diff --git a/node_modules/ssri/CHANGELOG.md b/node_modules/ssri/CHANGELOG.md
index a56594ae62032..d4c5897902d12 100644
--- a/node_modules/ssri/CHANGELOG.md
+++ b/node_modules/ssri/CHANGELOG.md
@@ -2,6 +2,16 @@
All notable changes to this project will be documented in this file. See [standard-version](https://github.com/conventional-changelog/standard-version) for commit guidelines.
+
+## [6.0.1](https://github.com/zkat/ssri/compare/v6.0.0...v6.0.1) (2018-08-27)
+
+
+### Bug Fixes
+
+* **opts:** use figgy-pudding to specify consumed opts ([cf86553](https://github.com/zkat/ssri/commit/cf86553))
+
+
+
# [6.0.0](https://github.com/zkat/ssri/compare/v5.3.0...v6.0.0) (2018-04-09)
diff --git a/node_modules/ssri/index.js b/node_modules/ssri/index.js
index d4c9e49c4db76..e102892b0bcd0 100644
--- a/node_modules/ssri/index.js
+++ b/node_modules/ssri/index.js
@@ -1,6 +1,7 @@
'use strict'
const crypto = require('crypto')
+const figgyPudding = require('figgy-pudding')
const Transform = require('stream').Transform
const SPEC_ALGORITHMS = ['sha256', 'sha384', 'sha512']
@@ -10,10 +11,24 @@ const SRI_REGEX = /^([^-]+)-([^?]+)([?\S*]*)$/
const STRICT_SRI_REGEX = /^([^-]+)-([A-Za-z0-9+/=]{44,88})(\?[\x21-\x7E]*)*$/
const VCHAR_REGEX = /^[\x21-\x7E]+$/
+const SsriOpts = figgyPudding({
+ algorithms: {default: ['sha512']},
+ error: {default: false},
+ integrity: {},
+ options: {default: []},
+ pickAlgorithm: {default: () => getPrioritizedHash},
+ Promise: {default: () => Promise},
+ sep: {default: ' '},
+ single: {default: false},
+ size: {},
+ strict: {default: false}
+})
+
class Hash {
get isHash () { return true }
constructor (hash, opts) {
- const strict = !!(opts && opts.strict)
+ opts = SsriOpts(opts)
+ const strict = !!opts.strict
this.source = hash.trim()
// 3.1. Integrity metadata (called "Hash" by ssri)
// https://w3c.github.io/webappsec-subresource-integrity/#integrity-metadata-description
@@ -37,7 +52,8 @@ class Hash {
return this.toString()
}
toString (opts) {
- if (opts && opts.strict) {
+ opts = SsriOpts(opts)
+ if (opts.strict) {
// Strict mode enforces the standard as close to the foot of the
// letter as it can.
if (!(
@@ -70,7 +86,7 @@ class Integrity {
return this.toString()
}
toString (opts) {
- opts = opts || {}
+ opts = SsriOpts(opts)
let sep = opts.sep || ' '
if (opts.strict) {
// Entries must be separated by whitespace, according to spec.
@@ -83,6 +99,7 @@ class Integrity {
}).filter(x => x.length).join(sep)
}
concat (integrity, opts) {
+ opts = SsriOpts(opts)
const other = typeof integrity === 'string'
? integrity
: stringify(integrity, opts)
@@ -92,6 +109,7 @@ class Integrity {
return parse(this, {single: true}).hexDigest()
}
match (integrity, opts) {
+ opts = SsriOpts(opts)
const other = parse(integrity, opts)
const algo = other.pickAlgorithm(opts)
return (
@@ -105,7 +123,8 @@ class Integrity {
) || false
}
pickAlgorithm (opts) {
- const pickAlgorithm = (opts && opts.pickAlgorithm) || getPrioritizedHash
+ opts = SsriOpts(opts)
+ const pickAlgorithm = opts.pickAlgorithm
const keys = Object.keys(this)
if (!keys.length) {
throw new Error(`No algorithms available for ${
@@ -120,7 +139,7 @@ class Integrity {
module.exports.parse = parse
function parse (sri, opts) {
- opts = opts || {}
+ opts = SsriOpts(opts)
if (typeof sri === 'string') {
return _parse(sri, opts)
} else if (sri.algorithm && sri.digest) {
@@ -151,6 +170,7 @@ function _parse (integrity, opts) {
module.exports.stringify = stringify
function stringify (obj, opts) {
+ opts = SsriOpts(opts)
if (obj.algorithm && obj.digest) {
return Hash.prototype.toString.call(obj, opts)
} else if (typeof obj === 'string') {
@@ -162,7 +182,8 @@ function stringify (obj, opts) {
module.exports.fromHex = fromHex
function fromHex (hexDigest, algorithm, opts) {
- const optString = (opts && opts.options && opts.options.length)
+ opts = SsriOpts(opts)
+ const optString = opts.options && opts.options.length
? `?${opts.options.join('?')}`
: ''
return parse(
@@ -174,8 +195,8 @@ function fromHex (hexDigest, algorithm, opts) {
module.exports.fromData = fromData
function fromData (data, opts) {
- opts = opts || {}
- const algorithms = opts.algorithms || ['sha512']
+ opts = SsriOpts(opts)
+ const algorithms = opts.algorithms
const optString = opts.options && opts.options.length
? `?${opts.options.join('?')}`
: ''
@@ -196,7 +217,7 @@ function fromData (data, opts) {
module.exports.fromStream = fromStream
function fromStream (stream, opts) {
- opts = opts || {}
+ opts = SsriOpts(opts)
const P = opts.Promise || Promise
const istream = integrityStream(opts)
return new P((resolve, reject) => {
@@ -212,7 +233,7 @@ function fromStream (stream, opts) {
module.exports.checkData = checkData
function checkData (data, sri, opts) {
- opts = opts || {}
+ opts = SsriOpts(opts)
sri = parse(sri, opts)
if (!Object.keys(sri).length) {
if (opts.error) {
@@ -251,9 +272,9 @@ function checkData (data, sri, opts) {
module.exports.checkStream = checkStream
function checkStream (stream, sri, opts) {
- opts = opts || {}
+ opts = SsriOpts(opts)
const P = opts.Promise || Promise
- const checker = integrityStream(Object.assign({}, opts, {
+ const checker = integrityStream(opts.concat({
integrity: sri
}))
return new P((resolve, reject) => {
@@ -269,7 +290,7 @@ function checkStream (stream, sri, opts) {
module.exports.integrityStream = integrityStream
function integrityStream (opts) {
- opts = opts || {}
+ opts = SsriOpts(opts)
// For verification
const sri = opts.integrity && parse(opts.integrity, opts)
const goodSri = sri && Object.keys(sri).length
@@ -277,10 +298,7 @@ function integrityStream (opts) {
const digests = goodSri && sri[algorithm]
// Calculating stream
const algorithms = Array.from(
- new Set(
- (opts.algorithms || ['sha512'])
- .concat(algorithm ? [algorithm] : [])
- )
+ new Set(opts.algorithms.concat(algorithm ? [algorithm] : []))
)
const hashes = algorithms.map(crypto.createHash)
let streamSize = 0
@@ -325,9 +343,9 @@ function integrityStream (opts) {
module.exports.create = createIntegrity
function createIntegrity (opts) {
- opts = opts || {}
- const algorithms = opts.algorithms || ['sha512']
- const optString = opts.options && opts.options.length
+ opts = SsriOpts(opts)
+ const algorithms = opts.algorithms
+ const optString = opts.options.length
? `?${opts.options.join('?')}`
: ''
diff --git a/node_modules/ssri/package.json b/node_modules/ssri/package.json
index ec561fc3f7307..5dd740daa2782 100644
--- a/node_modules/ssri/package.json
+++ b/node_modules/ssri/package.json
@@ -1,35 +1,31 @@
{
- "_args": [
- [
- "ssri@6.0.0",
- "/Users/rebecca/code/npm"
- ]
- ],
- "_from": "ssri@6.0.0",
- "_id": "ssri@6.0.0",
+ "_from": "ssri@latest",
+ "_id": "ssri@6.0.1",
"_inBundle": false,
- "_integrity": "sha512-zYOGfVHPhxyzwi8MdtdNyxv3IynWCIM4jYReR48lqu0VngxgH1c+C6CmipRdJ55eVByTJV/gboFEEI7TEQI8DA==",
+ "_integrity": "sha512-3Wge10hNcT1Kur4PDFwEieXSCMCJs/7WvSACcrMYrNp+b8kDL1/0wJch5Ni2WrtwEa2IO8OsVfeKIciKCDx/QA==",
"_location": "/ssri",
"_phantomChildren": {},
"_requested": {
- "type": "version",
+ "type": "tag",
"registry": true,
- "raw": "ssri@6.0.0",
+ "raw": "ssri@latest",
"name": "ssri",
"escapedName": "ssri",
- "rawSpec": "6.0.0",
+ "rawSpec": "latest",
"saveSpec": null,
- "fetchSpec": "6.0.0"
+ "fetchSpec": "latest"
},
"_requiredBy": [
+ "#USER",
"/",
"/cacache",
"/make-fetch-happen",
"/pacote"
],
- "_resolved": "https://registry.npmjs.org/ssri/-/ssri-6.0.0.tgz",
- "_spec": "6.0.0",
- "_where": "/Users/rebecca/code/npm",
+ "_resolved": "https://registry.npmjs.org/ssri/-/ssri-6.0.1.tgz",
+ "_shasum": "2a3c41b28dd45b62b63676ecb74001265ae9edd8",
+ "_spec": "ssri@latest",
+ "_where": "/Users/zkat/Documents/code/work/npm",
"author": {
"name": "Kat Marchán",
"email": "kzm@sykosomatic.org"
@@ -37,6 +33,7 @@
"bugs": {
"url": "https://github.com/zkat/ssri/issues"
},
+ "bundleDependencies": false,
"config": {
"nyc": {
"exclude": [
@@ -45,7 +42,10 @@
]
}
},
- "dependencies": {},
+ "dependencies": {
+ "figgy-pudding": "^3.5.1"
+ },
+ "deprecated": false,
"description": "Standard Subresource Integrity library -- parses, serializes, generates, and verifies integrity metadata according to the SRI spec.",
"devDependencies": {
"nyc": "^11.4.1",
@@ -89,5 +89,5 @@
"update-coc": "weallbehave -o . && git add CODE_OF_CONDUCT.md && git commit -m 'docs(coc): updated CODE_OF_CONDUCT.md'",
"update-contrib": "weallcontribute -o . && git add CONTRIBUTING.md && git commit -m 'docs(contributing): updated CONTRIBUTING.md'"
},
- "version": "6.0.0"
+ "version": "6.0.1"
}
diff --git a/package-lock.json b/package-lock.json
index cd73c2b4d4fc3..3e8cb71a81d5c 100644
--- a/package-lock.json
+++ b/package-lock.json
@@ -6842,9 +6842,12 @@
}
},
"ssri": {
- "version": "6.0.0",
- "resolved": "https://registry.npmjs.org/ssri/-/ssri-6.0.0.tgz",
- "integrity": "sha512-zYOGfVHPhxyzwi8MdtdNyxv3IynWCIM4jYReR48lqu0VngxgH1c+C6CmipRdJ55eVByTJV/gboFEEI7TEQI8DA=="
+ "version": "6.0.1",
+ "resolved": "https://registry.npmjs.org/ssri/-/ssri-6.0.1.tgz",
+ "integrity": "sha512-3Wge10hNcT1Kur4PDFwEieXSCMCJs/7WvSACcrMYrNp+b8kDL1/0wJch5Ni2WrtwEa2IO8OsVfeKIciKCDx/QA==",
+ "requires": {
+ "figgy-pudding": "^3.5.1"
+ }
},
"stack-utils": {
"version": "1.0.1",
diff --git a/package.json b/package.json
index 1c1b9a2badfc4..ddb495c8ae19f 100644
--- a/package.json
+++ b/package.json
@@ -126,7 +126,7 @@
"slide": "~1.1.6",
"sorted-object": "~2.0.1",
"sorted-union-stream": "~2.1.3",
- "ssri": "^6.0.0",
+ "ssri": "^6.0.1",
"stringify-package": "^1.0.0",
"tar": "^4.4.6",
"text-table": "~0.2.0",