
|
163
|
+
Also note that using TypeScript does not fix this problem for you — when libs written in
|
164
|
+
`TypeScript` are used from JS, or when user input ends up there — it behaves exactly as pure JS, as
|
165
|
+
all type checks are translation-time only and are not present in the actual JS code which TS
|
166
|
+
compiles to.
|
167
|
+
|
168
|
+
### Buffer(number)
|
169
|
+
|
170
|
+
For Node.js 0.10.x (and below) support:
|
171
|
+
|
172
|
+
```js
|
173
|
+
var buf;
|
174
|
+
if (Buffer.alloc) {
|
175
|
+
buf = Buffer.alloc(number);
|
176
|
+
} else {
|
177
|
+
buf = new Buffer(number);
|
178
|
+
buf.fill(0);
|
179
|
+
}
|
180
|
+
```
|
181
|
+
|
182
|
+
Otherwise (Node.js ≥ 0.12.x):
|
183
|
+
|
184
|
+
```js
|
185
|
+
const buf = Buffer.alloc ? Buffer.alloc(number) : new Buffer(number).fill(0);
|
186
|
+
```
|
187
|
+
|
188
|
+
## Regarding Buffer.allocUnsafe
|
189
|
+
|
190
|
+
Be extra cautious when using `Buffer.allocUnsafe`:
|
191
|
+
* Don't use it if you don't have a good reason to
|
192
|
+
* e.g. you probably won't ever see a performance difference for small buffers, in fact, those
|
193
|
+
might be even faster with `Buffer.alloc()`,
|
194
|
+
* if your code is not in the hot code path — you also probably won't notice a difference,
|
195
|
+
* keep in mind that zero-filling minimizes the potential risks.
|
196
|
+
* If you use it, make sure that you never return the buffer in a partially-filled state,
|
197
|
+
* if you are writing to it sequentially — always truncate it to the actuall written length
|
198
|
+
|
199
|
+
Errors in handling buffers allocated with `Buffer.allocUnsafe` could result in various issues,
|
200
|
+
ranged from undefined behaviour of your code to sensitive data (user input, passwords, certs)
|
201
|
+
leaking to the remote attacker.
|
202
|
+
|
203
|
+
_Note that the same applies to `new Buffer` usage without zero-filling, depending on the Node.js
|
204
|
+
version (and lacking type checks also adds DoS to the list of potential problems)._
|
205
|
+
|
206
|
+
<a id="faq"></a>
|
207
|
+
## FAQ
|
208
|
+
|
209
|
+
<a id="design-flaws"></a>
|
210
|
+
### What is wrong with the `Buffer` constructor?
|
211
|
+
|
212
|
+
The `Buffer` constructor could be used to create a buffer in many different ways:
|
213
|
+
|
214
|
+
- `new Buffer(42)` creates a `Buffer` of 42 bytes. Before Node.js 8, this buffer contained
|
215
|
+
*arbitrary memory* for performance reasons, which could include anything ranging from
|
216
|
+
program source code to passwords and encryption keys.
|
217
|
+
- `new Buffer('abc')` creates a `Buffer` that contains the UTF-8-encoded version of
|
218
|
+
the string `'abc'`. A second argument could specify another encoding: For example,
|
219
|
+
`new Buffer(string, 'base64')` could be used to convert a Base64 string into the original
|
220
|
+
sequence of bytes that it represents.
|
221
|
+
- There are several other combinations of arguments.
|
222
|
+
|
223
|
+
This meant that, in code like `var buffer = new Buffer(foo);`, *it is not possible to tell
|
224
|
+
what exactly the contents of the generated buffer are* without knowing the type of `foo`.
|
225
|
+
|
226
|
+
Sometimes, the value of `foo` comes from an external source. For example, this function
|
227
|
+
could be exposed as a service on a web server, converting a UTF-8 string into its Base64 form:
|
228
|
+
|
229
|
+
```
|
230
|
+
function stringToBase64(req, res) {
|
231
|
+
// The request body should have the format of `{ string: 'foobar' }`
|
232
|
+
const rawBytes = new Buffer(req.body.string)
|
233
|
+
const encoded = rawBytes.toString('base64')
|
234
|
+
res.end({ encoded: encoded })
|
235
|
+
}
|
236
|
+
```
|
237
|
+
|
238
|
+
Note that this code does *not* validate the type of `req.body.string`:
|
239
|
+
|
240
|
+
- `req.body.string` is expected to be a string. If this is the case, all goes well.
|
241
|
+
- `req.body.string` is controlled by the client that sends the request.
|
242
|
+
- If `req.body.string` is the *number* `50`, the `rawBytes` would be 50 bytes:
|
243
|
+
- Before Node.js 8, the content would be uninitialized
|
244
|
+
- After Node.js 8, the content would be `50` bytes with the value `0`
|
245
|
+
|
246
|
+
Because of the missing type check, an attacker could intentionally send a number
|
247
|
+
as part of the request. Using this, they can either:
|
248
|
+
|
249
|
+
- Read uninitialized memory. This **will** leak passwords, encryption keys and other
|
250
|
+
kinds of sensitive information. (Information leak)
|
251
|
+
- Force the program to allocate a large amount of memory. For example, when specifying
|
252
|
+
`500000000` as the input value, each request will allocate 500MB of memory.
|
253
|
+
This can be used to either exhaust the memory available of a program completely
|
254
|
+
and make it crash, or slow it down significantly. (Denial of Service)
|
255
|
+
|
256
|
+
Both of these scenarios are considered serious security issues in a real-world
|
257
|
+
web server context.
|
258
|
+
|
259
|
+
when using `Buffer.from(req.body.string)` instead, passing a number will always
|
260
|
+
throw an exception instead, giving a controlled behaviour that can always be
|
261
|
+
handled by the program.
|
262
|
+
|
263
|
+
<a id="ecosystem-usage"></a>
|
264
|
+
### The `Buffer()` constructor has been deprecated for a while. Is this really an issue?
|
265
|
+
|
266
|
+
Surveys of code in the `npm` ecosystem have shown that the `Buffer()` constructor is still
|
267
|
+
widely used. This includes new code, and overall usage of such code has actually been
|
268
|
+
*increasing*.
|
@@ -0,0 +1,156 @@
|
|
1
|
+
# safer-buffer [![travis][travis-image]][travis-url] [![npm][npm-image]][npm-url] [![javascript style guide][standard-image]][standard-url] [![Security Responsible Disclosure][secuirty-image]][secuirty-url]
|
2
|
+
|
3
|
+
[travis-image]: https://travis-ci.org/ChALkeR/safer-buffer.svg?branch=master
|
4
|
+
[travis-url]: https://travis-ci.org/ChALkeR/safer-buffer
|
5
|
+
[npm-image]: https://img.shields.io/npm/v/safer-buffer.svg
|
6
|
+
[npm-url]: https://npmjs.org/package/safer-buffer
|
7
|
+
[standard-image]: https://img.shields.io/badge/code_style-standard-brightgreen.svg
|
8
|
+
[standard-url]: https://standardjs.com
|
9
|
+
[secuirty-image]: https://img.shields.io/badge/Security-Responsible%20Disclosure-green.svg
|
10
|
+
[secuirty-url]: https://github.com/nodejs/security-wg/blob/master/processes/responsible_disclosure_template.md
|
11
|
+
|
12
|
+
Modern Buffer API polyfill without footguns, working on Node.js from 0.8 to current.
|
13
|
+
|
14
|
+
## How to use?
|
15
|
+
|
16
|
+
First, port all `Buffer()` and `new Buffer()` calls to `Buffer.alloc()` and `Buffer.from()` API.
|
17
|
+
|
18
|
+
Then, to achieve compatibility with outdated Node.js versions (`<4.5.0` and 5.x `<5.9.0`), use
|
19
|
+
`const Buffer = require('safer-buffer').Buffer` in all files where you make calls to the new
|
20
|
+
Buffer API. _Use `var` instead of `const` if you need that for your Node.js version range support._
|
21
|
+
|
22
|
+
Also, see the
|
23
|
+
[porting Buffer](https://github.com/ChALkeR/safer-buffer/blob/master/Porting-Buffer.md) guide.
|
24
|
+
|
25
|
+
## Do I need it?
|
26
|
+
|
27
|
+
Hopefully, not — dropping support for outdated Node.js versions should be fine nowdays, and that
|
28
|
+
is the recommended path forward. You _do_ need to port to the `Buffer.alloc()` and `Buffer.from()`
|
29
|
+
though.
|
30
|
+
|
31
|
+
See the [porting guide](https://github.com/ChALkeR/safer-buffer/blob/master/Porting-Buffer.md)
|
32
|
+
for a better description.
|
33
|
+
|
34
|
+
## Why not [safe-buffer](https://npmjs.com/safe-buffer)?
|
35
|
+
|
36
|
+
_In short: while `safe-buffer` serves as a polyfill for the new API, it allows old API usage and
|
37
|
+
itself contains footguns._
|
38
|
+
|
39
|
+
`safe-buffer` could be used safely to get the new API while still keeping support for older
|
40
|
+
Node.js versions (like this module), but while analyzing ecosystem usage of the old Buffer API
|
41
|
+
I found out that `safe-buffer` is itself causing problems in some cases.
|
42
|
+
|
43
|
+
For example, consider the following snippet:
|
44
|
+
|
45
|
+
```console
|
46
|
+
$ cat example.unsafe.js
|
47
|
+
console.log(Buffer(20))
|
48
|
+
$ ./node-v6.13.0-linux-x64/bin/node example.unsafe.js
|
49
|
+
<Buffer 0a 00 00 00 00 00 00 00 28 13 de 02 00 00 00 00 05 00 00 00>
|
50
|
+
$ standard example.unsafe.js
|
51
|
+
standard: Use JavaScript Standard Style (https://standardjs.com)
|
52
|
+
/home/chalker/repo/safer-buffer/example.unsafe.js:2:13: 'Buffer()' was deprecated since v6. Use 'Buffer.alloc()' or 'Buffer.from()' (use 'https://www.npmjs.com/package/safe-buffer' for '<4.5.0') instead.
|
53
|
+
```
|
54
|
+
|
55
|
+
This is allocates and writes to console an uninitialized chunk of memory.
|
56
|
+
[standard](https://www.npmjs.com/package/standard) linter (among others) catch that and warn people
|
57
|
+
to avoid using unsafe API.
|
58
|
+
|
59
|
+
Let's now throw in `safe-buffer`!
|
60
|
+
|
61
|
+
```console
|
62
|
+
$ cat example.safe-buffer.js
|
63
|
+
const Buffer = require('safe-buffer').Buffer
|
64
|
+
console.log(Buffer(20))
|
65
|
+
$ standard example.safe-buffer.js
|
66
|
+
$ ./node-v6.13.0-linux-x64/bin/node example.safe-buffer.js
|
67
|
+
<Buffer 08 00 00 00 00 00 00 00 28 58 01 82 fe 7f 00 00 00 00 00 00>
|
68
|
+
```
|
69
|
+
|
70
|
+
See the problem? Adding in `safe-buffer` _magically removes the lint warning_, but the behavior
|
71
|
+
remains identiсal to what we had before, and when launched on Node.js 6.x LTS — this dumps out
|
72
|
+
chunks of uninitialized memory.
|
73
|
+
_And this code will still emit runtime warnings on Node.js 10.x and above._
|
74
|
+
|
75
|
+
That was done by design. I first considered changing `safe-buffer`, prohibiting old API usage or
|
76
|
+
emitting warnings on it, but that significantly diverges from `safe-buffer` design. After some
|
77
|
+
discussion, it was decided to move my approach into a separate package, and _this is that separate
|
78
|
+
package_.
|
79
|
+
|
80
|
+
This footgun is not imaginary — I observed top-downloaded packages doing that kind of thing,
|
81
|
+
«fixing» the lint warning by blindly including `safe-buffer` without any actual changes.
|
82
|
+
|
83
|
+
Also in some cases, even if the API _was_ migrated to use of safe Buffer API — a random pull request
|
84
|
+
can bring unsafe Buffer API usage back to the codebase by adding new calls — and that could go
|
85
|
+
unnoticed even if you have a linter prohibiting that (becase of the reason stated above), and even
|
86
|
+
pass CI. _I also observed that being done in popular packages._
|
87
|
+
|
88
|
+
Some examples:
|
89
|
+
* [webdriverio](https://github.com/webdriverio/webdriverio/commit/05cbd3167c12e4930f09ef7cf93b127ba4effae4#diff-124380949022817b90b622871837d56cR31)
|
90
|
+
(a module with 548 759 downloads/month),
|
91
|
+
* [websocket-stream](https://github.com/maxogden/websocket-stream/commit/c9312bd24d08271687d76da0fe3c83493871cf61)
|
92
|
+
(218 288 d/m, fix in [maxogden/websocket-stream#142](https://github.com/maxogden/websocket-stream/pull/142)),
|
93
|
+
* [node-serialport](https://github.com/node-serialport/node-serialport/commit/e8d9d2b16c664224920ce1c895199b1ce2def48c)
|
94
|
+
(113 138 d/m, fix in [node-serialport/node-serialport#1510](https://github.com/node-serialport/node-serialport/pull/1510)),
|
95
|
+
* [karma](https://github.com/karma-runner/karma/commit/3d94b8cf18c695104ca195334dc75ff054c74eec)
|
96
|
+
(3 973 193 d/m, fix in [karma-runner/karma#2947](https://github.com/karma-runner/karma/pull/2947)),
|
97
|
+
* [spdy-transport](https://github.com/spdy-http2/spdy-transport/commit/5375ac33f4a62a4f65bcfc2827447d42a5dbe8b1)
|
98
|
+
(5 970 727 d/m, fix in [spdy-http2/spdy-transport#53](https://github.com/spdy-http2/spdy-transport/pull/53)).
|
99
|
+
* And there are a lot more over the ecosystem.
|
100
|
+
|
101
|
+
I filed a PR at
|
102
|
+
[mysticatea/eslint-plugin-node#110](https://github.com/mysticatea/eslint-plugin-node/pull/110) to
|
103
|
+
partially fix that (for cases when that lint rule is used), but it is a semver-major change for
|
104
|
+
linter rules and presets, so it would take significant time for that to reach actual setups.
|
105
|
+
_It also hasn't been released yet (2018-03-20)._
|
106
|
+
|
107
|
+
Also, `safer-buffer` discourages the usage of `.allocUnsafe()`, which is often done by a mistake.
|
108
|
+
It still supports it with an explicit concern barier, by placing it under
|
109
|
+
`require('safer-buffer/dangereous')`.
|
110
|
+
|
111
|
+
## But isn't throwing bad?
|
112
|
+
|
113
|
+
Not really. It's an error that could be noticed and fixed early, instead of causing havoc later like
|
114
|
+
unguarded `new Buffer()` calls that end up receiving user input can do.
|
115
|
+
|
116
|
+
This package affects only the files where `var Buffer = require('safer-buffer').Buffer` was done, so
|
117
|
+
it is really simple to keep track of things and make sure that you don't mix old API usage with that.
|
118
|
+
Also, CI should hint anything that you might have missed.
|
119
|
+
|
120
|
+
New commits, if tested, won't land new usage of unsafe Buffer API this way.
|
121
|
+
_Node.js 10.x also deals with that by printing a runtime depecation warning._
|
122
|
+
|
123
|
+
### Would it affect third-party modules?
|
124
|
+
|
125
|
+
No, unless you explicitly do an awful thing like monkey-patching or overriding the built-in `Buffer`.
|
126
|
+
Don't do that.
|
127
|
+
|
128
|
+
### But I don't want throwing…
|
129
|
+
|
130
|
+
That is also fine!
|
131
|
+
|
132
|
+
Also, it could be better in some cases when you don't comprehensive enough test coverage.
|
133
|
+
|
134
|
+
In that case — just don't override `Buffer` and use
|
135
|
+
`var SaferBuffer = require('safer-buffer').Buffer` instead.
|
136
|
+
|
137
|
+
That way, everything using `Buffer` natively would still work, but there would be two drawbacks:
|
138
|
+
|
139
|
+
* `Buffer.from`/`Buffer.alloc` won't be polyfilled — use `SaferBuffer.from` and
|
140
|
+
`SaferBuffer.alloc` instead.
|
141
|
+
* You are still open to accidentally using the insecure deprecated API — use a linter to catch that.
|
142
|
+
|
143
|
+
Note that using a linter to catch accidential `Buffer` constructor usage in this case is strongly
|
144
|
+
recommended. `Buffer` is not overriden in this usecase, so linters won't get confused.
|
145
|
+
|
146
|
+
## «Without footguns»?
|
147
|
+
|
148
|
+
Well, it is still possible to do _some_ things with `Buffer` API, e.g. accessing `.buffer` property
|
149
|
+
on older versions and duping things from there. You shouldn't do that in your code, probabably.
|
150
|
+
|
151
|
+
The intention is to remove the most significant footguns that affect lots of packages in the
|
152
|
+
ecosystem, and to do it in the proper way.
|
153
|
+
|
154
|
+
Also, this package doesn't protect against security issues affecting some Node.js versions, so for
|
155
|
+
usage in your own production code, it is still recommended to update to a Node.js version
|
156
|
+
[supported by upstream](https://github.com/nodejs/release#release-schedule).
|
@@ -0,0 +1,58 @@
|
|
1
|
+
/* eslint-disable node/no-deprecated-api */
|
2
|
+
|
3
|
+
'use strict'
|
4
|
+
|
5
|
+
var buffer = require('buffer')
|
6
|
+
var Buffer = buffer.Buffer
|
7
|
+
var safer = require('./safer.js')
|
8
|
+
var Safer = safer.Buffer
|
9
|
+
|
10
|
+
var dangerous = {}
|
11
|
+
|
12
|
+
var key
|
13
|
+
|
14
|
+
for (key in safer) {
|
15
|
+
if (!safer.hasOwnProperty(key)) continue
|
16
|
+
dangerous[key] = safer[key]
|
17
|
+
}
|
18
|
+
|
19
|
+
var Dangereous = dangerous.Buffer = {}
|
20
|
+
|
21
|
+
// Copy Safer API
|
22
|
+
for (key in Safer) {
|
23
|
+
if (!Safer.hasOwnProperty(key)) continue
|
24
|
+
Dangereous[key] = Safer[key]
|
25
|
+
}
|
26
|
+
|
27
|
+
// Copy those missing unsafe methods, if they are present
|
28
|
+
for (key in Buffer) {
|
29
|
+
if (!Buffer.hasOwnProperty(key)) continue
|
30
|
+
if (Dangereous.hasOwnProperty(key)) continue
|
31
|
+
Dangereous[key] = Buffer[key]
|
32
|
+
}
|
33
|
+
|
34
|
+
if (!Dangereous.allocUnsafe) {
|
35
|
+
Dangereous.allocUnsafe = function (size) {
|
36
|
+
if (typeof size !== 'number') {
|
37
|
+
throw new TypeError('The "size" argument must be of type number. Received type ' + typeof size)
|
38
|
+
}
|
39
|
+
if (size < 0 || size >= 2 * (1 << 30)) {
|
40
|
+
throw new RangeError('The value "' + size + '" is invalid for option "size"')
|
41
|
+
}
|
42
|
+
return Buffer(size)
|
43
|
+
}
|
44
|
+
}
|
45
|
+
|
46
|
+
if (!Dangereous.allocUnsafeSlow) {
|
47
|
+
Dangereous.allocUnsafeSlow = function (size) {
|
48
|
+
if (typeof size !== 'number') {
|
49
|
+
throw new TypeError('The "size" argument must be of type number. Received type ' + typeof size)
|
50
|
+
}
|
51
|
+
if (size < 0 || size >= 2 * (1 << 30)) {
|
52
|
+
throw new RangeError('The value "' + size + '" is invalid for option "size"')
|
53
|
+
}
|
54
|
+
return buffer.SlowBuffer(size)
|
55
|
+
}
|
56
|
+
}
|
57
|
+
|
58
|
+
module.exports = dangerous
|
@@ -0,0 +1,60 @@
|
|
1
|
+
{
|
2
|
+
"_from": "safer-buffer@^2.1.0",
|
3
|
+
"_id": "safer-buffer@2.1.2",
|
4
|
+
"_inBundle": false,
|
5
|
+
"_integrity": "sha512-YZo3K82SD7Riyi0E1EQPojLz7kpepnSQI9IyPbHHg1XXXevb5dJI7tpyN2ADxGcQbHG7vcyRHk0cbwqcQriUtg==",
|
6
|
+
"_location": "/safer-buffer",
|
7
|
+
"_phantomChildren": {},
|
8
|
+
"_requested": {
|
9
|
+
"type": "range",
|
10
|
+
"registry": true,
|
11
|
+
"raw": "safer-buffer@^2.1.0",
|
12
|
+
"name": "safer-buffer",
|
13
|
+
"escapedName": "safer-buffer",
|
14
|
+
"rawSpec": "^2.1.0",
|
15
|
+
"saveSpec": null,
|
16
|
+
"fetchSpec": "^2.1.0"
|
17
|
+
},
|
18
|
+
"_requiredBy": [
|
19
|
+
"/iconv-lite"
|
20
|
+
],
|
21
|
+
"_resolved": "https://registry.npmjs.org/safer-buffer/-/safer-buffer-2.1.2.tgz",
|
22
|
+
"_shasum": "44fa161b0187b9549dd84bb91802f9bd8385cd6a",
|
23
|
+
"_spec": "safer-buffer@^2.1.0",
|
24
|
+
"_where": "/Users/eshanker/Code/fsevents/node_modules/iconv-lite",
|
25
|
+
"author": {
|
26
|
+
"name": "Nikita Skovoroda",
|
27
|
+
"email": "chalkerx@gmail.com",
|
28
|
+
"url": "https://github.com/ChALkeR"
|
29
|
+
},
|
30
|
+
"bugs": {
|
31
|
+
"url": "https://github.com/ChALkeR/safer-buffer/issues"
|
32
|
+
},
|
33
|
+
"bundleDependencies": false,
|
34
|
+
"deprecated": false,
|
35
|
+
"description": "Modern Buffer API polyfill without footguns",
|
36
|
+
"devDependencies": {
|
37
|
+
"standard": "^11.0.1",
|
38
|
+
"tape": "^4.9.0"
|
39
|
+
},
|
40
|
+
"files": [
|
41
|
+
"Porting-Buffer.md",
|
42
|
+
"Readme.md",
|
43
|
+
"tests.js",
|
44
|
+
"dangerous.js",
|
45
|
+
"safer.js"
|
46
|
+
],
|
47
|
+
"homepage": "https://github.com/ChALkeR/safer-buffer#readme",
|
48
|
+
"license": "MIT",
|
49
|
+
"main": "safer.js",
|
50
|
+
"name": "safer-buffer",
|
51
|
+
"repository": {
|
52
|
+
"type": "git",
|
53
|
+
"url": "git+https://github.com/ChALkeR/safer-buffer.git"
|
54
|
+
},
|
55
|
+
"scripts": {
|
56
|
+
"browserify-test": "browserify --external tape tests.js > browserify-tests.js && tape browserify-tests.js",
|
57
|
+
"test": "standard && tape tests.js"
|
58
|
+
},
|
59
|
+
"version": "2.1.2"
|
60
|
+
}
|
@@ -0,0 +1,77 @@
|
|
1
|
+
/* eslint-disable node/no-deprecated-api */
|
2
|
+
|
3
|
+
'use strict'
|
4
|
+
|
5
|
+
var buffer = require('buffer')
|
6
|
+
var Buffer = buffer.Buffer
|
7
|
+
|
8
|
+
var safer = {}
|
9
|
+
|
10
|
+
var key
|
11
|
+
|
12
|
+
for (key in buffer) {
|
13
|
+
if (!buffer.hasOwnProperty(key)) continue
|
14
|
+
if (key === 'SlowBuffer' || key === 'Buffer') continue
|
15
|
+
safer[key] = buffer[key]
|
16
|
+
}
|
17
|
+
|
18
|
+
var Safer = safer.Buffer = {}
|
19
|
+
for (key in Buffer) {
|
20
|
+
if (!Buffer.hasOwnProperty(key)) continue
|
21
|
+
if (key === 'allocUnsafe' || key === 'allocUnsafeSlow') continue
|
22
|
+
Safer[key] = Buffer[key]
|
23
|
+
}
|
24
|
+
|
25
|
+
safer.Buffer.prototype = Buffer.prototype
|
26
|
+
|
27
|
+
if (!Safer.from || Safer.from === Uint8Array.from) {
|
28
|
+
Safer.from = function (value, encodingOrOffset, length) {
|
29
|
+
if (typeof value === 'number') {
|
30
|
+
throw new TypeError('The "value" argument must not be of type number. Received type ' + typeof value)
|
31
|
+
}
|
32
|
+
if (value && typeof value.length === 'undefined') {
|
33
|
+
throw new TypeError('The first argument must be one of type string, Buffer, ArrayBuffer, Array, or Array-like Object. Received type ' + typeof value)
|
34
|
+
}
|
35
|
+
return Buffer(value, encodingOrOffset, length)
|
36
|
+
}
|
37
|
+
}
|
38
|
+
|
39
|
+
if (!Safer.alloc) {
|
40
|
+
Safer.alloc = function (size, fill, encoding) {
|
41
|
+
if (typeof size !== 'number') {
|
42
|
+
throw new TypeError('The "size" argument must be of type number. Received type ' + typeof size)
|
43
|
+
}
|
44
|
+
if (size < 0 || size >= 2 * (1 << 30)) {
|
45
|
+
throw new RangeError('The value "' + size + '" is invalid for option "size"')
|
46
|
+
}
|
47
|
+
var buf = Buffer(size)
|
48
|
+
if (!fill || fill.length === 0) {
|
49
|
+
buf.fill(0)
|
50
|
+
} else if (typeof encoding === 'string') {
|
51
|
+
buf.fill(fill, encoding)
|
52
|
+
} else {
|
53
|
+
buf.fill(fill)
|
54
|
+
}
|
55
|
+
return buf
|
56
|
+
}
|
57
|
+
}
|
58
|
+
|
59
|
+
if (!safer.kStringMaxLength) {
|
60
|
+
try {
|
61
|
+
safer.kStringMaxLength = process.binding('buffer').kStringMaxLength
|
62
|
+
} catch (e) {
|
63
|
+
// we can't determine kStringMaxLength in environments where process.binding
|
64
|
+
// is unsupported, so let's not set it
|
65
|
+
}
|
66
|
+
}
|
67
|
+
|
68
|
+
if (!safer.constants) {
|
69
|
+
safer.constants = {
|
70
|
+
MAX_LENGTH: safer.kMaxLength
|
71
|
+
}
|
72
|
+
if (safer.kStringMaxLength) {
|
73
|
+
safer.constants.MAX_STRING_LENGTH = safer.kStringMaxLength
|
74
|
+
}
|
75
|
+
}
|
76
|
+
|
77
|
+
module.exports = safer
|