npm - fsevents - Versions diffs - 1.2.6 → 1.2.7 - Mend

fsevents 1.2.6 → 1.2.7

Potentially problematic release.

This version of fsevents might be problematic. Click here for more details.

Files changed (526) hide show

package/node_modules/abbrev/LICENSE +46 -0
package/node_modules/abbrev/README.md +23 -0
package/node_modules/abbrev/abbrev.js +61 -0
package/node_modules/abbrev/package.json +57 -0
package/node_modules/ansi-regex/index.js +4 -0
package/node_modules/ansi-regex/license +21 -0
package/node_modules/ansi-regex/package.json +108 -0
package/node_modules/ansi-regex/readme.md +39 -0
package/node_modules/aproba/LICENSE +14 -0
package/node_modules/aproba/README.md +94 -0
package/node_modules/aproba/index.js +105 -0
package/node_modules/aproba/package.json +62 -0
package/node_modules/are-we-there-yet/CHANGES.md +37 -0
package/node_modules/are-we-there-yet/LICENSE +5 -0
package/node_modules/are-we-there-yet/README.md +195 -0
package/node_modules/are-we-there-yet/index.js +4 -0
package/node_modules/are-we-there-yet/package.json +63 -0
package/node_modules/are-we-there-yet/tracker-base.js +11 -0
package/node_modules/are-we-there-yet/tracker-group.js +107 -0
package/node_modules/are-we-there-yet/tracker-stream.js +36 -0
package/node_modules/are-we-there-yet/tracker.js +30 -0
package/node_modules/balanced-match/.npmignore +5 -0
package/node_modules/balanced-match/LICENSE.md +21 -0
package/node_modules/balanced-match/README.md +91 -0
package/node_modules/balanced-match/index.js +59 -0
package/node_modules/balanced-match/package.json +77 -0
package/node_modules/brace-expansion/LICENSE +21 -0
package/node_modules/brace-expansion/README.md +129 -0
package/node_modules/brace-expansion/index.js +201 -0
package/node_modules/brace-expansion/package.json +75 -0
package/node_modules/chownr/LICENSE +15 -0
package/node_modules/chownr/README.md +3 -0
package/node_modules/chownr/chownr.js +88 -0
package/node_modules/chownr/package.json +59 -0
package/node_modules/code-point-at/index.js +32 -0
package/node_modules/code-point-at/license +21 -0
package/node_modules/code-point-at/package.json +70 -0
package/node_modules/code-point-at/readme.md +32 -0
package/node_modules/concat-map/.travis.yml +4 -0
package/node_modules/concat-map/LICENSE +18 -0
package/node_modules/concat-map/README.markdown +62 -0
package/node_modules/concat-map/example/map.js +6 -0
package/node_modules/concat-map/index.js +13 -0
package/node_modules/concat-map/package.json +88 -0
package/node_modules/concat-map/test/map.js +39 -0
package/node_modules/console-control-strings/LICENSE +13 -0
package/node_modules/console-control-strings/README.md +145 -0
package/node_modules/console-control-strings/README.md~ +140 -0
package/node_modules/console-control-strings/index.js +125 -0
package/node_modules/console-control-strings/package.json +61 -0
package/node_modules/core-util-is/LICENSE +19 -0
package/node_modules/core-util-is/README.md +3 -0
package/node_modules/core-util-is/float.patch +604 -0
package/node_modules/core-util-is/lib/util.js +107 -0
package/node_modules/core-util-is/package.json +62 -0
package/node_modules/core-util-is/test.js +68 -0
package/node_modules/debug/.coveralls.yml +1 -0
package/node_modules/debug/.eslintrc +11 -0
package/node_modules/debug/.npmignore +9 -0
package/node_modules/debug/.travis.yml +14 -0
package/node_modules/debug/CHANGELOG.md +362 -0
package/node_modules/debug/LICENSE +19 -0
package/node_modules/debug/Makefile +50 -0
package/node_modules/debug/README.md +312 -0
package/node_modules/debug/component.json +19 -0
package/node_modules/debug/karma.conf.js +70 -0
package/node_modules/debug/node.js +1 -0
package/node_modules/debug/package.json +88 -0
package/node_modules/debug/src/browser.js +185 -0
package/node_modules/debug/src/debug.js +202 -0
package/node_modules/debug/src/index.js +10 -0
package/node_modules/debug/src/inspector-log.js +15 -0
package/node_modules/debug/src/node.js +248 -0
package/node_modules/deep-extend/CHANGELOG.md +46 -0
package/node_modules/deep-extend/LICENSE +20 -0
package/node_modules/deep-extend/README.md +91 -0
package/node_modules/deep-extend/index.js +1 -0
package/node_modules/deep-extend/lib/deep-extend.js +150 -0
package/node_modules/deep-extend/package.json +92 -0
package/node_modules/delegates/.npmignore +1 -0
package/node_modules/delegates/History.md +22 -0
package/node_modules/delegates/License +20 -0
package/node_modules/delegates/Makefile +8 -0
package/node_modules/delegates/Readme.md +94 -0
package/node_modules/delegates/index.js +121 -0
package/node_modules/delegates/package.json +48 -0
package/node_modules/delegates/test/index.js +94 -0
package/node_modules/detect-libc/.npmignore +7 -0
package/node_modules/detect-libc/LICENSE +201 -0
package/node_modules/detect-libc/README.md +78 -0
package/node_modules/detect-libc/bin/detect-libc.js +18 -0
package/node_modules/detect-libc/lib/detect-libc.js +92 -0
package/node_modules/detect-libc/package.json +70 -0
package/node_modules/fs-minipass/LICENSE +15 -0
package/node_modules/fs-minipass/README.md +70 -0
package/node_modules/fs-minipass/index.js +386 -0
package/node_modules/fs-minipass/package.json +62 -0
package/node_modules/fs.realpath/LICENSE +43 -0
package/node_modules/fs.realpath/README.md +33 -0
package/node_modules/fs.realpath/index.js +66 -0
package/node_modules/fs.realpath/old.js +303 -0
package/node_modules/fs.realpath/package.json +59 -0
package/node_modules/gauge/CHANGELOG.md +160 -0
package/node_modules/gauge/LICENSE +13 -0
package/node_modules/gauge/README.md +399 -0
package/node_modules/gauge/base-theme.js +14 -0
package/node_modules/gauge/error.js +24 -0
package/node_modules/gauge/has-color.js +12 -0
package/node_modules/gauge/index.js +233 -0
package/node_modules/gauge/package.json +91 -0
package/node_modules/gauge/plumbing.js +48 -0
package/node_modules/gauge/process.js +3 -0
package/node_modules/gauge/progress-bar.js +35 -0
package/node_modules/gauge/render-template.js +181 -0
package/node_modules/gauge/set-immediate.js +7 -0
package/node_modules/gauge/set-interval.js +3 -0
package/node_modules/gauge/spin.js +5 -0
package/node_modules/gauge/template-item.js +73 -0
package/node_modules/gauge/theme-set.js +115 -0
package/node_modules/gauge/themes.js +54 -0
package/node_modules/gauge/wide-truncate.js +25 -0
package/node_modules/glob/LICENSE +15 -0
package/node_modules/glob/README.md +368 -0
package/node_modules/glob/changelog.md +67 -0
package/node_modules/glob/common.js +240 -0
package/node_modules/glob/glob.js +790 -0
package/node_modules/glob/package.json +76 -0
package/node_modules/glob/sync.js +486 -0
package/node_modules/has-unicode/LICENSE +14 -0
package/node_modules/has-unicode/README.md +43 -0
package/node_modules/has-unicode/index.js +16 -0
package/node_modules/has-unicode/package.json +58 -0
package/node_modules/iconv-lite/Changelog.md +162 -0
package/node_modules/iconv-lite/LICENSE +21 -0
package/node_modules/iconv-lite/README.md +156 -0
package/node_modules/iconv-lite/encodings/dbcs-codec.js +555 -0
package/node_modules/iconv-lite/encodings/dbcs-data.js +176 -0
package/node_modules/iconv-lite/encodings/index.js +22 -0
package/node_modules/iconv-lite/encodings/internal.js +188 -0
package/node_modules/iconv-lite/encodings/sbcs-codec.js +72 -0
package/node_modules/iconv-lite/encodings/sbcs-data-generated.js +451 -0
package/node_modules/iconv-lite/encodings/sbcs-data.js +174 -0
package/node_modules/iconv-lite/encodings/tables/big5-added.json +122 -0
package/node_modules/iconv-lite/encodings/tables/cp936.json +264 -0
package/node_modules/iconv-lite/encodings/tables/cp949.json +273 -0
package/node_modules/iconv-lite/encodings/tables/cp950.json +177 -0
package/node_modules/iconv-lite/encodings/tables/eucjp.json +182 -0
package/node_modules/iconv-lite/encodings/tables/gb18030-ranges.json +1 -0
package/node_modules/iconv-lite/encodings/tables/gbk-added.json +55 -0
package/node_modules/iconv-lite/encodings/tables/shiftjis.json +125 -0
package/node_modules/iconv-lite/encodings/utf16.js +177 -0
package/node_modules/iconv-lite/encodings/utf7.js +290 -0
package/node_modules/iconv-lite/lib/bom-handling.js +52 -0
package/node_modules/iconv-lite/lib/extend-node.js +217 -0
package/node_modules/iconv-lite/lib/index.d.ts +24 -0
package/node_modules/iconv-lite/lib/index.js +153 -0
package/node_modules/iconv-lite/lib/streams.js +121 -0
package/node_modules/iconv-lite/package.json +76 -0
package/node_modules/ignore-walk/LICENSE +15 -0
package/node_modules/ignore-walk/README.md +60 -0
package/node_modules/ignore-walk/index.js +265 -0
package/node_modules/ignore-walk/package.json +71 -0
package/node_modules/inflight/LICENSE +15 -0
package/node_modules/inflight/README.md +37 -0
package/node_modules/inflight/inflight.js +54 -0
package/node_modules/inflight/package.json +58 -0
package/node_modules/inherits/LICENSE +16 -0
package/node_modules/inherits/README.md +42 -0
package/node_modules/inherits/inherits.js +7 -0
package/node_modules/inherits/inherits_browser.js +23 -0
package/node_modules/inherits/package.json +64 -0
package/node_modules/ini/LICENSE +15 -0
package/node_modules/ini/README.md +102 -0
package/node_modules/ini/ini.js +194 -0
package/node_modules/ini/package.json +63 -0
package/node_modules/is-fullwidth-code-point/index.js +46 -0
package/node_modules/is-fullwidth-code-point/license +21 -0
package/node_modules/is-fullwidth-code-point/package.json +77 -0
package/node_modules/is-fullwidth-code-point/readme.md +39 -0
package/node_modules/isarray/.npmignore +1 -0
package/node_modules/isarray/.travis.yml +4 -0
package/node_modules/isarray/Makefile +6 -0
package/node_modules/isarray/README.md +60 -0
package/node_modules/isarray/component.json +19 -0
package/node_modules/isarray/index.js +5 -0
package/node_modules/isarray/package.json +73 -0
package/node_modules/isarray/test.js +20 -0
package/node_modules/minimatch/LICENSE +15 -0
package/node_modules/minimatch/README.md +209 -0
package/node_modules/minimatch/minimatch.js +923 -0
package/node_modules/minimatch/package.json +64 -0
package/node_modules/minimist/.travis.yml +4 -0
package/node_modules/minimist/LICENSE +18 -0
package/node_modules/minimist/example/parse.js +2 -0
package/node_modules/minimist/index.js +187 -0
package/node_modules/minimist/package.json +71 -0
package/node_modules/minimist/readme.markdown +73 -0
package/node_modules/minimist/test/dash.js +24 -0
package/node_modules/minimist/test/default_bool.js +20 -0
package/node_modules/minimist/test/dotted.js +16 -0
package/node_modules/minimist/test/long.js +31 -0
package/node_modules/minimist/test/parse.js +318 -0
package/node_modules/minimist/test/parse_modified.js +9 -0
package/node_modules/minimist/test/short.js +67 -0
package/node_modules/minimist/test/whitespace.js +8 -0
package/node_modules/minipass/LICENSE +15 -0
package/node_modules/minipass/README.md +124 -0
package/node_modules/minipass/index.js +375 -0
package/node_modules/minipass/package.json +69 -0
package/node_modules/minizlib/LICENSE +26 -0
package/node_modules/minizlib/README.md +44 -0
package/node_modules/minizlib/constants.js +46 -0
package/node_modules/minizlib/index.js +335 -0
package/node_modules/minizlib/package.json +71 -0
package/node_modules/mkdirp/.travis.yml +8 -0
package/node_modules/mkdirp/LICENSE +21 -0
package/node_modules/mkdirp/bin/cmd.js +33 -0
package/node_modules/mkdirp/bin/usage.txt +12 -0
package/node_modules/mkdirp/examples/pow.js +6 -0
package/node_modules/mkdirp/index.js +98 -0
package/node_modules/mkdirp/package.json +64 -0
package/node_modules/mkdirp/readme.markdown +100 -0
package/node_modules/mkdirp/test/chmod.js +41 -0
package/node_modules/mkdirp/test/clobber.js +38 -0
package/node_modules/mkdirp/test/mkdirp.js +28 -0
package/node_modules/mkdirp/test/opts_fs.js +29 -0
package/node_modules/mkdirp/test/opts_fs_sync.js +27 -0
package/node_modules/mkdirp/test/perm.js +32 -0
package/node_modules/mkdirp/test/perm_sync.js +36 -0
package/node_modules/mkdirp/test/race.js +37 -0
package/node_modules/mkdirp/test/rel.js +32 -0
package/node_modules/mkdirp/test/return.js +25 -0
package/node_modules/mkdirp/test/return_sync.js +24 -0
package/node_modules/mkdirp/test/root.js +19 -0
package/node_modules/mkdirp/test/sync.js +32 -0
package/node_modules/mkdirp/test/umask.js +28 -0
package/node_modules/mkdirp/test/umask_sync.js +32 -0
package/node_modules/ms/index.js +152 -0
package/node_modules/ms/license.md +21 -0
package/node_modules/ms/package.json +69 -0
package/node_modules/ms/readme.md +51 -0
package/node_modules/needle/README.md +594 -0
package/node_modules/needle/bin/needle +40 -0
package/node_modules/needle/examples/deflated-stream.js +22 -0
package/node_modules/needle/examples/digest-auth.js +16 -0
package/node_modules/needle/examples/download-to-file.js +18 -0
package/node_modules/needle/examples/multipart-stream.js +25 -0
package/node_modules/needle/examples/parsed-stream.js +23 -0
package/node_modules/needle/examples/parsed-stream2.js +21 -0
package/node_modules/needle/examples/stream-events.js +23 -0
package/node_modules/needle/examples/stream-to-file.js +14 -0
package/node_modules/needle/examples/upload-image.js +51 -0
package/node_modules/needle/lib/auth.js +110 -0
package/node_modules/needle/lib/cookies.js +79 -0
package/node_modules/needle/lib/decoder.js +53 -0
package/node_modules/needle/lib/multipart.js +98 -0
package/node_modules/needle/lib/needle.js +795 -0
package/node_modules/needle/lib/parsers.js +120 -0
package/node_modules/needle/lib/querystring.js +49 -0
package/node_modules/needle/license.txt +19 -0
package/node_modules/needle/note.xml +7 -0
package/node_modules/needle/note.xml.1 +7 -0
package/node_modules/needle/package.json +102 -0
package/node_modules/needle/test/basic_auth_spec.js +196 -0
package/node_modules/needle/test/compression_spec.js +94 -0
package/node_modules/needle/test/cookies_spec.js +305 -0
package/node_modules/needle/test/decoder_spec.js +86 -0
package/node_modules/needle/test/errors_spec.js +286 -0
package/node_modules/needle/test/headers_spec.js +198 -0
package/node_modules/needle/test/helpers.js +72 -0
package/node_modules/needle/test/long_string_spec.js +34 -0
package/node_modules/needle/test/output_spec.js +254 -0
package/node_modules/needle/test/parsing_spec.js +494 -0
package/node_modules/needle/test/post_data_spec.js +1021 -0
package/node_modules/needle/test/proxy_spec.js +202 -0
package/node_modules/needle/test/querystring_spec.js +128 -0
package/node_modules/needle/test/redirect_spec.js +392 -0
package/node_modules/needle/test/redirect_with_timeout.js +45 -0
package/node_modules/needle/test/request_stream_spec.js +202 -0
package/node_modules/needle/test/response_stream_spec.js +139 -0
package/node_modules/needle/test/socket_pool_spec.js +66 -0
package/node_modules/needle/test/url_spec.js +155 -0
package/node_modules/needle/test/utils/formidable.js +17 -0
package/node_modules/needle/test/utils/proxy.js +62 -0
package/node_modules/needle/test/utils/test.js +104 -0
package/node_modules/node-pre-gyp/CHANGELOG.md +422 -0
package/node_modules/node-pre-gyp/LICENSE +27 -0
package/node_modules/node-pre-gyp/README.md +658 -0
package/node_modules/node-pre-gyp/appveyor.yml +30 -0
package/node_modules/node-pre-gyp/bin/node-pre-gyp +134 -0
package/node_modules/node-pre-gyp/bin/node-pre-gyp.cmd +2 -0
package/node_modules/node-pre-gyp/contributing.md +10 -0
package/node_modules/node-pre-gyp/lib/build.js +51 -0
package/node_modules/node-pre-gyp/lib/clean.js +32 -0
package/node_modules/node-pre-gyp/lib/configure.js +52 -0
package/node_modules/node-pre-gyp/lib/info.js +40 -0
package/node_modules/node-pre-gyp/lib/install.js +243 -0
package/node_modules/node-pre-gyp/lib/node-pre-gyp.js +203 -0
package/node_modules/node-pre-gyp/lib/package.js +56 -0
package/node_modules/node-pre-gyp/lib/pre-binding.js +30 -0
package/node_modules/node-pre-gyp/lib/publish.js +79 -0
package/node_modules/node-pre-gyp/lib/rebuild.js +21 -0
package/node_modules/node-pre-gyp/lib/reinstall.js +20 -0
package/node_modules/node-pre-gyp/lib/reveal.js +33 -0
package/node_modules/node-pre-gyp/lib/testbinary.js +81 -0
package/node_modules/node-pre-gyp/lib/testpackage.js +55 -0
package/node_modules/node-pre-gyp/lib/unpublish.js +43 -0
package/node_modules/node-pre-gyp/lib/util/abi_crosswalk.json +1782 -0
package/node_modules/node-pre-gyp/lib/util/compile.js +87 -0
package/node_modules/node-pre-gyp/lib/util/handle_gyp_opts.js +100 -0
package/node_modules/node-pre-gyp/lib/util/napi.js +156 -0
package/node_modules/node-pre-gyp/lib/util/nw-pre-gyp/index.html +26 -0
package/node_modules/node-pre-gyp/lib/util/nw-pre-gyp/package.json +9 -0
package/node_modules/node-pre-gyp/lib/util/s3_setup.js +27 -0
package/node_modules/node-pre-gyp/lib/util/versioning.js +330 -0
package/node_modules/node-pre-gyp/package.json +86 -0
package/node_modules/nopt/.npmignore +1 -0
package/node_modules/nopt/.travis.yml +8 -0
package/node_modules/nopt/CHANGELOG.md +58 -0
package/node_modules/nopt/LICENSE +15 -0
package/node_modules/nopt/README.md +213 -0
package/node_modules/nopt/bin/nopt.js +54 -0
package/node_modules/nopt/examples/my-program.js +30 -0
package/node_modules/nopt/lib/nopt.js +436 -0
package/node_modules/nopt/package.json +58 -0
package/node_modules/nopt/test/basic.js +303 -0
package/node_modules/npm-bundled/LICENSE +15 -0
package/node_modules/npm-bundled/README.md +48 -0
package/node_modules/npm-bundled/index.js +229 -0
package/node_modules/npm-bundled/package.json +60 -0
package/node_modules/npm-packlist/LICENSE +15 -0
package/node_modules/npm-packlist/README.md +68 -0
package/node_modules/npm-packlist/index.js +229 -0
package/node_modules/npm-packlist/package.json +66 -0
package/node_modules/npmlog/CHANGELOG.md +49 -0
package/node_modules/npmlog/LICENSE +15 -0
package/node_modules/npmlog/README.md +216 -0
package/node_modules/npmlog/log.js +309 -0
package/node_modules/npmlog/package.json +61 -0
package/node_modules/number-is-nan/index.js +4 -0
package/node_modules/number-is-nan/license +21 -0
package/node_modules/number-is-nan/package.json +67 -0
package/node_modules/number-is-nan/readme.md +28 -0
package/node_modules/object-assign/index.js +90 -0
package/node_modules/object-assign/license +21 -0
package/node_modules/object-assign/package.json +74 -0
package/node_modules/object-assign/readme.md +61 -0
package/node_modules/once/LICENSE +15 -0
package/node_modules/once/README.md +79 -0
package/node_modules/once/once.js +42 -0
package/node_modules/once/package.json +67 -0
package/node_modules/os-homedir/index.js +24 -0
package/node_modules/os-homedir/license +21 -0
package/node_modules/os-homedir/package.json +73 -0
package/node_modules/os-homedir/readme.md +31 -0
package/node_modules/os-tmpdir/index.js +25 -0
package/node_modules/os-tmpdir/license +21 -0
package/node_modules/os-tmpdir/package.json +73 -0
package/node_modules/os-tmpdir/readme.md +32 -0
package/node_modules/osenv/LICENSE +15 -0
package/node_modules/osenv/README.md +63 -0
package/node_modules/osenv/osenv.js +72 -0
package/node_modules/osenv/package.json +73 -0
package/node_modules/path-is-absolute/index.js +20 -0
package/node_modules/path-is-absolute/license +21 -0
package/node_modules/path-is-absolute/package.json +75 -0
package/node_modules/path-is-absolute/readme.md +59 -0
package/node_modules/process-nextick-args/index.js +44 -0
package/node_modules/process-nextick-args/license.md +19 -0
package/node_modules/process-nextick-args/package.json +50 -0
package/node_modules/process-nextick-args/readme.md +18 -0
package/node_modules/rc/LICENSE.APACHE2 +15 -0
package/node_modules/rc/LICENSE.BSD +26 -0
package/node_modules/rc/LICENSE.MIT +24 -0
package/node_modules/rc/README.md +227 -0
package/node_modules/rc/browser.js +7 -0
package/node_modules/rc/cli.js +4 -0
package/node_modules/rc/index.js +53 -0
package/node_modules/rc/lib/utils.js +104 -0
package/node_modules/rc/node_modules/minimist/.travis.yml +8 -0
package/node_modules/rc/node_modules/minimist/LICENSE +18 -0
package/node_modules/rc/node_modules/minimist/example/parse.js +2 -0
package/node_modules/rc/node_modules/minimist/index.js +236 -0
package/node_modules/rc/node_modules/minimist/package.json +73 -0
package/node_modules/rc/node_modules/minimist/readme.markdown +91 -0
package/node_modules/rc/node_modules/minimist/test/all_bool.js +32 -0
package/node_modules/rc/node_modules/minimist/test/bool.js +166 -0
package/node_modules/rc/node_modules/minimist/test/dash.js +31 -0
package/node_modules/rc/node_modules/minimist/test/default_bool.js +35 -0
package/node_modules/rc/node_modules/minimist/test/dotted.js +22 -0
package/node_modules/rc/node_modules/minimist/test/kv_short.js +16 -0
package/node_modules/rc/node_modules/minimist/test/long.js +31 -0
package/node_modules/rc/node_modules/minimist/test/num.js +36 -0
package/node_modules/rc/node_modules/minimist/test/parse.js +197 -0
package/node_modules/rc/node_modules/minimist/test/parse_modified.js +9 -0
package/node_modules/rc/node_modules/minimist/test/short.js +67 -0
package/node_modules/rc/node_modules/minimist/test/stop_early.js +15 -0
package/node_modules/rc/node_modules/minimist/test/unknown.js +102 -0
package/node_modules/rc/node_modules/minimist/test/whitespace.js +8 -0
package/node_modules/rc/package.json +64 -0
package/node_modules/rc/test/ini.js +16 -0
package/node_modules/rc/test/nested-env-vars.js +50 -0
package/node_modules/rc/test/test.js +59 -0
package/node_modules/readable-stream/.travis.yml +55 -0
package/node_modules/readable-stream/CONTRIBUTING.md +38 -0
package/node_modules/readable-stream/GOVERNANCE.md +136 -0
package/node_modules/readable-stream/LICENSE +47 -0
package/node_modules/readable-stream/README.md +58 -0
package/node_modules/readable-stream/doc/wg-meetings/2015-01-30.md +60 -0
package/node_modules/readable-stream/duplex-browser.js +1 -0
package/node_modules/readable-stream/duplex.js +1 -0
package/node_modules/readable-stream/lib/_stream_duplex.js +131 -0
package/node_modules/readable-stream/lib/_stream_passthrough.js +47 -0
package/node_modules/readable-stream/lib/_stream_readable.js +1019 -0
package/node_modules/readable-stream/lib/_stream_transform.js +214 -0
package/node_modules/readable-stream/lib/_stream_writable.js +687 -0
package/node_modules/readable-stream/lib/internal/streams/BufferList.js +79 -0
package/node_modules/readable-stream/lib/internal/streams/destroy.js +74 -0
package/node_modules/readable-stream/lib/internal/streams/stream-browser.js +1 -0
package/node_modules/readable-stream/lib/internal/streams/stream.js +1 -0
package/node_modules/readable-stream/package.json +81 -0
package/node_modules/readable-stream/passthrough.js +1 -0
package/node_modules/readable-stream/readable-browser.js +7 -0
package/node_modules/readable-stream/readable.js +19 -0
package/node_modules/readable-stream/transform.js +1 -0
package/node_modules/readable-stream/writable-browser.js +1 -0
package/node_modules/readable-stream/writable.js +8 -0
package/node_modules/rimraf/LICENSE +15 -0
package/node_modules/rimraf/README.md +101 -0
package/node_modules/rimraf/bin.js +50 -0
package/node_modules/rimraf/package.json +67 -0
package/node_modules/rimraf/rimraf.js +364 -0
package/node_modules/safe-buffer/LICENSE +21 -0
package/node_modules/safe-buffer/README.md +584 -0
package/node_modules/safe-buffer/index.d.ts +187 -0
package/node_modules/safe-buffer/index.js +62 -0
package/node_modules/safe-buffer/package.json +65 -0
package/node_modules/safer-buffer/LICENSE +21 -0
package/node_modules/safer-buffer/Porting-Buffer.md +268 -0
package/node_modules/safer-buffer/Readme.md +156 -0
package/node_modules/safer-buffer/dangerous.js +58 -0
package/node_modules/safer-buffer/package.json +60 -0
package/node_modules/safer-buffer/safer.js +77 -0
package/node_modules/safer-buffer/tests.js +406 -0
package/node_modules/sax/LICENSE +41 -0
package/node_modules/sax/README.md +225 -0
package/node_modules/sax/lib/sax.js +1565 -0
package/node_modules/sax/package.json +61 -0
package/node_modules/semver/LICENSE +15 -0
package/node_modules/semver/README.md +399 -0
package/node_modules/semver/bin/semver +153 -0
package/node_modules/semver/package.json +54 -0
package/node_modules/semver/range.bnf +16 -0
package/node_modules/semver/semver.js +1352 -0
package/node_modules/set-blocking/CHANGELOG.md +26 -0
package/node_modules/set-blocking/LICENSE.txt +14 -0
package/node_modules/set-blocking/README.md +31 -0
package/node_modules/set-blocking/index.js +7 -0
package/node_modules/set-blocking/package.json +70 -0
package/node_modules/signal-exit/CHANGELOG.md +27 -0
package/node_modules/signal-exit/LICENSE.txt +16 -0
package/node_modules/signal-exit/README.md +40 -0
package/node_modules/signal-exit/index.js +157 -0
package/node_modules/signal-exit/package.json +66 -0
package/node_modules/signal-exit/signals.js +53 -0
package/node_modules/string-width/index.js +37 -0
package/node_modules/string-width/license +21 -0
package/node_modules/string-width/package.json +89 -0
package/node_modules/string-width/readme.md +42 -0
package/node_modules/string_decoder/.travis.yml +50 -0
package/node_modules/string_decoder/LICENSE +48 -0
package/node_modules/string_decoder/README.md +47 -0
package/node_modules/string_decoder/lib/string_decoder.js +296 -0
package/node_modules/string_decoder/package.json +59 -0
package/node_modules/strip-ansi/index.js +6 -0
package/node_modules/strip-ansi/license +21 -0
package/node_modules/strip-ansi/package.json +102 -0
package/node_modules/strip-ansi/readme.md +33 -0
package/node_modules/strip-json-comments/index.js +70 -0
package/node_modules/strip-json-comments/license +21 -0
package/node_modules/strip-json-comments/package.json +74 -0
package/node_modules/strip-json-comments/readme.md +64 -0
package/node_modules/tar/LICENSE +15 -0
package/node_modules/tar/README.md +954 -0
package/node_modules/tar/index.js +18 -0
package/node_modules/tar/lib/buffer.js +11 -0
package/node_modules/tar/lib/create.js +105 -0
package/node_modules/tar/lib/extract.js +112 -0
package/node_modules/tar/lib/header.js +289 -0
package/node_modules/tar/lib/high-level-opt.js +29 -0
package/node_modules/tar/lib/large-numbers.js +92 -0
package/node_modules/tar/lib/list.js +130 -0
package/node_modules/tar/lib/mkdir.js +206 -0
package/node_modules/tar/lib/mode-fix.js +14 -0
package/node_modules/tar/lib/pack.js +404 -0
package/node_modules/tar/lib/parse.js +423 -0
package/node_modules/tar/lib/pax.js +146 -0
package/node_modules/tar/lib/read-entry.js +94 -0
package/node_modules/tar/lib/replace.js +220 -0
package/node_modules/tar/lib/types.js +44 -0
package/node_modules/tar/lib/unpack.js +621 -0
package/node_modules/tar/lib/update.js +36 -0
package/node_modules/tar/lib/warn-mixin.js +14 -0
package/node_modules/tar/lib/winchars.js +23 -0
package/node_modules/tar/lib/write-entry.js +422 -0
package/node_modules/tar/package.json +78 -0
package/node_modules/util-deprecate/History.md +16 -0
package/node_modules/util-deprecate/LICENSE +24 -0
package/node_modules/util-deprecate/README.md +53 -0
package/node_modules/util-deprecate/browser.js +67 -0
package/node_modules/util-deprecate/node.js +6 -0
package/node_modules/util-deprecate/package.json +56 -0
package/node_modules/wide-align/LICENSE +14 -0
package/node_modules/wide-align/README.md +47 -0
package/node_modules/wide-align/align.js +65 -0
package/node_modules/wide-align/package.json +66 -0
package/node_modules/wrappy/LICENSE +15 -0
package/node_modules/wrappy/README.md +36 -0
package/node_modules/wrappy/package.json +59 -0
package/node_modules/wrappy/wrappy.js +33 -0
package/node_modules/yallist/LICENSE +15 -0
package/node_modules/yallist/README.md +204 -0
package/node_modules/yallist/iterator.js +8 -0
package/node_modules/yallist/package.json +63 -0
package/node_modules/yallist/yallist.js +376 -0
package/package.json +1 -1

package/node_modules/safe-buffer/README.md ADDED Viewed

@@ -0,0 +1,584 @@
+# safe-buffer [![travis][travis-image]][travis-url] [![npm][npm-image]][npm-url] [![downloads][downloads-image]][downloads-url] [![javascript style guide][standard-image]][standard-url]
+[travis-image]: https://img.shields.io/travis/feross/safe-buffer/master.svg
+[travis-url]: https://travis-ci.org/feross/safe-buffer
+[npm-image]: https://img.shields.io/npm/v/safe-buffer.svg
+[npm-url]: https://npmjs.org/package/safe-buffer
+[downloads-image]: https://img.shields.io/npm/dm/safe-buffer.svg
+[downloads-url]: https://npmjs.org/package/safe-buffer
+[standard-image]: https://img.shields.io/badge/code_style-standard-brightgreen.svg
+[standard-url]: https://standardjs.com
+#### Safer Node.js Buffer API
+**Use the new Node.js Buffer APIs (`Buffer.from`, `Buffer.alloc`,
+`Buffer.allocUnsafe`, `Buffer.allocUnsafeSlow`) in all versions of Node.js.**
+**Uses the built-in implementation when available.**
+## install
+```
+npm install safe-buffer
+```
+## usage
+The goal of this package is to provide a safe replacement for the node.js `Buffer`.
+It's a drop-in replacement for `Buffer`. You can use it by adding one `require` line to
+the top of your node.js modules:
+```js
+var Buffer = require('safe-buffer').Buffer
+// Existing buffer code will continue to work without issues:
+new Buffer('hey', 'utf8')
+new Buffer([1, 2, 3], 'utf8')
+new Buffer(obj)
+new Buffer(16) // create an uninitialized buffer (potentially unsafe)
+// But you can use these new explicit APIs to make clear what you want:
+Buffer.from('hey', 'utf8') // convert from many types to a Buffer
+Buffer.alloc(16) // create a zero-filled buffer (safe)
+Buffer.allocUnsafe(16) // create an uninitialized buffer (potentially unsafe)
+```
+## api
+### Class Method: Buffer.from(array)
+<!-- YAML
+added: v3.0.0
+-->
+* `array` {Array}
+Allocates a new `Buffer` using an `array` of octets.
+```js
+const buf = Buffer.from([0x62,0x75,0x66,0x66,0x65,0x72]);
+  // creates a new Buffer containing ASCII bytes
+  // ['b','u','f','f','e','r']
+```
+A `TypeError` will be thrown if `array` is not an `Array`.
+### Class Method: Buffer.from(arrayBuffer[, byteOffset[, length]])
+<!-- YAML
+added: v5.10.0
+-->
+* `arrayBuffer` {ArrayBuffer} The `.buffer` property of a `TypedArray` or
+  a `new ArrayBuffer()`
+* `byteOffset` {Number} Default: `0`
+* `length` {Number} Default: `arrayBuffer.length - byteOffset`
+When passed a reference to the `.buffer` property of a `TypedArray` instance,
+the newly created `Buffer` will share the same allocated memory as the
+TypedArray.
+```js
+const arr = new Uint16Array(2);
+arr[0] = 5000;
+arr[1] = 4000;
+const buf = Buffer.from(arr.buffer); // shares the memory with arr;
+console.log(buf);
+  // Prints: <Buffer 88 13 a0 0f>
+// changing the TypedArray changes the Buffer also
+arr[1] = 6000;
+console.log(buf);
+  // Prints: <Buffer 88 13 70 17>
+```
+The optional `byteOffset` and `length` arguments specify a memory range within
+the `arrayBuffer` that will be shared by the `Buffer`.
+```js
+const ab = new ArrayBuffer(10);
+const buf = Buffer.from(ab, 0, 2);
+console.log(buf.length);
+  // Prints: 2
+```
+A `TypeError` will be thrown if `arrayBuffer` is not an `ArrayBuffer`.
+### Class Method: Buffer.from(buffer)
+<!-- YAML
+added: v3.0.0
+-->
+* `buffer` {Buffer}
+Copies the passed `buffer` data onto a new `Buffer` instance.
+```js
+const buf1 = Buffer.from('buffer');
+const buf2 = Buffer.from(buf1);
+buf1[0] = 0x61;
+console.log(buf1.toString());
+  // 'auffer'
+console.log(buf2.toString());
+  // 'buffer' (copy is not changed)
+```
+A `TypeError` will be thrown if `buffer` is not a `Buffer`.
+### Class Method: Buffer.from(str[, encoding])
+<!-- YAML
+added: v5.10.0
+-->
+* `str` {String} String to encode.
+* `encoding` {String} Encoding to use, Default: `'utf8'`
+Creates a new `Buffer` containing the given JavaScript string `str`. If
+provided, the `encoding` parameter identifies the character encoding.
+If not provided, `encoding` defaults to `'utf8'`.
+```js
+const buf1 = Buffer.from('this is a tést');
+console.log(buf1.toString());
+  // prints: this is a tést
+console.log(buf1.toString('ascii'));
+  // prints: this is a tC)st
+const buf2 = Buffer.from('7468697320697320612074c3a97374', 'hex');
+console.log(buf2.toString());
+  // prints: this is a tést
+```
+A `TypeError` will be thrown if `str` is not a string.
+### Class Method: Buffer.alloc(size[, fill[, encoding]])
+<!-- YAML
+added: v5.10.0
+-->
+* `size` {Number}
+* `fill` {Value} Default: `undefined`
+* `encoding` {String} Default: `utf8`
+Allocates a new `Buffer` of `size` bytes. If `fill` is `undefined`, the
+`Buffer` will be *zero-filled*.
+```js
+const buf = Buffer.alloc(5);
+console.log(buf);
+  // <Buffer 00 00 00 00 00>
+```
+The `size` must be less than or equal to the value of
+`require('buffer').kMaxLength` (on 64-bit architectures, `kMaxLength` is
+`(2^31)-1`). Otherwise, a [`RangeError`][] is thrown. A zero-length Buffer will
+be created if a `size` less than or equal to 0 is specified.
+If `fill` is specified, the allocated `Buffer` will be initialized by calling
+`buf.fill(fill)`. See [`buf.fill()`][] for more information.
+```js
+const buf = Buffer.alloc(5, 'a');
+console.log(buf);
+  // <Buffer 61 61 61 61 61>
+```
+If both `fill` and `encoding` are specified, the allocated `Buffer` will be
+initialized by calling `buf.fill(fill, encoding)`. For example:
+```js
+const buf = Buffer.alloc(11, 'aGVsbG8gd29ybGQ=', 'base64');
+console.log(buf);
+  // <Buffer 68 65 6c 6c 6f 20 77 6f 72 6c 64>
+```
+Calling `Buffer.alloc(size)` can be significantly slower than the alternative
+`Buffer.allocUnsafe(size)` but ensures that the newly created `Buffer` instance
+contents will *never contain sensitive data*.
+A `TypeError` will be thrown if `size` is not a number.
+### Class Method: Buffer.allocUnsafe(size)
+<!-- YAML
+added: v5.10.0
+-->
+* `size` {Number}
+Allocates a new *non-zero-filled* `Buffer` of `size` bytes.  The `size` must
+be less than or equal to the value of `require('buffer').kMaxLength` (on 64-bit
+architectures, `kMaxLength` is `(2^31)-1`). Otherwise, a [`RangeError`][] is
+thrown. A zero-length Buffer will be created if a `size` less than or equal to
+0 is specified.
+The underlying memory for `Buffer` instances created in this way is *not
+initialized*. The contents of the newly created `Buffer` are unknown and
+*may contain sensitive data*. Use [`buf.fill(0)`][] to initialize such
+`Buffer` instances to zeroes.
+```js
+const buf = Buffer.allocUnsafe(5);
+console.log(buf);
+  // <Buffer 78 e0 82 02 01>
+  // (octets will be different, every time)
+buf.fill(0);
+console.log(buf);
+  // <Buffer 00 00 00 00 00>
+```
+A `TypeError` will be thrown if `size` is not a number.
+Note that the `Buffer` module pre-allocates an internal `Buffer` instance of
+size `Buffer.poolSize` that is used as a pool for the fast allocation of new
+`Buffer` instances created using `Buffer.allocUnsafe(size)` (and the deprecated
+`new Buffer(size)` constructor) only when `size` is less than or equal to
+`Buffer.poolSize >> 1` (floor of `Buffer.poolSize` divided by two). The default
+value of `Buffer.poolSize` is `8192` but can be modified.
+Use of this pre-allocated internal memory pool is a key difference between
+calling `Buffer.alloc(size, fill)` vs. `Buffer.allocUnsafe(size).fill(fill)`.
+Specifically, `Buffer.alloc(size, fill)` will *never* use the internal Buffer
+pool, while `Buffer.allocUnsafe(size).fill(fill)` *will* use the internal
+Buffer pool if `size` is less than or equal to half `Buffer.poolSize`. The
+difference is subtle but can be important when an application requires the
+additional performance that `Buffer.allocUnsafe(size)` provides.
+### Class Method: Buffer.allocUnsafeSlow(size)
+<!-- YAML
+added: v5.10.0
+-->
+* `size` {Number}
+Allocates a new *non-zero-filled* and non-pooled `Buffer` of `size` bytes.  The
+`size` must be less than or equal to the value of
+`require('buffer').kMaxLength` (on 64-bit architectures, `kMaxLength` is
+`(2^31)-1`). Otherwise, a [`RangeError`][] is thrown. A zero-length Buffer will
+be created if a `size` less than or equal to 0 is specified.
+The underlying memory for `Buffer` instances created in this way is *not
+initialized*. The contents of the newly created `Buffer` are unknown and
+*may contain sensitive data*. Use [`buf.fill(0)`][] to initialize such
+`Buffer` instances to zeroes.
+When using `Buffer.allocUnsafe()` to allocate new `Buffer` instances,
+allocations under 4KB are, by default, sliced from a single pre-allocated
+`Buffer`. This allows applications to avoid the garbage collection overhead of
+creating many individually allocated Buffers. This approach improves both
+performance and memory usage by eliminating the need to track and cleanup as
+many `Persistent` objects.
+However, in the case where a developer may need to retain a small chunk of
+memory from a pool for an indeterminate amount of time, it may be appropriate
+to create an un-pooled Buffer instance using `Buffer.allocUnsafeSlow()` then
+copy out the relevant bits.
+```js
+// need to keep around a few small chunks of memory
+const store = [];
+socket.on('readable', () => {
+  const data = socket.read();
+  // allocate for retained data
+  const sb = Buffer.allocUnsafeSlow(10);
+  // copy the data into the new allocation
+  data.copy(sb, 0, 0, 10);
+  store.push(sb);
+});
+```
+Use of `Buffer.allocUnsafeSlow()` should be used only as a last resort *after*
+a developer has observed undue memory retention in their applications.
+A `TypeError` will be thrown if `size` is not a number.
+### All the Rest
+The rest of the `Buffer` API is exactly the same as in node.js.
+[See the docs](https://nodejs.org/api/buffer.html).
+## Related links
+- [Node.js issue: Buffer(number) is unsafe](https://github.com/nodejs/node/issues/4660)
+- [Node.js Enhancement Proposal: Buffer.from/Buffer.alloc/Buffer.zalloc/Buffer() soft-deprecate](https://github.com/nodejs/node-eps/pull/4)
+## Why is `Buffer` unsafe?
+Today, the node.js `Buffer` constructor is overloaded to handle many different argument
+types like `String`, `Array`, `Object`, `TypedArrayView` (`Uint8Array`, etc.),
+`ArrayBuffer`, and also `Number`.
+The API is optimized for convenience: you can throw any type at it, and it will try to do
+what you want.
+Because the Buffer constructor is so powerful, you often see code like this:
+```js
+// Convert UTF-8 strings to hex
+function toHex (str) {
+  return new Buffer(str).toString('hex')
+}
+```
+***But what happens if `toHex` is called with a `Number` argument?***
+### Remote Memory Disclosure
+If an attacker can make your program call the `Buffer` constructor with a `Number`
+argument, then they can make it allocate uninitialized memory from the node.js process.
+This could potentially disclose TLS private keys, user data, or database passwords.
+When the `Buffer` constructor is passed a `Number` argument, it returns an
+**UNINITIALIZED** block of memory of the specified `size`. When you create a `Buffer` like
+this, you **MUST** overwrite the contents before returning it to the user.
+From the [node.js docs](https://nodejs.org/api/buffer.html#buffer_new_buffer_size):
+> `new Buffer(size)`
+>
+> - `size` Number
+>
+> The underlying memory for `Buffer` instances created in this way is not initialized.
+> **The contents of a newly created `Buffer` are unknown and could contain sensitive
+> data.** Use `buf.fill(0)` to initialize a Buffer to zeroes.
+(Emphasis our own.)
+Whenever the programmer intended to create an uninitialized `Buffer` you often see code
+like this:
+```js
+var buf = new Buffer(16)
+// Immediately overwrite the uninitialized buffer with data from another buffer
+for (var i = 0; i < buf.length; i++) {
+  buf[i] = otherBuf[i]
+}
+```
+### Would this ever be a problem in real code?
+Yes. It's surprisingly common to forget to check the type of your variables in a
+dynamically-typed language like JavaScript.
+Usually the consequences of assuming the wrong type is that your program crashes with an
+uncaught exception. But the failure mode for forgetting to check the type of arguments to
+the `Buffer` constructor is more catastrophic.
+Here's an example of a vulnerable service that takes a JSON payload and converts it to
+hex:
+```js
+// Take a JSON payload {str: "some string"} and convert it to hex
+var server = http.createServer(function (req, res) {
+  var data = ''
+  req.setEncoding('utf8')
+  req.on('data', function (chunk) {
+    data += chunk
+  })
+  req.on('end', function () {
+    var body = JSON.parse(data)
+    res.end(new Buffer(body.str).toString('hex'))
+  })
+})
+server.listen(8080)
+```
+In this example, an http client just has to send:
+```json
+{
+  "str": 1000
+}
+```
+and it will get back 1,000 bytes of uninitialized memory from the server.
+This is a very serious bug. It's similar in severity to the
+[the Heartbleed bug](http://heartbleed.com/) that allowed disclosure of OpenSSL process
+memory by remote attackers.
+### Which real-world packages were vulnerable?
+#### [`bittorrent-dht`](https://www.npmjs.com/package/bittorrent-dht)
+[Mathias Buus](https://github.com/mafintosh) and I
+([Feross Aboukhadijeh](http://feross.org/)) found this issue in one of our own packages,
+[`bittorrent-dht`](https://www.npmjs.com/package/bittorrent-dht). The bug would allow
+anyone on the internet to send a series of messages to a user of `bittorrent-dht` and get
+them to reveal 20 bytes at a time of uninitialized memory from the node.js process.
+Here's
+[the commit](https://github.com/feross/bittorrent-dht/commit/6c7da04025d5633699800a99ec3fbadf70ad35b8)
+that fixed it. We released a new fixed version, created a
+[Node Security Project disclosure](https://nodesecurity.io/advisories/68), and deprecated all
+vulnerable versions on npm so users will get a warning to upgrade to a newer version.
+#### [`ws`](https://www.npmjs.com/package/ws)
+That got us wondering if there were other vulnerable packages. Sure enough, within a short
+period of time, we found the same issue in [`ws`](https://www.npmjs.com/package/ws), the
+most popular WebSocket implementation in node.js.
+If certain APIs were called with `Number` parameters instead of `String` or `Buffer` as
+expected, then uninitialized server memory would be disclosed to the remote peer.
+These were the vulnerable methods:
+```js
+socket.send(number)
+socket.ping(number)
+socket.pong(number)
+```
+Here's a vulnerable socket server with some echo functionality:
+```js
+server.on('connection', function (socket) {
+  socket.on('message', function (message) {
+    message = JSON.parse(message)
+    if (message.type === 'echo') {
+      socket.send(message.data) // send back the user's message
+    }
+  })
+})
+```
+`socket.send(number)` called on the server, will disclose server memory.
+Here's [the release](https://github.com/websockets/ws/releases/tag/1.0.1) where the issue
+was fixed, with a more detailed explanation. Props to
+[Arnout Kazemier](https://github.com/3rd-Eden) for the quick fix. Here's the
+[Node Security Project disclosure](https://nodesecurity.io/advisories/67).
+### What's the solution?
+It's important that node.js offers a fast way to get memory otherwise performance-critical
+applications would needlessly get a lot slower.
+But we need a better way to *signal our intent* as programmers. **When we want
+uninitialized memory, we should request it explicitly.**
+Sensitive functionality should not be packed into a developer-friendly API that loosely
+accepts many different types. This type of API encourages the lazy practice of passing
+variables in without checking the type very carefully.
+#### A new API: `Buffer.allocUnsafe(number)`
+The functionality of creating buffers with uninitialized memory should be part of another
+API. We propose `Buffer.allocUnsafe(number)`. This way, it's not part of an API that
+frequently gets user input of all sorts of different types passed into it.
+```js
+var buf = Buffer.allocUnsafe(16) // careful, uninitialized memory!
+// Immediately overwrite the uninitialized buffer with data from another buffer
+for (var i = 0; i < buf.length; i++) {
+  buf[i] = otherBuf[i]
+}
+```
+### How do we fix node.js core?
+We sent [a PR to node.js core](https://github.com/nodejs/node/pull/4514) (merged as
+`semver-major`) which defends against one case:
+```js
+var str = 16
+new Buffer(str, 'utf8')
+```
+In this situation, it's implied that the programmer intended the first argument to be a
+string, since they passed an encoding as a second argument. Today, node.js will allocate
+uninitialized memory in the case of `new Buffer(number, encoding)`, which is probably not
+what the programmer intended.
+But this is only a partial solution, since if the programmer does `new Buffer(variable)`
+(without an `encoding` parameter) there's no way to know what they intended. If `variable`
+is sometimes a number, then uninitialized memory will sometimes be returned.
+### What's the real long-term fix?
+We could deprecate and remove `new Buffer(number)` and use `Buffer.allocUnsafe(number)` when
+we need uninitialized memory. But that would break 1000s of packages.
+~~We believe the best solution is to:~~
+~~1. Change `new Buffer(number)` to return safe, zeroed-out memory~~
+~~2. Create a new API for creating uninitialized Buffers. We propose: `Buffer.allocUnsafe(number)`~~
+#### Update
+We now support adding three new APIs:
+- `Buffer.from(value)` - convert from any type to a buffer
+- `Buffer.alloc(size)` - create a zero-filled buffer
+- `Buffer.allocUnsafe(size)` - create an uninitialized buffer with given size
+This solves the core problem that affected `ws` and `bittorrent-dht` which is
+`Buffer(variable)` getting tricked into taking a number argument.
+This way, existing code continues working and the impact on the npm ecosystem will be
+minimal. Over time, npm maintainers can migrate performance-critical code to use
+`Buffer.allocUnsafe(number)` instead of `new Buffer(number)`.
+### Conclusion
+We think there's a serious design issue with the `Buffer` API as it exists today. It
+promotes insecure software by putting high-risk functionality into a convenient API
+with friendly "developer ergonomics".
+This wasn't merely a theoretical exercise because we found the issue in some of the
+most popular npm packages.
+Fortunately, there's an easy fix that can be applied today. Use `safe-buffer` in place of
+`buffer`.
+```js
+var Buffer = require('safe-buffer').Buffer
+```
+Eventually, we hope that node.js core can switch to this new, safer behavior. We believe
+the impact on the ecosystem would be minimal since it's not a breaking change.
+Well-maintained, popular packages would be updated to use `Buffer.alloc` quickly, while
+older, insecure packages would magically become safe from this attack vector.
+## links
+- [Node.js PR: buffer: throw if both length and enc are passed](https://github.com/nodejs/node/pull/4514)
+- [Node Security Project disclosure for `ws`](https://nodesecurity.io/advisories/67)
+- [Node Security Project disclosure for`bittorrent-dht`](https://nodesecurity.io/advisories/68)
+## credit
+The original issues in `bittorrent-dht`
+([disclosure](https://nodesecurity.io/advisories/68)) and
+`ws` ([disclosure](https://nodesecurity.io/advisories/67)) were discovered by
+[Mathias Buus](https://github.com/mafintosh) and
+[Feross Aboukhadijeh](http://feross.org/).
+Thanks to [Adam Baldwin](https://github.com/evilpacket) for helping disclose these issues
+and for his work running the [Node Security Project](https://nodesecurity.io/).
+Thanks to [John Hiesey](https://github.com/jhiesey) for proofreading this README and
+auditing the code.
+## license
+MIT. Copyright (C) [Feross Aboukhadijeh](http://feross.org)