tangerine 1.5.3 → 1.5.4
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/README.md +3 -12
- package/package.json +1 -1
package/README.md
CHANGED
|
@@ -89,8 +89,7 @@ npm install tangerine undici
|
|
|
89
89
|
|
|
90
90
|
Our team at [Forward Email](https://forwardemail.net) (100% open-source and privacy-focused email service) needed a better solution for DNS.
|
|
91
91
|
|
|
92
|
-
|
|
93
|
-
<summary>After years of using the Node.js internal DNS module, we ran into these recurring patterns:</summary>
|
|
92
|
+
After years of using the Node.js internal DNS module, we ran into these recurring patterns:
|
|
94
93
|
|
|
95
94
|
* [Cloudflare](https://developers.cloudflare.com/1.1.1.1/encryption/dns-over-https/) and [Google](https://developers.google.com/speed/public-dns/docs/doh/) now have DNS over HTTPS servers ("DoH") available – and browsers such as Mozilla Firefox now have it [enabled by default](https://support.mozilla.org/en-US/kb/firefox-dns-over-https).
|
|
96
95
|
* DNS cache consistency across multiple servers cannot be easily accomplished using packages such as `unbound`, `dnsmasq`, and `bind` – and configuring `/etc/resolv.conf` across multiple Ubuntu versions is not enjoyable (even with Ansible). Maintaining logic at the application layer is much easier from a development, deployment, and maintenance perspective.
|
|
@@ -107,8 +106,6 @@ Our team at [Forward Email](https://forwardemail.net) (100% open-source and priv
|
|
|
107
106
|
* Writing tests against DNS-related infrastructure requires either hacky DNS mocking or a DNS server (manipulating cache is much easier).
|
|
108
107
|
* <u>**The Node.js community is lacking a high-quality and dummy-proof userland DNS package with sensible defaults.**</u>
|
|
109
108
|
|
|
110
|
-
</details>
|
|
111
|
-
|
|
112
109
|
### Why integrate DNS over HTTPS
|
|
113
110
|
|
|
114
111
|
> With DNS over HTTPS (DoH), DNS queries and responses are encrypted and sent via the HTTP or HTTP/2 protocols. DoH ensures that attackers cannot forge or alter DNS traffic. DoH uses port 443, which is the standard HTTPS traffic port, to wrap the DNS query in an HTTPS request. DNS queries and responses are camouflaged within other HTTPS traffic, since it all comes and goes from the same port. – [Cloudflare](https://developers.cloudflare.com/1.1.1.1/encryption/dns-over-https/)
|
|
@@ -133,8 +130,7 @@ Thanks to the authors of [dohdec](https://github.com/hildjj/dohdec), [dns-packet
|
|
|
133
130
|
* HTTP error codes are mapped to DNS error codes (the error `code` and `errno` properties will appear as if they're from `dns` usage). This is a configurable option enabled by default (see `returnHTTPErrors` option).
|
|
134
131
|
* If you need callbacks, then use [util.callbackify](https://nodejs.org/api/util.html#utilcallbackifyoriginal) (e.g. `const resolveTxt = callbackify(tangerine.resolveTxt)`).
|
|
135
132
|
|
|
136
|
-
|
|
137
|
-
<summary>We have also added several improvements and new features:</summary>
|
|
133
|
+
We have also added several improvements and new features:
|
|
138
134
|
|
|
139
135
|
* Default name servers used have been set to [Cloudflare's](https://1.1.1.1/) (`['1.1.1.1', '1.0.0.1']`) (as opposed to the system default – which is often set to a default which is not privacy-focused or simply forgotten to be set by DevOps teams). You may also want to use [Cloudflare's Malware and Adult Content Blocking](https://blog.cloudflare.com/introducing-1-1-1-1-for-families/) DNS server addresses instead.
|
|
140
136
|
* You can pass a custom `servers` option (as opposed to having to invoke `dns.setServers(...)` or `resolver.setServers(...)`).
|
|
@@ -146,10 +142,7 @@ Thanks to the authors of [dohdec](https://github.com/hildjj/dohdec), [dns-packet
|
|
|
146
142
|
* Debug via `NODE_DEBUG=tangerine node app.js` flag (uses [util.debuglog](https://nodejs.org/api/util.html#utildebuglogsection-callback)).
|
|
147
143
|
* The method `setLocalAddress()` will parse the IP address and port properly to pass along for use with the agent as `localAddress` and `localPort`. If you require IPv6 addresses with ports, you must encode it as `[IPv6]:PORT` ([similar to RFC 3986](https://serverfault.com/a/205794)).
|
|
148
144
|
|
|
149
|
-
</
|
|
150
|
-
|
|
151
|
-
<details>
|
|
152
|
-
<summary>All existing <code>syscall</code> values have been preserved:</summary>
|
|
145
|
+
All existing <code>syscall</code> values have been preserved:
|
|
153
146
|
|
|
154
147
|
* `resolveAny` → `queryAny`
|
|
155
148
|
* `resolve4` → `queryA`
|
|
@@ -166,8 +159,6 @@ Thanks to the authors of [dohdec](https://github.com/hildjj/dohdec), [dns-packet
|
|
|
166
159
|
* `resolveSoa` → `querySoa`
|
|
167
160
|
* `reverse` → `getHostByAddr`
|
|
168
161
|
|
|
169
|
-
</details>
|
|
170
|
-
|
|
171
162
|
|
|
172
163
|
## Usage and Examples
|
|
173
164
|
|
package/package.json
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
{
|
|
2
2
|
"name": "tangerine",
|
|
3
3
|
"description": "Tangerine is the best Node.js drop-in replacement for dns.promises.Resolver using DNS over HTTPS (\"DoH\") via undici with built-in retries, timeouts, smart server rotation, AbortControllers, and caching support for multiple backends (with TTL and purge support).",
|
|
4
|
-
"version": "1.5.
|
|
4
|
+
"version": "1.5.4",
|
|
5
5
|
"author": "Forward Email (https://forwardemail.net)",
|
|
6
6
|
"bugs": {
|
|
7
7
|
"url": "https://github.com/forwardemail/nodejs-dns-over-https-tangerine/issues"
|