[#94] Backend

https://project.mdnd-it.cc/work_packages/94
2025-08-23 04:25:28 +02:00
parent 725516ad6c
commit 19cfa031d0
25823 changed files with 1095587 additions and 2801760 deletions
@@ -1,3 +1,26 @@
+v2.1.0 / 2025-03-05
+==================
+
+  * deps: 
+    * use caret notation for dependency versions
+    * encodeurl@^2.0.0
+    * debug@^4.4.0
+  * remove `ServerResponse.headersSent` support check
+  * remove setImmediate support check
+  * update test dependencies
+  * remove unnecessary devDependency `safe-buffer`
+  * remove `unpipe` package and use native `unpipe()` method
+  * remove unnecessary devDependency `readable-stream`
+  * refactor: use object spread to copy error headers
+  * refactor: use replaceAll instead of replace with a regex
+  * refactor: replace setHeaders function with optimized inline header setting
+
+v2.0.0 / 2024-09-02
+==================
+
+  * drop support for node <18
+  * ignore status message for HTTP/2 (#53) 
+
 v1.3.1 / 2024-09-11
 ==================

@@ -1,25 +0,0 @@
-# Security Policies and Procedures
-
-## Reporting a Bug
-
-The `finalhandler` team and community take all security bugs seriously. Thank
-you for improving the security of Express. We appreciate your efforts and
-responsible disclosure and will make every effort to acknowledge your
-contributions.
-
-Report security bugs by emailing the current owner(s) of `finalhandler`. This
-information can be found in the npm registry using the command
-`npm owner ls finalhandler`.
-If unsure or unable to get the information from the above, open an issue
-in the [project issue tracker](https://github.com/pillarjs/finalhandler/issues)
-asking for the current contact information.
-
-To ensure the timely response to your report, please ensure that the entirety
-of the report is contained within the email body and not solely behind a web
-link or an attachment.
-
-At least one owner will acknowledge your email within 48 hours, and will send a
-more detailed response within 48 hours indicating the next steps in handling
-your report. After the initial reply to your report, the owners will
-endeavor to keep you informed of the progress towards a fix and full
-announcement, and may ask for additional information or guidance.
@@ -17,20 +17,12 @@ var escapeHtml = require('escape-html')
 var onFinished = require('on-finished')
 var parseUrl = require('parseurl')
 var statuses = require('statuses')
-var unpipe = require('unpipe')

 /**
 * Module variables.
 * @private
 */

-var DOUBLE_SPACE_REGEXP = /\x20{2}/g
-var NEWLINE_REGEXP = /\n/g
-
-/* istanbul ignore next */
-var defer = typeof setImmediate === 'function'
-  ? setImmediate
-  : function (fn) { process.nextTick(fn.bind.apply(fn, arguments)) }
 var isFinished = onFinished.isFinished

 /**
@@ -42,8 +34,8 @@ var isFinished = onFinished.isFinished

 function createHtmlDocument (message) {
  var body = escapeHtml(message)
-    .replace(NEWLINE_REGEXP, '<br>')
-    .replace(DOUBLE_SPACE_REGEXP, ' &nbsp;')
+    .replaceAll('\n', '<br>')
+    .replaceAll('  ', ' &nbsp;')

  return '<!DOCTYPE html>\n' +
    '<html lang="en">\n' +
@@ -89,7 +81,7 @@ function finalhandler (req, res, options) {
    var status

    // ignore 404 on in-flight response
-    if (!err && headersSent(res)) {
+    if (!err && res.headersSent) {
      debug('cannot 404 after headers sent')
      return
    }
@@ -119,11 +111,11 @@ function finalhandler (req, res, options) {

    // schedule onerror callback
    if (err && onerror) {
-      defer(onerror, err, req, res)
+      setImmediate(onerror, err, req, res)
    }

    // cannot actually respond
-    if (headersSent(res)) {
+    if (res.headersSent) {
      debug('cannot %d after headers sent', status)
      if (req.socket) {
        req.socket.destroy()
@@ -149,15 +141,7 @@ function getErrorHeaders (err) {
    return undefined
  }

-  var headers = Object.create(null)
-  var keys = Object.keys(err.headers)
-
-  for (var i = 0; i < keys.length; i++) {
-    var key = keys[i]
-    headers[key] = err.headers[key]
-  }
-
-  return headers
+  return { ...err.headers }
 }

 /**
@@ -246,20 +230,6 @@ function getResponseStatusCode (res) {
  return status
 }

-/**
- * Determine if the response headers have been sent.
- *
- * @param {object} res
- * @returns {boolean}
- * @private
- */
-
-function headersSent (res) {
-  return typeof res.headersSent !== 'boolean'
-    ? Boolean(res._header)
-    : res.headersSent
-}
-
 /**
 * Send response.
 *
@@ -289,7 +259,9 @@ function send (req, res, status, headers, message) {
    res.removeHeader('Content-Range')

    // response headers
-    setHeaders(res, headers)
+    for (const [key, value] of Object.entries(headers ?? {})) {
+      res.setHeader(key, value)
+    }

    // security headers
    res.setHeader('Content-Security-Policy', "default-src 'none'")
@@ -313,29 +285,9 @@ function send (req, res, status, headers, message) {
  }

  // unpipe everything from the request
-  unpipe(req)
+  req.unpipe()

  // flush the request
  onFinished(req, write)
  req.resume()
 }
-
-/**
- * Set response headers from an object.
- *
- * @param {OutgoingMessage} res
- * @param {object} headers
- * @private
- */
-
-function setHeaders (res, headers) {
-  if (!headers) {
-    return
-  }
-
-  var keys = Object.keys(headers)
-  for (var i = 0; i < keys.length; i++) {
-    var key = keys[i]
-    res.setHeader(key, headers[key])
-  }
-}
@@ -1,18 +1,17 @@
 {
  "name": "finalhandler",
  "description": "Node.js final http responder",
-  "version": "1.3.1",
+  "version": "2.1.0",
  "author": "Douglas Christopher Wilson <doug@somethingdoug.com>",
  "license": "MIT",
  "repository": "pillarjs/finalhandler",
  "dependencies": {
-    "debug": "2.6.9",
-    "encodeurl": "~2.0.0",
-    "escape-html": "~1.0.3",
-    "on-finished": "2.4.1",
-    "parseurl": "~1.3.3",
-    "statuses": "2.0.1",
-    "unpipe": "~1.0.0"
+    "debug": "^4.4.0",
+    "encodeurl": "^2.0.0",
+    "escape-html": "^1.0.3",
+    "on-finished": "^2.4.1",
+    "parseurl": "^1.3.3",
+    "statuses": "^2.0.1"
  },
  "devDependencies": {
    "eslint": "7.32.0",
@@ -22,16 +21,13 @@
    "eslint-plugin-node": "11.1.0",
    "eslint-plugin-promise": "5.2.0",
    "eslint-plugin-standard": "4.1.0",
-    "mocha": "10.0.0",
-    "nyc": "15.1.0",
-    "readable-stream": "2.3.6",
-    "safe-buffer": "5.2.1",
-    "supertest": "6.2.4"
+    "mocha": "^11.0.1",
+    "nyc": "^17.1.0",
+    "supertest": "^7.0.0"
  },
  "files": [
    "LICENSE",
    "HISTORY.md",
-    "SECURITY.md",
    "index.js"
  ],
  "engines": {