github-webhook-handler 0.7.1 → 1.0.0

package/.travis.yml

@@ -0,0 +1,14 @@
+sudo: false
+language: node_js
+node_js:
+  - 8
+  - 10
+  - 12
+  - lts/*
+  - current
+branches:
+  only:
+    - master
+notifications:
+  email:
+    - rod@vagg.org

package/README.md

@@ -1,7 +1,8 @@
 # github-webhook-handler
 
-[![NPM](https://nodei.co/npm/github-webhook-handler.png?downloads=true&downloadRank=true)](https://nodei.co/npm/github-webhook-handler/)
-[![NPM](https://nodei.co/npm-dl/github-webhook-handler.png?months=6&height=3)](https://nodei.co/npm/github-webhook-handler/)
+[![Build Status](https://travis-ci.org/rvagg/github-webhook-handler.svg?branch=master)](https://travis-ci.org/rvagg/github-webhook-handler)
+
+[![NPM](https://nodei.co/npm/github-webhook-handler.svg)](https://nodei.co/npm/github-webhook-handler/)
 
 GitHub allows you to register **[Webhooks](https://developer.github.com/webhooks/)** for your repositories. Each time an event occurs on your repository, whether it be pushing code, filling issues or creating pull requests, the webhook address you register can be configured to be pinged with details.
 
@@ -75,4 +76,4 @@ Additionally, there is a special `'*'` even you can listen to in order to receiv
 
 ## License
 
-**github-webhook-handler** is Copyright (c) 2014 Rod Vagg [@rvagg](https://twitter.com/rvagg) and licensed under the MIT License. All rights not explicitly granted in the MIT License are reserved. See the included [LICENSE.md](./LICENSE.md) file for more details.
+**github-webhook-handler** is Copyright (c) 2014 Rod Vagg and licensed under the MIT License. All rights not explicitly granted in the MIT License are reserved. See the included [LICENSE.md](./LICENSE.md) file for more details.

package/github-webhook-handler.d.ts

@@ -13,4 +13,6 @@ interface handler extends EventEmitter {
     (req: IncomingMessage, res: ServerResponse, callback: (err: Error) => void): void;
 }
 
-export default function createHandler(options: CreateHandlerOptions): handler;
+declare function createHandler(options: CreateHandlerOptions|CreateHandlerOptions[]): handler;
+
+export = createHandler;

package/github-webhook-handler.js

@@ -1,29 +1,49 @@
-const EventEmitter = require('events').EventEmitter
-    , inherits     = require('util').inherits
-    , crypto       = require('crypto')
-    , bl           = require('bl')
-    , bufferEq     = require('buffer-equal-constant-time')
-
-function create (options) {
-  if (typeof options != 'object')
+const EventEmitter = require('events')
+const crypto = require('crypto')
+const bl = require('bl')
+
+function findHandler (url, arr) {
+  if (!Array.isArray(arr)) {
+    return arr
+  }
+
+  let ret = arr[0]
+  for (let i = 0; i < arr.length; i++) {
+    if (url === arr[i].path) {
+      ret = arr[i]
+    }
+  }
+
+  return ret
+}
+
+function checkType (options) {
+  if (typeof options !== 'object') {
     throw new TypeError('must provide an options object')
+  }
 
-  if (typeof options.path != 'string')
+  if (typeof options.path !== 'string') {
     throw new TypeError('must provide a \'path\' option')
+  }
 
-  if (typeof options.secret != 'string')
+  if (typeof options.secret !== 'string') {
     throw new TypeError('must provide a \'secret\' option')
+  }
+}
 
-  var events
-
-  if (typeof options.events == 'string' && options.events != '*')
-    events = [ options.events ]
-
-  else if (Array.isArray(options.events) && options.events.indexOf('*') == -1)
-    events = options.events
+function create (initOptions) {
+  let options
+  // validate type of options
+  if (Array.isArray(initOptions)) {
+    for (let i = 0; i < initOptions.length; i++) {
+      checkType(initOptions[i])
+    }
+  } else {
+    checkType(initOptions)
+  }
 
-  // make it an EventEmitter, sort of
-  handler.__proto__ = EventEmitter.prototype
+  // make it an EventEmitter
+  Object.setPrototypeOf(handler, EventEmitter.prototype)
   EventEmitter.call(handler)
 
   handler.sign = sign
@@ -31,54 +51,74 @@ function create (options) {
 
   return handler
 
-
   function sign (data) {
-    return 'sha1=' + crypto.createHmac('sha1', options.secret).update(data).digest('hex')
+    return `sha1=${crypto.createHmac('sha1', options.secret).update(data).digest('hex')}`
   }
 
   function verify (signature, data) {
-    return bufferEq(Buffer.from(signature), Buffer.from(sign(data)))
+    const sig = Buffer.from(signature)
+    const signed = Buffer.from(sign(data))
+    if (sig.length !== signed.length) {
+      return false
+    }
+    return crypto.timingSafeEqual(sig, signed)
   }
 
   function handler (req, res, callback) {
-    if (req.url.split('?').shift() !== options.path || req.method !== 'POST')
+    let events
+
+    options = findHandler(req.url, initOptions)
+
+    if (typeof options.events === 'string' && options.events !== '*') {
+      events = [options.events]
+    } else if (Array.isArray(options.events) && options.events.indexOf('*') === -1) {
+      events = options.events
+    }
+
+    if (req.url !== options.path || req.method !== 'POST') {
       return callback()
+    }
 
     function hasError (msg) {
       res.writeHead(400, { 'content-type': 'application/json' })
       res.end(JSON.stringify({ error: msg }))
 
-      var err = new Error(msg)
+      const err = new Error(msg)
 
       handler.emit('error', err, req)
       callback(err)
     }
 
-    var sig   = req.headers['x-hub-signature']
-      , event = req.headers['x-github-event']
-      , id    = req.headers['x-github-delivery']
+    const sig = req.headers['x-hub-signature']
+    const event = req.headers['x-github-event']
+    const id = req.headers['x-github-delivery']
 
-    if (!sig)
+    if (!sig) {
       return hasError('No X-Hub-Signature found on request')
+    }
 
-    if (!event)
+    if (!event) {
       return hasError('No X-Github-Event found on request')
+    }
 
-    if (!id)
+    if (!id) {
       return hasError('No X-Github-Delivery found on request')
+    }
 
-    if (events && events.indexOf(event) == -1)
+    if (events && events.indexOf(event) === -1) {
       return hasError('X-Github-Event is not acceptable')
+    }
 
-    req.pipe(bl(function (err, data) {
+    req.pipe(bl((err, data) => {
       if (err) {
         return hasError(err.message)
       }
 
-      var obj
+      let obj
 
-      if (!verify(sig, data))
+      if (!verify(sig, data)) {
         return hasError('X-Hub-Signature does not match blob signature')
+      }
 
       try {
         obj = JSON.parse(data.toString())
@@ -89,13 +129,14 @@ function create (options) {
       res.writeHead(200, { 'content-type': 'application/json' })
       res.end('{"ok":true}')
 
-      var emitData = {
-          event   : event
-        , id      : id
-        , payload : obj
-        , protocol: req.protocol
-        , host    : req.headers['host']
-        , url     : req.url
+      const emitData = {
+        event: event,
+        id: id,
+        payload: obj,
+        protocol: req.protocol,
+        host: req.headers.host,
+        url: req.url,
+        path: options.path
       }
 
       handler.emit(event, emitData)
@@ -104,5 +145,4 @@ function create (options) {
   }
 }
 
-
 module.exports = create

package/package.json

@@ -1,11 +1,12 @@
 {
   "name": "github-webhook-handler",
-  "version": "0.7.1",
+  "version": "1.0.0",
   "description": "Web handler / middleware for processing GitHub Webhooks",
   "main": "github-webhook-handler.js",
   "types": "github-webhook-handler.d.ts",
   "scripts": {
-    "test": "node test.js"
+    "lint": "standard *.js",
+    "test": "npm run lint && node test.js"
   },
   "keywords": [
     "github",
@@ -18,13 +19,13 @@
   },
   "license": "MIT",
   "dependencies": {
-    "bl": "~1.1.2",
-    "buffer-equal-constant-time": "~1.0.1"
+    "bl": "~4.0.0"
   },
   "devDependencies": {
     "@types/node": "*",
-    "run-series": "~1.1.4",
-    "tape": "~4.6.0",
-    "through2": "~2.0.1"
+    "run-series": "~1.1.8",
+    "standard": "~14.3.1",
+    "tape": "~4.11.0",
+    "through2": "~3.0.1"
   }
 }

package/test.js

@@ -1,46 +1,41 @@
-const test     = require('tape')
-    , crypto   = require('crypto')
-    , handler  = require('./')
-    , through2 = require('through2')
-    , series   = require('run-series')
-
+const test = require('tape')
+const crypto = require('crypto')
+const handler = require('./')
+const through2 = require('through2')
+const series = require('run-series')
 
 function signBlob (key, blob) {
-  return 'sha1=' +
-  crypto.createHmac('sha1', key).update(blob).digest('hex')
+  return `sha1=${crypto.createHmac('sha1', key).update(blob).digest('hex')}`
 }
 
-
 function mkReq (url, method) {
-  var req = through2()
+  const req = through2()
   req.method = method || 'POST'
   req.url = url
   req.headers = {
-      'x-hub-signature'   : 'bogus'
-    , 'x-github-event'    : 'bogus'
-    , 'x-github-delivery' : 'bogus'
+    'x-hub-signature': 'bogus',
+    'x-github-event': 'bogus',
+    'x-github-delivery': 'bogus'
   }
   return req
 }
 
-
 function mkRes () {
-  var res = {
-      writeHead : function (statusCode, headers) {
-        res.$statusCode = statusCode
-        res.$headers = headers
-      }
-
-    , end       : function (content) {
-        res.$end = content
-      }
+  const res = {
+    writeHead: function (statusCode, headers) {
+      res.$statusCode = statusCode
+      res.$headers = headers
+    },
+
+    end: function (content) {
+      res.$end = content
+    }
   }
 
   return res
 }
 
-
-test('handler without full options throws', function (t) {
+test('handler without full options throws', (t) => {
   t.plan(4)
 
   t.equal(typeof handler, 'function', 'handler exports a function')
@@ -52,60 +47,81 @@ test('handler without full options throws', function (t) {
   t.throws(handler.bind(null, { path: '/' }), /must provide a 'secret' option/, 'throws if no secret option')
 })
 
+test('handler without full options throws in array', (t) => {
+  t.plan(2)
+
+  t.throws(handler.bind(null, [{}]), /must provide a 'path' option/, 'throws if no path option')
 
-test('handler ignores invalid urls', function (t) {
-  var options = { path: '/some/url', secret: 'bogus' }
-    , h       = handler(options)
+  t.throws(handler.bind(null, [{ path: '/' }]), /must provide a 'secret' option/, 'throws if no secret option')
+})
+
+test('handler ignores invalid urls', (t) => {
+  const options = { path: '/some/url', secret: 'bogus' }
+  const h = handler(options)
 
   t.plan(6)
 
-  h(mkReq('/'), mkRes(), function (err) {
+  h(mkReq('/'), mkRes(), (err) => {
     t.error(err)
     t.ok(true, 'request was ignored')
   })
 
   // near match
-  h(mkReq('/some/url/'), mkRes(), function (err) {
+  h(mkReq('/some/url/'), mkRes(), (err) => {
     t.error(err)
     t.ok(true, 'request was ignored')
   })
 
   // partial match
-  h(mkReq('/some'), mkRes(), function (err) {
+  h(mkReq('/some'), mkRes(), (err) => {
     t.error(err)
     t.ok(true, 'request was ignored')
   })
 })
 
-test('handler ingores non-POST requests', function (t) {
-  var options = { path: '/some/url', secret: 'bogus' }
-    , h       = handler(options)
+test('handler ingores non-POST requests', (t) => {
+  const options = { path: '/some/url', secret: 'bogus' }
+  const h = handler(options)
 
   t.plan(4)
 
-  h(mkReq('/some/url', 'GET'), mkRes(), function (err) {
+  h(mkReq('/some/url', 'GET'), mkRes(), (err) => {
     t.error(err)
     t.ok(true, 'request was ignored')
   })
 
-  h(mkReq('/some/url?test=param', 'GET'), mkRes(), function (err) {
+  h(mkReq('/some/url?test=param', 'GET'), mkRes(), (err) => {
     t.error(err)
     t.ok(true, 'request was ignored')
   })
 })
 
-test('handler accepts valid urls', function (t) {
-  var options = { path: '/some/url', secret: 'bogus' }
-    , h       = handler(options)
+test('handler accepts valid urls', (t) => {
+  const options = { path: '/some/url', secret: 'bogus' }
+  const h = handler(options)
+
+  t.plan(1)
+
+  h(mkReq('/some/url'), mkRes(), (err) => {
+    t.error(err)
+    t.fail(false, 'should not call')
+  })
+
+  setTimeout(t.ok.bind(t, true, 'done'))
+})
+
+test('handler accepts valid urls in Array', (t) => {
+  const options = [{ path: '/some/url', secret: 'bogus' }, { path: '/someOther/url', secret: 'bogus' }]
+  const h = handler(options)
 
   t.plan(1)
 
-  h(mkReq('/some/url'), mkRes(), function (err) {
+  h(mkReq('/some/url'), mkRes(), (err) => {
     t.error(err)
     t.fail(false, 'should not call')
   })
 
-  h(mkReq('/some/url?test=param'), mkRes(), function (err) {
+  h(mkReq('/someOther/url'), mkRes(), (err) => {
     t.error(err)
     t.fail(false, 'should not call')
   })
@@ -113,77 +129,75 @@ test('handler accepts valid urls', function (t) {
   setTimeout(t.ok.bind(t, true, 'done'))
 })
 
-
-test('handler can reject events', function (t) {
-  var acceptableEvents   = {
-          'undefined'                     : undefined
-        , 'a string equal to the event'   : 'bogus'
-        , 'a string equal to *'           : '*'
-        , 'an array containing the event' : ['bogus']
-        , 'an array containing *'         : ['not-bogus', '*']
-      }
-    , unacceptableEvents = {
-          'a string not equal to the event or *'   : 'not-bogus'
-        , 'an array not containing the event or *' : ['not-bogus']
-      }
-    , acceptable         = Object.keys(acceptableEvents)
-    , unacceptable       = Object.keys(unacceptableEvents)
-    , acceptableTests    = acceptable.map(function (events) {
-        return acceptableReq.bind(null, events)
-      })
-    , unacceptableTests  = unacceptable.map(function (events) {
-        return unacceptableReq.bind(null, events)
-      })
+test('handler can reject events', (t) => {
+  const acceptableEvents = {
+    undefined: undefined,
+    'a string equal to the event': 'bogus',
+    'a string equal to *': '*',
+    'an array containing the event': ['bogus'],
+    'an array containing *': ['not-bogus', '*']
+  }
+  const unacceptableEvents = {
+    'a string not equal to the event or *': 'not-bogus',
+    'an array not containing the event or *': ['not-bogus']
+  }
+  const acceptable = Object.keys(acceptableEvents)
+  const unacceptable = Object.keys(unacceptableEvents)
+  const acceptableTests = acceptable.map((events) => {
+    return acceptableReq.bind(null, events)
+  })
+  const unacceptableTests = unacceptable.map((events) => {
+    return unacceptableReq.bind(null, events)
+  })
 
   t.plan(acceptable.length + unacceptable.length)
   series(acceptableTests.concat(unacceptableTests))
 
   function acceptableReq (events, callback) {
-    var h = handler({
-        path    : '/some/url'
-      , secret  : 'bogus'
-      , events  : acceptableEvents[events]
+    const h = handler({
+      path: '/some/url',
+      secret: 'bogus',
+      events: acceptableEvents[events]
     })
 
-    h(mkReq('/some/url'), mkRes(), function (err) {
+    h(mkReq('/some/url'), mkRes(), (err) => {
       t.error(err)
       t.fail(false, 'should not call')
     })
 
-    setTimeout(function () {
+    setTimeout(() => {
       t.ok(true, 'accepted because options.events was ' + events)
       callback()
     })
   }
 
   function unacceptableReq (events, callback) {
-    var h = handler({
-        path    : '/some/url'
-      , secret  : 'bogus'
-      , events  : unacceptableEvents[events]
+    const h = handler({
+      path: '/some/url',
+      secret: 'bogus',
+      events: unacceptableEvents[events]
     })
 
-    h.on('error', function () {})
+    h.on('error', () => {})
 
-    h(mkReq('/some/url'), mkRes(), function (err) {
+    h(mkReq('/some/url'), mkRes(), (err) => {
       t.ok(err, 'rejected because options.events was ' + events)
       callback()
     })
   }
 })
 
-
 // because we don't inherit in a traditional way
-test('handler is an EventEmitter', function (t) {
+test('handler is an EventEmitter', (t) => {
   t.plan(5)
 
-  var h = handler({ path: '/', secret: 'bogus' })
+  const h = handler({ path: '/', secret: 'bogus' })
 
   t.equal(typeof h.on, 'function', 'has h.on()')
   t.equal(typeof h.emit, 'function', 'has h.emit()')
   t.equal(typeof h.removeListener, 'function', 'has h.removeListener()')
 
-  h.on('ping', function (pong) {
+  h.on('ping', (pong) => {
     t.equal(pong, 'pong', 'got event')
   })
 
@@ -192,85 +206,110 @@ test('handler is an EventEmitter', function (t) {
   t.throws(h.emit.bind(h, 'error', new Error('threw an error')), /threw an error/, 'acts like an EE')
 })
 
-
-test('handler accepts a signed blob', function (t) {
+test('handler accepts a signed blob', (t) => {
   t.plan(4)
 
-  var obj  = { some: 'github', object: 'with', properties: true }
-    , json = JSON.stringify(obj)
-    , h    = handler({ path: '/', secret: 'bogus' })
-    , req  = mkReq('/')
-    , res  = mkRes()
+  const obj = { some: 'github', object: 'with', properties: true }
+  const json = JSON.stringify(obj)
+  const h = handler({ path: '/', secret: 'bogus' })
+  const req = mkReq('/')
+  const res = mkRes()
 
   req.headers['x-hub-signature'] = signBlob('bogus', json)
-  req.headers['x-github-event']  = 'push'
+  req.headers['x-github-event'] = 'push'
 
-  h.on('push', function (event) {
-    t.deepEqual(event, { event: 'push', id: 'bogus', payload: obj, url: '/', host: undefined, protocol: undefined })
+  h.on('push', (event) => {
+    t.deepEqual(event, { event: 'push', id: 'bogus', payload: obj, url: '/', host: undefined, protocol: undefined, path: '/' })
     t.equal(res.$statusCode, 200, 'correct status code')
     t.deepEqual(res.$headers, { 'content-type': 'application/json' })
     t.equal(res.$end, '{"ok":true}', 'got correct content')
   })
 
-  h(req, res, function (err) {
+  h(req, res, (err) => {
     t.error(err)
     t.fail(true, 'should not get here!')
   })
 
-  process.nextTick(function () {
+  process.nextTick(() => {
     req.end(json)
   })
 })
 
+test('handler accepts multi blob in Array', (t) => {
+  t.plan(4)
+
+  const obj = { some: 'github', object: 'with', properties: true }
+  const json = JSON.stringify(obj)
+  const h = handler([{ path: '/', secret: 'bogus' }, { path: '/some/url', secret: 'bogus' }])
+  const req = mkReq('/some/url')
+  const res = mkRes()
+  req.headers['x-hub-signature'] = signBlob('bogus', json)
+  req.headers['x-github-event'] = 'push'
+
+  h.on('push', (event) => {
+    t.deepEqual(event, { event: 'push', id: 'bogus', payload: obj, url: '/some/url', host: undefined, protocol: undefined, path: '/some/url' })
+    t.equal(res.$statusCode, 200, 'correct status code')
+    t.deepEqual(res.$headers, { 'content-type': 'application/json' })
+    t.equal(res.$end, '{"ok":true}', 'got correct content')
+  })
+
+  h(req, res, (err) => {
+    t.error(err)
+    t.fail(true, 'should not get here!')
+  })
 
-test('handler accepts a signed blob with alt event', function (t) {
+  process.nextTick(() => {
+    req.end(json)
+  })
+})
+
+test('handler accepts a signed blob with alt event', (t) => {
   t.plan(4)
 
-  var obj  = { some: 'github', object: 'with', properties: true }
-    , json = JSON.stringify(obj)
-    , h    = handler({ path: '/', secret: 'bogus' })
-    , req  = mkReq('/')
-    , res  = mkRes()
+  const obj = { some: 'github', object: 'with', properties: true }
+  const json = JSON.stringify(obj)
+  const h = handler({ path: '/', secret: 'bogus' })
+  const req = mkReq('/')
+  const res = mkRes()
 
   req.headers['x-hub-signature'] = signBlob('bogus', json)
-  req.headers['x-github-event']  = 'issue'
+  req.headers['x-github-event'] = 'issue'
 
-  h.on('push', function (event) {
+  h.on('push', (event) => {
     t.fail(true, 'should not get here!')
   })
 
-  h.on('issue', function (event) {
-    t.deepEqual(event, { event: 'issue', id: 'bogus', payload: obj, url: '/', host: undefined, protocol: undefined })
+  h.on('issue', (event) => {
+    t.deepEqual(event, { event: 'issue', id: 'bogus', payload: obj, url: '/', host: undefined, protocol: undefined, path: '/' })
     t.equal(res.$statusCode, 200, 'correct status code')
     t.deepEqual(res.$headers, { 'content-type': 'application/json' })
     t.equal(res.$end, '{"ok":true}', 'got correct content')
   })
 
-  h(req, res, function (err) {
+  h(req, res, (err) => {
     t.error(err)
     t.fail(true, 'should not get here!')
   })
 
-  process.nextTick(function () {
+  process.nextTick(() => {
     req.end(json)
   })
 })
 
-
-test('handler rejects a badly signed blob', function (t) {
+test('handler rejects a badly signed blob', (t) => {
   t.plan(6)
 
-  var obj  = { some: 'github', object: 'with', properties: true }
-    , json = JSON.stringify(obj)
-    , h    = handler({ path: '/', secret: 'bogus' })
-    , req  = mkReq('/')
-    , res  = mkRes()
+  const obj = { some: 'github', object: 'with', properties: true }
+  const json = JSON.stringify(obj)
+  const h = handler({ path: '/', secret: 'bogus' })
+  const req = mkReq('/')
+  const res = mkRes()
 
   req.headers['x-hub-signature'] = signBlob('bogus', json)
   // break signage by a tiny bit
   req.headers['x-hub-signature'] = '0' + req.headers['x-hub-signature'].substring(1)
 
-  h.on('error', function (err, _req) {
+  h.on('error', (err, _req) => {
     t.ok(err, 'got an error')
     t.strictEqual(_req, req, 'was given original request object')
     t.equal(res.$statusCode, 400, 'correct status code')
@@ -278,56 +317,54 @@ test('handler rejects a badly signed blob', function (t) {
     t.equal(res.$end, '{"error":"X-Hub-Signature does not match blob signature"}', 'got correct content')
   })
 
-  h.on('push', function (event) {
+  h.on('push', (event) => {
     t.fail(true, 'should not get here!')
   })
 
-  h(req, res, function (err) {
+  h(req, res, (err) => {
     t.ok(err, 'got error on callback')
   })
 
-  process.nextTick(function () {
+  process.nextTick(() => {
     req.end(json)
   })
 })
 
-test('handler responds on a bl error', function (t) {
+test('handler responds on a bl error', (t) => {
   t.plan(4)
 
-  var obj  = { some: 'github', object: 'with', properties: true }
-    , json = JSON.stringify(obj)
-    , h    = handler({ path: '/', secret: 'bogus' })
-    , req  = mkReq('/')
-    , res  = mkRes()
+  const obj = { some: 'github', object: 'with', properties: true }
+  const json = JSON.stringify(obj)
+  const h = handler({ path: '/', secret: 'bogus' })
+  const req = mkReq('/')
+  const res = mkRes()
 
   req.headers['x-hub-signature'] = signBlob('bogus', json)
-  req.headers['x-github-event']  = 'issue'
+  req.headers['x-github-event'] = 'issue'
 
-  h.on('push', function (event) {
+  h.on('push', (event) => {
     t.fail(true, 'should not get here!')
   })
 
-  h.on('issue', function (event) {
+  h.on('issue', (event) => {
     t.fail(true, 'should never get here!')
   })
 
-  h.on('error', function(err) {
+  h.on('error', (err) => {
     t.ok(err, 'got an error')
     t.equal(res.$statusCode, 400, 'correct status code')
-  });
+  })
 
-  h(req, res, function (err) {
+  h(req, res, (err) => {
     t.ok(err)
   })
 
-  var end = res.end
-  res.end = function () {
+  res.end = () => {
     t.equal(res.$statusCode, 400, 'correct status code')
   }
 
   req.write('{')
-  process.nextTick(function() {
+  process.nextTick(() => {
     req.emit('error', new Error('simulated explosion'))
-  });
-
+  })
 })

package/.jshintrc

@@ -1,59 +0,0 @@
-{
-    "predef": [ ]
-  , "bitwise": false
-  , "camelcase": false
-  , "curly": false
-  , "eqeqeq": false
-  , "forin": false
-  , "immed": false
-  , "latedef": false
-  , "noarg": true
-  , "noempty": true
-  , "nonew": true
-  , "plusplus": false
-  , "quotmark": true
-  , "regexp": false
-  , "undef": true
-  , "unused": true
-  , "strict": false
-  , "trailing": true
-  , "maxlen": 120
-  , "asi": true
-  , "boss": true
-  , "debug": true
-  , "eqnull": true
-  , "esnext": true
-  , "evil": true
-  , "expr": true
-  , "funcscope": false
-  , "globalstrict": false
-  , "iterator": false
-  , "lastsemic": true
-  , "laxbreak": true
-  , "laxcomma": true
-  , "loopfunc": true
-  , "multistr": false
-  , "onecase": false
-  , "proto": false
-  , "regexdash": false
-  , "scripturl": true
-  , "smarttabs": false
-  , "shadow": false
-  , "sub": true
-  , "supernew": false
-  , "validthis": true
-  , "browser": true
-  , "couch": false
-  , "devel": false
-  , "dojo": false
-  , "mootools": false
-  , "node": true
-  , "nonstandard": true
-  , "prototypejs": false
-  , "rhino": false
-  , "worker": true
-  , "wsh": false
-  , "nomen": false
-  , "onevar": false
-  , "passfail": false
-}