promptgraph-mcp 2.4.5 → 2.4.7

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (87) hide show
  1. package/github-import.js +28 -0
  2. package/index.js +47 -14
  3. package/indexer.js +14 -7
  4. package/package.json +1 -1
  5. package/parser.js +21 -115
  6. package/registry/training/bad/accepts-HISTORY.md +250 -0
  7. package/registry/training/bad/argparse-CHANGELOG.md +185 -0
  8. package/registry/training/bad/balanced-match-LICENSE.md +23 -0
  9. package/registry/training/bad/better-sqlite3-README.md +99 -0
  10. package/registry/training/bad/bindings-LICENSE.md +22 -0
  11. package/registry/training/bad/bl-LICENSE.md +13 -0
  12. package/registry/training/bad/body-parser-README.md +494 -0
  13. package/registry/training/bad/bytes-HISTORY.md +97 -0
  14. package/registry/training/bad/camelcase-README.md +135 -0
  15. package/registry/training/bad/chai-README.md +162 -0
  16. package/registry/training/bad/cli-progress-LICENSE.md +24 -0
  17. package/registry/training/bad/content-type-HISTORY.md +29 -0
  18. package/registry/training/bad/cookie-SECURITY.md +25 -0
  19. package/registry/training/bad/cookie-signature-HISTORY.md +70 -0
  20. package/registry/training/bad/cors-README.md +277 -0
  21. package/registry/training/bad/cross-spawn-README.md +89 -0
  22. package/registry/training/bad/deep-extend-CHANGELOG.md +46 -0
  23. package/registry/training/bad/depd-HISTORY.md +103 -0
  24. package/registry/training/bad/esprima-README.md +46 -0
  25. package/registry/training/bad/etag-HISTORY.md +83 -0
  26. package/registry/training/bad/expect-type-SECURITY.md +14 -0
  27. package/registry/training/bad/finalhandler-HISTORY.md +239 -0
  28. package/registry/training/bad/fresh-HISTORY.md +80 -0
  29. package/registry/training/bad/glob-LICENSE.md +63 -0
  30. package/registry/training/bad/hono-README.md +85 -0
  31. package/registry/training/bad/http-errors-HISTORY.md +186 -0
  32. package/registry/training/bad/jose-LICENSE.md +21 -0
  33. package/registry/training/bad/jose-README.md +153 -0
  34. package/registry/training/bad/js-yaml-README.md +299 -0
  35. package/registry/training/bad/json-schema-typed-LICENSE.md +57 -0
  36. package/registry/training/bad/json-stringify-safe-CHANGELOG.md +14 -0
  37. package/registry/training/bad/lru-cache-LICENSE.md +55 -0
  38. package/registry/training/bad/media-typer-HISTORY.md +50 -0
  39. package/registry/training/bad/minimatch-LICENSE.md +55 -0
  40. package/registry/training/bad/minimist-CHANGELOG.md +298 -0
  41. package/registry/training/bad/minimist-README.md +121 -0
  42. package/registry/training/bad/ms-LICENSE.md +21 -0
  43. package/registry/training/bad/negotiator-HISTORY.md +114 -0
  44. package/registry/training/bad/on-finished-HISTORY.md +98 -0
  45. package/registry/training/bad/pkce-challenge-CHANGELOG.md +114 -0
  46. package/registry/training/bad/postcss-README.md +28 -0
  47. package/registry/training/bad/prebuild-install-CHANGELOG.md +131 -0
  48. package/registry/training/bad/proxy-addr-HISTORY.md +161 -0
  49. package/registry/training/bad/qs-CHANGELOG.md +822 -0
  50. package/registry/training/bad/rc-README.md +227 -0
  51. package/registry/training/bad/readable-stream-CONTRIBUTING.md +38 -0
  52. package/registry/training/bad/router-HISTORY.md +228 -0
  53. package/registry/training/bad/semver-README.md +680 -0
  54. package/registry/training/bad/send-README.md +317 -0
  55. package/registry/training/bad/serve-static-README.md +253 -0
  56. package/registry/training/bad/statuses-HISTORY.md +87 -0
  57. package/registry/training/bad/type-is-HISTORY.md +292 -0
  58. package/registry/training/bad/vary-HISTORY.md +39 -0
  59. package/registry/training/bad/vite-LICENSE.md +2230 -0
  60. package/registry/training/bad/which-CHANGELOG.md +166 -0
  61. package/registry/training/bad/zod-README.md +191 -0
  62. package/registry/training/good/skills-store-autopilot.md +85 -0
  63. package/registry/training/good/skills-store-bot-builder.md +70 -0
  64. package/registry/training/good/skills-store-chain.md +136 -0
  65. package/registry/training/good/skills-store-evolve.md +100 -0
  66. package/registry/training/good/skills-store-game.md +27 -0
  67. package/registry/training/good/skills-store-hunt.md +102 -0
  68. package/registry/training/good/skills-store-intel.md +56 -0
  69. package/registry/training/good/skills-store-memory-gc.md +58 -0
  70. package/registry/training/good/skills-store-pcsort.md +207 -0
  71. package/registry/training/good/skills-store-pickup.md +60 -0
  72. package/registry/training/good/skills-store-recon.md +141 -0
  73. package/registry/training/good/skills-store-remember.md +64 -0
  74. package/registry/training/good/skills-store-report.md +117 -0
  75. package/registry/training/good/skills-store-router.md +225 -0
  76. package/registry/training/good/skills-store-search.md +168 -0
  77. package/registry/training/good/skills-store-surface.md +53 -0
  78. package/registry/training/good/skills-store-token-scan.md +141 -0
  79. package/registry/training/good/skills-store-triage.md +97 -0
  80. package/registry/training/good/skills-store-unity.md +733 -0
  81. package/registry/training/good/skills-store-validate.md +135 -0
  82. package/registry/training/good/skills-store-web3-audit.md +217 -0
  83. package/src/filter/classifier.js +88 -0
  84. package/src/filter/cluster.js +52 -0
  85. package/src/filter/dedup.js +36 -0
  86. package/src/filter/hard-filter.js +57 -0
  87. package/src/filter/train.js +64 -0
@@ -0,0 +1,277 @@
1
+ # cors
2
+
3
+ [![NPM Version][npm-image]][npm-url]
4
+ [![NPM Downloads][downloads-image]][downloads-url]
5
+ [![Build Status][github-actions-ci-image]][github-actions-ci-url]
6
+ [![Test Coverage][coveralls-image]][coveralls-url]
7
+
8
+ CORS is a [Node.js](https://nodejs.org/en/) middleware for [Express](https://expressjs.com/)/[Connect](https://github.com/senchalabs/connect) that sets [CORS](https://developer.mozilla.org/en-US/docs/Web/HTTP/Guides/CORS) response headers. These headers tell browsers which origins can read responses from your server.
9
+
10
+ > [!IMPORTANT]
11
+ > **How CORS Works:** This package sets response headers—it doesn't block requests. CORS is enforced by browsers: they check the headers and decide if JavaScript can read the response. Non-browser clients (curl, Postman, other servers) ignore CORS entirely. See the [MDN CORS guide](https://developer.mozilla.org/en-US/docs/Web/HTTP/Guides/CORS) for details.
12
+
13
+ * [Installation](#installation)
14
+ * [Usage](#usage)
15
+ * [Simple Usage](#simple-usage-enable-all-cors-requests)
16
+ * [Enable CORS for a Single Route](#enable-cors-for-a-single-route)
17
+ * [Configuring CORS](#configuring-cors)
18
+ * [Configuring CORS w/ Dynamic Origin](#configuring-cors-w-dynamic-origin)
19
+ * [Enabling CORS Pre-Flight](#enabling-cors-pre-flight)
20
+ * [Customizing CORS Settings Dynamically per Request](#customizing-cors-settings-dynamically-per-request)
21
+ * [Configuration Options](#configuration-options)
22
+ * [Common Misconceptions](#common-misconceptions)
23
+ * [License](#license)
24
+ * [Original Author](#original-author)
25
+
26
+ ## Installation
27
+
28
+ This is a [Node.js](https://nodejs.org/en/) module available through the
29
+ [npm registry](https://www.npmjs.com/). Installation is done using the
30
+ [`npm install` command](https://docs.npmjs.com/downloading-and-installing-packages-locally):
31
+
32
+ ```sh
33
+ $ npm install cors
34
+ ```
35
+
36
+ ## Usage
37
+
38
+ ### Simple Usage (Enable *All* CORS Requests)
39
+
40
+ ```javascript
41
+ var express = require('express')
42
+ var cors = require('cors')
43
+ var app = express()
44
+
45
+ // Adds headers: Access-Control-Allow-Origin: *
46
+ app.use(cors())
47
+
48
+ app.get('/products/:id', function (req, res, next) {
49
+ res.json({msg: 'Hello'})
50
+ })
51
+
52
+ app.listen(80, function () {
53
+ console.log('web server listening on port 80')
54
+ })
55
+ ```
56
+
57
+ ### Enable CORS for a Single Route
58
+
59
+ ```javascript
60
+ var express = require('express')
61
+ var cors = require('cors')
62
+ var app = express()
63
+
64
+ // Adds headers: Access-Control-Allow-Origin: *
65
+ app.get('/products/:id', cors(), function (req, res, next) {
66
+ res.json({msg: 'Hello'})
67
+ })
68
+
69
+ app.listen(80, function () {
70
+ console.log('web server listening on port 80')
71
+ })
72
+ ```
73
+
74
+ ### Configuring CORS
75
+
76
+ See the [configuration options](#configuration-options) for details.
77
+
78
+ ```javascript
79
+ var express = require('express')
80
+ var cors = require('cors')
81
+ var app = express()
82
+
83
+ var corsOptions = {
84
+ origin: 'http://example.com',
85
+ optionsSuccessStatus: 200 // some legacy browsers (IE11, various SmartTVs) choke on 204
86
+ }
87
+
88
+ // Adds headers: Access-Control-Allow-Origin: http://example.com, Vary: Origin
89
+ app.get('/products/:id', cors(corsOptions), function (req, res, next) {
90
+ res.json({msg: 'Hello'})
91
+ })
92
+
93
+ app.listen(80, function () {
94
+ console.log('web server listening on port 80')
95
+ })
96
+ ```
97
+
98
+ ### Configuring CORS w/ Dynamic Origin
99
+
100
+ This module supports validating the origin dynamically using a function provided
101
+ to the `origin` option. This function will be passed a string that is the origin
102
+ (or `undefined` if the request has no origin), and a `callback` with the signature
103
+ `callback(error, origin)`.
104
+
105
+ The `origin` argument to the callback can be any value allowed for the `origin`
106
+ option of the middleware, except a function. See the
107
+ [configuration options](#configuration-options) section for more information on all
108
+ the possible value types.
109
+
110
+ This function is designed to allow the dynamic loading of allowed origin(s) from
111
+ a backing datasource, like a database.
112
+
113
+ ```javascript
114
+ var express = require('express')
115
+ var cors = require('cors')
116
+ var app = express()
117
+
118
+ var corsOptions = {
119
+ origin: function (origin, callback) {
120
+ // db.loadOrigins is an example call to load
121
+ // a list of origins from a backing database
122
+ db.loadOrigins(function (error, origins) {
123
+ callback(error, origins)
124
+ })
125
+ }
126
+ }
127
+
128
+ // Adds headers: Access-Control-Allow-Origin: <matched origin>, Vary: Origin
129
+ app.get('/products/:id', cors(corsOptions), function (req, res, next) {
130
+ res.json({msg: 'Hello'})
131
+ })
132
+
133
+ app.listen(80, function () {
134
+ console.log('web server listening on port 80')
135
+ })
136
+ ```
137
+
138
+ ### Enabling CORS Pre-Flight
139
+
140
+ Certain CORS requests are considered 'complex' and require an initial
141
+ `OPTIONS` request (called the "pre-flight request"). An example of a
142
+ 'complex' CORS request is one that uses an HTTP verb other than
143
+ GET/HEAD/POST (such as DELETE) or that uses custom headers. To enable
144
+ pre-flighting, you must add a new OPTIONS handler for the route you want
145
+ to support:
146
+
147
+ ```javascript
148
+ var express = require('express')
149
+ var cors = require('cors')
150
+ var app = express()
151
+
152
+ app.options('/products/:id', cors()) // preflight for DELETE
153
+ app.del('/products/:id', cors(), function (req, res, next) {
154
+ res.json({msg: 'Hello'})
155
+ })
156
+
157
+ app.listen(80, function () {
158
+ console.log('web server listening on port 80')
159
+ })
160
+ ```
161
+
162
+ You can also enable pre-flight across-the-board like so:
163
+
164
+ ```javascript
165
+ app.options('*', cors()) // include before other routes
166
+ ```
167
+
168
+ NOTE: When using this middleware as an application level middleware (for
169
+ example, `app.use(cors())`), pre-flight requests are already handled for all
170
+ routes.
171
+
172
+ ### Customizing CORS Settings Dynamically per Request
173
+
174
+ For APIs that require different CORS configurations for specific routes or requests, you can dynamically generate CORS options based on the incoming request. The `cors` middleware allows you to achieve this by passing a function instead of static options. This function is called for each incoming request and must use the callback pattern to return the appropriate CORS options.
175
+
176
+ The function accepts:
177
+ 1. **`req`**:
178
+ - The incoming request object.
179
+
180
+ 2. **`callback(error, corsOptions)`**:
181
+ - A function used to return the computed CORS options.
182
+ - **Arguments**:
183
+ - **`error`**: Pass `null` if there’s no error, or an error object to indicate a failure.
184
+ - **`corsOptions`**: An object specifying the CORS policy for the current request.
185
+
186
+ Here’s an example that handles both public routes and restricted, credential-sensitive routes:
187
+
188
+ ```javascript
189
+ var dynamicCorsOptions = function(req, callback) {
190
+ var corsOptions;
191
+ if (req.path.startsWith('/auth/connect/')) {
192
+ // Access-Control-Allow-Origin: http://mydomain.com, Access-Control-Allow-Credentials: true, Vary: Origin
193
+ corsOptions = {
194
+ origin: 'http://mydomain.com',
195
+ credentials: true
196
+ };
197
+ } else {
198
+ // Access-Control-Allow-Origin: *
199
+ corsOptions = { origin: '*' };
200
+ }
201
+ callback(null, corsOptions);
202
+ };
203
+
204
+ app.use(cors(dynamicCorsOptions));
205
+
206
+ app.get('/auth/connect/twitter', function (req, res) {
207
+ res.send('Hello');
208
+ });
209
+
210
+ app.get('/public', function (req, res) {
211
+ res.send('Hello');
212
+ });
213
+
214
+ app.listen(80, function () {
215
+ console.log('web server listening on port 80')
216
+ })
217
+ ```
218
+
219
+ ## Configuration Options
220
+
221
+ * `origin`: Configures the **Access-Control-Allow-Origin** CORS header. Possible values:
222
+ - `Boolean` - set `origin` to `true` to reflect the [request origin](https://datatracker.ietf.org/doc/html/draft-abarth-origin-09), as defined by `req.header('Origin')`, or set it to `false` to disable CORS.
223
+ - `String` - set `origin` to a specific origin. For example, if you set it to
224
+ - `"http://example.com"` only requests from "http://example.com" will be allowed.
225
+ - `"*"` for all domains to be allowed.
226
+ - `RegExp` - set `origin` to a regular expression pattern which will be used to test the request origin. If it's a match, the request origin will be reflected. For example the pattern `/example\.com$/` will reflect any request that is coming from an origin ending with "example.com".
227
+ - `Array` - set `origin` to an array of valid origins. Each origin can be a `String` or a `RegExp`. For example `["http://example1.com", /\.example2\.com$/]` will accept any request from "http://example1.com" or from a subdomain of "example2.com".
228
+ - `Function` - set `origin` to a function implementing some custom logic. The function takes the request origin as the first parameter and a callback (called as `callback(err, origin)`, where `origin` is a non-function value of the `origin` option) as the second.
229
+ * `methods`: Configures the **Access-Control-Allow-Methods** CORS header. Expects a comma-delimited string (ex: 'GET,PUT,POST') or an array (ex: `['GET', 'PUT', 'POST']`).
230
+ * `allowedHeaders`: Configures the **Access-Control-Allow-Headers** CORS header. Expects a comma-delimited string (ex: 'Content-Type,Authorization') or an array (ex: `['Content-Type', 'Authorization']`). If not specified, defaults to reflecting the headers specified in the request's **Access-Control-Request-Headers** header.
231
+ * `exposedHeaders`: Configures the **Access-Control-Expose-Headers** CORS header. Expects a comma-delimited string (ex: 'Content-Range,X-Content-Range') or an array (ex: `['Content-Range', 'X-Content-Range']`). If not specified, no custom headers are exposed.
232
+ * `credentials`: Configures the **Access-Control-Allow-Credentials** CORS header. Set to `true` to pass the header, otherwise it is omitted.
233
+ * `maxAge`: Configures the **Access-Control-Max-Age** CORS header. Set to an integer to pass the header, otherwise it is omitted.
234
+ * `preflightContinue`: Pass the CORS preflight response to the next handler.
235
+ * `optionsSuccessStatus`: Provides a status code to use for successful `OPTIONS` requests, since some legacy browsers (IE11, various SmartTVs) choke on `204`.
236
+
237
+ The default configuration is the equivalent of:
238
+
239
+ ```json
240
+ {
241
+ "origin": "*",
242
+ "methods": "GET,HEAD,PUT,PATCH,POST,DELETE",
243
+ "preflightContinue": false,
244
+ "optionsSuccessStatus": 204
245
+ }
246
+ ```
247
+
248
+ ## Common Misconceptions
249
+
250
+ ### "CORS blocks requests from disallowed origins"
251
+
252
+ **No.** Your server receives and processes every request. CORS headers tell the browser whether JavaScript can read the response—not whether the request is allowed.
253
+
254
+ ### "CORS protects my API from unauthorized access"
255
+
256
+ **No.** CORS is not access control. Any HTTP client (curl, Postman, another server) can call your API regardless of CORS settings. Use authentication and authorization to protect your API.
257
+
258
+ ### "Setting `origin: 'http://example.com'` means only that domain can access my server"
259
+
260
+ **No.** It means browsers will only let JavaScript from that origin read responses. The server still responds to all requests.
261
+
262
+ ## License
263
+
264
+ [MIT License](http://www.opensource.org/licenses/mit-license.php)
265
+
266
+ ## Original Author
267
+
268
+ [Troy Goode](https://github.com/TroyGoode) ([troygoode@gmail.com](mailto:troygoode@gmail.com))
269
+
270
+ [coveralls-image]: https://img.shields.io/coveralls/expressjs/cors/master.svg
271
+ [coveralls-url]: https://coveralls.io/r/expressjs/cors?branch=master
272
+ [downloads-image]: https://img.shields.io/npm/dm/cors.svg
273
+ [downloads-url]: https://npmjs.com/package/cors
274
+ [github-actions-ci-image]: https://img.shields.io/github/actions/workflow/status/expressjs/cors/ci.yml?branch=master&label=ci
275
+ [github-actions-ci-url]: https://github.com/expressjs/cors?query=workflow%3Aci
276
+ [npm-image]: https://img.shields.io/npm/v/cors.svg
277
+ [npm-url]: https://npmjs.com/package/cors
@@ -0,0 +1,89 @@
1
+ # cross-spawn
2
+
3
+ [![NPM version][npm-image]][npm-url] [![Downloads][downloads-image]][npm-url] [![Build Status][ci-image]][ci-url] [![Build status][appveyor-image]][appveyor-url]
4
+
5
+ [npm-url]:https://npmjs.org/package/cross-spawn
6
+ [downloads-image]:https://img.shields.io/npm/dm/cross-spawn.svg
7
+ [npm-image]:https://img.shields.io/npm/v/cross-spawn.svg
8
+ [ci-url]:https://github.com/moxystudio/node-cross-spawn/actions/workflows/ci.yaml
9
+ [ci-image]:https://github.com/moxystudio/node-cross-spawn/actions/workflows/ci.yaml/badge.svg
10
+ [appveyor-url]:https://ci.appveyor.com/project/satazor/node-cross-spawn
11
+ [appveyor-image]:https://img.shields.io/appveyor/ci/satazor/node-cross-spawn/master.svg
12
+
13
+ A cross platform solution to node's spawn and spawnSync.
14
+
15
+ ## Installation
16
+
17
+ Node.js version 8 and up:
18
+ `$ npm install cross-spawn`
19
+
20
+ Node.js version 7 and under:
21
+ `$ npm install cross-spawn@6`
22
+
23
+ ## Why
24
+
25
+ Node has issues when using spawn on Windows:
26
+
27
+ - It ignores [PATHEXT](https://github.com/joyent/node/issues/2318)
28
+ - It does not support [shebangs](https://en.wikipedia.org/wiki/Shebang_(Unix))
29
+ - Has problems running commands with [spaces](https://github.com/nodejs/node/issues/7367)
30
+ - Has problems running commands with posix relative paths (e.g.: `./my-folder/my-executable`)
31
+ - Has an [issue](https://github.com/moxystudio/node-cross-spawn/issues/82) with command shims (files in `node_modules/.bin/`), where arguments with quotes and parenthesis would result in [invalid syntax error](https://github.com/moxystudio/node-cross-spawn/blob/e77b8f22a416db46b6196767bcd35601d7e11d54/test/index.test.js#L149)
32
+ - No `options.shell` support on node `<v4.8`
33
+
34
+ All these issues are handled correctly by `cross-spawn`.
35
+ There are some known modules, such as [win-spawn](https://github.com/ForbesLindesay/win-spawn), that try to solve this but they are either broken or provide faulty escaping of shell arguments.
36
+
37
+
38
+ ## Usage
39
+
40
+ Exactly the same way as node's [`spawn`](https://nodejs.org/api/child_process.html#child_process_child_process_spawn_command_args_options) or [`spawnSync`](https://nodejs.org/api/child_process.html#child_process_child_process_spawnsync_command_args_options), so it's a drop in replacement.
41
+
42
+
43
+ ```js
44
+ const spawn = require('cross-spawn');
45
+
46
+ // Spawn NPM asynchronously
47
+ const child = spawn('npm', ['list', '-g', '-depth', '0'], { stdio: 'inherit' });
48
+
49
+ // Spawn NPM synchronously
50
+ const result = spawn.sync('npm', ['list', '-g', '-depth', '0'], { stdio: 'inherit' });
51
+ ```
52
+
53
+
54
+ ## Caveats
55
+
56
+ ### Using `options.shell` as an alternative to `cross-spawn`
57
+
58
+ Starting from node `v4.8`, `spawn` has a `shell` option that allows you run commands from within a shell. This new option solves
59
+ the [PATHEXT](https://github.com/joyent/node/issues/2318) issue but:
60
+
61
+ - It's not supported in node `<v4.8`
62
+ - You must manually escape the command and arguments which is very error prone, specially when passing user input
63
+ - There are a lot of other unresolved issues from the [Why](#why) section that you must take into account
64
+
65
+ If you are using the `shell` option to spawn a command in a cross platform way, consider using `cross-spawn` instead. You have been warned.
66
+
67
+ ### `options.shell` support
68
+
69
+ While `cross-spawn` adds support for `options.shell` in node `<v4.8`, all of its enhancements are disabled.
70
+
71
+ This mimics the Node.js behavior. More specifically, the command and its arguments will not be automatically escaped nor shebang support will be offered. This is by design because if you are using `options.shell` you are probably targeting a specific platform anyway and you don't want things to get into your way.
72
+
73
+ ### Shebangs support
74
+
75
+ While `cross-spawn` handles shebangs on Windows, its support is limited. More specifically, it just supports `#!/usr/bin/env <program>` where `<program>` must not contain any arguments.
76
+ If you would like to have the shebang support improved, feel free to contribute via a pull-request.
77
+
78
+ Remember to always test your code on Windows!
79
+
80
+
81
+ ## Tests
82
+
83
+ `$ npm test`
84
+ `$ npm test -- --watch` during development
85
+
86
+
87
+ ## License
88
+
89
+ Released under the [MIT License](https://www.opensource.org/licenses/mit-license.php).
@@ -0,0 +1,46 @@
1
+ Changelog
2
+ =========
3
+
4
+ v0.6.0
5
+ ------
6
+
7
+ - Updated "devDependencies" versions to fix vulnerability alerts
8
+ - Dropped support of io.js and node.js v0.12.x and lower since new versions of
9
+ "devDependencies" couldn't work with those old node.js versions
10
+ (minimal supported version of node.js now is v4.0.0)
11
+
12
+ v0.5.1
13
+ ------
14
+
15
+ - Fix prototype pollution vulnerability (thanks to @mwakerman for the PR)
16
+ - Avoid using deprecated Buffer API (thanks to @ChALkeR for the PR)
17
+
18
+ v0.5.0
19
+ ------
20
+
21
+ - Auto-testing provided by Travis CI;
22
+ - Support older Node.JS versions (`v0.11.x` and `v0.10.x`);
23
+ - Removed tests files from npm package.
24
+
25
+ v0.4.2
26
+ ------
27
+
28
+ - Fix for `null` as an argument.
29
+
30
+ v0.4.1
31
+ ------
32
+
33
+ - Removed test code from <b>npm</b> package
34
+ ([see pull request #21](https://github.com/unclechu/node-deep-extend/pull/21));
35
+ - Increased minimal version of Node from `0.4.0` to `0.12.0`
36
+ (because can't run tests on lesser version anyway).
37
+
38
+ v0.4.0
39
+ ------
40
+
41
+ - **WARNING!** Broken backward compatibility with `v0.3.x`;
42
+ - Fixed bug with extending arrays instead of cloning;
43
+ - Deep cloning for arrays;
44
+ - Check for own property;
45
+ - Fixed some documentation issues;
46
+ - Strict JS mode.
@@ -0,0 +1,103 @@
1
+ 2.0.0 / 2018-10-26
2
+ ==================
3
+
4
+ * Drop support for Node.js 0.6
5
+ * Replace internal `eval` usage with `Function` constructor
6
+ * Use instance methods on `process` to check for listeners
7
+
8
+ 1.1.2 / 2018-01-11
9
+ ==================
10
+
11
+ * perf: remove argument reassignment
12
+ * Support Node.js 0.6 to 9.x
13
+
14
+ 1.1.1 / 2017-07-27
15
+ ==================
16
+
17
+ * Remove unnecessary `Buffer` loading
18
+ * Support Node.js 0.6 to 8.x
19
+
20
+ 1.1.0 / 2015-09-14
21
+ ==================
22
+
23
+ * Enable strict mode in more places
24
+ * Support io.js 3.x
25
+ * Support io.js 2.x
26
+ * Support web browser loading
27
+ - Requires bundler like Browserify or webpack
28
+
29
+ 1.0.1 / 2015-04-07
30
+ ==================
31
+
32
+ * Fix `TypeError`s when under `'use strict'` code
33
+ * Fix useless type name on auto-generated messages
34
+ * Support io.js 1.x
35
+ * Support Node.js 0.12
36
+
37
+ 1.0.0 / 2014-09-17
38
+ ==================
39
+
40
+ * No changes
41
+
42
+ 0.4.5 / 2014-09-09
43
+ ==================
44
+
45
+ * Improve call speed to functions using the function wrapper
46
+ * Support Node.js 0.6
47
+
48
+ 0.4.4 / 2014-07-27
49
+ ==================
50
+
51
+ * Work-around v8 generating empty stack traces
52
+
53
+ 0.4.3 / 2014-07-26
54
+ ==================
55
+
56
+ * Fix exception when global `Error.stackTraceLimit` is too low
57
+
58
+ 0.4.2 / 2014-07-19
59
+ ==================
60
+
61
+ * Correct call site for wrapped functions and properties
62
+
63
+ 0.4.1 / 2014-07-19
64
+ ==================
65
+
66
+ * Improve automatic message generation for function properties
67
+
68
+ 0.4.0 / 2014-07-19
69
+ ==================
70
+
71
+ * Add `TRACE_DEPRECATION` environment variable
72
+ * Remove non-standard grey color from color output
73
+ * Support `--no-deprecation` argument
74
+ * Support `--trace-deprecation` argument
75
+ * Support `deprecate.property(fn, prop, message)`
76
+
77
+ 0.3.0 / 2014-06-16
78
+ ==================
79
+
80
+ * Add `NO_DEPRECATION` environment variable
81
+
82
+ 0.2.0 / 2014-06-15
83
+ ==================
84
+
85
+ * Add `deprecate.property(obj, prop, message)`
86
+ * Remove `supports-color` dependency for node.js 0.8
87
+
88
+ 0.1.0 / 2014-06-15
89
+ ==================
90
+
91
+ * Add `deprecate.function(fn, message)`
92
+ * Add `process.on('deprecation', fn)` emitter
93
+ * Automatically generate message when omitted from `deprecate()`
94
+
95
+ 0.0.1 / 2014-06-15
96
+ ==================
97
+
98
+ * Fix warning for dynamic calls at singe call site
99
+
100
+ 0.0.0 / 2014-06-15
101
+ ==================
102
+
103
+ * Initial implementation
@@ -0,0 +1,46 @@
1
+ [![NPM version](https://img.shields.io/npm/v/esprima.svg)](https://www.npmjs.com/package/esprima)
2
+ [![npm download](https://img.shields.io/npm/dm/esprima.svg)](https://www.npmjs.com/package/esprima)
3
+ [![Build Status](https://img.shields.io/travis/jquery/esprima/master.svg)](https://travis-ci.org/jquery/esprima)
4
+ [![Coverage Status](https://img.shields.io/codecov/c/github/jquery/esprima/master.svg)](https://codecov.io/github/jquery/esprima)
5
+
6
+ **Esprima** ([esprima.org](http://esprima.org), BSD license) is a high performance,
7
+ standard-compliant [ECMAScript](http://www.ecma-international.org/publications/standards/Ecma-262.htm)
8
+ parser written in ECMAScript (also popularly known as
9
+ [JavaScript](https://en.wikipedia.org/wiki/JavaScript)).
10
+ Esprima is created and maintained by [Ariya Hidayat](https://twitter.com/ariyahidayat),
11
+ with the help of [many contributors](https://github.com/jquery/esprima/contributors).
12
+
13
+ ### Features
14
+
15
+ - Full support for ECMAScript 2017 ([ECMA-262 8th Edition](http://www.ecma-international.org/publications/standards/Ecma-262.htm))
16
+ - Sensible [syntax tree format](https://github.com/estree/estree/blob/master/es5.md) as standardized by [ESTree project](https://github.com/estree/estree)
17
+ - Experimental support for [JSX](https://facebook.github.io/jsx/), a syntax extension for [React](https://facebook.github.io/react/)
18
+ - Optional tracking of syntax node location (index-based and line-column)
19
+ - [Heavily tested](http://esprima.org/test/ci.html) (~1500 [unit tests](https://github.com/jquery/esprima/tree/master/test/fixtures) with [full code coverage](https://codecov.io/github/jquery/esprima))
20
+
21
+ ### API
22
+
23
+ Esprima can be used to perform [lexical analysis](https://en.wikipedia.org/wiki/Lexical_analysis) (tokenization) or [syntactic analysis](https://en.wikipedia.org/wiki/Parsing) (parsing) of a JavaScript program.
24
+
25
+ A simple example on Node.js REPL:
26
+
27
+ ```javascript
28
+ > var esprima = require('esprima');
29
+ > var program = 'const answer = 42';
30
+
31
+ > esprima.tokenize(program);
32
+ [ { type: 'Keyword', value: 'const' },
33
+ { type: 'Identifier', value: 'answer' },
34
+ { type: 'Punctuator', value: '=' },
35
+ { type: 'Numeric', value: '42' } ]
36
+
37
+ > esprima.parseScript(program);
38
+ { type: 'Program',
39
+ body:
40
+ [ { type: 'VariableDeclaration',
41
+ declarations: [Object],
42
+ kind: 'const' } ],
43
+ sourceType: 'script' }
44
+ ```
45
+
46
+ For more information, please read the [complete documentation](http://esprima.org/doc).
@@ -0,0 +1,83 @@
1
+ 1.8.1 / 2017-09-12
2
+ ==================
3
+
4
+ * perf: replace regular expression with substring
5
+
6
+ 1.8.0 / 2017-02-18
7
+ ==================
8
+
9
+ * Use SHA1 instead of MD5 for ETag hashing
10
+ - Improves performance for larger entities
11
+ - Works with FIPS 140-2 OpenSSL configuration
12
+
13
+ 1.7.0 / 2015-06-08
14
+ ==================
15
+
16
+ * Always include entity length in ETags for hash length extensions
17
+ * Generate non-Stats ETags using MD5 only (no longer CRC32)
18
+ * Improve stat performance by removing hashing
19
+ * Remove base64 padding in ETags to shorten
20
+ * Use MD5 instead of MD4 in weak ETags over 1KB
21
+
22
+ 1.6.0 / 2015-05-10
23
+ ==================
24
+
25
+ * Improve support for JXcore
26
+ * Remove requirement of `atime` in the stats object
27
+ * Support "fake" stats objects in environments without `fs`
28
+
29
+ 1.5.1 / 2014-11-19
30
+ ==================
31
+
32
+ * deps: crc@3.2.1
33
+ - Minor fixes
34
+
35
+ 1.5.0 / 2014-10-14
36
+ ==================
37
+
38
+ * Improve string performance
39
+ * Slightly improve speed for weak ETags over 1KB
40
+
41
+ 1.4.0 / 2014-09-21
42
+ ==================
43
+
44
+ * Support "fake" stats objects
45
+ * Support Node.js 0.6
46
+
47
+ 1.3.1 / 2014-09-14
48
+ ==================
49
+
50
+ * Use the (new and improved) `crc` for crc32
51
+
52
+ 1.3.0 / 2014-08-29
53
+ ==================
54
+
55
+ * Default strings to strong ETags
56
+ * Improve speed for weak ETags over 1KB
57
+
58
+ 1.2.1 / 2014-08-29
59
+ ==================
60
+
61
+ * Use the (much faster) `buffer-crc32` for crc32
62
+
63
+ 1.2.0 / 2014-08-24
64
+ ==================
65
+
66
+ * Add support for file stat objects
67
+
68
+ 1.1.0 / 2014-08-24
69
+ ==================
70
+
71
+ * Add fast-path for empty entity
72
+ * Add weak ETag generation
73
+ * Shrink size of generated ETags
74
+
75
+ 1.0.1 / 2014-08-24
76
+ ==================
77
+
78
+ * Fix behavior of string containing Unicode
79
+
80
+ 1.0.0 / 2014-05-18
81
+ ==================
82
+
83
+ * Initial release
@@ -0,0 +1,14 @@
1
+ # Security Policy
2
+
3
+ ## Supported Versions
4
+
5
+ Version 1.0.0 will be supported with security updates.
6
+
7
+ | Version | Supported |
8
+ | ------- | ------------------ |
9
+ | 1.x.x | :white_check_mark: |
10
+ | < 1.0 | :x: |
11
+
12
+ ## Reporting a Vulnerability
13
+
14
+ To report a security vulnerability, please use the [Tidelift security contact](https://tidelift.com/security). Tidelift will coordinate the fix and disclosure.