hibp 0.0.0-dev.d74e2ad2 → 0.0.0-dev.eda2c27a

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (60) hide show
  1. package/API.md +9 -0
  2. package/CHANGELOG.md +12 -0
  3. package/README.md +14 -9
  4. package/dist/browser/hibp.module.js +1 -1
  5. package/dist/browser/hibp.module.js.map +1 -1
  6. package/dist/browser/hibp.umd.js +1 -1
  7. package/dist/browser/hibp.umd.js.map +1 -1
  8. package/dist/cjs/api/fetch-polyfill.cjs +5 -1
  9. package/dist/cjs/api/fetch-polyfill.cjs.map +1 -1
  10. package/dist/cjs/api/haveibeenpwned/fetch-from-api.cjs +7 -1
  11. package/dist/cjs/api/haveibeenpwned/fetch-from-api.cjs.map +1 -1
  12. package/dist/cjs/api/pwnedpasswords/fetch-from-api.cjs +15 -8
  13. package/dist/cjs/api/pwnedpasswords/fetch-from-api.cjs.map +1 -1
  14. package/dist/cjs/breach.cjs +2 -0
  15. package/dist/cjs/breach.cjs.map +1 -1
  16. package/dist/cjs/breached-account.cjs +4 -0
  17. package/dist/cjs/breached-account.cjs.map +1 -1
  18. package/dist/cjs/breaches.cjs +4 -0
  19. package/dist/cjs/breaches.cjs.map +1 -1
  20. package/dist/cjs/data-classes.cjs +2 -0
  21. package/dist/cjs/data-classes.cjs.map +1 -1
  22. package/dist/cjs/hibp.d.cts +54 -0
  23. package/dist/cjs/package.json.cjs +1 -1
  24. package/dist/cjs/paste-account.cjs +2 -0
  25. package/dist/cjs/paste-account.cjs.map +1 -1
  26. package/dist/cjs/pwned-password-range.cjs +4 -0
  27. package/dist/cjs/pwned-password-range.cjs.map +1 -1
  28. package/dist/cjs/pwned-password.cjs +2 -0
  29. package/dist/cjs/pwned-password.cjs.map +1 -1
  30. package/dist/cjs/search.cjs +5 -0
  31. package/dist/cjs/search.cjs.map +1 -1
  32. package/dist/cjs/subscription-status.cjs +2 -0
  33. package/dist/cjs/subscription-status.cjs.map +1 -1
  34. package/dist/esm/api/fetch-polyfill.js +5 -1
  35. package/dist/esm/api/fetch-polyfill.js.map +1 -1
  36. package/dist/esm/api/haveibeenpwned/fetch-from-api.js +7 -1
  37. package/dist/esm/api/haveibeenpwned/fetch-from-api.js.map +1 -1
  38. package/dist/esm/api/pwnedpasswords/fetch-from-api.js +15 -8
  39. package/dist/esm/api/pwnedpasswords/fetch-from-api.js.map +1 -1
  40. package/dist/esm/breach.js +2 -0
  41. package/dist/esm/breach.js.map +1 -1
  42. package/dist/esm/breached-account.js +4 -0
  43. package/dist/esm/breached-account.js.map +1 -1
  44. package/dist/esm/breaches.js +4 -0
  45. package/dist/esm/breaches.js.map +1 -1
  46. package/dist/esm/data-classes.js +2 -0
  47. package/dist/esm/data-classes.js.map +1 -1
  48. package/dist/esm/hibp.d.ts +54 -0
  49. package/dist/esm/package.json.js +1 -1
  50. package/dist/esm/paste-account.js +2 -0
  51. package/dist/esm/paste-account.js.map +1 -1
  52. package/dist/esm/pwned-password-range.js +4 -0
  53. package/dist/esm/pwned-password-range.js.map +1 -1
  54. package/dist/esm/pwned-password.js +2 -0
  55. package/dist/esm/pwned-password.js.map +1 -1
  56. package/dist/esm/search.js +5 -0
  57. package/dist/esm/search.js.map +1 -1
  58. package/dist/esm/subscription-status.js +2 -0
  59. package/dist/esm/subscription-status.js.map +1 -1
  60. package/package.json +4 -3
package/dist/cjs/api/haveibeenpwned/fetch-from-api.cjs.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"fetch-from-api.cjs","sources":["../../../../src/api/haveibeenpwned/fetch-from-api.ts"],"sourcesContent":["import { name, version } from '../../../package.json';\nimport { installUndiciOnNode18 } from '../fetch-polyfill.js';\nimport {\n BAD_REQUEST,\n UNAUTHORIZED,\n FORBIDDEN,\n NOT_FOUND,\n TOO_MANY_REQUESTS,\n} from './responses.js';\nimport type { ApiData, ErrorData } from './types.js';\n\ninstallUndiciOnNode18();\n\n/**\n * Custom error thrown when the haveibeenpwned.com API responds with 429 Too\n * Many Requests. See the `retryAfterSeconds` property for the number of seconds\n * to wait before attempting the request again.\n *\n * @see https://haveibeenpwned.com/API/v3#RateLimiting\n */\nexport class RateLimitError extends Error {\n /**\n * The number of seconds to wait before attempting the request again. May be\n * `undefined` if the API does not provide a `retry-after` header, but this\n * should never happen.\n */\n public retryAfterSeconds: number | undefined;\n\n constructor(\n retryAfter: ReturnType<Headers['get']>,\n message: string | undefined,\n options?: ErrorOptions,\n ) {\n super(message, options);\n this.name = this.constructor.name;\n this.retryAfterSeconds =\n typeof retryAfter === 'string'\n ? Number.parseInt(retryAfter, 10) /* c8 ignore start */\n : undefined; /* c8 ignore stop */\n }\n}\n\nfunction blockedWithRayId(rayId: string) {\n return `Request blocked, contact haveibeenpwned.com if this continues (Ray ID: ${rayId})`;\n}\n\n/**\n * Fetches data from the supplied API endpoint.\n *\n * HTTP status code 200 returns an Object (data found).\n * HTTP status code 404 returns null (no data found).\n * HTTP status code 400 throws an Error (bad request).\n * HTTP status code 401 throws an Error (unauthorized).\n * HTTP status code 403 throws an Error (forbidden).\n * HTTP status code 429 throws an Error (too many requests).\n *\n * @internal\n * @private\n * @param {string} endpoint the API endpoint to query\n * @param {object} [options] a configuration object\n * @param {string} [options.apiKey] an API key from\n * https://haveibeenpwned.com/API/Key\n * @param {string} [options.baseUrl] a custom base URL for the\n * haveibeenpwned.com API endpoints (default:\n * `https://haveibeenpwned.com/api/v3`)\n * @param {string} [options.userAgent] a custom string to send as the User-Agent\n * field in the request headers (default: `hibp <version>`)\n * @returns {Promise<ApiData>} a Promise which resolves to the data resulting\n * from the query (or null for 404 Not Found responses), or rejects with an\n * Error\n */\nexport async function fetchFromApi(\n endpoint: string,\n options: {\n apiKey?: string;\n baseUrl?: string;\n userAgent?: string;\n } = {},\n): Promise<ApiData> {\n const {\n apiKey,\n baseUrl = 'https://haveibeenpwned.com/api/v3',\n userAgent,\n } = options;\n const headers: Record<string, string> = {};\n\n if (apiKey) {\n headers['HIBP-API-Key'] = apiKey;\n }\n\n if (userAgent) {\n headers['User-Agent'] = userAgent;\n }\n\n // Provide a default User-Agent when running outside the browser\n if (!userAgent && typeof navigator === 'undefined') {\n headers['User-Agent'] = `${name} ${version}`;\n }\n\n const config = { headers };\n const url = `${baseUrl.replace(/\\/$/g, '')}${endpoint}`;\n const response = await fetch(url, config);\n\n if (response.ok) return response.json() as Promise<ApiData>;\n\n switch (response.status) {\n case BAD_REQUEST.status: {\n throw new Error(BAD_REQUEST.statusText);\n }\n case UNAUTHORIZED.status: {\n const body = (await response.json()) as unknown as ErrorData;\n throw new Error(body.message);\n }\n case FORBIDDEN.status: {\n const rayId = response.headers.get('cf-ray');\n if (rayId) throw new Error(blockedWithRayId(rayId));\n throw new Error(FORBIDDEN.statusText);\n }\n case NOT_FOUND.status: {\n return null;\n }\n case TOO_MANY_REQUESTS.status: {\n const body = (await response.json()) as unknown as ErrorData;\n const retryAfter = response.headers.get('retry-after');\n throw new RateLimitError(retryAfter, body.message);\n }\n default: {\n throw new Error(response.statusText);\n }\n }\n}\n"],"names":["installUndiciOnNode18","RateLimitError","Error","retryAfterSeconds","constructor","retryAfter","message","options","name","Number","parseInt","undefined","blockedWithRayId","rayId","fetchFromApi","endpoint","apiKey","baseUrl","userAgent","headers","navigator","version","config","url","replace","response","fetch","ok","json","status","BAD_REQUEST","statusText","UNAUTHORIZED","body","FORBIDDEN","get","NOT_FOUND","TOO_MANY_REQUESTS"],"mappings":";;;;;AAWAA,aAAAA,CAAAA,qBAAqB,EAAE;AAEvB;;;;;;AAMG;AACG,MAAOC,cAAe,SAAQC,KAAK,CAAA;EACvC;;;;AAIG;EACIC,iBAAiB;EAExBC,WAAAA,CACEC,UAAsC,EACtCC,OAA2B,EAC3BC,OAAsB,EAAA;IAEtB,KAAK,CAACD,OAAO,EAAEC,OAAO,CAAC;IACvB,IAAI,CAACC,IAAI,GAAG,IAAI,CAACJ,WAAW,CAACI,IAAI;IACjC,IAAI,CAACL,iBAAiB,GACpB,OAAOE,UAAU,KAAK,QAAQ,GAC1BI,MAAM,CAACC,QAAQ,CAACL,UAAU,EAAE,EAAE,CAAC,CAAA,wBAC/BM,SAAS,CAAC,CAAA;EACjB;AACF;AAED,SAASC,gBAAgBA,CAACC,KAAa,EAAA;EACrC,OAAO,0EAA0EA,KAAK,GAAG;AAC3F;AAEA;;;;;;;;;;;;;;;;;;;;;;;;AAwBG;AACI,eAAeC,YAAYA,CAChCC,QAAgB,EAChBR,UAII,EAAE,EAAA;EAEN,MAAM;IACJS,MAAM;IACNC,OAAO,GAAG,mCAAmC;IAC7CC;EAAS,CACV,GAAGX,OAAO;EACX,MAAMY,OAAO,GAA2B,CAAA,CAAE;EAE1C,IAAIH,MAAM,EAAE;IACVG,OAAO,CAAC,cAAc,CAAC,GAAGH,MAAM;EACjC;EAED,IAAIE,SAAS,EAAE;IACbC,OAAO,CAAC,YAAY,CAAC,GAAGD,SAAS;EAClC;;EAGD,IAAI,CAACA,SAAS,IAAI,OAAOE,SAAS,KAAK,WAAW,EAAE;IAClDD,OAAO,CAAC,YAAY,CAAC,MAAMX,QAAI,CAAAA,IAAA,IAAIa,QAAO,CAAAA,OAAA,EAAE;EAC7C;EAED,MAAMC,MAAM,GAAG;IAAEH;GAAS;EAC1B,MAAMI,GAAG,GAAM,GAAAN,OAAO,CAACO,OAAO,CAAC,MAAM,EAAE,EAAE,CAAI,GAAAT,UAAU;EACvD,MAAMU,QAAQ,GAAG,MAAMC,KAAK,CAACH,GAAG,EAAED,MAAM,CAAC;EAEzC,IAAIG,QAAQ,CAACE,EAAE,EAAE,OAAOF,QAAQ,CAACG,IAAI,EAAsB;EAE3D,QAAQH,QAAQ,CAACI,MAAM;IACrB,KAAKC,SAAAA,CAAAA,WAAW,CAACD,MAAM;MAAE;QACvB,MAAM,IAAI3B,KAAK,CAAC4B,qBAAW,CAACC,UAAU,CAAC;MACxC;IACD,KAAKC,SAAAA,CAAAA,YAAY,CAACH,MAAM;MAAE;QACxB,MAAMI,IAAI,GAAI,MAAMR,QAAQ,CAACG,IAAI,CAAE,CAAyB;QAC5D,MAAM,IAAI1B,KAAK,CAAC+B,IAAI,CAAC3B,OAAO,CAAC;MAC9B;IACD,KAAK4B,SAAAA,CAAAA,SAAS,CAACL,MAAM;MAAE;QACrB,MAAMhB,KAAK,GAAGY,QAAQ,CAACN,OAAO,CAACgB,GAAG,CAAC,QAAQ,CAAC;QAC5C,IAAItB,KAAK,EAAE,MAAM,IAAIX,KAAK,CAACU,gBAAgB,CAACC,KAAK,CAAC,CAAC;QACnD,MAAM,IAAIX,KAAK,CAACgC,mBAAS,CAACH,UAAU,CAAC;MACtC;IACD,KAAKK,SAAAA,CAAAA,SAAS,CAACP,MAAM;MAAE;QACrB,OAAO,IAAI;MACZ;IACD,KAAKQ,SAAAA,CAAAA,iBAAiB,CAACR,MAAM;MAAE;QAC7B,MAAMI,IAAI,GAAI,MAAMR,QAAQ,CAACG,IAAI,CAAE,CAAyB;QAC5D,MAAMvB,UAAU,GAAGoB,QAAQ,CAACN,OAAO,CAACgB,GAAG,CAAC,aAAa,CAAC;QACtD,MAAM,IAAIlC,cAAc,CAACI,UAAU,EAAE4B,IAAI,CAAC3B,OAAO,CAAC;MACnD;IACD;MAAS;QACP,MAAM,IAAIJ,KAAK,CAACuB,QAAQ,CAACM,UAAU,CAAC;MACrC;EACF;AACH;;"}
1
+ {"version":3,"file":"fetch-from-api.cjs","sources":["../../../../src/api/haveibeenpwned/fetch-from-api.ts"],"sourcesContent":["import { name, version } from '../../../package.json';\nimport { installUndiciOnNode18 } from '../fetch-polyfill.js';\nimport {\n BAD_REQUEST,\n UNAUTHORIZED,\n FORBIDDEN,\n NOT_FOUND,\n TOO_MANY_REQUESTS,\n} from './responses.js';\nimport type { ApiData, ErrorData } from './types.js';\n\ninstallUndiciOnNode18();\n\n/**\n * Custom error thrown when the haveibeenpwned.com API responds with 429 Too\n * Many Requests. See the `retryAfterSeconds` property for the number of seconds\n * to wait before attempting the request again.\n *\n * @see https://haveibeenpwned.com/API/v3#RateLimiting\n */\nexport class RateLimitError extends Error {\n /**\n * The number of seconds to wait before attempting the request again. May be\n * `undefined` if the API does not provide a `retry-after` header, but this\n * should never happen.\n */\n public retryAfterSeconds: number | undefined;\n\n constructor(\n retryAfter: ReturnType<Headers['get']>,\n message: string | undefined,\n options?: ErrorOptions,\n ) {\n super(message, options);\n this.name = this.constructor.name;\n this.retryAfterSeconds =\n typeof retryAfter === 'string'\n ? Number.parseInt(retryAfter, 10) /* c8 ignore start */\n : undefined; /* c8 ignore stop */\n }\n}\n\nfunction blockedWithRayId(rayId: string) {\n return `Request blocked, contact haveibeenpwned.com if this continues (Ray ID: ${rayId})`;\n}\n\n/**\n * Fetches data from the supplied API endpoint.\n *\n * HTTP status code 200 returns an Object (data found).\n * HTTP status code 404 returns null (no data found).\n * HTTP status code 400 throws an Error (bad request).\n * HTTP status code 401 throws an Error (unauthorized).\n * HTTP status code 403 throws an Error (forbidden).\n * HTTP status code 429 throws an Error (too many requests).\n *\n * @internal\n * @private\n * @param {string} endpoint the API endpoint to query\n * @param {object} [options] a configuration object\n * @param {string} [options.apiKey] an API key from\n * https://haveibeenpwned.com/API/Key\n * @param {string} [options.baseUrl] a custom base URL for the\n * haveibeenpwned.com API endpoints (default:\n * `https://haveibeenpwned.com/api/v3`)\n * @param {number} [options.timeoutMs] timeout for the request in milliseconds\n * (default: none)\n * @param {string} [options.userAgent] a custom string to send as the User-Agent\n * field in the request headers (default: `hibp <version>`)\n * @returns {Promise<ApiData>} a Promise which resolves to the data resulting\n * from the query (or null for 404 Not Found responses), or rejects with an\n * Error\n */\nexport async function fetchFromApi(\n endpoint: string,\n options: {\n apiKey?: string;\n baseUrl?: string;\n timeoutMs?: number;\n userAgent?: string;\n } = {},\n): Promise<ApiData> {\n const {\n apiKey,\n baseUrl = 'https://haveibeenpwned.com/api/v3',\n timeoutMs,\n userAgent,\n } = options;\n const headers: Record<string, string> = {};\n\n if (apiKey) {\n headers['HIBP-API-Key'] = apiKey;\n }\n\n if (userAgent) {\n headers['User-Agent'] = userAgent;\n }\n\n // Provide a default User-Agent when running outside the browser\n if (!userAgent && typeof navigator === 'undefined') {\n headers['User-Agent'] = `${name} ${version}`;\n }\n\n const config: RequestInit = {\n headers,\n ...(timeoutMs ? { signal: AbortSignal.timeout(timeoutMs) } : {}),\n };\n const url = `${baseUrl.replace(/\\/$/g, '')}${endpoint}`;\n const response = await fetch(url, config);\n\n if (response.ok) return response.json() as Promise<ApiData>;\n\n switch (response.status) {\n case BAD_REQUEST.status: {\n throw new Error(BAD_REQUEST.statusText);\n }\n case UNAUTHORIZED.status: {\n const body = (await response.json()) as unknown as ErrorData;\n throw new Error(body.message);\n }\n case FORBIDDEN.status: {\n const rayId = response.headers.get('cf-ray');\n if (rayId) throw new Error(blockedWithRayId(rayId));\n throw new Error(FORBIDDEN.statusText);\n }\n case NOT_FOUND.status: {\n return null;\n }\n case TOO_MANY_REQUESTS.status: {\n const body = (await response.json()) as unknown as ErrorData;\n const retryAfter = response.headers.get('retry-after');\n throw new RateLimitError(retryAfter, body.message);\n }\n default: {\n throw new Error(response.statusText);\n }\n }\n}\n"],"names":["installUndiciOnNode18","RateLimitError","Error","retryAfterSeconds","constructor","retryAfter","message","options","name","Number","parseInt","undefined","blockedWithRayId","rayId","fetchFromApi","endpoint","apiKey","baseUrl","timeoutMs","userAgent","headers","navigator","version","config","signal","AbortSignal","timeout","url","replace","response","fetch","ok","json","status","BAD_REQUEST","statusText","UNAUTHORIZED","body","FORBIDDEN","get","NOT_FOUND","TOO_MANY_REQUESTS"],"mappings":";;;;;AAWAA,aAAAA,CAAAA,qBAAqB,EAAE;AAEvB;;;;;;AAMG;AACG,MAAOC,cAAe,SAAQC,KAAK,CAAA;EACvC;;;;AAIG;EACIC,iBAAiB;EAExBC,WAAAA,CACEC,UAAsC,EACtCC,OAA2B,EAC3BC,OAAsB,EAAA;IAEtB,KAAK,CAACD,OAAO,EAAEC,OAAO,CAAC;IACvB,IAAI,CAACC,IAAI,GAAG,IAAI,CAACJ,WAAW,CAACI,IAAI;IACjC,IAAI,CAACL,iBAAiB,GACpB,OAAOE,UAAU,KAAK,QAAQ,GAC1BI,MAAM,CAACC,QAAQ,CAACL,UAAU,EAAE,EAAE,CAAC,CAAA,wBAC/BM,SAAS,CAAC,CAAA;EACjB;AACF;AAED,SAASC,gBAAgBA,CAACC,KAAa,EAAA;EACrC,OAAO,0EAA0EA,KAAK,GAAG;AAC3F;AAEA;;;;;;;;;;;;;;;;;;;;;;;;;;AA0BG;AACI,eAAeC,YAAYA,CAChCC,QAAgB,EAChBR,UAKI,EAAE,EAAA;EAEN,MAAM;IACJS,MAAM;IACNC,OAAO,GAAG,mCAAmC;IAC7CC,SAAS;IACTC;EACD,CAAA,GAAGZ,OAAO;EACX,MAAMa,OAAO,GAA2B,CAAA,CAAE;EAE1C,IAAIJ,MAAM,EAAE;IACVI,OAAO,CAAC,cAAc,CAAC,GAAGJ,MAAM;EACjC;EAED,IAAIG,SAAS,EAAE;IACbC,OAAO,CAAC,YAAY,CAAC,GAAGD,SAAS;EAClC;;EAGD,IAAI,CAACA,SAAS,IAAI,OAAOE,SAAS,KAAK,WAAW,EAAE;IAClDD,OAAO,CAAC,YAAY,CAAC,MAAMZ,QAAI,CAAAA,IAAA,IAAIc,QAAO,CAAAA,OAAA,EAAE;EAC7C;EAED,MAAMC,MAAM,GAAgB;IAC1BH,OAAO;IACP,IAAIF,SAAS,GAAG;MAAEM,MAAM,EAAEC,WAAW,CAACC,OAAO,CAACR,SAAS;IAAC,CAAE,GAAG,CAAE,CAAA;GAChE;EACD,MAAMS,GAAG,GAAM,GAAAV,OAAO,CAACW,OAAO,CAAC,MAAM,EAAE,EAAE,CAAI,GAAAb,UAAU;EACvD,MAAMc,QAAQ,GAAG,MAAMC,KAAK,CAACH,GAAG,EAAEJ,MAAM,CAAC;EAEzC,IAAIM,QAAQ,CAACE,EAAE,EAAE,OAAOF,QAAQ,CAACG,IAAI,EAAsB;EAE3D,QAAQH,QAAQ,CAACI,MAAM;IACrB,KAAKC,SAAAA,CAAAA,WAAW,CAACD,MAAM;MAAE;QACvB,MAAM,IAAI/B,KAAK,CAACgC,qBAAW,CAACC,UAAU,CAAC;MACxC;IACD,KAAKC,SAAAA,CAAAA,YAAY,CAACH,MAAM;MAAE;QACxB,MAAMI,IAAI,GAAI,MAAMR,QAAQ,CAACG,IAAI,CAAE,CAAyB;QAC5D,MAAM,IAAI9B,KAAK,CAACmC,IAAI,CAAC/B,OAAO,CAAC;MAC9B;IACD,KAAKgC,SAAAA,CAAAA,SAAS,CAACL,MAAM;MAAE;QACrB,MAAMpB,KAAK,GAAGgB,QAAQ,CAACT,OAAO,CAACmB,GAAG,CAAC,QAAQ,CAAC;QAC5C,IAAI1B,KAAK,EAAE,MAAM,IAAIX,KAAK,CAACU,gBAAgB,CAACC,KAAK,CAAC,CAAC;QACnD,MAAM,IAAIX,KAAK,CAACoC,mBAAS,CAACH,UAAU,CAAC;MACtC;IACD,KAAKK,SAAAA,CAAAA,SAAS,CAACP,MAAM;MAAE;QACrB,OAAO,IAAI;MACZ;IACD,KAAKQ,SAAAA,CAAAA,iBAAiB,CAACR,MAAM;MAAE;QAC7B,MAAMI,IAAI,GAAI,MAAMR,QAAQ,CAACG,IAAI,CAAE,CAAyB;QAC5D,MAAM3B,UAAU,GAAGwB,QAAQ,CAACT,OAAO,CAACmB,GAAG,CAAC,aAAa,CAAC;QACtD,MAAM,IAAItC,cAAc,CAACI,UAAU,EAAEgC,IAAI,CAAC/B,OAAO,CAAC;MACnD;IACD;MAAS;QACP,MAAM,IAAIJ,KAAK,CAAC2B,QAAQ,CAACM,UAAU,CAAC;MACrC;EACF;AACH;;"}
package/dist/cjs/api/pwnedpasswords/fetch-from-api.cjs CHANGED
@@ -15,6 +15,8 @@ fetchPolyfill.installUndiciOnNode18();
15
15
  * @param {object} [options] a configuration object
16
16
  * @param {string} [options.baseUrl] a custom base URL for the
17
17
  * pwnedpasswords.com API endpoints (default: `https://api.pwnedpasswords.com`)
18
+ * @param {number} [options.timeoutMs] timeout for the request in milliseconds
19
+ * (default: none)
18
20
  * @param {string} [options.userAgent] a custom string to send as the User-Agent
19
21
  * field in the request headers (default: `hibp <version>`)
20
22
  * @param {boolean} [options.addPadding] ask the remote API to add padding to
@@ -27,19 +29,24 @@ fetchPolyfill.installUndiciOnNode18();
27
29
  async function fetchFromApi(endpoint, options = {}) {
28
30
  const {
29
31
  baseUrl = 'https://api.pwnedpasswords.com',
32
+ timeoutMs,
30
33
  userAgent,
31
34
  addPadding = false,
32
35
  mode = 'sha1'
33
36
  } = options;
34
- const config = Object.assign({}, userAgent ? {
37
+ const config = {
35
38
  headers: {
36
- 'User-Agent': userAgent
37
- }
38
- } : {}, addPadding ? {
39
- headers: {
40
- 'Add-Padding': 'true'
41
- }
42
- } : {});
39
+ ...(userAgent ? {
40
+ 'User-Agent': userAgent
41
+ } : {}),
42
+ ...(addPadding ? {
43
+ 'Add-Padding': 'true'
44
+ } : {})
45
+ },
46
+ ...(timeoutMs ? {
47
+ signal: AbortSignal.timeout(timeoutMs)
48
+ } : {})
49
+ };
43
50
  const url = `${baseUrl.replace(/\/$/g, '')}${endpoint}?mode=${mode}`;
44
51
  const response = await fetch(url, config);
45
52
  if (response.ok) return response.text();
package/dist/cjs/api/pwnedpasswords/fetch-from-api.cjs.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"fetch-from-api.cjs","sources":["../../../../src/api/pwnedpasswords/fetch-from-api.ts"],"sourcesContent":["import { installUndiciOnNode18 } from '../fetch-polyfill.js';\nimport { BAD_REQUEST } from './responses.js';\n\ninstallUndiciOnNode18();\n\n/**\n * Fetches data from the supplied API endpoint.\n *\n * HTTP status code 200 returns plain text (data found).\n * HTTP status code 400 throws an Error (bad request).\n *\n * @internal\n * @private\n * @param {string} endpoint the API endpoint to query\n * @param {object} [options] a configuration object\n * @param {string} [options.baseUrl] a custom base URL for the\n * pwnedpasswords.com API endpoints (default: `https://api.pwnedpasswords.com`)\n * @param {string} [options.userAgent] a custom string to send as the User-Agent\n * field in the request headers (default: `hibp <version>`)\n * @param {boolean} [options.addPadding] ask the remote API to add padding to\n * the response to obscure the password prefix (default: `false`)\n * @param {'sha1' | 'ntlm'} [options.mode] return SHA-1 or NTLM hashes\n * (default: `sha1`)\n * @returns {Promise<string>} a Promise which resolves to the data resulting\n * from the query, or rejects with an Error\n */\nexport async function fetchFromApi(\n endpoint: string,\n options: {\n baseUrl?: string;\n userAgent?: string;\n addPadding?: boolean;\n mode?: 'sha1' | 'ntlm';\n } = {},\n): Promise<string> {\n const {\n baseUrl = 'https://api.pwnedpasswords.com',\n userAgent,\n addPadding = false,\n mode = 'sha1',\n } = options;\n\n const config = Object.assign(\n {},\n userAgent ? { headers: { 'User-Agent': userAgent } } : {},\n addPadding ? { headers: { 'Add-Padding': 'true' } } : {},\n );\n const url = `${baseUrl.replace(/\\/$/g, '')}${endpoint}?mode=${mode}`;\n const response = await fetch(url, config);\n\n if (response.ok) return response.text();\n\n if (response.status === BAD_REQUEST.status) {\n const text = await response.text();\n throw new Error(text);\n }\n\n throw new Error(response.statusText);\n}\n"],"names":["installUndiciOnNode18","fetchFromApi","endpoint","options","baseUrl","userAgent","addPadding","mode","config","Object","assign","headers","url","replace","response","fetch","ok","text","status","BAD_REQUEST","Error","statusText"],"mappings":";;;;AAGAA,aAAAA,CAAAA,qBAAqB,EAAE;AAEvB;;;;;;;;;;;;;;;;;;;;AAoBG;AACI,eAAeC,YAAYA,CAChCC,QAAgB,EAChBC,UAKI,EAAE,EAAA;EAEN,MAAM;IACJC,OAAO,GAAG,gCAAgC;IAC1CC,SAAS;IACTC,UAAU,GAAG,KAAK;IAClBC,IAAI,GAAG;EACR,CAAA,GAAGJ,OAAO;EAEX,MAAMK,MAAM,GAAGC,MAAM,CAACC,MAAM,CAC1B,CAAA,CAAE,EACFL,SAAS,GAAG;IAAEM,OAAO,EAAE;MAAE,YAAY,EAAEN;IAAW;EAAA,CAAE,GAAG,CAAE,CAAA,EACzDC,UAAU,GAAG;IAAEK,OAAO,EAAE;MAAE,aAAa,EAAE;IAAM;GAAI,GAAG,CAAA,CAAE,CACzD;EACD,MAAMC,GAAG,GAAG,GAAGR,OAAO,CAACS,OAAO,CAAC,MAAM,EAAE,EAAE,CAAI,GAAAX,QAAiB,SAAAK,MAAM;EACpE,MAAMO,QAAQ,GAAG,MAAMC,KAAK,CAACH,GAAG,EAAEJ,MAAM,CAAC;EAEzC,IAAIM,QAAQ,CAACE,EAAE,EAAE,OAAOF,QAAQ,CAACG,IAAI,EAAE;EAEvC,IAAIH,QAAQ,CAACI,MAAM,KAAKC,SAAW,CAAAA,WAAA,CAACD,MAAM,EAAE;IAC1C,MAAMD,IAAI,GAAG,MAAMH,QAAQ,CAACG,IAAI,EAAE;IAClC,MAAM,IAAIG,KAAK,CAACH,IAAI,CAAC;EACtB;EAED,MAAM,IAAIG,KAAK,CAACN,QAAQ,CAACO,UAAU,CAAC;AACtC;"}
1
+ {"version":3,"file":"fetch-from-api.cjs","sources":["../../../../src/api/pwnedpasswords/fetch-from-api.ts"],"sourcesContent":["import { installUndiciOnNode18 } from '../fetch-polyfill.js';\nimport { BAD_REQUEST } from './responses.js';\n\ninstallUndiciOnNode18();\n\n/**\n * Fetches data from the supplied API endpoint.\n *\n * HTTP status code 200 returns plain text (data found).\n * HTTP status code 400 throws an Error (bad request).\n *\n * @internal\n * @private\n * @param {string} endpoint the API endpoint to query\n * @param {object} [options] a configuration object\n * @param {string} [options.baseUrl] a custom base URL for the\n * pwnedpasswords.com API endpoints (default: `https://api.pwnedpasswords.com`)\n * @param {number} [options.timeoutMs] timeout for the request in milliseconds\n * (default: none)\n * @param {string} [options.userAgent] a custom string to send as the User-Agent\n * field in the request headers (default: `hibp <version>`)\n * @param {boolean} [options.addPadding] ask the remote API to add padding to\n * the response to obscure the password prefix (default: `false`)\n * @param {'sha1' | 'ntlm'} [options.mode] return SHA-1 or NTLM hashes\n * (default: `sha1`)\n * @returns {Promise<string>} a Promise which resolves to the data resulting\n * from the query, or rejects with an Error\n */\nexport async function fetchFromApi(\n endpoint: string,\n options: {\n baseUrl?: string;\n timeoutMs?: number;\n userAgent?: string;\n addPadding?: boolean;\n mode?: 'sha1' | 'ntlm';\n } = {},\n): Promise<string> {\n const {\n baseUrl = 'https://api.pwnedpasswords.com',\n timeoutMs,\n userAgent,\n addPadding = false,\n mode = 'sha1',\n } = options;\n\n const config: RequestInit = {\n headers: {\n ...(userAgent ? { 'User-Agent': userAgent } : {}),\n ...(addPadding ? { 'Add-Padding': 'true' } : {}),\n },\n ...(timeoutMs ? { signal: AbortSignal.timeout(timeoutMs) } : {}),\n };\n const url = `${baseUrl.replace(/\\/$/g, '')}${endpoint}?mode=${mode}`;\n const response = await fetch(url, config);\n\n if (response.ok) return response.text();\n\n if (response.status === BAD_REQUEST.status) {\n const text = await response.text();\n throw new Error(text);\n }\n\n throw new Error(response.statusText);\n}\n"],"names":["installUndiciOnNode18","fetchFromApi","endpoint","options","baseUrl","timeoutMs","userAgent","addPadding","mode","config","headers","signal","AbortSignal","timeout","url","replace","response","fetch","ok","text","status","BAD_REQUEST","Error","statusText"],"mappings":";;;;AAGAA,aAAAA,CAAAA,qBAAqB,EAAE;AAEvB;;;;;;;;;;;;;;;;;;;;;;AAsBG;AACI,eAAeC,YAAYA,CAChCC,QAAgB,EAChBC,UAMI,EAAE,EAAA;EAEN,MAAM;IACJC,OAAO,GAAG,gCAAgC;IAC1CC,SAAS;IACTC,SAAS;IACTC,UAAU,GAAG,KAAK;IAClBC,IAAI,GAAG;EACR,CAAA,GAAGL,OAAO;EAEX,MAAMM,MAAM,GAAgB;IAC1BC,OAAO,EAAE;MACP,IAAIJ,SAAS,GAAG;QAAE,YAAY,EAAEA;MAAW,CAAA,GAAG,CAAE,CAAA,CAAA;MAChD,IAAIC,UAAU,GAAG;QAAE,aAAa,EAAE;MAAQ,CAAA,GAAG,CAAE,CAAA;IAChD,CAAA;IACD,IAAIF,SAAS,GAAG;MAAEM,MAAM,EAAEC,WAAW,CAACC,OAAO,CAACR,SAAS;IAAC,CAAE,GAAG,CAAE,CAAA;GAChE;EACD,MAAMS,GAAG,GAAG,GAAGV,OAAO,CAACW,OAAO,CAAC,MAAM,EAAE,EAAE,CAAI,GAAAb,QAAiB,SAAAM,MAAM;EACpE,MAAMQ,QAAQ,GAAG,MAAMC,KAAK,CAACH,GAAG,EAAEL,MAAM,CAAC;EAEzC,IAAIO,QAAQ,CAACE,EAAE,EAAE,OAAOF,QAAQ,CAACG,IAAI,EAAE;EAEvC,IAAIH,QAAQ,CAACI,MAAM,KAAKC,SAAW,CAAAA,WAAA,CAACD,MAAM,EAAE;IAC1C,MAAMD,IAAI,GAAG,MAAMH,QAAQ,CAACG,IAAI,EAAE;IAClC,MAAM,IAAIG,KAAK,CAACH,IAAI,CAAC;EACtB;EAED,MAAM,IAAIG,KAAK,CAACN,QAAQ,CAACO,UAAU,CAAC;AACtC;"}
package/dist/cjs/breach.cjs CHANGED
@@ -32,6 +32,8 @@ var fetchFromApi = /*#__PURE__*/require('./api/haveibeenpwned/fetch-from-api.cjs
32
32
  * @param {string} [options.baseUrl] a custom base URL for the
33
33
  * haveibeenpwned.com API endpoints (default:
34
34
  * `https://haveibeenpwned.com/api/v3`)
35
+ * @param {number} [options.timeoutMs] timeout for the request in milliseconds
36
+ * (default: none)
35
37
  * @param {string} [options.userAgent] a custom string to send as the User-Agent
36
38
  * field in the request headers (default: `hibp <version>`)
37
39
  * @returns {(Promise<Breach>|Promise<null>)} a Promise which resolves to an
package/dist/cjs/breach.cjs.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"breach.cjs","sources":["../../src/breach.ts"],"sourcesContent":["import type { Breach } from './api/haveibeenpwned/types.js';\nimport { fetchFromApi } from './api/haveibeenpwned/fetch-from-api.js';\n\n/**\n * An object representing a breach.\n *\n * @typedef {object} Breach\n * @property {string} Name\n * @property {string} Title\n * @property {string} Domain\n * @property {string} BreachDate\n * @property {string} AddedDate\n * @property {string} ModifiedDate\n * @property {number} PwnCount\n * @property {string} Description\n * @property {string[]} DataClasses\n * @property {boolean} IsVerified\n * @property {boolean} IsFabricated\n * @property {boolean} IsSensitive\n * @property {boolean} IsRetired\n * @property {boolean} IsSpamList\n * @property {boolean} IsMalware\n * @property {boolean} IsSubscriptionFree\n * @property {string} LogoPath\n */\n\n/**\n * Fetches data for a specific breach event.\n *\n * @param {string} breachName the name of a breach in the system\n * @param {object} [options] a configuration object\n * @param {string} [options.baseUrl] a custom base URL for the\n * haveibeenpwned.com API endpoints (default:\n * `https://haveibeenpwned.com/api/v3`)\n * @param {string} [options.userAgent] a custom string to send as the User-Agent\n * field in the request headers (default: `hibp <version>`)\n * @returns {(Promise<Breach>|Promise<null>)} a Promise which resolves to an\n * object representing a breach (or null if no breach was found), or rejects\n * with an Error\n * @example\n * try {\n * const data = await breach(\"Adobe\");\n * if (data) {\n * // ...\n * } else {\n * // ...\n * }\n * } catch (err) {\n * // ...\n * }\n */\nexport function breach(\n breachName: string,\n options: {\n /**\n * a custom base URL for the haveibeenpwned.com API endpoints (default:\n * `https://haveibeenpwned.com/api/v3`)\n */\n baseUrl?: string;\n /**\n * a custom string to send as the User-Agent field in the request headers\n * (default: `hibp <version>`)\n */\n userAgent?: string;\n } = {},\n): Promise<Breach | null> {\n return fetchFromApi(\n `/breach/${encodeURIComponent(breachName)}`,\n options,\n ) as Promise<Breach | null>;\n}\n"],"names":["breach","breachName","options","fetchFromApi","encodeURIComponent"],"mappings":";;;;AAGA;;;;;;;;;;;;;;;;;;;;;AAqBG;AAEH;;;;;;;;;;;;;;;;;;;;;;;;AAwBG;SACaA,MAAMA,CACpBC,UAAkB,EAClBC,UAWI,EAAE,EAAA;EAEN,OAAOC,YAAAA,CAAAA,YAAY,CACjB,WAAWC,kBAAkB,CAACH,UAAU,CAAG,EAAA,EAC3CC,OAAO,CACkB;AAC7B;"}
1
+ {"version":3,"file":"breach.cjs","sources":["../../src/breach.ts"],"sourcesContent":["import type { Breach } from './api/haveibeenpwned/types.js';\nimport { fetchFromApi } from './api/haveibeenpwned/fetch-from-api.js';\n\n/**\n * An object representing a breach.\n *\n * @typedef {object} Breach\n * @property {string} Name\n * @property {string} Title\n * @property {string} Domain\n * @property {string} BreachDate\n * @property {string} AddedDate\n * @property {string} ModifiedDate\n * @property {number} PwnCount\n * @property {string} Description\n * @property {string[]} DataClasses\n * @property {boolean} IsVerified\n * @property {boolean} IsFabricated\n * @property {boolean} IsSensitive\n * @property {boolean} IsRetired\n * @property {boolean} IsSpamList\n * @property {boolean} IsMalware\n * @property {boolean} IsSubscriptionFree\n * @property {string} LogoPath\n */\n\n/**\n * Fetches data for a specific breach event.\n *\n * @param {string} breachName the name of a breach in the system\n * @param {object} [options] a configuration object\n * @param {string} [options.baseUrl] a custom base URL for the\n * haveibeenpwned.com API endpoints (default:\n * `https://haveibeenpwned.com/api/v3`)\n * @param {number} [options.timeoutMs] timeout for the request in milliseconds\n * (default: none)\n * @param {string} [options.userAgent] a custom string to send as the User-Agent\n * field in the request headers (default: `hibp <version>`)\n * @returns {(Promise<Breach>|Promise<null>)} a Promise which resolves to an\n * object representing a breach (or null if no breach was found), or rejects\n * with an Error\n * @example\n * try {\n * const data = await breach(\"Adobe\");\n * if (data) {\n * // ...\n * } else {\n * // ...\n * }\n * } catch (err) {\n * // ...\n * }\n */\nexport function breach(\n breachName: string,\n options: {\n /**\n * a custom base URL for the haveibeenpwned.com API endpoints (default:\n * `https://haveibeenpwned.com/api/v3`)\n */\n baseUrl?: string;\n /**\n * timeout for the request in milliseconds (default: none)\n */\n timeoutMs?: number;\n /**\n * a custom string to send as the User-Agent field in the request headers\n * (default: `hibp <version>`)\n */\n userAgent?: string;\n } = {},\n): Promise<Breach | null> {\n return fetchFromApi(\n `/breach/${encodeURIComponent(breachName)}`,\n options,\n ) as Promise<Breach | null>;\n}\n"],"names":["breach","breachName","options","fetchFromApi","encodeURIComponent"],"mappings":";;;;AAGA;;;;;;;;;;;;;;;;;;;;;AAqBG;AAEH;;;;;;;;;;;;;;;;;;;;;;;;;;AA0BG;SACaA,MAAMA,CACpBC,UAAkB,EAClBC,UAeI,EAAE,EAAA;EAEN,OAAOC,YAAAA,CAAAA,YAAY,CACjB,WAAWC,kBAAkB,CAACH,UAAU,CAAG,EAAA,EAC3CC,OAAO,CACkB;AAC7B;"}
package/dist/cjs/breached-account.cjs CHANGED
@@ -19,6 +19,8 @@ var fetchFromApi = /*#__PURE__*/require('./api/haveibeenpwned/fetch-from-api.cjs
19
19
  * (default: all domains)
20
20
  * @param {boolean} [options.includeUnverified] include "unverified" breaches in
21
21
  * the results (default: true)
22
+ * @param {number} [options.timeoutMs] timeout for the request in milliseconds
23
+ * (default: none)
22
24
  * @param {boolean} [options.truncate] truncate the results to only include
23
25
  * the name of each breach (default: true)
24
26
  * @param {string} [options.baseUrl] a custom base URL for the
@@ -76,6 +78,7 @@ function breachedAccount(account, options = {}) {
76
78
  apiKey,
77
79
  domain,
78
80
  includeUnverified = true,
81
+ timeoutMs,
79
82
  truncate = true,
80
83
  baseUrl,
81
84
  userAgent
@@ -94,6 +97,7 @@ function breachedAccount(account, options = {}) {
94
97
  return fetchFromApi.fetchFromApi(`${endpoint}${params.join('&')}`, {
95
98
  apiKey,
96
99
  baseUrl,
100
+ timeoutMs,
97
101
  userAgent
98
102
  });
99
103
  }
package/dist/cjs/breached-account.cjs.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"breached-account.cjs","sources":["../../src/breached-account.ts"],"sourcesContent":["import type { Breach } from './api/haveibeenpwned/types.js';\nimport { fetchFromApi } from './api/haveibeenpwned/fetch-from-api.js';\n\n/**\n * Fetches breach data for a specific account.\n *\n * 🔑 `haveibeenpwned.com` requires an API key from\n * https://haveibeenpwned.com/API/Key for the `breachedaccount` endpoint. The\n * `apiKey` option here is not explicitly required, but direct requests made\n * without it will fail (unless you specify a `baseUrl` to a proxy that inserts\n * a valid API key on your behalf).\n *\n * @param {string} account a username or email address\n * @param {object} [options] a configuration object\n * @param {string} [options.apiKey] an API key from\n * https://haveibeenpwned.com/API/Key (default: undefined)\n * @param {string} [options.domain] a domain by which to filter the results\n * (default: all domains)\n * @param {boolean} [options.includeUnverified] include \"unverified\" breaches in\n * the results (default: true)\n * @param {boolean} [options.truncate] truncate the results to only include\n * the name of each breach (default: true)\n * @param {string} [options.baseUrl] a custom base URL for the\n * haveibeenpwned.com API endpoints (default:\n * `https://haveibeenpwned.com/api/v3`)\n * @param {string} [options.userAgent] a custom string to send as the User-Agent\n * field in the request headers (default: `hibp <version>`)\n * @returns {(Promise<Breach[]> | Promise<null>)} a Promise which resolves to an\n * array of breach objects (or null if no breaches were found), or rejects with\n * an Error\n * @example\n * try {\n * const data = await breachedAccount(\"foo\", { apiKey: \"my-api-key\" });\n * if (data) {\n * // ...\n * } else {\n * // ...\n * }\n * } catch (err) {\n * // ...\n * }\n * @example\n * try {\n * const data = await breachedAccount(\"bar\", {\n * includeUnverified: false,\n * baseUrl: \"https://my-hibp-proxy:8080\",\n * });\n * if (data) {\n * // ...\n * } else {\n * // ...\n * }\n * } catch (err) {\n * // ...\n * }\n * @example\n * try {\n * const data = await breachedAccount(\"baz\", {\n * apiKey: \"my-api-key\",\n * domain: \"adobe.com\",\n * truncate: false,\n * userAgent: \"my-app 1.0\",\n * });\n * if (data) {\n * // ...\n * } else {\n * // ...\n * }\n * } catch (err) {\n * // ...\n * }\n */\nexport function breachedAccount(\n account: string,\n options: {\n /**\n * an API key from https://haveibeenpwned.com/API/Key (default: undefined)\n */\n apiKey?: string;\n /**\n * a domain by which to filter the results (default: all domains)\n */\n domain?: string;\n /**\n * include \"unverified\" breaches in the results (default: true)\n */\n includeUnverified?: boolean;\n /**\n * truncate the results to only include the name of each breach (default:\n * true)\n */\n truncate?: boolean;\n /**\n * a custom base URL for the haveibeenpwned.com API endpoints (default:\n * `https://haveibeenpwned.com/api/v3`)\n */\n baseUrl?: string;\n /**\n * a custom string to send as the User-Agent field in the request headers\n * (default: `hibp <version>`)\n */\n userAgent?: string;\n } = {},\n): Promise<Breach[] | null> {\n const {\n apiKey,\n domain,\n includeUnverified = true,\n truncate = true,\n baseUrl,\n userAgent,\n } = options;\n const endpoint = `/breachedaccount/${encodeURIComponent(account)}?`;\n const params: string[] = [];\n\n if (domain) {\n params.push(`domain=${encodeURIComponent(domain)}`);\n }\n\n if (!includeUnverified) {\n params.push('includeUnverified=false');\n }\n\n if (!truncate) {\n params.push('truncateResponse=false');\n }\n\n return fetchFromApi(`${endpoint}${params.join('&')}`, {\n apiKey,\n baseUrl,\n userAgent,\n }) as Promise<Breach[] | null>;\n}\n"],"names":["breachedAccount","account","options","apiKey","domain","includeUnverified","truncate","baseUrl","userAgent","endpoint","encodeURIComponent","params","push","fetchFromApi","join"],"mappings":";;;;AAGA;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAoEG;SACaA,eAAeA,CAC7BC,OAAe,EACfC,UA4BI,EAAE,EAAA;EAEN,MAAM;IACJC,MAAM;IACNC,MAAM;IACNC,iBAAiB,GAAG,IAAI;IACxBC,QAAQ,GAAG,IAAI;IACfC,OAAO;IACPC;EACD,CAAA,GAAGN,OAAO;EACX,MAAMO,QAAQ,GAAuB,oBAAAC,kBAAkB,CAACT,OAAO,IAAI;EACnE,MAAMU,MAAM,GAAa,EAAE;EAE3B,IAAIP,MAAM,EAAE;IACVO,MAAM,CAACC,IAAI,CAAW,UAAAF,kBAAkB,CAACN,MAAM,CAAG,EAAA,CAAC;EACpD;EAED,IAAI,CAACC,iBAAiB,EAAE;IACtBM,MAAM,CAACC,IAAI,CAAC,yBAAyB,CAAC;EACvC;EAED,IAAI,CAACN,QAAQ,EAAE;IACbK,MAAM,CAACC,IAAI,CAAC,wBAAwB,CAAC;EACtC;EAED,OAAOC,YAAY,CAAAA,YAAA,CAAI,GAAAJ,QAAW,GAAAE,MAAM,CAACG,IAAI,CAAC,GAAG,CAAC,EAAE,EAAE;IACpDX,MAAM;IACNI,OAAO;IACPC;EACD,CAAA,CAA6B;AAChC;"}
1
+ {"version":3,"file":"breached-account.cjs","sources":["../../src/breached-account.ts"],"sourcesContent":["import type { Breach } from './api/haveibeenpwned/types.js';\nimport { fetchFromApi } from './api/haveibeenpwned/fetch-from-api.js';\n\n/**\n * Fetches breach data for a specific account.\n *\n * 🔑 `haveibeenpwned.com` requires an API key from\n * https://haveibeenpwned.com/API/Key for the `breachedaccount` endpoint. The\n * `apiKey` option here is not explicitly required, but direct requests made\n * without it will fail (unless you specify a `baseUrl` to a proxy that inserts\n * a valid API key on your behalf).\n *\n * @param {string} account a username or email address\n * @param {object} [options] a configuration object\n * @param {string} [options.apiKey] an API key from\n * https://haveibeenpwned.com/API/Key (default: undefined)\n * @param {string} [options.domain] a domain by which to filter the results\n * (default: all domains)\n * @param {boolean} [options.includeUnverified] include \"unverified\" breaches in\n * the results (default: true)\n * @param {number} [options.timeoutMs] timeout for the request in milliseconds\n * (default: none)\n * @param {boolean} [options.truncate] truncate the results to only include\n * the name of each breach (default: true)\n * @param {string} [options.baseUrl] a custom base URL for the\n * haveibeenpwned.com API endpoints (default:\n * `https://haveibeenpwned.com/api/v3`)\n * @param {string} [options.userAgent] a custom string to send as the User-Agent\n * field in the request headers (default: `hibp <version>`)\n * @returns {(Promise<Breach[]> | Promise<null>)} a Promise which resolves to an\n * array of breach objects (or null if no breaches were found), or rejects with\n * an Error\n * @example\n * try {\n * const data = await breachedAccount(\"foo\", { apiKey: \"my-api-key\" });\n * if (data) {\n * // ...\n * } else {\n * // ...\n * }\n * } catch (err) {\n * // ...\n * }\n * @example\n * try {\n * const data = await breachedAccount(\"bar\", {\n * includeUnverified: false,\n * baseUrl: \"https://my-hibp-proxy:8080\",\n * });\n * if (data) {\n * // ...\n * } else {\n * // ...\n * }\n * } catch (err) {\n * // ...\n * }\n * @example\n * try {\n * const data = await breachedAccount(\"baz\", {\n * apiKey: \"my-api-key\",\n * domain: \"adobe.com\",\n * truncate: false,\n * userAgent: \"my-app 1.0\",\n * });\n * if (data) {\n * // ...\n * } else {\n * // ...\n * }\n * } catch (err) {\n * // ...\n * }\n */\nexport function breachedAccount(\n account: string,\n options: {\n /**\n * an API key from https://haveibeenpwned.com/API/Key (default: undefined)\n */\n apiKey?: string;\n /**\n * a domain by which to filter the results (default: all domains)\n */\n domain?: string;\n /**\n * include \"unverified\" breaches in the results (default: true)\n */\n includeUnverified?: boolean;\n /**\n * timeout for the request in milliseconds (default: none)\n */\n timeoutMs?: number;\n /**\n * truncate the results to only include the name of each breach (default:\n * true)\n */\n truncate?: boolean;\n /**\n * a custom base URL for the haveibeenpwned.com API endpoints (default:\n * `https://haveibeenpwned.com/api/v3`)\n */\n baseUrl?: string;\n /**\n * a custom string to send as the User-Agent field in the request headers\n * (default: `hibp <version>`)\n */\n userAgent?: string;\n } = {},\n): Promise<Breach[] | null> {\n const {\n apiKey,\n domain,\n includeUnverified = true,\n timeoutMs,\n truncate = true,\n baseUrl,\n userAgent,\n } = options;\n const endpoint = `/breachedaccount/${encodeURIComponent(account)}?`;\n const params: string[] = [];\n\n if (domain) {\n params.push(`domain=${encodeURIComponent(domain)}`);\n }\n\n if (!includeUnverified) {\n params.push('includeUnverified=false');\n }\n\n if (!truncate) {\n params.push('truncateResponse=false');\n }\n\n return fetchFromApi(`${endpoint}${params.join('&')}`, {\n apiKey,\n baseUrl,\n timeoutMs,\n userAgent,\n }) as Promise<Breach[] | null>;\n}\n"],"names":["breachedAccount","account","options","apiKey","domain","includeUnverified","timeoutMs","truncate","baseUrl","userAgent","endpoint","encodeURIComponent","params","push","fetchFromApi","join"],"mappings":";;;;AAGA;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAsEG;SACaA,eAAeA,CAC7BC,OAAe,EACfC,UAgCI,EAAE,EAAA;EAEN,MAAM;IACJC,MAAM;IACNC,MAAM;IACNC,iBAAiB,GAAG,IAAI;IACxBC,SAAS;IACTC,QAAQ,GAAG,IAAI;IACfC,OAAO;IACPC;EAAS,CACV,GAAGP,OAAO;EACX,MAAMQ,QAAQ,GAAuB,oBAAAC,kBAAkB,CAACV,OAAO,IAAI;EACnE,MAAMW,MAAM,GAAa,EAAE;EAE3B,IAAIR,MAAM,EAAE;IACVQ,MAAM,CAACC,IAAI,CAAW,UAAAF,kBAAkB,CAACP,MAAM,CAAG,EAAA,CAAC;EACpD;EAED,IAAI,CAACC,iBAAiB,EAAE;IACtBO,MAAM,CAACC,IAAI,CAAC,yBAAyB,CAAC;EACvC;EAED,IAAI,CAACN,QAAQ,EAAE;IACbK,MAAM,CAACC,IAAI,CAAC,wBAAwB,CAAC;EACtC;EAED,OAAOC,YAAY,CAAAA,YAAA,CAAI,GAAAJ,QAAW,GAAAE,MAAM,CAACG,IAAI,CAAC,GAAG,CAAC,EAAE,EAAE;IACpDZ,MAAM;IACNK,OAAO;IACPF,SAAS;IACTG;EACD,CAAA,CAA6B;AAChC;"}
package/dist/cjs/breaches.cjs CHANGED
@@ -11,6 +11,8 @@ var fetchFromApi = /*#__PURE__*/require('./api/haveibeenpwned/fetch-from-api.cjs
11
11
  * @param {string} [options.baseUrl] a custom base URL for the
12
12
  * haveibeenpwned.com API endpoints (default:
13
13
  * `https://haveibeenpwned.com/api/v3`)
14
+ * @param {number} [options.timeoutMs] timeout for the request in milliseconds
15
+ * (default: none)
14
16
  * @param {string} [options.userAgent] a custom string to send as the User-Agent
15
17
  * field in the request headers (default: `hibp <version>`)
16
18
  * @returns {Promise<Breach[]>} a Promise which resolves to an array of breach
@@ -42,6 +44,7 @@ function breaches(options = {}) {
42
44
  const {
43
45
  domain,
44
46
  baseUrl,
47
+ timeoutMs,
45
48
  userAgent
46
49
  } = options;
47
50
  const endpoint = '/breaches?';
@@ -51,6 +54,7 @@ function breaches(options = {}) {
51
54
  }
52
55
  return fetchFromApi.fetchFromApi(`${endpoint}${params.join('&')}`, {
53
56
  baseUrl,
57
+ timeoutMs,
54
58
  userAgent
55
59
  });
56
60
  }
package/dist/cjs/breaches.cjs.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"breaches.cjs","sources":["../../src/breaches.ts"],"sourcesContent":["import type { Breach } from './api/haveibeenpwned/types.js';\nimport { fetchFromApi } from './api/haveibeenpwned/fetch-from-api.js';\n\n/**\n * Fetches all breach events in the system.\n *\n * @param {object} [options] a configuration object\n * @param {string} [options.domain] a domain by which to filter the results\n * (default: all domains)\n * @param {string} [options.baseUrl] a custom base URL for the\n * haveibeenpwned.com API endpoints (default:\n * `https://haveibeenpwned.com/api/v3`)\n * @param {string} [options.userAgent] a custom string to send as the User-Agent\n * field in the request headers (default: `hibp <version>`)\n * @returns {Promise<Breach[]>} a Promise which resolves to an array of breach\n * objects (an empty array if no breaches were found), or rejects with an Error\n * @example\n * try {\n * const data = await breaches();\n * if (data) {\n * // ...\n * } else {\n * // ...\n * }\n * } catch (err) {\n * // ...\n * }\n * @example\n * try {\n * const data = await breaches({ domain: \"adobe.com\" });\n * if (data) {\n * // ...\n * } else {\n * // ...\n * }\n * } catch (err) {\n * // ...\n * }\n */\nexport function breaches(\n options: {\n /**\n * a domain by which to filter the results (default: all domains)\n */\n domain?: string;\n /**\n * a custom base URL for the haveibeenpwned.com API endpoints (default:\n * `https://haveibeenpwned.com/api/v3`)\n */\n baseUrl?: string;\n /**\n * a custom string to send as the User-Agent field in the request headers\n * (default: `hibp <version>`)\n */\n userAgent?: string;\n } = {},\n): Promise<Breach[]> {\n const { domain, baseUrl, userAgent } = options;\n const endpoint = '/breaches?';\n const params: string[] = [];\n\n if (domain) {\n params.push(`domain=${encodeURIComponent(domain)}`);\n }\n\n return fetchFromApi(`${endpoint}${params.join('&')}`, {\n baseUrl,\n userAgent,\n }) as Promise<Breach[]>;\n}\n"],"names":["breaches","options","domain","baseUrl","userAgent","endpoint","params","push","encodeURIComponent","fetchFromApi","join"],"mappings":";;;;AAGA;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAmCG;AACa,SAAAA,QAAQA,CACtBC,OAAA,GAeI,EAAE,EAAA;EAEN,MAAM;IAAEC,MAAM;IAAEC,OAAO;IAAEC;EAAS,CAAE,GAAGH,OAAO;EAC9C,MAAMI,QAAQ,GAAG,YAAY;EAC7B,MAAMC,MAAM,GAAa,EAAE;EAE3B,IAAIJ,MAAM,EAAE;IACVI,MAAM,CAACC,IAAI,CAAW,UAAAC,kBAAkB,CAACN,MAAM,CAAG,EAAA,CAAC;EACpD;EAED,OAAOO,YAAY,CAAAA,YAAA,CAAI,GAAAJ,QAAW,GAAAC,MAAM,CAACI,IAAI,CAAC,GAAG,CAAC,EAAE,EAAE;IACpDP,OAAO;IACPC;EACD,CAAA,CAAsB;AACzB;"}
1
+ {"version":3,"file":"breaches.cjs","sources":["../../src/breaches.ts"],"sourcesContent":["import type { Breach } from './api/haveibeenpwned/types.js';\nimport { fetchFromApi } from './api/haveibeenpwned/fetch-from-api.js';\n\n/**\n * Fetches all breach events in the system.\n *\n * @param {object} [options] a configuration object\n * @param {string} [options.domain] a domain by which to filter the results\n * (default: all domains)\n * @param {string} [options.baseUrl] a custom base URL for the\n * haveibeenpwned.com API endpoints (default:\n * `https://haveibeenpwned.com/api/v3`)\n * @param {number} [options.timeoutMs] timeout for the request in milliseconds\n * (default: none)\n * @param {string} [options.userAgent] a custom string to send as the User-Agent\n * field in the request headers (default: `hibp <version>`)\n * @returns {Promise<Breach[]>} a Promise which resolves to an array of breach\n * objects (an empty array if no breaches were found), or rejects with an Error\n * @example\n * try {\n * const data = await breaches();\n * if (data) {\n * // ...\n * } else {\n * // ...\n * }\n * } catch (err) {\n * // ...\n * }\n * @example\n * try {\n * const data = await breaches({ domain: \"adobe.com\" });\n * if (data) {\n * // ...\n * } else {\n * // ...\n * }\n * } catch (err) {\n * // ...\n * }\n */\nexport function breaches(\n options: {\n /**\n * a domain by which to filter the results (default: all domains)\n */\n domain?: string;\n /**\n * a custom base URL for the haveibeenpwned.com API endpoints (default:\n * `https://haveibeenpwned.com/api/v3`)\n */\n baseUrl?: string;\n /**\n * timeout for the request in milliseconds (default: none)\n */\n timeoutMs?: number;\n /**\n * a custom string to send as the User-Agent field in the request headers\n * (default: `hibp <version>`)\n */\n userAgent?: string;\n } = {},\n): Promise<Breach[]> {\n const { domain, baseUrl, timeoutMs, userAgent } = options;\n const endpoint = '/breaches?';\n const params: string[] = [];\n\n if (domain) {\n params.push(`domain=${encodeURIComponent(domain)}`);\n }\n\n return fetchFromApi(`${endpoint}${params.join('&')}`, {\n baseUrl,\n timeoutMs,\n userAgent,\n }) as Promise<Breach[]>;\n}\n"],"names":["breaches","options","domain","baseUrl","timeoutMs","userAgent","endpoint","params","push","encodeURIComponent","fetchFromApi","join"],"mappings":";;;;AAGA;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAqCG;AACa,SAAAA,QAAQA,CACtBC,OAAA,GAmBI,EAAE,EAAA;EAEN,MAAM;IAAEC,MAAM;IAAEC,OAAO;IAAEC,SAAS;IAAEC;EAAS,CAAE,GAAGJ,OAAO;EACzD,MAAMK,QAAQ,GAAG,YAAY;EAC7B,MAAMC,MAAM,GAAa,EAAE;EAE3B,IAAIL,MAAM,EAAE;IACVK,MAAM,CAACC,IAAI,CAAW,UAAAC,kBAAkB,CAACP,MAAM,CAAG,EAAA,CAAC;EACpD;EAED,OAAOQ,YAAY,CAAAA,YAAA,CAAI,GAAAJ,QAAW,GAAAC,MAAM,CAACI,IAAI,CAAC,GAAG,CAAC,EAAE,EAAE;IACpDR,OAAO;IACPC,SAAS;IACTC;EACD,CAAA,CAAsB;AACzB;"}
package/dist/cjs/data-classes.cjs CHANGED
@@ -9,6 +9,8 @@ var fetchFromApi = /*#__PURE__*/require('./api/haveibeenpwned/fetch-from-api.cjs
9
9
  * @param {string} [options.baseUrl] a custom base URL for the
10
10
  * haveibeenpwned.com API endpoints (default:
11
11
  * `https://haveibeenpwned.com/api/v3`)
12
+ * @param {number} [options.timeoutMs] timeout for the request in milliseconds
13
+ * (default: none)
12
14
  * @param {string} [options.userAgent] a custom string to send as the User-Agent
13
15
  * field in the request headers (default: `hibp <version>`)
14
16
  * @returns {(Promise<string[]> | Promise<null>)} a Promise which resolves to an
package/dist/cjs/data-classes.cjs.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"data-classes.cjs","sources":["../../src/data-classes.ts"],"sourcesContent":["import { fetchFromApi } from './api/haveibeenpwned/fetch-from-api.js';\n\n/**\n * Fetches all data classes in the system.\n *\n * @param {object} [options] a configuration object\n * @param {string} [options.baseUrl] a custom base URL for the\n * haveibeenpwned.com API endpoints (default:\n * `https://haveibeenpwned.com/api/v3`)\n * @param {string} [options.userAgent] a custom string to send as the User-Agent\n * field in the request headers (default: `hibp <version>`)\n * @returns {(Promise<string[]> | Promise<null>)} a Promise which resolves to an\n * array of strings (or null if no data classes were found), or rejects with an\n * Error\n * @example\n * try {\n * const data = await dataClasses();\n * if (data) {\n * // ...\n * } else {\n * // ...\n * }\n * } catch (err) {\n * // ...\n * }\n */\nexport function dataClasses(\n options: {\n /**\n * a custom base URL for the haveibeenpwned.com API endpoints (default:\n * `https://haveibeenpwned.com/api/v3`)\n */\n baseUrl?: string;\n /**\n * a custom string to send as the User-Agent field in the request headers\n * (default: `hibp <version>`)\n */\n userAgent?: string;\n } = {},\n): Promise<string[] | null> {\n return fetchFromApi('/dataclasses', options) as Promise<string[] | null>;\n}\n"],"names":["dataClasses","options","fetchFromApi"],"mappings":";;;;AAEA;;;;;;;;;;;;;;;;;;;;;;;AAuBG;AACa,SAAAA,WAAWA,CACzBC,OAAA,GAWI,EAAE,EAAA;EAEN,OAAOC,YAAY,CAAAA,YAAA,CAAC,cAAc,EAAED,OAAO,CAA6B;AAC1E;"}
1
+ {"version":3,"file":"data-classes.cjs","sources":["../../src/data-classes.ts"],"sourcesContent":["import { fetchFromApi } from './api/haveibeenpwned/fetch-from-api.js';\n\n/**\n * Fetches all data classes in the system.\n *\n * @param {object} [options] a configuration object\n * @param {string} [options.baseUrl] a custom base URL for the\n * haveibeenpwned.com API endpoints (default:\n * `https://haveibeenpwned.com/api/v3`)\n * @param {number} [options.timeoutMs] timeout for the request in milliseconds\n * (default: none)\n * @param {string} [options.userAgent] a custom string to send as the User-Agent\n * field in the request headers (default: `hibp <version>`)\n * @returns {(Promise<string[]> | Promise<null>)} a Promise which resolves to an\n * array of strings (or null if no data classes were found), or rejects with an\n * Error\n * @example\n * try {\n * const data = await dataClasses();\n * if (data) {\n * // ...\n * } else {\n * // ...\n * }\n * } catch (err) {\n * // ...\n * }\n */\nexport function dataClasses(\n options: {\n /**\n * a custom base URL for the haveibeenpwned.com API endpoints (default:\n * `https://haveibeenpwned.com/api/v3`)\n */\n baseUrl?: string;\n /**\n * timeout for the request in milliseconds (default: none)\n */\n timeoutMs?: number;\n /**\n * a custom string to send as the User-Agent field in the request headers\n * (default: `hibp <version>`)\n */\n userAgent?: string;\n } = {},\n): Promise<string[] | null> {\n return fetchFromApi('/dataclasses', options) as Promise<string[] | null>;\n}\n"],"names":["dataClasses","options","fetchFromApi"],"mappings":";;;;AAEA;;;;;;;;;;;;;;;;;;;;;;;;;AAyBG;AACa,SAAAA,WAAWA,CACzBC,OAAA,GAeI,EAAE,EAAA;EAEN,OAAOC,YAAY,CAAAA,YAAA,CAAC,cAAc,EAAED,OAAO,CAA6B;AAC1E;"}
package/dist/cjs/hibp.d.cts CHANGED
@@ -79,6 +79,8 @@ export interface SubscriptionStatus {
79
79
  * @param {string} [options.baseUrl] a custom base URL for the
80
80
  * haveibeenpwned.com API endpoints (default:
81
81
  * `https://haveibeenpwned.com/api/v3`)
82
+ * @param {number} [options.timeoutMs] timeout for the request in milliseconds
83
+ * (default: none)
82
84
  * @param {string} [options.userAgent] a custom string to send as the User-Agent
83
85
  * field in the request headers (default: `hibp <version>`)
84
86
  * @returns {(Promise<Breach>|Promise<null>)} a Promise which resolves to an
@@ -102,6 +104,10 @@ export declare function breach(breachName: string, options?: {
102
104
  * `https://haveibeenpwned.com/api/v3`)
103
105
  */
104
106
  baseUrl?: string;
107
+ /**
108
+ * timeout for the request in milliseconds (default: none)
109
+ */
110
+ timeoutMs?: number;
105
111
  /**
106
112
  * a custom string to send as the User-Agent field in the request headers
107
113
  * (default: `hibp <version>`)
@@ -125,6 +131,8 @@ export declare function breach(breachName: string, options?: {
125
131
  * (default: all domains)
126
132
  * @param {boolean} [options.includeUnverified] include "unverified" breaches in
127
133
  * the results (default: true)
134
+ * @param {number} [options.timeoutMs] timeout for the request in milliseconds
135
+ * (default: none)
128
136
  * @param {boolean} [options.truncate] truncate the results to only include
129
137
  * the name of each breach (default: true)
130
138
  * @param {string} [options.baseUrl] a custom base URL for the
@@ -190,6 +198,10 @@ export declare function breachedAccount(account: string, options?: {
190
198
  * include "unverified" breaches in the results (default: true)
191
199
  */
192
200
  includeUnverified?: boolean;
201
+ /**
202
+ * timeout for the request in milliseconds (default: none)
203
+ */
204
+ timeoutMs?: number;
193
205
  /**
194
206
  * truncate the results to only include the name of each breach (default:
195
207
  * true)
@@ -215,6 +227,8 @@ export declare function breachedAccount(account: string, options?: {
215
227
  * @param {string} [options.baseUrl] a custom base URL for the
216
228
  * haveibeenpwned.com API endpoints (default:
217
229
  * `https://haveibeenpwned.com/api/v3`)
230
+ * @param {number} [options.timeoutMs] timeout for the request in milliseconds
231
+ * (default: none)
218
232
  * @param {string} [options.userAgent] a custom string to send as the User-Agent
219
233
  * field in the request headers (default: `hibp <version>`)
220
234
  * @returns {Promise<Breach[]>} a Promise which resolves to an array of breach
@@ -252,6 +266,10 @@ export declare function breaches(options?: {
252
266
  * `https://haveibeenpwned.com/api/v3`)
253
267
  */
254
268
  baseUrl?: string;
269
+ /**
270
+ * timeout for the request in milliseconds (default: none)
271
+ */
272
+ timeoutMs?: number;
255
273
  /**
256
274
  * a custom string to send as the User-Agent field in the request headers
257
275
  * (default: `hibp <version>`)
@@ -265,6 +283,8 @@ export declare function breaches(options?: {
265
283
  * @param {string} [options.baseUrl] a custom base URL for the
266
284
  * haveibeenpwned.com API endpoints (default:
267
285
  * `https://haveibeenpwned.com/api/v3`)
286
+ * @param {number} [options.timeoutMs] timeout for the request in milliseconds
287
+ * (default: none)
268
288
  * @param {string} [options.userAgent] a custom string to send as the User-Agent
269
289
  * field in the request headers (default: `hibp <version>`)
270
290
  * @returns {(Promise<string[]> | Promise<null>)} a Promise which resolves to an
@@ -288,6 +308,10 @@ export declare function dataClasses(options?: {
288
308
  * `https://haveibeenpwned.com/api/v3`)
289
309
  */
290
310
  baseUrl?: string;
311
+ /**
312
+ * timeout for the request in milliseconds (default: none)
313
+ */
314
+ timeoutMs?: number;
291
315
  /**
292
316
  * a custom string to send as the User-Agent field in the request headers
293
317
  * (default: `hibp <version>`)
@@ -320,6 +344,8 @@ export declare function dataClasses(options?: {
320
344
  * @param {string} [options.baseUrl] a custom base URL for the
321
345
  * haveibeenpwned.com API endpoints (default:
322
346
  * `https://haveibeenpwned.com/api/v3`)
347
+ * @param {number} [options.timeoutMs] timeout for the request in milliseconds
348
+ * (default: none)
323
349
  * @param {string} [options.userAgent] a custom string to send as the User-Agent
324
350
  * field in the request headers (default: `hibp <version>`)
325
351
  * @returns {(Promise<Paste[]> | Promise<null>)} a Promise which resolves to an
@@ -360,6 +386,10 @@ export declare function pasteAccount(email: string, options?: {
360
386
  * `https://haveibeenpwned.com/api/v3`)
361
387
  */
362
388
  baseUrl?: string;
389
+ /**
390
+ * timeout for the request in milliseconds (default: none)
391
+ */
392
+ timeoutMs?: number;
363
393
  /**
364
394
  * a custom string to send as the User-Agent field in the request headers
365
395
  * (default: `hibp <version>`)
@@ -377,6 +407,8 @@ export declare function pasteAccount(email: string, options?: {
377
407
  * the response to obscure the password prefix (default: `false`)
378
408
  * @param {string} [options.baseUrl] a custom base URL for the
379
409
  * pwnedpasswords.com API endpoints (default: `https://api.pwnedpasswords.com`)
410
+ * @param {number} [options.timeoutMs] timeout for the request in milliseconds
411
+ * (default: none)
380
412
  * @param {string} [options.userAgent] a custom string to send as the User-Agent
381
413
  * field in the request headers (default: `hibp <version>`)
382
414
  * @returns {Promise<number>} a Promise which resolves to the number of times
@@ -406,6 +438,10 @@ export declare function pwnedPassword(password: string, options?: {
406
438
  * `https://haveibeenpwned.com/api/v3`)
407
439
  */
408
440
  baseUrl?: string;
441
+ /**
442
+ * timeout for the request in milliseconds (default: none)
443
+ */
444
+ timeoutMs?: number;
409
445
  /**
410
446
  * a custom string to send as the User-Agent field in the request headers
411
447
  * (default: `hibp <version>`)
@@ -438,6 +474,8 @@ export type PwnedPasswordSuffixes = Record<string, number>;
438
474
  * (default: `sha1`)
439
475
  * @param {string} [options.baseUrl] a custom base URL for the
440
476
  * pwnedpasswords.com API endpoints (default: `https://api.pwnedpasswords.com`)
477
+ * @param {number} [options.timeoutMs] timeout for the request in milliseconds
478
+ * (default: none)
441
479
  * @param {string} [options.userAgent] a custom string to send as the User-Agent
442
480
  * field in the request headers (default: `hibp <version>`)
443
481
  * @returns {Promise<PwnedPasswordSuffixes>} a Promise which resolves to an
@@ -482,6 +520,10 @@ export declare function pwnedPasswordRange(prefix: string, options?: {
482
520
  * `https://haveibeenpwned.com/api/v3`)
483
521
  */
484
522
  baseUrl?: string;
523
+ /**
524
+ * timeout for the request in milliseconds (default: none)
525
+ */
526
+ timeoutMs?: number;
485
527
  /**
486
528
  * a custom string to send as the User-Agent field in the request headers
487
529
  * (default: `hibp <version>`)
@@ -525,6 +567,8 @@ export interface SearchResults {
525
567
  * @param {string} [options.baseUrl] a custom base URL for the
526
568
  * haveibeenpwned.com API endpoints (default:
527
569
  * `https://haveibeenpwned.com/api/v3`)
570
+ * @param {number} [options.timeoutMs] timeout for the request in milliseconds
571
+ * (default: none)
528
572
  * @param {string} [options.userAgent] a custom string to send as the
529
573
  * User-Agent field in the request headers (default: `hibp <version>`)
530
574
  * @returns {Promise<SearchResults>} a Promise which resolves to an object
@@ -577,6 +621,10 @@ export declare function search(account: string, options?: {
577
621
  * `https://haveibeenpwned.com/api/v3`)
578
622
  */
579
623
  baseUrl?: string;
624
+ /**
625
+ * timeout for the request in milliseconds (default: none)
626
+ */
627
+ timeoutMs?: number;
580
628
  /**
581
629
  * a custom string to send as the User-Agent field in the request headers
582
630
  * (default: `hibp <version>`)
@@ -608,6 +656,8 @@ export declare function search(account: string, options?: {
608
656
  * @param {string} [options.baseUrl] a custom base URL for the
609
657
  * haveibeenpwned.com API endpoints (default:
610
658
  * `https://haveibeenpwned.com/api/v3`)
659
+ * @param {number} [options.timeoutMs] timeout for the request in milliseconds
660
+ * (default: none)
611
661
  * @param {string} [options.userAgent] a custom string to send as the User-Agent
612
662
  * field in the request headers (default: `hibp <version>`)
613
663
  * @returns {Promise<SubscriptionStatus>} a Promise which resolves to a
@@ -639,6 +689,10 @@ export declare function subscriptionStatus(options?: {
639
689
  * `https://haveibeenpwned.com/api/v3`)
640
690
  */
641
691
  baseUrl?: string;
692
+ /**
693
+ * timeout for the request in milliseconds (default: none)
694
+ */
695
+ timeoutMs?: number;
642
696
  /**
643
697
  * a custom string to send as the User-Agent field in the request headers
644
698
  * (default: `hibp <version>`)
package/dist/cjs/package.json.cjs CHANGED
@@ -1,7 +1,7 @@
1
1
  'use strict';
2
2
 
3
3
  const name = "hibp";
4
- const version = "0.0.0-dev.d74e2ad2";
4
+ const version = "0.0.0-dev.eda2c27a";
5
5
  exports.name = name;
6
6
  exports.version = version;
7
7
  //# sourceMappingURL=package.json.cjs.map
package/dist/cjs/paste-account.cjs CHANGED
@@ -28,6 +28,8 @@ var fetchFromApi = /*#__PURE__*/require('./api/haveibeenpwned/fetch-from-api.cjs
28
28
  * @param {string} [options.baseUrl] a custom base URL for the
29
29
  * haveibeenpwned.com API endpoints (default:
30
30
  * `https://haveibeenpwned.com/api/v3`)
31
+ * @param {number} [options.timeoutMs] timeout for the request in milliseconds
32
+ * (default: none)
31
33
  * @param {string} [options.userAgent] a custom string to send as the User-Agent
32
34
  * field in the request headers (default: `hibp <version>`)
33
35
  * @returns {(Promise<Paste[]> | Promise<null>)} a Promise which resolves to an
package/dist/cjs/paste-account.cjs.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"paste-account.cjs","sources":["../../src/paste-account.ts"],"sourcesContent":["import type { Paste } from './api/haveibeenpwned/types.js';\nimport { fetchFromApi } from './api/haveibeenpwned/fetch-from-api.js';\n\n/**\n * An object representing a paste.\n *\n * @typedef {object} Paste\n * @property {string} Id\n * @property {string} Source\n * @property {string} Title\n * @property {string} Date\n * @property {number} EmailCount\n */\n\n/**\n * Fetches paste data for a specific account (email address).\n *\n * 🔑 `haveibeenpwned.com` requires an API key from\n * https://haveibeenpwned.com/API/Key for the `pasteaccount` endpoint. The\n * `apiKey` option here is not explicitly required, but direct requests made\n * without it will fail (unless you specify a `baseUrl` to a proxy that inserts\n * a valid API key on your behalf).\n *\n * @param {string} email the email address to query\n * @param {object} [options] a configuration object\n * @param {string} [options.apiKey] an API key from\n * https://haveibeenpwned.com/API/Key (default: undefined)\n * @param {string} [options.baseUrl] a custom base URL for the\n * haveibeenpwned.com API endpoints (default:\n * `https://haveibeenpwned.com/api/v3`)\n * @param {string} [options.userAgent] a custom string to send as the User-Agent\n * field in the request headers (default: `hibp <version>`)\n * @returns {(Promise<Paste[]> | Promise<null>)} a Promise which resolves to an\n * array of paste objects (or null if no pastes were found), or rejects with an\n * Error\n * @example\n * try {\n * const data = await pasteAccount(\"foo@bar.com\", { apiKey: \"my-api-key\" });\n * if (data) {\n * // ...\n * } else {\n * // ...\n * }\n * } catch (err) {\n * // ...\n * }\n * @example\n * try {\n * const data = await pasteAccount(\"foo@bar.com\", {\n * baseUrl: \"https://my-hibp-proxy:8080\",\n * });\n * if (data) {\n * // ...\n * } else {\n * // ...\n * }\n * } catch (err) {\n * // ...\n * }\n */\nexport function pasteAccount(\n email: string,\n options: {\n /**\n * an API key from https://haveibeenpwned.com/API/Key (default: undefined)\n */\n apiKey?: string;\n /**\n * a custom base URL for the haveibeenpwned.com API endpoints (default:\n * `https://haveibeenpwned.com/api/v3`)\n */\n baseUrl?: string;\n /**\n * a custom string to send as the User-Agent field in the request headers\n * (default: `hibp <version>`)\n */\n userAgent?: string;\n } = {},\n): Promise<Paste[] | null> {\n return fetchFromApi(\n `/pasteaccount/${encodeURIComponent(email)}`,\n options,\n ) as Promise<Paste[] | null>;\n}\n"],"names":["pasteAccount","email","options","fetchFromApi","encodeURIComponent"],"mappings":";;;;AAGA;;;;;;;;;AASG;AAEH;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AA6CG;SACaA,YAAYA,CAC1BC,KAAa,EACbC,UAeI,EAAE,EAAA;EAEN,OAAOC,YAAAA,CAAAA,YAAY,CACjB,iBAAiBC,kBAAkB,CAACH,KAAK,CAAG,EAAA,EAC5CC,OAAO,CACmB;AAC9B;"}
1
+ {"version":3,"file":"paste-account.cjs","sources":["../../src/paste-account.ts"],"sourcesContent":["import type { Paste } from './api/haveibeenpwned/types.js';\nimport { fetchFromApi } from './api/haveibeenpwned/fetch-from-api.js';\n\n/**\n * An object representing a paste.\n *\n * @typedef {object} Paste\n * @property {string} Id\n * @property {string} Source\n * @property {string} Title\n * @property {string} Date\n * @property {number} EmailCount\n */\n\n/**\n * Fetches paste data for a specific account (email address).\n *\n * 🔑 `haveibeenpwned.com` requires an API key from\n * https://haveibeenpwned.com/API/Key for the `pasteaccount` endpoint. The\n * `apiKey` option here is not explicitly required, but direct requests made\n * without it will fail (unless you specify a `baseUrl` to a proxy that inserts\n * a valid API key on your behalf).\n *\n * @param {string} email the email address to query\n * @param {object} [options] a configuration object\n * @param {string} [options.apiKey] an API key from\n * https://haveibeenpwned.com/API/Key (default: undefined)\n * @param {string} [options.baseUrl] a custom base URL for the\n * haveibeenpwned.com API endpoints (default:\n * `https://haveibeenpwned.com/api/v3`)\n * @param {number} [options.timeoutMs] timeout for the request in milliseconds\n * (default: none)\n * @param {string} [options.userAgent] a custom string to send as the User-Agent\n * field in the request headers (default: `hibp <version>`)\n * @returns {(Promise<Paste[]> | Promise<null>)} a Promise which resolves to an\n * array of paste objects (or null if no pastes were found), or rejects with an\n * Error\n * @example\n * try {\n * const data = await pasteAccount(\"foo@bar.com\", { apiKey: \"my-api-key\" });\n * if (data) {\n * // ...\n * } else {\n * // ...\n * }\n * } catch (err) {\n * // ...\n * }\n * @example\n * try {\n * const data = await pasteAccount(\"foo@bar.com\", {\n * baseUrl: \"https://my-hibp-proxy:8080\",\n * });\n * if (data) {\n * // ...\n * } else {\n * // ...\n * }\n * } catch (err) {\n * // ...\n * }\n */\nexport function pasteAccount(\n email: string,\n options: {\n /**\n * an API key from https://haveibeenpwned.com/API/Key (default: undefined)\n */\n apiKey?: string;\n /**\n * a custom base URL for the haveibeenpwned.com API endpoints (default:\n * `https://haveibeenpwned.com/api/v3`)\n */\n baseUrl?: string;\n /**\n * timeout for the request in milliseconds (default: none)\n */\n timeoutMs?: number;\n /**\n * a custom string to send as the User-Agent field in the request headers\n * (default: `hibp <version>`)\n */\n userAgent?: string;\n } = {},\n): Promise<Paste[] | null> {\n return fetchFromApi(\n `/pasteaccount/${encodeURIComponent(email)}`,\n options,\n ) as Promise<Paste[] | null>;\n}\n"],"names":["pasteAccount","email","options","fetchFromApi","encodeURIComponent"],"mappings":";;;;AAGA;;;;;;;;;AASG;AAEH;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AA+CG;SACaA,YAAYA,CAC1BC,KAAa,EACbC,UAmBI,EAAE,EAAA;EAEN,OAAOC,YAAAA,CAAAA,YAAY,CACjB,iBAAiBC,kBAAkB,CAACH,KAAK,CAAG,EAAA,EAC5CC,OAAO,CACmB;AAC9B;"}
package/dist/cjs/pwned-password-range.cjs CHANGED
@@ -27,6 +27,8 @@ var fetchFromApi = /*#__PURE__*/require('./api/pwnedpasswords/fetch-from-api.cjs
27
27
  * (default: `sha1`)
28
28
  * @param {string} [options.baseUrl] a custom base URL for the
29
29
  * pwnedpasswords.com API endpoints (default: `https://api.pwnedpasswords.com`)
30
+ * @param {number} [options.timeoutMs] timeout for the request in milliseconds
31
+ * (default: none)
30
32
  * @param {string} [options.userAgent] a custom string to send as the User-Agent
31
33
  * field in the request headers (default: `hibp <version>`)
32
34
  * @returns {Promise<PwnedPasswordSuffixes>} a Promise which resolves to an
@@ -59,12 +61,14 @@ var fetchFromApi = /*#__PURE__*/require('./api/pwnedpasswords/fetch-from-api.cjs
59
61
  async function pwnedPasswordRange(prefix, options = {}) {
60
62
  const {
61
63
  baseUrl,
64
+ timeoutMs,
62
65
  userAgent,
63
66
  addPadding = false,
64
67
  mode = 'sha1'
65
68
  } = options;
66
69
  const data = await fetchFromApi.fetchFromApi(`/range/${encodeURIComponent(prefix)}`, {
67
70
  baseUrl,
71
+ timeoutMs,
68
72
  userAgent,
69
73
  addPadding,
70
74
  mode
package/dist/cjs/pwned-password-range.cjs.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"pwned-password-range.cjs","sources":["../../src/pwned-password-range.ts"],"sourcesContent":["import { fetchFromApi } from './api/pwnedpasswords/fetch-from-api.js';\n\nexport type PwnedPasswordSuffixes = Record<string, number>;\n\n/**\n * An object mapping an exposed password hash suffix (corresponding to a given\n * hash prefix) to how many times it occurred in the Pwned Passwords repository.\n *\n * @typedef {Object.<string, number>} PwnedPasswordSuffixes\n */\n\n/**\n * Fetches the SHA-1 or NTLM hash suffixes for the given 5-character hash\n * prefix.\n *\n * When a password hash with the same first 5 characters is found in the Pwned\n * Passwords repository, the API will respond with an HTTP 200 and include the\n * suffix of every hash beginning with the specified prefix, followed by a count\n * of how many times it appears in the data set. This function parses the\n * response and returns a more structured format.\n *\n * @param {string} prefix the first 5 characters of a password hash (case\n * insensitive)\n * @param {object} [options] a configuration object\n * @param {boolean} [options.addPadding] ask the remote API to add padding to\n * the response to obscure the password prefix (default: `false`)\n * @param {'sha1' | 'ntlm'} [options.mode] return SHA-1 or NTLM hashes\n * (default: `sha1`)\n * @param {string} [options.baseUrl] a custom base URL for the\n * pwnedpasswords.com API endpoints (default: `https://api.pwnedpasswords.com`)\n * @param {string} [options.userAgent] a custom string to send as the User-Agent\n * field in the request headers (default: `hibp <version>`)\n * @returns {Promise<PwnedPasswordSuffixes>} a Promise which resolves to an\n * object mapping the `suffix` that when matched with the prefix composes the\n * complete hash, to the `count` of how many times it appears in the breached\n * password data set, or rejects with an Error\n *\n * @example\n * try {\n * const results = await pwnedPasswordRange(\"5BAA6\");\n * // results will have the following shape:\n * // {\n * // \"003D68EB55068C33ACE09247EE4C639306B\": 3,\n * // \"012C192B2F16F82EA0EB9EF18D9D539B0DD\": 1,\n * // ...\n * // }\n * } catch (err) {\n * // ...\n * }\n * @example\n * try {\n * const suffix = \"1E4C9B93F3F0682250B6CF8331B7EE68FD8\";\n * const results = await pwnedPasswordRange(\"5BAA6\");\n * const numPwns = results[suffix] || 0;\n * } catch (err) {\n * // ...\n * }\n * @see https://haveibeenpwned.com/api/v3#SearchingPwnedPasswordsByRange\n */\nexport async function pwnedPasswordRange(\n prefix: string,\n options: {\n /**\n * ask the remote API to add padding to the response to obscure the password\n * prefix (default: `false`)\n */\n addPadding?: boolean;\n /**\n * return SHA-1 or NTLM hashes (default: `sha1`)\n */\n mode?: 'sha1' | 'ntlm';\n /**\n * a custom base URL for the haveibeenpwned.com API endpoints (default:\n * `https://haveibeenpwned.com/api/v3`)\n */\n baseUrl?: string;\n /**\n * a custom string to send as the User-Agent field in the request headers\n * (default: `hibp <version>`)\n */\n userAgent?: string;\n } = {},\n): Promise<PwnedPasswordSuffixes> {\n const { baseUrl, userAgent, addPadding = false, mode = 'sha1' } = options;\n\n const data = await fetchFromApi(`/range/${encodeURIComponent(prefix)}`, {\n baseUrl,\n userAgent,\n addPadding,\n mode,\n });\n\n // create array from lines of text in response body\n const results = data.split('\\n').filter(Boolean);\n\n // convert into an object mapping suffix to count for each line\n return results.reduce<PwnedPasswordSuffixes>((acc, row) => {\n const [suffix, countString] = row.split(':');\n acc[suffix] = Number.parseInt(countString, 10);\n return acc;\n }, {});\n}\n"],"names":["pwnedPasswordRange","prefix","options","baseUrl","userAgent","addPadding","mode","data","fetchFromApi","encodeURIComponent","results","split","filter","Boolean","reduce","acc","row","suffix","countString","Number","parseInt"],"mappings":";;;;AAIA;;;;;AAKG;AAEH;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AA+CG;AACI,eAAeA,kBAAkBA,CACtCC,MAAc,EACdC,UAoBI,EAAE,EAAA;EAEN,MAAM;IAAEC,OAAO;IAAEC,SAAS;IAAEC,UAAU,GAAG,KAAK;IAAEC,IAAI,GAAG;EAAQ,CAAA,GAAGJ,OAAO;EAEzE,MAAMK,IAAI,GAAG,MAAMC,yBAAY,CAAW,UAAAC,kBAAkB,CAACR,MAAM,CAAC,EAAE,EAAE;IACtEE,OAAO;IACPC,SAAS;IACTC,UAAU;IACVC;EACD,CAAA,CAAC;;EAGF,MAAMI,OAAO,GAAGH,IAAI,CAACI,KAAK,CAAC,IAAI,CAAC,CAACC,MAAM,CAACC,OAAO,CAAC;;EAGhD,OAAOH,OAAO,CAACI,MAAM,CAAwB,CAACC,GAAG,EAAEC,GAAG,KAAI;IACxD,MAAM,CAACC,MAAM,EAAEC,WAAW,CAAC,GAAGF,GAAG,CAACL,KAAK,CAAC,GAAG,CAAC;IAC5CI,GAAG,CAACE,MAAM,CAAC,GAAGE,MAAM,CAACC,QAAQ,CAACF,WAAW,EAAE,EAAE,CAAC;IAC9C,OAAOH,GAAG;EACX,CAAA,EAAE,CAAE,CAAA,CAAC;AACR;"}
1
+ {"version":3,"file":"pwned-password-range.cjs","sources":["../../src/pwned-password-range.ts"],"sourcesContent":["import { fetchFromApi } from './api/pwnedpasswords/fetch-from-api.js';\n\nexport type PwnedPasswordSuffixes = Record<string, number>;\n\n/**\n * An object mapping an exposed password hash suffix (corresponding to a given\n * hash prefix) to how many times it occurred in the Pwned Passwords repository.\n *\n * @typedef {Object.<string, number>} PwnedPasswordSuffixes\n */\n\n/**\n * Fetches the SHA-1 or NTLM hash suffixes for the given 5-character hash\n * prefix.\n *\n * When a password hash with the same first 5 characters is found in the Pwned\n * Passwords repository, the API will respond with an HTTP 200 and include the\n * suffix of every hash beginning with the specified prefix, followed by a count\n * of how many times it appears in the data set. This function parses the\n * response and returns a more structured format.\n *\n * @param {string} prefix the first 5 characters of a password hash (case\n * insensitive)\n * @param {object} [options] a configuration object\n * @param {boolean} [options.addPadding] ask the remote API to add padding to\n * the response to obscure the password prefix (default: `false`)\n * @param {'sha1' | 'ntlm'} [options.mode] return SHA-1 or NTLM hashes\n * (default: `sha1`)\n * @param {string} [options.baseUrl] a custom base URL for the\n * pwnedpasswords.com API endpoints (default: `https://api.pwnedpasswords.com`)\n * @param {number} [options.timeoutMs] timeout for the request in milliseconds\n * (default: none)\n * @param {string} [options.userAgent] a custom string to send as the User-Agent\n * field in the request headers (default: `hibp <version>`)\n * @returns {Promise<PwnedPasswordSuffixes>} a Promise which resolves to an\n * object mapping the `suffix` that when matched with the prefix composes the\n * complete hash, to the `count` of how many times it appears in the breached\n * password data set, or rejects with an Error\n *\n * @example\n * try {\n * const results = await pwnedPasswordRange(\"5BAA6\");\n * // results will have the following shape:\n * // {\n * // \"003D68EB55068C33ACE09247EE4C639306B\": 3,\n * // \"012C192B2F16F82EA0EB9EF18D9D539B0DD\": 1,\n * // ...\n * // }\n * } catch (err) {\n * // ...\n * }\n * @example\n * try {\n * const suffix = \"1E4C9B93F3F0682250B6CF8331B7EE68FD8\";\n * const results = await pwnedPasswordRange(\"5BAA6\");\n * const numPwns = results[suffix] || 0;\n * } catch (err) {\n * // ...\n * }\n * @see https://haveibeenpwned.com/api/v3#SearchingPwnedPasswordsByRange\n */\nexport async function pwnedPasswordRange(\n prefix: string,\n options: {\n /**\n * ask the remote API to add padding to the response to obscure the password\n * prefix (default: `false`)\n */\n addPadding?: boolean;\n /**\n * return SHA-1 or NTLM hashes (default: `sha1`)\n */\n mode?: 'sha1' | 'ntlm';\n /**\n * a custom base URL for the haveibeenpwned.com API endpoints (default:\n * `https://haveibeenpwned.com/api/v3`)\n */\n baseUrl?: string;\n /**\n * timeout for the request in milliseconds (default: none)\n */\n timeoutMs?: number;\n /**\n * a custom string to send as the User-Agent field in the request headers\n * (default: `hibp <version>`)\n */\n userAgent?: string;\n } = {},\n): Promise<PwnedPasswordSuffixes> {\n const {\n baseUrl,\n timeoutMs,\n userAgent,\n addPadding = false,\n mode = 'sha1',\n } = options;\n\n const data = await fetchFromApi(`/range/${encodeURIComponent(prefix)}`, {\n baseUrl,\n timeoutMs,\n userAgent,\n addPadding,\n mode,\n });\n\n // create array from lines of text in response body\n const results = data.split('\\n').filter(Boolean);\n\n // convert into an object mapping suffix to count for each line\n return results.reduce<PwnedPasswordSuffixes>((acc, row) => {\n const [suffix, countString] = row.split(':');\n acc[suffix] = Number.parseInt(countString, 10);\n return acc;\n }, {});\n}\n"],"names":["pwnedPasswordRange","prefix","options","baseUrl","timeoutMs","userAgent","addPadding","mode","data","fetchFromApi","encodeURIComponent","results","split","filter","Boolean","reduce","acc","row","suffix","countString","Number","parseInt"],"mappings":";;;;AAIA;;;;;AAKG;AAEH;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAiDG;AACI,eAAeA,kBAAkBA,CACtCC,MAAc,EACdC,UAwBI,EAAE,EAAA;EAEN,MAAM;IACJC,OAAO;IACPC,SAAS;IACTC,SAAS;IACTC,UAAU,GAAG,KAAK;IAClBC,IAAI,GAAG;EACR,CAAA,GAAGL,OAAO;EAEX,MAAMM,IAAI,GAAG,MAAMC,yBAAY,CAAW,UAAAC,kBAAkB,CAACT,MAAM,CAAC,EAAE,EAAE;IACtEE,OAAO;IACPC,SAAS;IACTC,SAAS;IACTC,UAAU;IACVC;EACD,CAAA,CAAC;;EAGF,MAAMI,OAAO,GAAGH,IAAI,CAACI,KAAK,CAAC,IAAI,CAAC,CAACC,MAAM,CAACC,OAAO,CAAC;;EAGhD,OAAOH,OAAO,CAACI,MAAM,CAAwB,CAACC,GAAG,EAAEC,GAAG,KAAI;IACxD,MAAM,CAACC,MAAM,EAAEC,WAAW,CAAC,GAAGF,GAAG,CAACL,KAAK,CAAC,GAAG,CAAC;IAC5CI,GAAG,CAACE,MAAM,CAAC,GAAGE,MAAM,CAACC,QAAQ,CAACF,WAAW,EAAE,EAAE,CAAC;IAC9C,OAAOH,GAAG;EACX,CAAA,EAAE,CAAE,CAAA,CAAC;AACR;"}
package/dist/cjs/pwned-password.cjs CHANGED
@@ -14,6 +14,8 @@ var pwnedPasswordRange = /*#__PURE__*/require('./pwned-password-range.cjs');
14
14
  * the response to obscure the password prefix (default: `false`)
15
15
  * @param {string} [options.baseUrl] a custom base URL for the
16
16
  * pwnedpasswords.com API endpoints (default: `https://api.pwnedpasswords.com`)
17
+ * @param {number} [options.timeoutMs] timeout for the request in milliseconds
18
+ * (default: none)
17
19
  * @param {string} [options.userAgent] a custom string to send as the User-Agent
18
20
  * field in the request headers (default: `hibp <version>`)
19
21
  * @returns {Promise<number>} a Promise which resolves to the number of times
package/dist/cjs/pwned-password.cjs.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"pwned-password.cjs","sources":["../../src/pwned-password.ts"],"sourcesContent":["import JSSHA from 'jssha/dist/sha1';\nimport { pwnedPasswordRange } from './pwned-password-range.js';\n\n/**\n * Fetches the number of times the the given password has been exposed in a\n * breach (0 indicating no exposure). The password is given in plain text, but\n * only the first 5 characters of its SHA-1 hash will be submitted to the API.\n *\n * @param {string} password a password in plain text\n * @param {object} [options] a configuration object\n * @param {boolean} [options.addPadding] ask the remote API to add padding to\n * the response to obscure the password prefix (default: `false`)\n * @param {string} [options.baseUrl] a custom base URL for the\n * pwnedpasswords.com API endpoints (default: `https://api.pwnedpasswords.com`)\n * @param {string} [options.userAgent] a custom string to send as the User-Agent\n * field in the request headers (default: `hibp <version>`)\n * @returns {Promise<number>} a Promise which resolves to the number of times\n * the password has been exposed in a breach, or rejects with an Error\n * @example\n * try {\n * const numPwns = await pwnedPassword(\"f00b4r\");\n * // truthy check or numeric condition\n * if (numPwns) {\n * // ...\n * } else {\n * // ...\n * }\n * } catch (err) {\n * // ...\n * }\n * @see https://haveibeenpwned.com/api/v3#PwnedPasswords\n */\nexport async function pwnedPassword(\n password: string,\n options: {\n /**\n * ask the remote API to add padding to the response to obscure the password\n * prefix (default: `false`)\n */\n addPadding?: boolean;\n /**\n * a custom base URL for the haveibeenpwned.com API endpoints (default:\n * `https://haveibeenpwned.com/api/v3`)\n */\n baseUrl?: string;\n /**\n * a custom string to send as the User-Agent field in the request headers\n * (default: `hibp <version>`)\n */\n userAgent?: string;\n } = {},\n): Promise<number> {\n /* eslint-disable */\n // @ts-expect-error: JSSHA types are busted\n const sha1 = new JSSHA('SHA-1', 'TEXT');\n sha1.update(password);\n const hash = sha1.getHash('HEX', { outputUpper: true });\n const prefix = hash.slice(0, 5);\n const suffix = hash.slice(5);\n\n const range = await pwnedPasswordRange(prefix, options);\n return range[suffix] || 0;\n /* eslint-enable */\n}\n"],"names":["pwnedPassword","password","options","sha1","JSSHA","update","hash","getHash","outputUpper","prefix","slice","suffix","range","pwnedPasswordRange"],"mappings":";;;;;AAGA;;;;;;;;;;;;;;;;;;;;;;;;;;;;AA4BG;AACI,eAAeA,aAAaA,CACjCC,QAAgB,EAChBC,UAgBI,EAAE,EAAA;;;EAIN,MAAMC,IAAI,GAAG,IAAIC,KAAK,CAAC,OAAO,EAAE,MAAM,CAAC;EACvCD,IAAI,CAACE,MAAM,CAACJ,QAAQ,CAAC;EACrB,MAAMK,IAAI,GAAGH,IAAI,CAACI,OAAO,CAAC,KAAK,EAAE;IAAEC,WAAW,EAAE;EAAI,CAAE,CAAC;EACvD,MAAMC,MAAM,GAAGH,IAAI,CAACI,KAAK,CAAC,CAAC,EAAE,CAAC,CAAC;EAC/B,MAAMC,MAAM,GAAGL,IAAI,CAACI,KAAK,CAAC,CAAC,CAAC;EAE5B,MAAME,KAAK,GAAG,MAAMC,kBAAAA,CAAAA,kBAAkB,CAACJ,MAAM,EAAEP,OAAO,CAAC;EACvD,OAAOU,KAAK,CAACD,MAAM,CAAC,IAAI,CAAC;;AAE3B;"}
1
+ {"version":3,"file":"pwned-password.cjs","sources":["../../src/pwned-password.ts"],"sourcesContent":["import JSSHA from 'jssha/dist/sha1';\nimport { pwnedPasswordRange } from './pwned-password-range.js';\n\n/**\n * Fetches the number of times the the given password has been exposed in a\n * breach (0 indicating no exposure). The password is given in plain text, but\n * only the first 5 characters of its SHA-1 hash will be submitted to the API.\n *\n * @param {string} password a password in plain text\n * @param {object} [options] a configuration object\n * @param {boolean} [options.addPadding] ask the remote API to add padding to\n * the response to obscure the password prefix (default: `false`)\n * @param {string} [options.baseUrl] a custom base URL for the\n * pwnedpasswords.com API endpoints (default: `https://api.pwnedpasswords.com`)\n * @param {number} [options.timeoutMs] timeout for the request in milliseconds\n * (default: none)\n * @param {string} [options.userAgent] a custom string to send as the User-Agent\n * field in the request headers (default: `hibp <version>`)\n * @returns {Promise<number>} a Promise which resolves to the number of times\n * the password has been exposed in a breach, or rejects with an Error\n * @example\n * try {\n * const numPwns = await pwnedPassword(\"f00b4r\");\n * // truthy check or numeric condition\n * if (numPwns) {\n * // ...\n * } else {\n * // ...\n * }\n * } catch (err) {\n * // ...\n * }\n * @see https://haveibeenpwned.com/api/v3#PwnedPasswords\n */\nexport async function pwnedPassword(\n password: string,\n options: {\n /**\n * ask the remote API to add padding to the response to obscure the password\n * prefix (default: `false`)\n */\n addPadding?: boolean;\n /**\n * a custom base URL for the haveibeenpwned.com API endpoints (default:\n * `https://haveibeenpwned.com/api/v3`)\n */\n baseUrl?: string;\n /**\n * timeout for the request in milliseconds (default: none)\n */\n timeoutMs?: number;\n /**\n * a custom string to send as the User-Agent field in the request headers\n * (default: `hibp <version>`)\n */\n userAgent?: string;\n } = {},\n): Promise<number> {\n /* eslint-disable */\n // @ts-expect-error: JSSHA types are busted\n const sha1 = new JSSHA('SHA-1', 'TEXT');\n sha1.update(password);\n const hash = sha1.getHash('HEX', { outputUpper: true });\n const prefix = hash.slice(0, 5);\n const suffix = hash.slice(5);\n\n const range = await pwnedPasswordRange(prefix, options);\n return range[suffix] || 0;\n /* eslint-enable */\n}\n"],"names":["pwnedPassword","password","options","sha1","JSSHA","update","hash","getHash","outputUpper","prefix","slice","suffix","range","pwnedPasswordRange"],"mappings":";;;;;AAGA;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AA8BG;AACI,eAAeA,aAAaA,CACjCC,QAAgB,EAChBC,UAoBI,EAAE,EAAA;;;EAIN,MAAMC,IAAI,GAAG,IAAIC,KAAK,CAAC,OAAO,EAAE,MAAM,CAAC;EACvCD,IAAI,CAACE,MAAM,CAACJ,QAAQ,CAAC;EACrB,MAAMK,IAAI,GAAGH,IAAI,CAACI,OAAO,CAAC,KAAK,EAAE;IAAEC,WAAW,EAAE;EAAI,CAAE,CAAC;EACvD,MAAMC,MAAM,GAAGH,IAAI,CAACI,KAAK,CAAC,CAAC,EAAE,CAAC,CAAC;EAC/B,MAAMC,MAAM,GAAGL,IAAI,CAACI,KAAK,CAAC,CAAC,CAAC;EAE5B,MAAME,KAAK,GAAG,MAAMC,kBAAAA,CAAAA,kBAAkB,CAACJ,MAAM,EAAEP,OAAO,CAAC;EACvD,OAAOU,KAAK,CAACD,MAAM,CAAC,IAAI,CAAC;;AAE3B;"}
package/dist/cjs/search.cjs CHANGED
@@ -36,6 +36,8 @@ var pasteAccount = /*#__PURE__*/require('./paste-account.cjs');
36
36
  * @param {string} [options.baseUrl] a custom base URL for the
37
37
  * haveibeenpwned.com API endpoints (default:
38
38
  * `https://haveibeenpwned.com/api/v3`)
39
+ * @param {number} [options.timeoutMs] timeout for the request in milliseconds
40
+ * (default: none)
39
41
  * @param {string} [options.userAgent] a custom string to send as the
40
42
  * User-Agent field in the request headers (default: `hibp <version>`)
41
43
  * @returns {Promise<SearchResults>} a Promise which resolves to an object
@@ -75,6 +77,7 @@ async function search(account, options = {}) {
75
77
  domain,
76
78
  truncate = true,
77
79
  baseUrl,
80
+ timeoutMs,
78
81
  userAgent
79
82
  } = options;
80
83
  const [breaches, pastes] = await Promise.all([breachedAccount.breachedAccount(account, {
@@ -82,12 +85,14 @@ async function search(account, options = {}) {
82
85
  domain,
83
86
  truncate,
84
87
  baseUrl,
88
+ timeoutMs,
85
89
  userAgent
86
90
  }),
87
91
  // This email regex is garbage but it seems to be what the API uses:
88
92
  /^.+@.+$/.test(account) ? pasteAccount.pasteAccount(account, {
89
93
  apiKey,
90
94
  baseUrl,
95
+ timeoutMs,
91
96
  userAgent
92
97
  }) : null]);
93
98
  return {
package/dist/cjs/search.cjs.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"search.cjs","sources":["../../src/search.ts"],"sourcesContent":["import type { Breach, Paste } from './api/haveibeenpwned/types.js';\nimport { breachedAccount } from './breached-account.js';\nimport { pasteAccount } from './paste-account.js';\n\nexport interface SearchResults {\n breaches: Breach[] | null;\n pastes: Paste[] | null;\n}\n\n/**\n * An object representing search results.\n *\n * @typedef {object} SearchResults\n * @property {(Breach[] | null)} breaches\n * @property {(Paste[] | null)} pastes\n */\n\n/**\n * Fetches all breaches and all pastes associated with the provided account\n * (email address or username). Note that the remote API does not support\n * querying pastes by username (only email addresses), so in the event the\n * provided account is not a valid email address, only breach data is queried\n * and the \"pastes\" field of the resulting object will always be null. This is\n * exactly how searching via the current web interface behaves, which this\n * convenience method is designed to mimic.\n *\n * 🔑 `haveibeenpwned.com` requires an API key from\n * https://haveibeenpwned.com/API/Key for the `breachedaccount` and\n * `pasteaccount` endpoints. The `apiKey` option here is not explicitly\n * required, but direct requests made without it will fail (unless you specify a\n * `baseUrl` to a proxy that inserts a valid API key on your behalf).\n *\n * @param {string} account an email address or username\n * @param {object} [options] a configuration object\n * @param {string} [options.apiKey] an API key from\n * https://haveibeenpwned.com/API/Key (default: undefined)\n * @param {string} [options.domain] a domain by which to filter the breach\n * results (default: all domains)\n * @param {boolean} [options.truncate] truncate the breach results to only\n * include the name of each breach (default: true)\n * @param {string} [options.baseUrl] a custom base URL for the\n * haveibeenpwned.com API endpoints (default:\n * `https://haveibeenpwned.com/api/v3`)\n * @param {string} [options.userAgent] a custom string to send as the\n * User-Agent field in the request headers (default: `hibp <version>`)\n * @returns {Promise<SearchResults>} a Promise which resolves to an object\n * containing a \"breaches\" key (which can be null or an array of breach objects)\n * and a \"pastes\" key (which can be null or an array of paste objects), or\n * rejects with an Error\n * @example\n * try {\n * const data = await search(\"foo\", { apiKey: \"my-api-key\" });\n * if (data.breaches || data.pastes) {\n * // ...\n * } else {\n * // ...\n * }\n * } catch (err) {\n * // ...\n * }\n * @example\n * try {\n * const data = await search(\"nobody@nowhere.com\", {\n * baseUrl: \"https://my-hibp-proxy:8080\",\n * truncate: false,\n * });\n * if (data.breaches || data.pastes) {\n * // ...\n * } else {\n * // ...\n * }\n * } catch (err) {\n * // ...\n * }\n * @see https://haveibeenpwned.com/\n */\nexport async function search(\n account: string,\n options: {\n /**\n * an API key from https://haveibeenpwned.com/API/Key (default: undefined)\n */\n apiKey?: string;\n /**\n * a domain by which to filter the results (default: all domains)\n */\n domain?: string;\n /**\n * truncate the results to only include the name of each breach (default:\n * true)\n */\n truncate?: boolean;\n /**\n * a custom base URL for the haveibeenpwned.com API endpoints (default:\n * `https://haveibeenpwned.com/api/v3`)\n */\n baseUrl?: string;\n /**\n * a custom string to send as the User-Agent field in the request headers\n * (default: `hibp <version>`)\n */\n userAgent?: string;\n } = {},\n): Promise<SearchResults> {\n const { apiKey, domain, truncate = true, baseUrl, userAgent } = options;\n\n const [breaches, pastes] = await Promise.all([\n breachedAccount(account, { apiKey, domain, truncate, baseUrl, userAgent }),\n // This email regex is garbage but it seems to be what the API uses:\n /^.+@.+$/.test(account)\n ? pasteAccount(account, { apiKey, baseUrl, userAgent })\n : null,\n ]);\n\n return { breaches, pastes };\n}\n"],"names":["search","account","options","apiKey","domain","truncate","baseUrl","userAgent","breaches","pastes","Promise","all","breachedAccount","test","pasteAccount"],"mappings":";;;;;AASA;;;;;;AAMG;AAEH;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AA0DG;AACI,eAAeA,MAAMA,CAC1BC,OAAe,EACfC,UAwBI,EAAE,EAAA;EAEN,MAAM;IAAEC,MAAM;IAAEC,MAAM;IAAEC,QAAQ,GAAG,IAAI;IAAEC,OAAO;IAAEC;EAAW,CAAA,GAAGL,OAAO;EAEvE,MAAM,CAACM,QAAQ,EAAEC,MAAM,CAAC,GAAG,MAAMC,OAAO,CAACC,GAAG,CAAC,CAC3CC,eAAe,CAAAA,eAAA,CAACX,OAAO,EAAE;IAAEE,MAAM;IAAEC,MAAM;IAAEC,QAAQ;IAAEC,OAAO;IAAEC;GAAW,CAAC;;EAE1E,SAAS,CAACM,IAAI,CAACZ,OAAO,CAAC,GACnBa,YAAAA,CAAAA,YAAY,CAACb,OAAO,EAAE;IAAEE,MAAM;IAAEG,OAAO;IAAEC;EAAS,CAAE,CAAC,GACrD,IAAI,CACT,CAAC;EAEF,OAAO;IAAEC,QAAQ;IAAEC;GAAQ;AAC7B;"}
1
+ {"version":3,"file":"search.cjs","sources":["../../src/search.ts"],"sourcesContent":["import type { Breach, Paste } from './api/haveibeenpwned/types.js';\nimport { breachedAccount } from './breached-account.js';\nimport { pasteAccount } from './paste-account.js';\n\nexport interface SearchResults {\n breaches: Breach[] | null;\n pastes: Paste[] | null;\n}\n\n/**\n * An object representing search results.\n *\n * @typedef {object} SearchResults\n * @property {(Breach[] | null)} breaches\n * @property {(Paste[] | null)} pastes\n */\n\n/**\n * Fetches all breaches and all pastes associated with the provided account\n * (email address or username). Note that the remote API does not support\n * querying pastes by username (only email addresses), so in the event the\n * provided account is not a valid email address, only breach data is queried\n * and the \"pastes\" field of the resulting object will always be null. This is\n * exactly how searching via the current web interface behaves, which this\n * convenience method is designed to mimic.\n *\n * 🔑 `haveibeenpwned.com` requires an API key from\n * https://haveibeenpwned.com/API/Key for the `breachedaccount` and\n * `pasteaccount` endpoints. The `apiKey` option here is not explicitly\n * required, but direct requests made without it will fail (unless you specify a\n * `baseUrl` to a proxy that inserts a valid API key on your behalf).\n *\n * @param {string} account an email address or username\n * @param {object} [options] a configuration object\n * @param {string} [options.apiKey] an API key from\n * https://haveibeenpwned.com/API/Key (default: undefined)\n * @param {string} [options.domain] a domain by which to filter the breach\n * results (default: all domains)\n * @param {boolean} [options.truncate] truncate the breach results to only\n * include the name of each breach (default: true)\n * @param {string} [options.baseUrl] a custom base URL for the\n * haveibeenpwned.com API endpoints (default:\n * `https://haveibeenpwned.com/api/v3`)\n * @param {number} [options.timeoutMs] timeout for the request in milliseconds\n * (default: none)\n * @param {string} [options.userAgent] a custom string to send as the\n * User-Agent field in the request headers (default: `hibp <version>`)\n * @returns {Promise<SearchResults>} a Promise which resolves to an object\n * containing a \"breaches\" key (which can be null or an array of breach objects)\n * and a \"pastes\" key (which can be null or an array of paste objects), or\n * rejects with an Error\n * @example\n * try {\n * const data = await search(\"foo\", { apiKey: \"my-api-key\" });\n * if (data.breaches || data.pastes) {\n * // ...\n * } else {\n * // ...\n * }\n * } catch (err) {\n * // ...\n * }\n * @example\n * try {\n * const data = await search(\"nobody@nowhere.com\", {\n * baseUrl: \"https://my-hibp-proxy:8080\",\n * truncate: false,\n * });\n * if (data.breaches || data.pastes) {\n * // ...\n * } else {\n * // ...\n * }\n * } catch (err) {\n * // ...\n * }\n * @see https://haveibeenpwned.com/\n */\nexport async function search(\n account: string,\n options: {\n /**\n * an API key from https://haveibeenpwned.com/API/Key (default: undefined)\n */\n apiKey?: string;\n /**\n * a domain by which to filter the results (default: all domains)\n */\n domain?: string;\n /**\n * truncate the results to only include the name of each breach (default:\n * true)\n */\n truncate?: boolean;\n /**\n * a custom base URL for the haveibeenpwned.com API endpoints (default:\n * `https://haveibeenpwned.com/api/v3`)\n */\n baseUrl?: string;\n /**\n * timeout for the request in milliseconds (default: none)\n */\n timeoutMs?: number;\n /**\n * a custom string to send as the User-Agent field in the request headers\n * (default: `hibp <version>`)\n */\n userAgent?: string;\n } = {},\n): Promise<SearchResults> {\n const {\n apiKey,\n domain,\n truncate = true,\n baseUrl,\n timeoutMs,\n userAgent,\n } = options;\n\n const [breaches, pastes] = await Promise.all([\n breachedAccount(account, {\n apiKey,\n domain,\n truncate,\n baseUrl,\n timeoutMs,\n userAgent,\n }),\n // This email regex is garbage but it seems to be what the API uses:\n /^.+@.+$/.test(account)\n ? pasteAccount(account, { apiKey, baseUrl, timeoutMs, userAgent })\n : null,\n ]);\n\n return { breaches, pastes };\n}\n"],"names":["search","account","options","apiKey","domain","truncate","baseUrl","timeoutMs","userAgent","breaches","pastes","Promise","all","breachedAccount","test","pasteAccount"],"mappings":";;;;;AASA;;;;;;AAMG;AAEH;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AA4DG;AACI,eAAeA,MAAMA,CAC1BC,OAAe,EACfC,UA4BI,EAAE,EAAA;EAEN,MAAM;IACJC,MAAM;IACNC,MAAM;IACNC,QAAQ,GAAG,IAAI;IACfC,OAAO;IACPC,SAAS;IACTC;EACD,CAAA,GAAGN,OAAO;EAEX,MAAM,CAACO,QAAQ,EAAEC,MAAM,CAAC,GAAG,MAAMC,OAAO,CAACC,GAAG,CAAC,CAC3CC,eAAAA,CAAAA,eAAe,CAACZ,OAAO,EAAE;IACvBE,MAAM;IACNC,MAAM;IACNC,QAAQ;IACRC,OAAO;IACPC,SAAS;IACTC;GACD,CAAC;;EAEF,SAAS,CAACM,IAAI,CAACb,OAAO,CAAC,GACnBc,YAAY,CAAAA,YAAA,CAACd,OAAO,EAAE;IAAEE,MAAM;IAAEG,OAAO;IAAEC,SAAS;IAAEC;GAAW,CAAC,GAChE,IAAI,CACT,CAAC;EAEF,OAAO;IAAEC,QAAQ;IAAEC;GAAQ;AAC7B;"}