hibp 0.0.0-dev.9896b89a → 0.0.0-dev.debac06f

package/dist/esm/{pasteAccount.mjs → paste-account.js}

@@ -1,4 +1,4 @@
-import { fetchFromApi } from './api/haveibeenpwned/fetchFromApi.mjs';
+import { fetchFromApi } from './api/haveibeenpwned/fetch-from-api.js';
 
 /**
  * An object representing a paste.
@@ -13,18 +13,16 @@ import { fetchFromApi } from './api/haveibeenpwned/fetchFromApi.mjs';
 /**
  * Fetches paste data for a specific account (email address).
  *
- * ***Warning (July 18, 2019):***
- *
- * `haveibeenpwned.com` now requires an API key from
+ * 🔑 `haveibeenpwned.com` requires an API key from
  * https://haveibeenpwned.com/API/Key for the `pasteaccount` endpoint. The
  * `apiKey` option here is not explicitly required, but direct requests made
- * without it (that is, without specifying a `baseUrl` to a proxy that inserts a
- * valid API key on your behalf) will fail.
+ * without it will fail (unless you specify a `baseUrl` to a proxy that inserts
+ * a valid API key on your behalf).
  *
  * @param {string} email the email address to query
  * @param {object} [options] a configuration object
  * @param {string} [options.apiKey] an API key from
- * https://haveibeenpwned.com/API/Key
+ * https://haveibeenpwned.com/API/Key (default: undefined)
  * @param {string} [options.baseUrl] a custom base URL for the
  * haveibeenpwned.com API endpoints (default:
  * `https://haveibeenpwned.com/api/v3`)
@@ -34,24 +32,32 @@ import { fetchFromApi } from './api/haveibeenpwned/fetchFromApi.mjs';
  * array of paste objects (or null if no pastes were found), or rejects with an
  * Error
  * @example
- * pasteAccount('foo@bar.com', { apiKey: 'my-api-key' })
- *   .then(data => {
- *     if (data) {
- *       // ...
- *     } else {
- *       // ...
- *     }
- *   })
- *   .catch(err => {
+ * try {
+ *   const data = await pasteAccount("foo@bar.com", { apiKey: "my-api-key" });
+ *   if (data) {
+ *     // ...
+ *   } else {
  *     // ...
+ *   }
+ * } catch (err) {
+ *   // ...
+ * }
+ * @example
+ * try {
+ *   const data = await pasteAccount("foo@bar.com", {
+ *     baseUrl: "https://my-hibp-proxy:8080",
  *   });
+ *   if (data) {
+ *     // ...
+ *   } else {
+ *     // ...
+ *   }
+ * } catch (err) {
+ *   // ...
+ * }
  */
 function pasteAccount(email, options = {}) {
-  return fetchFromApi(`/pasteaccount/${encodeURIComponent(email)}`, {
-    apiKey: options.apiKey,
-    baseUrl: options.baseUrl,
-    userAgent: options.userAgent
-  });
+  return fetchFromApi(`/pasteaccount/${encodeURIComponent(email)}`, options);
 }
 export { pasteAccount };
-//# sourceMappingURL=pasteAccount.mjs.map
+//# sourceMappingURL=paste-account.js.map

package/dist/esm/paste-account.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"paste-account.js","sources":["../../src/paste-account.ts"],"sourcesContent":["import type { Paste } from './api/haveibeenpwned/types.js';\nimport { fetchFromApi } from './api/haveibeenpwned/fetch-from-api.js';\n\n/**\n * An object representing a paste.\n *\n * @typedef {object} Paste\n * @property {string} Id\n * @property {string} Source\n * @property {string} Title\n * @property {string} Date\n * @property {number} EmailCount\n */\n\n/**\n * Fetches paste data for a specific account (email address).\n *\n * 🔑 `haveibeenpwned.com` requires an API key from\n * https://haveibeenpwned.com/API/Key for the `pasteaccount` endpoint. The\n * `apiKey` option here is not explicitly required, but direct requests made\n * without it will fail (unless you specify a `baseUrl` to a proxy that inserts\n * a valid API key on your behalf).\n *\n * @param {string} email the email address to query\n * @param {object} [options] a configuration object\n * @param {string} [options.apiKey] an API key from\n * https://haveibeenpwned.com/API/Key (default: undefined)\n * @param {string} [options.baseUrl] a custom base URL for the\n * haveibeenpwned.com API endpoints (default:\n * `https://haveibeenpwned.com/api/v3`)\n * @param {string} [options.userAgent] a custom string to send as the User-Agent\n * field in the request headers (default: `hibp <version>`)\n * @returns {(Promise<Paste[]> | Promise<null>)} a Promise which resolves to an\n * array of paste objects (or null if no pastes were found), or rejects with an\n * Error\n * @example\n * try {\n *   const data = await pasteAccount(\"foo@bar.com\", { apiKey: \"my-api-key\" });\n *   if (data) {\n *     // ...\n *   } else {\n *     // ...\n *   }\n * } catch (err) {\n *   // ...\n * }\n * @example\n * try {\n *   const data = await pasteAccount(\"foo@bar.com\", {\n *     baseUrl: \"https://my-hibp-proxy:8080\",\n *   });\n *   if (data) {\n *     // ...\n *   } else {\n *     // ...\n *   }\n * } catch (err) {\n *   // ...\n * }\n */\nexport function pasteAccount(\n  email: string,\n  options: {\n    /**\n     * an API key from https://haveibeenpwned.com/API/Key (default: undefined)\n     */\n    apiKey?: string;\n    /**\n     * a custom base URL for the haveibeenpwned.com API endpoints (default:\n     * `https://haveibeenpwned.com/api/v3`)\n     */\n    baseUrl?: string;\n    /**\n     * a custom string to send as the User-Agent field in the request headers\n     * (default: `hibp <version>`)\n     */\n    userAgent?: string;\n  } = {},\n): Promise<Paste[] | null> {\n  return fetchFromApi(\n    `/pasteaccount/${encodeURIComponent(email)}`,\n    options,\n  ) as Promise<Paste[] | null>;\n}\n"],"names":["pasteAccount","email","options","fetchFromApi","encodeURIComponent"],"mappings":";;AAGA;;;;;;;;;AASG;AAEH;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AA6CG;SACaA,YAAYA,CAC1BC,KAAa,EACbC,UAeI,EAAE,EAAA;EAEN,OAAOC,YAAY,CACjB,iBAAiBC,kBAAkB,CAACH,KAAK,CAAG,EAAA,EAC5CC,OAAO,CACmB;AAC9B;"}

package/dist/esm/{pwnedPasswordRange.mjs → pwned-password-range.js}

@@ -1,4 +1,4 @@
-import { fetchFromApi } from './api/pwnedpasswords/fetchFromApi.mjs';
+import { fetchFromApi } from './api/pwnedpasswords/fetch-from-api.js';
 
 /**
  * An object mapping an exposed password hash suffix (corresponding to a given
@@ -7,7 +7,8 @@ import { fetchFromApi } from './api/pwnedpasswords/fetchFromApi.mjs';
  * @typedef {Object.<string, number>} PwnedPasswordSuffixes
  */
 /**
- * Fetches the SHA-1 hash suffixes for the given 5-character SHA-1 hash prefix.
+ * Fetches the SHA-1 or NTLM hash suffixes for the given 5-character hash
+ * prefix.
  *
  * When a password hash with the same first 5 characters is found in the Pwned
  * Passwords repository, the API will respond with an HTTP 200 and include the
@@ -15,9 +16,13 @@ import { fetchFromApi } from './api/pwnedpasswords/fetchFromApi.mjs';
  * of how many times it appears in the data set. This function parses the
  * response and returns a more structured format.
  *
- * @param {string} prefix the first 5 characters of a SHA-1 password hash (case
+ * @param {string} prefix the first 5 characters of a password hash (case
  * insensitive)
  * @param {object} [options] a configuration object
+ * @param {boolean} [options.addPadding] ask the remote API to add padding to
+ * the response to obscure the password prefix (default: `false`)
+ * @param {'sha1' | 'ntlm'} [options.mode] return SHA-1 or NTLM hashes
+ * (default: `sha1`)
  * @param {string} [options.baseUrl] a custom base URL for the
  * pwnedpasswords.com API endpoints (default: `https://api.pwnedpasswords.com`)
  * @param {string} [options.userAgent] a custom string to send as the User-Agent
@@ -28,34 +33,48 @@ import { fetchFromApi } from './api/pwnedpasswords/fetchFromApi.mjs';
  * password data set, or rejects with an Error
  *
  * @example
- * pwnedPasswordRange('5BAA6')
- *   .then(results => {
- *     // results will have the following shape:
- *     // {
- *     //   "003D68EB55068C33ACE09247EE4C639306B": 3,
- *     //   "012C192B2F16F82EA0EB9EF18D9D539B0DD": 1,
- *     //   ...
- *     // }
- *   })
+ * try {
+ *   const results = await pwnedPasswordRange("5BAA6");
+ *   // results will have the following shape:
+ *   // {
+ *   //   "003D68EB55068C33ACE09247EE4C639306B": 3,
+ *   //   "012C192B2F16F82EA0EB9EF18D9D539B0DD": 1,
+ *   //   ...
+ *   // }
+ * } catch (err) {
+ *   // ...
+ * }
  * @example
- * const suffix = '1E4C9B93F3F0682250B6CF8331B7EE68FD8';
- * pwnedPasswordRange('5BAA6')
- *   .then(results => (results[suffix] || 0))
- *   .catch(err => {
- *     // ...
- *   });
+ * try {
+ *   const suffix = "1E4C9B93F3F0682250B6CF8331B7EE68FD8";
+ *   const results = await pwnedPasswordRange("5BAA6");
+ *   const numPwns = results[suffix] || 0;
+ * } catch (err) {
+ *   // ...
+ * }
  * @see https://haveibeenpwned.com/api/v3#SearchingPwnedPasswordsByRange
  */
-function pwnedPasswordRange(prefix, options = {}) {
-  return fetchFromApi(`/range/${encodeURIComponent(prefix)}`, options)
+async function pwnedPasswordRange(prefix, options = {}) {
+  const {
+    baseUrl,
+    userAgent,
+    addPadding = false,
+    mode = 'sha1'
+  } = options;
+  const data = await fetchFromApi(`/range/${encodeURIComponent(prefix)}`, {
+    baseUrl,
+    userAgent,
+    addPadding,
+    mode
+  });
   // create array from lines of text in response body
-  .then(data => data.split('\n').filter(Boolean))
+  const results = data.split('\n').filter(Boolean);
   // convert into an object mapping suffix to count for each line
-  .then(results => results.reduce((acc, row) => {
+  return results.reduce((acc, row) => {
     const [suffix, countString] = row.split(':');
-    acc[suffix] = parseInt(countString, 10);
+    acc[suffix] = Number.parseInt(countString, 10);
     return acc;
-  }, {}));
+  }, {});
 }
 export { pwnedPasswordRange };
-//# sourceMappingURL=pwnedPasswordRange.mjs.map
+//# sourceMappingURL=pwned-password-range.js.map

package/dist/esm/pwned-password-range.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"pwned-password-range.js","sources":["../../src/pwned-password-range.ts"],"sourcesContent":["import { fetchFromApi } from './api/pwnedpasswords/fetch-from-api.js';\n\nexport type PwnedPasswordSuffixes = Record<string, number>;\n\n/**\n * An object mapping an exposed password hash suffix (corresponding to a given\n * hash prefix) to how many times it occurred in the Pwned Passwords repository.\n *\n * @typedef {Object.<string, number>} PwnedPasswordSuffixes\n */\n\n/**\n * Fetches the SHA-1 or NTLM hash suffixes for the given 5-character hash\n * prefix.\n *\n * When a password hash with the same first 5 characters is found in the Pwned\n * Passwords repository, the API will respond with an HTTP 200 and include the\n * suffix of every hash beginning with the specified prefix, followed by a count\n * of how many times it appears in the data set. This function parses the\n * response and returns a more structured format.\n *\n * @param {string} prefix the first 5 characters of a password hash (case\n * insensitive)\n * @param {object} [options] a configuration object\n * @param {boolean} [options.addPadding] ask the remote API to add padding to\n * the response to obscure the password prefix (default: `false`)\n * @param {'sha1' | 'ntlm'} [options.mode] return SHA-1 or NTLM hashes\n * (default: `sha1`)\n * @param {string} [options.baseUrl] a custom base URL for the\n * pwnedpasswords.com API endpoints (default: `https://api.pwnedpasswords.com`)\n * @param {string} [options.userAgent] a custom string to send as the User-Agent\n * field in the request headers (default: `hibp <version>`)\n * @returns {Promise<PwnedPasswordSuffixes>} a Promise which resolves to an\n * object mapping the `suffix` that when matched with the prefix composes the\n * complete hash, to the `count` of how many times it appears in the breached\n * password data set, or rejects with an Error\n *\n * @example\n * try {\n *   const results = await pwnedPasswordRange(\"5BAA6\");\n *   // results will have the following shape:\n *   // {\n *   //   \"003D68EB55068C33ACE09247EE4C639306B\": 3,\n *   //   \"012C192B2F16F82EA0EB9EF18D9D539B0DD\": 1,\n *   //   ...\n *   // }\n * } catch (err) {\n *   // ...\n * }\n * @example\n * try {\n *   const suffix = \"1E4C9B93F3F0682250B6CF8331B7EE68FD8\";\n *   const results = await pwnedPasswordRange(\"5BAA6\");\n *   const numPwns = results[suffix] || 0;\n * } catch (err) {\n *   // ...\n * }\n * @see https://haveibeenpwned.com/api/v3#SearchingPwnedPasswordsByRange\n */\nexport async function pwnedPasswordRange(\n  prefix: string,\n  options: {\n    /**\n     * ask the remote API to add padding to the response to obscure the password\n     * prefix (default: `false`)\n     */\n    addPadding?: boolean;\n    /**\n     * return SHA-1 or NTLM hashes (default: `sha1`)\n     */\n    mode?: 'sha1' | 'ntlm';\n    /**\n     * a custom base URL for the haveibeenpwned.com API endpoints (default:\n     * `https://haveibeenpwned.com/api/v3`)\n     */\n    baseUrl?: string;\n    /**\n     * a custom string to send as the User-Agent field in the request headers\n     * (default: `hibp <version>`)\n     */\n    userAgent?: string;\n  } = {},\n): Promise<PwnedPasswordSuffixes> {\n  const { baseUrl, userAgent, addPadding = false, mode = 'sha1' } = options;\n\n  const data = await fetchFromApi(`/range/${encodeURIComponent(prefix)}`, {\n    baseUrl,\n    userAgent,\n    addPadding,\n    mode,\n  });\n\n  // create array from lines of text in response body\n  const results = data.split('\\n').filter(Boolean);\n\n  // convert into an object mapping suffix to count for each line\n  return results.reduce<PwnedPasswordSuffixes>((acc, row) => {\n    const [suffix, countString] = row.split(':');\n    acc[suffix] = Number.parseInt(countString, 10);\n    return acc;\n  }, {});\n}\n"],"names":["pwnedPasswordRange","prefix","options","baseUrl","userAgent","addPadding","mode","data","fetchFromApi","encodeURIComponent","results","split","filter","Boolean","reduce","acc","row","suffix","countString","Number","parseInt"],"mappings":";;AAIA;;;;;AAKG;AAEH;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AA+CG;AACI,eAAeA,kBAAkBA,CACtCC,MAAc,EACdC,UAoBI,EAAE,EAAA;EAEN,MAAM;IAAEC,OAAO;IAAEC,SAAS;IAAEC,UAAU,GAAG,KAAK;IAAEC,IAAI,GAAG;EAAQ,CAAA,GAAGJ,OAAO;EAEzE,MAAMK,IAAI,GAAG,MAAMC,YAAY,CAAW,UAAAC,kBAAkB,CAACR,MAAM,CAAC,EAAE,EAAE;IACtEE,OAAO;IACPC,SAAS;IACTC,UAAU;IACVC;EACD,CAAA,CAAC;;EAGF,MAAMI,OAAO,GAAGH,IAAI,CAACI,KAAK,CAAC,IAAI,CAAC,CAACC,MAAM,CAACC,OAAO,CAAC;;EAGhD,OAAOH,OAAO,CAACI,MAAM,CAAwB,CAACC,GAAG,EAAEC,GAAG,KAAI;IACxD,MAAM,CAACC,MAAM,EAAEC,WAAW,CAAC,GAAGF,GAAG,CAACL,KAAK,CAAC,GAAG,CAAC;IAC5CI,GAAG,CAACE,MAAM,CAAC,GAAGE,MAAM,CAACC,QAAQ,CAACF,WAAW,EAAE,EAAE,CAAC;IAC9C,OAAOH,GAAG;EACX,CAAA,EAAE,CAAE,CAAA,CAAC;AACR;"}

package/dist/esm/{pwnedPassword.mjs → pwned-password.js}

@@ -1,5 +1,5 @@
 import JSSHA from 'jssha/dist/sha1';
-import { pwnedPasswordRange } from './pwnedPasswordRange.mjs';
+import { pwnedPasswordRange } from './pwned-password-range.js';
 
 /**
  * Fetches the number of times the the given password has been exposed in a
@@ -8,6 +8,8 @@ import { pwnedPasswordRange } from './pwnedPasswordRange.mjs';
  *
  * @param {string} password a password in plain text
  * @param {object} [options] a configuration object
+ * @param {boolean} [options.addPadding] ask the remote API to add padding to
+ * the response to obscure the password prefix (default: `false`)
  * @param {string} [options.baseUrl] a custom base URL for the
  * pwnedpasswords.com API endpoints (default: `https://api.pwnedpasswords.com`)
  * @param {string} [options.userAgent] a custom string to send as the User-Agent
@@ -15,21 +17,22 @@ import { pwnedPasswordRange } from './pwnedPasswordRange.mjs';
  * @returns {Promise<number>} a Promise which resolves to the number of times
  * the password has been exposed in a breach, or rejects with an Error
  * @example
- * pwnedPassword('f00b4r')
- *   .then(numPwns => {
- *     // truthy check or numeric condition
- *     if (numPwns) {
- *       // ...
- *     } else {
- *       // ...
- *     }
- *   })
- *   .catch(err => {
+ * try {
+ *   const numPwns = await pwnedPassword("f00b4r");
+ *   // truthy check or numeric condition
+ *   if (numPwns) {
  *     // ...
- *   });
+ *   } else {
+ *     // ...
+ *   }
+ * } catch (err) {
+ *   // ...
+ * }
  * @see https://haveibeenpwned.com/api/v3#PwnedPasswords
  */
-function pwnedPassword(password, options = {}) {
+async function pwnedPassword(password, options = {}) {
+  /* eslint-disable */
+  // @ts-expect-error: JSSHA types are busted
   const sha1 = new JSSHA('SHA-1', 'TEXT');
   sha1.update(password);
   const hash = sha1.getHash('HEX', {
@@ -37,7 +40,9 @@ function pwnedPassword(password, options = {}) {
   });
   const prefix = hash.slice(0, 5);
   const suffix = hash.slice(5);
-  return pwnedPasswordRange(prefix, options).then(range => range[suffix] || 0);
+  const range = await pwnedPasswordRange(prefix, options);
+  return range[suffix] || 0;
+  /* eslint-enable */
 }
 export { pwnedPassword };
-//# sourceMappingURL=pwnedPassword.mjs.map
+//# sourceMappingURL=pwned-password.js.map

package/dist/esm/pwned-password.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"pwned-password.js","sources":["../../src/pwned-password.ts"],"sourcesContent":["import JSSHA from 'jssha/dist/sha1';\nimport { pwnedPasswordRange } from './pwned-password-range.js';\n\n/**\n * Fetches the number of times the the given password has been exposed in a\n * breach (0 indicating no exposure). The password is given in plain text, but\n * only the first 5 characters of its SHA-1 hash will be submitted to the API.\n *\n * @param {string} password a password in plain text\n * @param {object} [options] a configuration object\n * @param {boolean} [options.addPadding] ask the remote API to add padding to\n * the response to obscure the password prefix (default: `false`)\n * @param {string} [options.baseUrl] a custom base URL for the\n * pwnedpasswords.com API endpoints (default: `https://api.pwnedpasswords.com`)\n * @param {string} [options.userAgent] a custom string to send as the User-Agent\n * field in the request headers (default: `hibp <version>`)\n * @returns {Promise<number>} a Promise which resolves to the number of times\n * the password has been exposed in a breach, or rejects with an Error\n * @example\n * try {\n *   const numPwns = await pwnedPassword(\"f00b4r\");\n *   // truthy check or numeric condition\n *   if (numPwns) {\n *     // ...\n *   } else {\n *     // ...\n *   }\n * } catch (err) {\n *   // ...\n * }\n * @see https://haveibeenpwned.com/api/v3#PwnedPasswords\n */\nexport async function pwnedPassword(\n  password: string,\n  options: {\n    /**\n     * ask the remote API to add padding to the response to obscure the password\n     * prefix (default: `false`)\n     */\n    addPadding?: boolean;\n    /**\n     * a custom base URL for the haveibeenpwned.com API endpoints (default:\n     * `https://haveibeenpwned.com/api/v3`)\n     */\n    baseUrl?: string;\n    /**\n     * a custom string to send as the User-Agent field in the request headers\n     * (default: `hibp <version>`)\n     */\n    userAgent?: string;\n  } = {},\n): Promise<number> {\n  /* eslint-disable */\n  // @ts-expect-error: JSSHA types are busted\n  const sha1 = new JSSHA('SHA-1', 'TEXT');\n  sha1.update(password);\n  const hash = sha1.getHash('HEX', { outputUpper: true });\n  const prefix = hash.slice(0, 5);\n  const suffix = hash.slice(5);\n\n  const range = await pwnedPasswordRange(prefix, options);\n  return range[suffix] || 0;\n  /* eslint-enable */\n}\n"],"names":["pwnedPassword","password","options","sha1","JSSHA","update","hash","getHash","outputUpper","prefix","slice","suffix","range","pwnedPasswordRange"],"mappings":";;;AAGA;;;;;;;;;;;;;;;;;;;;;;;;;;;;AA4BG;AACI,eAAeA,aAAaA,CACjCC,QAAgB,EAChBC,UAgBI,EAAE,EAAA;;;EAIN,MAAMC,IAAI,GAAG,IAAIC,KAAK,CAAC,OAAO,EAAE,MAAM,CAAC;EACvCD,IAAI,CAACE,MAAM,CAACJ,QAAQ,CAAC;EACrB,MAAMK,IAAI,GAAGH,IAAI,CAACI,OAAO,CAAC,KAAK,EAAE;IAAEC,WAAW,EAAE;EAAI,CAAE,CAAC;EACvD,MAAMC,MAAM,GAAGH,IAAI,CAACI,KAAK,CAAC,CAAC,EAAE,CAAC,CAAC;EAC/B,MAAMC,MAAM,GAAGL,IAAI,CAACI,KAAK,CAAC,CAAC,CAAC;EAE5B,MAAME,KAAK,GAAG,MAAMC,kBAAkB,CAACJ,MAAM,EAAEP,OAAO,CAAC;EACvD,OAAOU,KAAK,CAACD,MAAM,CAAC,IAAI,CAAC;;AAE3B;"}

package/dist/esm/{search.mjs → search.js}

@@ -1,5 +1,5 @@
-import { breachedAccount } from './breachedAccount.mjs';
-import { pasteAccount } from './pasteAccount.mjs';
+import { breachedAccount } from './breached-account.js';
+import { pasteAccount } from './paste-account.js';
 
 /**
  * An object representing search results.
@@ -17,79 +17,81 @@ import { pasteAccount } from './pasteAccount.mjs';
  * exactly how searching via the current web interface behaves, which this
  * convenience method is designed to mimic.
  *
- * ***Warning (July 18, 2019):***
- *
- * `haveibeenpwned.com` now requires an API key from
+ * 🔑 `haveibeenpwned.com` requires an API key from
  * https://haveibeenpwned.com/API/Key for the `breachedaccount` and
- * `pasteaccount` endpoints. The  `apiKey` option here is not explicitly
- * required, but direct requests made without it (that is, without specifying a
- * `baseUrl` to a proxy that inserts a valid API key on your behalf) will fail.
+ * `pasteaccount` endpoints. The `apiKey` option here is not explicitly
+ * required, but direct requests made without it will fail (unless you specify a
+ * `baseUrl` to a proxy that inserts a valid API key on your behalf).
  *
  * @param {string} account an email address or username
- * @param {object} [breachOptions] a configuration object pertaining to breach
- * queries
- * @param {string} [breachOptions.apiKey] an API key from
- * https://haveibeenpwned.com/API/Key
- * @param {string} [breachOptions.domain] a domain by which to filter the
+ * @param {object} [options] a configuration object
+ * @param {string} [options.apiKey] an API key from
+ * https://haveibeenpwned.com/API/Key (default: undefined)
+ * @param {string} [options.domain] a domain by which to filter the breach
  * results (default: all domains)
- * @param {boolean} [breachOptions.truncate] truncate the results to only
+ * @param {boolean} [options.truncate] truncate the breach results to only
  * include the name of each breach (default: true)
- * @param {string} [breachOptions.baseUrl] a custom base URL for the
+ * @param {string} [options.baseUrl] a custom base URL for the
  * haveibeenpwned.com API endpoints (default:
  * `https://haveibeenpwned.com/api/v3`)
- * @param {string} [breachOptions.userAgent] a custom string to send as the
+ * @param {string} [options.userAgent] a custom string to send as the
  * User-Agent field in the request headers (default: `hibp <version>`)
  * @returns {Promise<SearchResults>} a Promise which resolves to an object
  * containing a "breaches" key (which can be null or an array of breach objects)
  * and a "pastes" key (which can be null or an array of paste objects), or
  * rejects with an Error
  * @example
- * search('foo', { apiKey: 'my-api-key' })
- *   .then(data => {
- *     if (data.breaches || data.pastes) {
- *       // ...
- *     } else {
- *       // ...
- *     }
- *   })
- *   .catch(err => {
+ * try {
+ *   const data = await search("foo", { apiKey: "my-api-key" });
+ *   if (data.breaches || data.pastes) {
  *     // ...
- *   });
- * @example
- * search('nobody@nowhere.com', { apiKey: 'my-api-key', truncate: false })
- *   .then(data => {
- *     if (data.breaches || data.pastes) {
- *       // ...
- *     } else {
- *       // ...
- *     }
- *   })
- *   .catch(err => {
+ *   } else {
  *     // ...
+ *   }
+ * } catch (err) {
+ *   // ...
+ * }
+ * @example
+ * try {
+ *   const data = await search("nobody@nowhere.com", {
+ *     baseUrl: "https://my-hibp-proxy:8080",
+ *     truncate: false,
  *   });
- *
+ *   if (data.breaches || data.pastes) {
+ *     // ...
+ *   } else {
+ *     // ...
+ *   }
+ * } catch (err) {
+ *   // ...
+ * }
  * @see https://haveibeenpwned.com/
  */
-function search(account, breachOptions = {
-  truncate: true
-}) {
+async function search(account, options = {}) {
   const {
     apiKey,
+    domain,
+    truncate = true,
+    baseUrl,
+    userAgent
+  } = options;
+  const [breaches, pastes] = await Promise.all([breachedAccount(account, {
+    apiKey,
+    domain,
+    truncate,
     baseUrl,
     userAgent
-  } = breachOptions;
-  return Promise.all([breachedAccount(account, breachOptions),
+  }),
   // This email regex is garbage but it seems to be what the API uses:
   /^.+@.+$/.test(account) ? pasteAccount(account, {
     apiKey,
     baseUrl,
     userAgent
-  }) : null]).then(
-  // Avoid array destructuring here to prevent need for Babel helpers
-  promises => ({
-    breaches: promises[0],
-    pastes: promises[1]
-  }));
+  }) : null]);
+  return {
+    breaches,
+    pastes
+  };
 }
 export { search };
-//# sourceMappingURL=search.mjs.map
+//# sourceMappingURL=search.js.map

package/dist/esm/search.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"search.js","sources":["../../src/search.ts"],"sourcesContent":["import type { Breach, Paste } from './api/haveibeenpwned/types.js';\nimport { breachedAccount } from './breached-account.js';\nimport { pasteAccount } from './paste-account.js';\n\nexport interface SearchResults {\n  breaches: Breach[] | null;\n  pastes: Paste[] | null;\n}\n\n/**\n * An object representing search results.\n *\n * @typedef {object} SearchResults\n * @property {(Breach[] | null)} breaches\n * @property {(Paste[] | null)} pastes\n */\n\n/**\n * Fetches all breaches and all pastes associated with the provided account\n * (email address or username). Note that the remote API does not support\n * querying pastes by username (only email addresses), so in the event the\n * provided account is not a valid email address, only breach data is queried\n * and the \"pastes\" field of the resulting object will always be null. This is\n * exactly how searching via the current web interface behaves, which this\n * convenience method is designed to mimic.\n *\n * 🔑 `haveibeenpwned.com` requires an API key from\n * https://haveibeenpwned.com/API/Key for the `breachedaccount` and\n * `pasteaccount` endpoints. The `apiKey` option here is not explicitly\n * required, but direct requests made without it will fail (unless you specify a\n * `baseUrl` to a proxy that inserts a valid API key on your behalf).\n *\n * @param {string} account an email address or username\n * @param {object} [options] a configuration object\n * @param {string} [options.apiKey] an API key from\n * https://haveibeenpwned.com/API/Key (default: undefined)\n * @param {string} [options.domain] a domain by which to filter the breach\n * results (default: all domains)\n * @param {boolean} [options.truncate] truncate the breach results to only\n * include the name of each breach (default: true)\n * @param {string} [options.baseUrl] a custom base URL for the\n * haveibeenpwned.com API endpoints (default:\n * `https://haveibeenpwned.com/api/v3`)\n * @param {string} [options.userAgent] a custom string to send as the\n * User-Agent field in the request headers (default: `hibp <version>`)\n * @returns {Promise<SearchResults>} a Promise which resolves to an object\n * containing a \"breaches\" key (which can be null or an array of breach objects)\n * and a \"pastes\" key (which can be null or an array of paste objects), or\n * rejects with an Error\n * @example\n * try {\n *   const data = await search(\"foo\", { apiKey: \"my-api-key\" });\n *   if (data.breaches || data.pastes) {\n *     // ...\n *   } else {\n *     // ...\n *   }\n * } catch (err) {\n *   // ...\n * }\n * @example\n * try {\n *   const data = await search(\"nobody@nowhere.com\", {\n *     baseUrl: \"https://my-hibp-proxy:8080\",\n *     truncate: false,\n *   });\n *   if (data.breaches || data.pastes) {\n *     // ...\n *   } else {\n *     // ...\n *   }\n * } catch (err) {\n *   // ...\n * }\n * @see https://haveibeenpwned.com/\n */\nexport async function search(\n  account: string,\n  options: {\n    /**\n     * an API key from https://haveibeenpwned.com/API/Key (default: undefined)\n     */\n    apiKey?: string;\n    /**\n     * a domain by which to filter the results (default: all domains)\n     */\n    domain?: string;\n    /**\n     * truncate the results to only include the name of each breach (default:\n     * true)\n     */\n    truncate?: boolean;\n    /**\n     * a custom base URL for the haveibeenpwned.com API endpoints (default:\n     * `https://haveibeenpwned.com/api/v3`)\n     */\n    baseUrl?: string;\n    /**\n     * a custom string to send as the User-Agent field in the request headers\n     * (default: `hibp <version>`)\n     */\n    userAgent?: string;\n  } = {},\n): Promise<SearchResults> {\n  const { apiKey, domain, truncate = true, baseUrl, userAgent } = options;\n\n  const [breaches, pastes] = await Promise.all([\n    breachedAccount(account, { apiKey, domain, truncate, baseUrl, userAgent }),\n    // This email regex is garbage but it seems to be what the API uses:\n    /^.+@.+$/.test(account)\n      ? pasteAccount(account, { apiKey, baseUrl, userAgent })\n      : null,\n  ]);\n\n  return { breaches, pastes };\n}\n"],"names":["search","account","options","apiKey","domain","truncate","baseUrl","userAgent","breaches","pastes","Promise","all","breachedAccount","test","pasteAccount"],"mappings":";;;AASA;;;;;;AAMG;AAEH;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AA0DG;AACI,eAAeA,MAAMA,CAC1BC,OAAe,EACfC,UAwBI,EAAE,EAAA;EAEN,MAAM;IAAEC,MAAM;IAAEC,MAAM;IAAEC,QAAQ,GAAG,IAAI;IAAEC,OAAO;IAAEC;EAAW,CAAA,GAAGL,OAAO;EAEvE,MAAM,CAACM,QAAQ,EAAEC,MAAM,CAAC,GAAG,MAAMC,OAAO,CAACC,GAAG,CAAC,CAC3CC,eAAe,CAACX,OAAO,EAAE;IAAEE,MAAM;IAAEC,MAAM;IAAEC,QAAQ;IAAEC,OAAO;IAAEC;GAAW,CAAC;;EAE1E,SAAS,CAACM,IAAI,CAACZ,OAAO,CAAC,GACnBa,YAAY,CAACb,OAAO,EAAE;IAAEE,MAAM;IAAEG,OAAO;IAAEC;EAAS,CAAE,CAAC,GACrD,IAAI,CACT,CAAC;EAEF,OAAO;IAAEC,QAAQ;IAAEC;GAAQ;AAC7B;"}

package/dist/esm/subscription-status.js

@@ -0,0 +1,54 @@
+import { fetchFromApi } from './api/haveibeenpwned/fetch-from-api.js';
+
+/**
+ * An object representing the status of your HIBP subscription.
+ *
+ * @typedef {object} SubscriptionStatus
+ * @property {string} SubscriptionName
+ * @property {string} Description
+ * @property {string} SubscribedUntil
+ * @property {number} Rpm
+ * @property {number} DomainSearchMaxBreachedAccounts
+ */
+/**
+ * Fetches the current status of your HIBP subscription (API key).
+ *
+ * 🔑 `haveibeenpwned.com` requires an API key from
+ * https://haveibeenpwned.com/API/Key for the `subscription/status` endpoint.
+ * The `apiKey` option here is not explicitly required, but direct requests made
+ * without it will fail (unless you specify a `baseUrl` to a proxy that inserts
+ * a valid API key on your behalf).
+ *
+ * @param {object} [options] a configuration object
+ * @param {string} [options.apiKey] an API key from
+ * https://haveibeenpwned.com/API/Key (default: undefined)
+ * @param {string} [options.baseUrl] a custom base URL for the
+ * haveibeenpwned.com API endpoints (default:
+ * `https://haveibeenpwned.com/api/v3`)
+ * @param {string} [options.userAgent] a custom string to send as the User-Agent
+ * field in the request headers (default: `hibp <version>`)
+ * @returns {Promise<SubscriptionStatus>} a Promise which resolves to a
+ * subscription status object, or rejects with an Error
+ * @example
+ * try {
+ *   const data = await subscriptionStatus({ apiKey: "my-api-key" });
+ *   // ...
+ * } catch (err) {
+ *   // ...
+ * }
+ * @example
+ * try {
+ *   const data = await subscriptionStatus({
+ *     baseUrl: "https://my-hibp-proxy:8080",
+ *   });
+ *   // ...
+ * } catch (err) {
+ *   // ...
+ * }
+ */
+async function subscriptionStatus(options = {}) {
+  const endpoint = '/subscription/status';
+  return fetchFromApi(endpoint, options);
+}
+export { subscriptionStatus };
+//# sourceMappingURL=subscription-status.js.map

package/dist/esm/subscription-status.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"subscription-status.js","sources":["../../src/subscription-status.ts"],"sourcesContent":["import type { SubscriptionStatus } from './api/haveibeenpwned/types.js';\nimport { fetchFromApi } from './api/haveibeenpwned/fetch-from-api.js';\n\n/**\n * An object representing the status of your HIBP subscription.\n *\n * @typedef {object} SubscriptionStatus\n * @property {string} SubscriptionName\n * @property {string} Description\n * @property {string} SubscribedUntil\n * @property {number} Rpm\n * @property {number} DomainSearchMaxBreachedAccounts\n */\n\n/**\n * Fetches the current status of your HIBP subscription (API key).\n *\n * 🔑 `haveibeenpwned.com` requires an API key from\n * https://haveibeenpwned.com/API/Key for the `subscription/status` endpoint.\n * The `apiKey` option here is not explicitly required, but direct requests made\n * without it will fail (unless you specify a `baseUrl` to a proxy that inserts\n * a valid API key on your behalf).\n *\n * @param {object} [options] a configuration object\n * @param {string} [options.apiKey] an API key from\n * https://haveibeenpwned.com/API/Key (default: undefined)\n * @param {string} [options.baseUrl] a custom base URL for the\n * haveibeenpwned.com API endpoints (default:\n * `https://haveibeenpwned.com/api/v3`)\n * @param {string} [options.userAgent] a custom string to send as the User-Agent\n * field in the request headers (default: `hibp <version>`)\n * @returns {Promise<SubscriptionStatus>} a Promise which resolves to a\n * subscription status object, or rejects with an Error\n * @example\n * try {\n *   const data = await subscriptionStatus({ apiKey: \"my-api-key\" });\n *   // ...\n * } catch (err) {\n *   // ...\n * }\n * @example\n * try {\n *   const data = await subscriptionStatus({\n *     baseUrl: \"https://my-hibp-proxy:8080\",\n *   });\n *   // ...\n * } catch (err) {\n *   // ...\n * }\n */\nexport async function subscriptionStatus(\n  options: {\n    /**\n     * an API key from https://haveibeenpwned.com/API/Key (default: undefined)\n     */\n    apiKey?: string;\n    /**\n     * a custom base URL for the haveibeenpwned.com API endpoints (default:\n     * `https://haveibeenpwned.com/api/v3`)\n     */\n    baseUrl?: string;\n    /**\n     * a custom string to send as the User-Agent field in the request headers\n     * (default: `hibp <version>`)\n     */\n    userAgent?: string;\n  } = {},\n) {\n  const endpoint = '/subscription/status';\n\n  return fetchFromApi(endpoint, options) as Promise<SubscriptionStatus>;\n}\n"],"names":["subscriptionStatus","options","endpoint","fetchFromApi"],"mappings":";;AAGA;;;;;;;;;AASG;AAEH;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAmCG;AACI,eAAeA,kBAAkBA,CACtCC,UAeI,EAAE,EAAA;EAEN,MAAMC,QAAQ,GAAG,sBAAsB;EAEvC,OAAOC,YAAY,CAACD,QAAQ,EAAED,OAAO,CAAgC;AACvE;"}

package/example/runkit.js

@@ -1,16 +1,15 @@
 const hibp = require('hibp');
 
-hibp
-  .breach('Adobe')
-  .then((data) => {
-    if (data) {
-      // Breach data found
-      console.log(data);
-    } else {
-      console.log('No breach data found by that name.');
-    }
-  })
-  .catch((err) => {
-    // Something went wrong.
-    console.log(err.message);
-  });
+try {
+  const data = await hibp.breach('Adobe');
+
+  if (data) {
+    // Breach data found
+    console.log(data);
+  } else {
+    console.log('No breach data found by that name.');
+  }
+} catch (err) {
+  // Something went wrong.
+  console.log(err.message);
+}