diff -Nru node-send-0.17.2/appveyor.yml node-send-0.18.0+~cs1.19.1/appveyor.yml --- node-send-0.17.2/appveyor.yml 2021-12-11 23:35:45.000000000 +0000 +++ node-send-0.18.0+~cs1.19.1/appveyor.yml 2022-03-24 02:53:50.000000000 +0000 @@ -15,10 +15,10 @@ - nodejs_version: "11.15" - nodejs_version: "12.22" - nodejs_version: "13.14" - - nodejs_version: "14.18" + - nodejs_version: "14.19" - nodejs_version: "15.14" - - nodejs_version: "16.13" - - nodejs_version: "17.2" + - nodejs_version: "16.14" + - nodejs_version: "17.7" cache: - node_modules install: @@ -61,10 +61,13 @@ # supertest for http calls # - use 2.0.0 for Node.js < 4 # - use 3.4.2 for Node.js < 6 + # - use 6.1.6 for Node.js < 8 if ([int]$env:nodejs_version.split(".")[0] -lt 4) { npm install --silent --save-dev supertest@2.0.0 } elseif ([int]$env:nodejs_version.split(".")[0] -lt 6) { npm install --silent --save-dev supertest@3.4.2 + } elseif ([int]$env:nodejs_version.split(".")[0] -lt 8) { + npm install --silent --save-dev supertest@6.1.6 } # Update Node.js modules - ps: | diff -Nru node-send-0.17.2/debian/changelog node-send-0.18.0+~cs1.19.1/debian/changelog --- node-send-0.17.2/debian/changelog 2022-01-04 14:54:32.000000000 +0000 +++ node-send-0.18.0+~cs1.19.1/debian/changelog 2022-05-02 15:41:27.000000000 +0000 @@ -1,3 +1,26 @@ +node-send (0.18.0+~cs1.19.1-3) unstable; urgency=medium + + * Add Breaks: node-express < 4.18.1~ + + -- Yadd Mon, 02 May 2022 17:41:27 +0200 + +node-send (0.18.0+~cs1.19.1-2) unstable; urgency=medium + + * Drop fix-for-statuses-1.patch and require node-statuses >= 2 + (Closes: #1010176) + + -- Yadd Mon, 25 Apr 2022 22:26:39 +0200 + +node-send (0.18.0+~cs1.19.1-1) unstable; urgency=medium + + * Embed typescript declarations + * New upstream version 0.18.0+~cs1.19.1 + * Add dependency to node-ms and node-statuses and drop old patches + (Closes: #1008200) + * Add patch for mime >= 2 and statuses < 2 + + -- Yadd Fri, 25 Mar 2022 15:08:01 +0100 + node-send (0.17.2-2) unstable; urgency=medium * Install destroy in nodejs dir diff -Nru node-send-0.17.2/debian/control node-send-0.18.0+~cs1.19.1/debian/control --- node-send-0.17.2/debian/control 2022-01-04 14:52:26.000000000 +0000 +++ node-send-0.18.0+~cs1.19.1/debian/control 2022-05-02 15:40:58.000000000 +0000 @@ -1,9 +1,8 @@ Source: node-send -Maintainer: Debian Javascript Maintainers -Uploaders: Jérémy Lal , Yadd Section: javascript -Testsuite: autopkgtest-pkg-nodejs Priority: optional +Maintainer: Debian Javascript Maintainers +Uploaders: Jérémy Lal , Yadd Build-Depends: debhelper-compat (= 13) , dh-sequence-nodejs , mocha @@ -16,14 +15,17 @@ , node-fresh , node-http-errors , node-mime-types + , node-ms , node-on-finished , node-range-parser , node-should , node-supertest (>= 4.0.2) + , node-statuses (>= 2) Standards-Version: 4.6.0 Vcs-Browser: https://salsa.debian.org/js-team/node-send Vcs-Git: https://salsa.debian.org/js-team/node-send.git Homepage: https://github.com/pillarjs/send +Testsuite: autopkgtest-pkg-nodejs Rules-Requires-Root: no Package: node-send @@ -36,10 +38,13 @@ , node-etag , node-fresh , node-http-errors - , node-mime-types + , node-mime + , node-ms , node-on-finished , node-range-parser + , node-statuses (>= 2) Provides: ${nodejs:Provides} +Breaks: node-express (<< 4.18.1~) Description: Static file server with ranges and negotiation support for Node.js This module offers a streaming static file server supporting partial responses (Ranges), conditional-GET negotiation, high test coverage, diff -Nru node-send-0.17.2/debian/copyright node-send-0.18.0+~cs1.19.1/debian/copyright --- node-send-0.17.2/debian/copyright 2022-01-04 14:13:37.000000000 +0000 +++ node-send-0.18.0+~cs1.19.1/debian/copyright 2022-03-25 13:39:16.000000000 +0000 @@ -2,21 +2,26 @@ Upstream-Name: send Upstream-Contact: https://github.com/pillarjs/send/issues Source: https://github.com/pillarjs/send + https://registry.npmjs.org/@types/send Files: * Copyright: 2012, TJ Holowaychuk 2014-2016, Douglas Christopher Wilson License: Expat +Files: debian/* +Copyright: 2013, Jérémy Lal + 2014, Leo Iannacone + 2019, Yadd +License: Expat + Files: destroy/* Copyright: 2014, Jonathan Ong License: Expat Comment: Origin https://github.com/stream-utils/destroy -Files: debian/* -Copyright: 2013, Jérémy Lal - 2014, Leo Iannacone - 2019, Yadd +Files: types-*/* +Copyright: Microsoft Corporation License: Expat License: Expat diff -Nru node-send-0.17.2/debian/gbp.conf node-send-0.18.0+~cs1.19.1/debian/gbp.conf --- node-send-0.17.2/debian/gbp.conf 2019-11-07 20:46:22.000000000 +0000 +++ node-send-0.18.0+~cs1.19.1/debian/gbp.conf 2022-03-25 13:39:16.000000000 +0000 @@ -1,6 +1,6 @@ [DEFAULT] pristine-tar=True -component=['destroy'] +component=['destroy', 'types-send'] [import-orig] filter=[ '.gitignore', '.travis.yml', '.git*' ] diff -Nru node-send-0.17.2/debian/patches/0000-bundle_destroy.patch node-send-0.18.0+~cs1.19.1/debian/patches/0000-bundle_destroy.patch --- node-send-0.17.2/debian/patches/0000-bundle_destroy.patch 2019-12-21 11:49:56.000000000 +0000 +++ node-send-0.18.0+~cs1.19.1/debian/patches/0000-bundle_destroy.patch 1970-01-01 00:00:00.000000000 +0000 @@ -1,149 +0,0 @@ -Description: Bundle destroy module as patch. - The module reverse depends only on this context right now. - No need to have it packaged. - Origin: https://github.com/stream-utils/destroy - Version: 1.0.3 -Author: Leo Iannacone -Forwarded: not-needed -Last-Update: 2014-10-13 - ---- /dev/null -+++ b/node_modules/destroy/index.js -@@ -0,0 +1,36 @@ -+var ReadStream = require('fs').ReadStream -+var Stream = require('stream') -+ -+module.exports = function destroy(stream) { -+ if (stream instanceof ReadStream) { -+ return destroyReadStream(stream) -+ } -+ -+ if (!(stream instanceof Stream)) { -+ return stream -+ } -+ -+ if (typeof stream.destroy === 'function') { -+ stream.destroy() -+ } -+ -+ return stream -+} -+ -+function destroyReadStream(stream) { -+ stream.destroy() -+ -+ if (typeof stream.close === 'function') { -+ // node.js core bug work-around -+ stream.on('open', onopenClose) -+ } -+ -+ return stream -+} -+ -+function onopenClose() { -+ if (typeof this.fd === 'number') { -+ // actually close down the fd -+ this.close() -+ } -+} ---- /dev/null -+++ b/node_modules/destroy/package.json -@@ -0,0 +1,36 @@ -+{ -+ "name": "destroy", -+ "description": "destroy a stream if possible", -+ "version": "1.0.3", -+ "author": { -+ "name": "Jonathan Ong", -+ "email": "me@jongleberry.com", -+ "url": "http://jongleberry.com", -+ "twitter": "https://twitter.com/jongleberry" -+ }, -+ "contributors": [ -+ "Douglas Christopher Wilson " -+ ], -+ "license": "MIT", -+ "repository": "stream-utils/destroy", -+ "devDependencies": { -+ "istanbul": "0", -+ "mocha": "1" -+ }, -+ "scripts": { -+ "test": "mocha --reporter spec", -+ "test-cov": "istanbul cover node_modules/mocha/bin/_mocha -- --reporter dot", -+ "test-travis": "istanbul cover node_modules/mocha/bin/_mocha --report lcovonly -- --reporter dot" -+ }, -+ "files": [ -+ "index.js" -+ ], -+ "keywords": [ -+ "stream", -+ "streams", -+ "destroy", -+ "cleanup", -+ "leak", -+ "fd" -+ ] -+} ---- /dev/null -+++ b/node_modules/destroy/test/test.js -@@ -0,0 +1,59 @@ -+ -+var assert = require('assert') -+var fs = require('fs') -+ -+var destroy = require('..') -+ -+describe('Destroy', function () { -+ it('should destroy a stream', function () { -+ var stream = fs.createReadStream('package.json') -+ assert(!isdestroyed(stream)) -+ destroy(stream) -+ assert(isdestroyed(stream)) -+ }) -+ -+ it('should handle falsey values', function () { -+ destroy() -+ }) -+ -+ describe('ReadStream', function () { -+ it('should not leak fd when called sync to open', function (done) { -+ // this test will timeout on a fd leak -+ var _close = fs.close -+ var _open = fs.open -+ var waitclose = false -+ -+ function cleanup() { -+ fs.close = _close -+ fs.open = _open -+ } -+ -+ fs.close = function close() { -+ _close.apply(this, arguments) -+ cleanup() -+ done() -+ } -+ -+ fs.open = function open() { -+ waitclose = true -+ _open.apply(this, arguments) -+ } -+ -+ var stream = fs.createReadStream('package.json') -+ destroy(stream) -+ assert(isdestroyed(stream)) -+ -+ if (waitclose) { -+ return -+ } -+ -+ cleanup() -+ done() -+ }) -+ }) -+}) -+ -+function isdestroyed(stream) { -+ // readable for 0.8, destroyed for 0.10+ -+ return stream.readable === false || stream.destroyed === true -+} diff -Nru node-send-0.17.2/debian/patches/0001-use_ms_from_debug.patch node-send-0.18.0+~cs1.19.1/debian/patches/0001-use_ms_from_debug.patch --- node-send-0.17.2/debian/patches/0001-use_ms_from_debug.patch 2019-12-21 11:53:01.000000000 +0000 +++ node-send-0.18.0+~cs1.19.1/debian/patches/0001-use_ms_from_debug.patch 1970-01-01 00:00:00.000000000 +0000 @@ -1,19 +0,0 @@ -Description: Module ms is included in node-debug, use it. -Author: Leo Iannacone -Forwarded: not-needed -Reviewed-By: Xavier Guimard -Last-Update: 2019-12-21 - ---- a/index.js -+++ b/index.js -@@ -21,8 +21,8 @@ - var etag = require('etag') - var fresh = require('fresh') - var fs = require('fs') --var mime = require('mime') --var ms = require('ms') -+var mime = require('mime-types') -+var ms = require('debug').humanize; - var onFinished = require('on-finished') - var parseRange = require('range-parser') - var path = require('path') diff -Nru node-send-0.17.2/debian/patches/disable-failing-test.patch node-send-0.18.0+~cs1.19.1/debian/patches/disable-failing-test.patch --- node-send-0.17.2/debian/patches/disable-failing-test.patch 2019-12-21 11:56:36.000000000 +0000 +++ node-send-0.18.0+~cs1.19.1/debian/patches/disable-failing-test.patch 2022-03-25 13:41:11.000000000 +0000 @@ -7,7 +7,7 @@ --- a/test/send.js +++ b/test/send.js -@@ -1439,7 +1439,7 @@ +@@ -1478,7 +1478,7 @@ request(createServer({ root: fixtures })) .get('/no_ext') diff -Nru node-send-0.17.2/debian/patches/fix-for-mime-2.patch node-send-0.18.0+~cs1.19.1/debian/patches/fix-for-mime-2.patch --- node-send-0.17.2/debian/patches/fix-for-mime-2.patch 1970-01-01 00:00:00.000000000 +0000 +++ node-send-0.18.0+~cs1.19.1/debian/patches/fix-for-mime-2.patch 2022-03-25 14:01:42.000000000 +0000 @@ -0,0 +1,45 @@ +Description: fix for mime 2 + Object mime.charsets was removed +Author: Yadd +Forwarded: no +Last-Update: 2022-03-25 + +--- a/index.js ++++ b/index.js +@@ -827,17 +827,15 @@ + + if (res.getHeader('Content-Type')) return + +- var type = mime.lookup(path) ++ var type = mime.getType(path.replace(/^.*\./,'')) + + if (!type) { + debug('no content-type') + return + } + +- var charset = mime.charsets.lookup(type) +- + debug('content-type %s', type) +- res.setHeader('Content-Type', type + (charset ? '; charset=' + charset : '')) ++ res.setHeader('Content-Type', type) + } + + /** +--- a/test/send.js ++++ b/test/send.js +@@ -147,12 +147,12 @@ + it('should set Content-Type via mime map', function (done) { + request(app) + .get('/name.txt') +- .expect('Content-Type', 'text/plain; charset=UTF-8') ++ .expect('Content-Type', 'text/plain') + .expect(200, function (err) { + if (err) return done(err) + request(app) + .get('/tobi.html') +- .expect('Content-Type', 'text/html; charset=UTF-8') ++ .expect('Content-Type', 'text/html') + .expect(200, done) + }) + }) diff -Nru node-send-0.17.2/debian/patches/series node-send-0.18.0+~cs1.19.1/debian/patches/series --- node-send-0.17.2/debian/patches/series 2019-12-21 11:57:30.000000000 +0000 +++ node-send-0.18.0+~cs1.19.1/debian/patches/series 2022-04-25 20:24:56.000000000 +0000 @@ -1,3 +1,2 @@ -0000-bundle_destroy.patch -0001-use_ms_from_debug.patch disable-failing-test.patch +fix-for-mime-2.patch diff -Nru node-send-0.17.2/debian/source/lintian-overrides node-send-0.18.0+~cs1.19.1/debian/source/lintian-overrides --- node-send-0.17.2/debian/source/lintian-overrides 1970-01-01 00:00:00.000000000 +0000 +++ node-send-0.18.0+~cs1.19.1/debian/source/lintian-overrides 2022-03-25 13:39:16.000000000 +0000 @@ -0,0 +1,2 @@ +# Generic types-* path +add-component-copyright types-* diff -Nru node-send-0.17.2/debian/watch node-send-0.18.0+~cs1.19.1/debian/watch --- node-send-0.17.2/debian/watch 2022-01-04 14:14:12.000000000 +0000 +++ node-send-0.18.0+~cs1.19.1/debian/watch 2022-03-25 13:39:35.000000000 +0000 @@ -1,10 +1,15 @@ version=4 opts=filenamemangle=s/.*?(\d[\d\.-]*@ARCHIVE_EXT@)/node-send-$1/ \ -https://github.com/visionmedia/send/tags .*/archive/.*/v?([\d\.]+).tar.gz +https://github.com/visionmedia/send/tags .*/archive/.*/v?([\d\.]+).tar.gz group opts=\ ctype=nodejs,\ component=destroy,\ dversionmangle=auto,\ filenamemangle=s/.*?(\d[\d\.-]*@ARCHIVE_EXT@)/node-destroy-$1/ \ - https://github.com/stream-utils/destroy/tags .*/archive/.*/v?([\d\.]+).tar.gz ignore + https://github.com/stream-utils/destroy/tags .*/archive/.*/v?([\d\.]+).tar.gz checksum + +# It is not recommended use npmregistry. Please investigate more. +# Take a look at https://wiki.debian.org/debian/watch/ +opts="searchmode=plain,component=types-send,ctype=nodejs,pgpmode=none,filenamemangle=s/^.*?(\d[\d\.-]*@ARCHIVE_EXT@)/node-types-send-$1/" \ + https://registry.npmjs.org/@types/send https://registry.npmjs.org/@types/send/-/send-([\d\.]+)@ARCHIVE_EXT@ checksum diff -Nru node-send-0.17.2/destroy/.eslintignore node-send-0.18.0+~cs1.19.1/destroy/.eslintignore --- node-send-0.17.2/destroy/.eslintignore 1970-01-01 00:00:00.000000000 +0000 +++ node-send-0.18.0+~cs1.19.1/destroy/.eslintignore 2022-03-20 19:02:23.000000000 +0000 @@ -0,0 +1,2 @@ +coverage +node_modules diff -Nru node-send-0.17.2/destroy/.eslintrc.yml node-send-0.18.0+~cs1.19.1/destroy/.eslintrc.yml --- node-send-0.17.2/destroy/.eslintrc.yml 1970-01-01 00:00:00.000000000 +0000 +++ node-send-0.18.0+~cs1.19.1/destroy/.eslintrc.yml 2022-03-20 19:02:23.000000000 +0000 @@ -0,0 +1,2 @@ +root: true +extends: standard diff -Nru node-send-0.17.2/destroy/.github/workflows/ci.yml node-send-0.18.0+~cs1.19.1/destroy/.github/workflows/ci.yml --- node-send-0.17.2/destroy/.github/workflows/ci.yml 1970-01-01 00:00:00.000000000 +0000 +++ node-send-0.18.0+~cs1.19.1/destroy/.github/workflows/ci.yml 2022-03-20 19:02:23.000000000 +0000 @@ -0,0 +1,218 @@ +name: ci + +on: +- pull_request +- push + +jobs: + test: + runs-on: ubuntu-latest + strategy: + fail-fast: false + matrix: + name: + - Node.js 0.8 + - Node.js 0.10 + - Node.js 0.12 + - io.js 1.x + - io.js 2.x + - io.js 3.x + - Node.js 4.x + - Node.js 5.x + - Node.js 6.x + - Node.js 7.x + - Node.js 8.x + - Node.js 9.x + - Node.js 10.x + - Node.js 11.x + - Node.js 12.x + - Node.js 13.x + - Node.js 14.x + - Node.js 15.x + - Node.js 16.x + - Node.js 17.x + + include: + - name: Node.js 0.8 + node-version: "0.8" + npm-i: mocha@2.5.3 + npm-rm: nyc + + - name: Node.js 0.10 + node-version: "0.10" + npm-i: mocha@3.5.3 nyc@10.3.2 + + - name: Node.js 0.12 + node-version: "0.12" + npm-i: mocha@3.5.3 nyc@10.3.2 + + - name: io.js 1.x + node-version: "1.8" + npm-i: mocha@3.5.3 nyc@10.3.2 + + - name: io.js 2.x + node-version: "2.5" + npm-i: mocha@3.5.3 nyc@10.3.2 + + - name: io.js 3.x + node-version: "3.3" + npm-i: mocha@3.5.3 nyc@10.3.2 + + - name: Node.js 4.x + node-version: "4.9" + npm-i: mocha@5.2.0 nyc@11.9.0 + + - name: Node.js 5.x + node-version: "5.12" + npm-i: mocha@5.2.0 nyc@11.9.0 + + - name: Node.js 6.x + node-version: "6.17" + npm-i: mocha@6.2.3 nyc@14.1.1 + + - name: Node.js 7.x + node-version: "7.10" + npm-i: mocha@6.2.3 nyc@14.1.1 + + - name: Node.js 8.x + node-version: "8.17" + npm-i: mocha@7.2.0 + + - name: Node.js 9.x + node-version: "9.11" + npm-i: mocha@7.2.0 + + - name: Node.js 10.x + node-version: "10.24" + npm-i: mocha@8.4.0 + + - name: Node.js 11.x + node-version: "11.15" + npm-i: mocha@8.4.0 + + - name: Node.js 12.x + node-version: "12.22" + + - name: Node.js 13.x + node-version: "13.14" + + - name: Node.js 14.x + node-version: "14.19" + + - name: Node.js 15.x + node-version: "15.14" + + - name: Node.js 16.x + node-version: "16.14" + + - name: Node.js 17.x + node-version: "17.7" + + steps: + - uses: actions/checkout@v2 + + - name: Install Node.js ${{ matrix.node-version }} + shell: bash -eo pipefail -l {0} + run: | + nvm install --default ${{ matrix.node-version }} + if [[ "${{ matrix.node-version }}" == 0.* && "$(cut -d. -f2 <<< "${{ matrix.node-version }}")" -lt 10 ]]; then + nvm install --alias=npm 0.10 + npm install -g npm@1.2.8000 + NPM=$(which npm) + nvm use ${{ matrix.node-version }} + ln -fs "$NPM" "$(which npm)" + sed -i '1s;^.*$;'"$(printf '#!%q' "$(nvm which npm)")"';' "$(readlink -f "$(which npm)")" + npm config set strict-ssl false + fi + dirname "$(nvm which ${{ matrix.node-version }})" >> "$GITHUB_PATH" + + - name: Configure npm + run: npm config set shrinkwrap false + + - name: Remove npm module(s) ${{ matrix.npm-rm }} + run: npm rm --silent --save-dev ${{ matrix.npm-rm }} + if: matrix.npm-rm != '' + + - name: Install npm module(s) ${{ matrix.npm-i }} + run: npm install --save-dev ${{ matrix.npm-i }} + if: matrix.npm-i != '' + + - name: Setup Node.js version-specific dependencies + shell: bash + run: | + # eslint for linting + # - remove on Node.js < 10 + if [[ "$(cut -d. -f1 <<< "${{ matrix.node-version }}")" -lt 10 ]]; then + node -pe 'Object.keys(require("./package").devDependencies).join("\n")' | \ + grep -E '^eslint(-|$)' | \ + sort -r | \ + xargs -n1 npm rm --silent --save-dev + fi + + - name: Install Node.js dependencies + run: npm install + + - name: List environment + id: list_env + shell: bash + run: | + echo "node@$(node -v)" + echo "npm@$(npm -v)" + npm -s ls ||: + (npm -s ls --depth=0 ||:) | awk -F'[ @]' 'NR>1 && $2 { print "::set-output name=" $2 "::" $3 }' + + - name: Run tests + shell: bash + run: | + if npm -ps ls nyc | grep -q nyc; then + npm run test-ci + cp coverage/lcov.info "coverage/${{ matrix.name }}.lcov" + else + npm test + fi + + - name: Lint code + if: steps.list_env.outputs.eslint != '' + run: npm run lint + + - name: Collect code coverage + if: steps.list_env.outputs.nyc != '' + run: | + if [[ -d ./coverage ]]; then + mv ./coverage "./${{ matrix.name }}" + mkdir ./coverage + mv "./${{ matrix.name }}" "./coverage/${{ matrix.name }}" + fi + + - name: Upload code coverage + uses: actions/upload-artifact@v2 + if: steps.list_env.outputs.nyc != '' + with: + name: coverage + path: ./coverage + retention-days: 1 + + coverage: + needs: test + runs-on: ubuntu-latest + steps: + - uses: actions/checkout@v2 + + - name: Install lcov + shell: bash + run: sudo apt-get -y install lcov + + - name: Collect coverage reports + uses: actions/download-artifact@v2 + with: + name: coverage + path: ./coverage + + - name: Merge coverage reports + shell: bash + run: find ./coverage -name lcov.info -exec printf '-a %q\n' {} \; | xargs lcov -o ./coverage/lcov.info + + - name: Upload coverage report + uses: coverallsapp/github-action@master + with: + github-token: ${{ secrets.GITHUB_TOKEN }} diff -Nru node-send-0.17.2/destroy/.gitignore node-send-0.18.0+~cs1.19.1/destroy/.gitignore --- node-send-0.17.2/destroy/.gitignore 2016-01-16 03:11:01.000000000 +0000 +++ node-send-0.18.0+~cs1.19.1/destroy/.gitignore 2022-03-20 19:02:23.000000000 +0000 @@ -3,5 +3,7 @@ *.log *.gz +.nyc_output node_modules coverage +package-lock.json diff -Nru node-send-0.17.2/destroy/HISTORY.md node-send-0.18.0+~cs1.19.1/destroy/HISTORY.md --- node-send-0.17.2/destroy/HISTORY.md 2016-01-16 03:11:01.000000000 +0000 +++ node-send-0.18.0+~cs1.19.1/destroy/HISTORY.md 2022-03-20 19:02:23.000000000 +0000 @@ -1,3 +1,18 @@ +1.2.0 / 2022-03-20 +================== + + * Add `suppress` argument + +1.1.1 / 2022-02-28 +================== + + * Work around Zlib close bug in Node.js < 4.5.5 + +1.1.0 / 2022-01-25 +================== + + * Add Zlib steam support and Node.js leak work around + 1.0.4 / 2016-01-15 ================== diff -Nru node-send-0.17.2/destroy/index.js node-send-0.18.0+~cs1.19.1/destroy/index.js --- node-send-0.17.2/destroy/index.js 2016-01-16 03:11:01.000000000 +0000 +++ node-send-0.18.0+~cs1.19.1/destroy/index.js 2022-03-20 19:02:23.000000000 +0000 @@ -1,6 +1,7 @@ /*! * destroy * Copyright(c) 2014 Jonathan Ong + * Copyright(c) 2015-2022 Douglas Christopher Wilson * MIT Licensed */ @@ -11,8 +12,10 @@ * @private */ +var EventEmitter = require('events').EventEmitter var ReadStream = require('fs').ReadStream var Stream = require('stream') +var Zlib = require('zlib') /** * Module exports. @@ -22,23 +25,25 @@ module.exports = destroy /** - * Destroy a stream. + * Destroy the given stream, and optionally suppress any future `error` events. * * @param {object} stream + * @param {boolean} suppress * @public */ -function destroy(stream) { - if (stream instanceof ReadStream) { - return destroyReadStream(stream) - } - - if (!(stream instanceof Stream)) { - return stream +function destroy (stream, suppress) { + if (isFsReadStream(stream)) { + destroyReadStream(stream) + } else if (isZlibStream(stream)) { + destroyZlibStream(stream) + } else if (hasDestroy(stream)) { + stream.destroy() } - if (typeof stream.destroy === 'function') { - stream.destroy() + if (isEventEmitter(stream) && suppress) { + stream.removeAllListeners('error') + stream.addListener('error', noop) } return stream @@ -51,15 +56,144 @@ * @private */ -function destroyReadStream(stream) { +function destroyReadStream (stream) { stream.destroy() if (typeof stream.close === 'function') { // node.js core bug work-around stream.on('open', onOpenClose) } +} - return stream +/** + * Close a Zlib stream. + * + * Zlib streams below Node.js 4.5.5 have a buggy implementation + * of .close() when zlib encountered an error. + * + * @param {object} stream + * @private + */ + +function closeZlibStream (stream) { + if (stream._hadError === true) { + var prop = stream._binding === null + ? '_binding' + : '_handle' + + stream[prop] = { + close: function () { this[prop] = null } + } + } + + stream.close() +} + +/** + * Destroy a Zlib stream. + * + * Zlib streams don't have a destroy function in Node.js 6. On top of that + * simply calling destroy on a zlib stream in Node.js 8+ will result in a + * memory leak. So until that is fixed, we need to call both close AND destroy. + * + * PR to fix memory leak: https://github.com/nodejs/node/pull/23734 + * + * In Node.js 6+8, it's important that destroy is called before close as the + * stream would otherwise emit the error 'zlib binding closed'. + * + * @param {object} stream + * @private + */ + +function destroyZlibStream (stream) { + if (typeof stream.destroy === 'function') { + // node.js core bug work-around + // istanbul ignore if: node.js 0.8 + if (stream._binding) { + // node.js < 0.10.0 + stream.destroy() + if (stream._processing) { + stream._needDrain = true + stream.once('drain', onDrainClearBinding) + } else { + stream._binding.clear() + } + } else if (stream._destroy && stream._destroy !== Stream.Transform.prototype._destroy) { + // node.js >= 12, ^11.1.0, ^10.15.1 + stream.destroy() + } else if (stream._destroy && typeof stream.close === 'function') { + // node.js 7, 8 + stream.destroyed = true + stream.close() + } else { + // fallback + // istanbul ignore next + stream.destroy() + } + } else if (typeof stream.close === 'function') { + // node.js < 8 fallback + closeZlibStream(stream) + } +} + +/** + * Determine if stream has destroy. + * @private + */ + +function hasDestroy (stream) { + return stream instanceof Stream && + typeof stream.destroy === 'function' +} + +/** + * Determine if val is EventEmitter. + * @private + */ + +function isEventEmitter (val) { + return val instanceof EventEmitter +} + +/** + * Determine if stream is fs.ReadStream stream. + * @private + */ + +function isFsReadStream (stream) { + return stream instanceof ReadStream +} + +/** + * Determine if stream is Zlib stream. + * @private + */ + +function isZlibStream (stream) { + return stream instanceof Zlib.Gzip || + stream instanceof Zlib.Gunzip || + stream instanceof Zlib.Deflate || + stream instanceof Zlib.DeflateRaw || + stream instanceof Zlib.Inflate || + stream instanceof Zlib.InflateRaw || + stream instanceof Zlib.Unzip +} + +/** + * No-op function. + * @private + */ + +function noop () {} + +/** + * On drain handler to clear binding. + * @private + */ + +// istanbul ignore next: node.js 0.8 +function onDrainClearBinding () { + this._binding.clear() } /** @@ -67,7 +201,7 @@ * @private */ -function onOpenClose() { +function onOpenClose () { if (typeof this.fd === 'number') { // actually close down the fd this.close() diff -Nru node-send-0.17.2/destroy/LICENSE node-send-0.18.0+~cs1.19.1/destroy/LICENSE --- node-send-0.17.2/destroy/LICENSE 2016-01-16 03:11:01.000000000 +0000 +++ node-send-0.18.0+~cs1.19.1/destroy/LICENSE 2022-03-20 19:02:23.000000000 +0000 @@ -2,6 +2,7 @@ The MIT License (MIT) Copyright (c) 2014 Jonathan Ong me@jongleberry.com +Copyright (c) 2015-2022 Douglas Christopher Wilson doug@somethingdoug.com Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal diff -Nru node-send-0.17.2/destroy/package.json node-send-0.18.0+~cs1.19.1/destroy/package.json --- node-send-0.17.2/destroy/package.json 2016-01-16 03:11:01.000000000 +0000 +++ node-send-0.18.0+~cs1.19.1/destroy/package.json 2022-03-20 19:02:23.000000000 +0000 @@ -1,7 +1,7 @@ { "name": "destroy", "description": "destroy a stream if possible", - "version": "1.0.4", + "version": "1.2.0", "author": { "name": "Jonathan Ong", "email": "me@jongleberry.com", @@ -14,13 +14,24 @@ "license": "MIT", "repository": "stream-utils/destroy", "devDependencies": { - "istanbul": "0.4.2", - "mocha": "2.3.4" + "eslint": "7.32.0", + "eslint-config-standard": "14.1.1", + "eslint-plugin-import": "2.25.4", + "eslint-plugin-node": "11.1.0", + "eslint-plugin-promise": "5.2.0", + "eslint-plugin-standard": "4.1.0", + "mocha": "9.2.2", + "nyc": "15.1.0" + }, + "engines": { + "node": ">= 0.8", + "npm": "1.2.8000 || >= 1.4.16" }, "scripts": { + "lint": "eslint .", "test": "mocha --reporter spec", - "test-cov": "istanbul cover node_modules/mocha/bin/_mocha -- --reporter dot", - "test-travis": "istanbul cover node_modules/mocha/bin/_mocha --report lcovonly -- --reporter dot" + "test-ci": "nyc --reporter=lcovonly --reporter=text npm test", + "test-cov": "nyc --reporter=html --reporter=text npm test" }, "files": [ "index.js", diff -Nru node-send-0.17.2/destroy/README.md node-send-0.18.0+~cs1.19.1/destroy/README.md --- node-send-0.17.2/destroy/README.md 2016-01-16 03:11:01.000000000 +0000 +++ node-send-0.18.0+~cs1.19.1/destroy/README.md 2022-03-20 19:02:23.000000000 +0000 @@ -1,11 +1,10 @@ -# Destroy +# destroy [![NPM version][npm-image]][npm-url] -[![Build status][travis-image]][travis-url] +[![Build Status][github-actions-ci-image]][github-actions-ci-url] [![Test coverage][coveralls-image]][coveralls-url] [![License][license-image]][license-url] [![Downloads][downloads-image]][downloads-url] -[![Gittip][gittip-image]][gittip-url] Destroy a stream. @@ -18,17 +17,23 @@ var destroy = require('destroy') ``` -### destroy(stream) +### destroy(stream [, suppress]) -Destroy the given stream. In most cases, this is identical to a simple -`stream.destroy()` call. The rules are as follows for a given stream: +Destroy the given stream, and optionally suppress any future `error` events. + +In most cases, this is identical to a simple `stream.destroy()` call. The rules +are as follows for a given stream: 1. If the `stream` is an instance of `ReadStream`, then call `stream.destroy()` and add a listener to the `open` event to call `stream.close()` if it is fired. This is for a Node.js bug that will leak a file descriptor if `.destroy()` is called before `open`. - 2. If the `stream` is not an instance of `Stream`, then nothing happens. - 3. If the `stream` has a `.destroy()` method, then call it. + 2. If the `stream` is an instance of a zlib stream, then call `stream.destroy()` + and close the underlying zlib handle if open, otherwise call `stream.close()`. + This is for consistency across Node.js versions and a Node.js bug that will + leak a native zlib handle. + 3. If the `stream` is not an instance of `Stream`, then nothing happens. + 4. If the `stream` has a `.destroy()` method, then call it. The function returns the `stream` passed in as the argument. @@ -48,13 +53,11 @@ [npm-url]: https://npmjs.org/package/destroy [github-tag]: http://img.shields.io/github/tag/stream-utils/destroy.svg?style=flat-square [github-url]: https://github.com/stream-utils/destroy/tags -[travis-image]: https://img.shields.io/travis/stream-utils/destroy.svg?style=flat-square -[travis-url]: https://travis-ci.org/stream-utils/destroy [coveralls-image]: https://img.shields.io/coveralls/stream-utils/destroy.svg?style=flat-square [coveralls-url]: https://coveralls.io/r/stream-utils/destroy?branch=master [license-image]: http://img.shields.io/npm/l/destroy.svg?style=flat-square [license-url]: LICENSE.md [downloads-image]: http://img.shields.io/npm/dm/destroy.svg?style=flat-square [downloads-url]: https://npmjs.org/package/destroy -[gittip-image]: https://img.shields.io/gittip/jonathanong.svg?style=flat-square -[gittip-url]: https://www.gittip.com/jonathanong/ +[github-actions-ci-image]: https://img.shields.io/github/workflow/status/stream-utils/destroy/ci/master?label=ci&style=flat-square +[github-actions-ci-url]: https://github.com/stream-utils/destroy/actions/workflows/ci.yml diff -Nru node-send-0.17.2/destroy/test/.eslintrc.yml node-send-0.18.0+~cs1.19.1/destroy/test/.eslintrc.yml --- node-send-0.17.2/destroy/test/.eslintrc.yml 1970-01-01 00:00:00.000000000 +0000 +++ node-send-0.18.0+~cs1.19.1/destroy/test/.eslintrc.yml 2022-03-20 19:02:23.000000000 +0000 @@ -0,0 +1,2 @@ +env: + mocha: true diff -Nru node-send-0.17.2/destroy/test/test.js node-send-0.18.0+~cs1.19.1/destroy/test/test.js --- node-send-0.17.2/destroy/test/test.js 2016-01-16 03:11:01.000000000 +0000 +++ node-send-0.18.0+~cs1.19.1/destroy/test/test.js 2022-03-20 19:02:23.000000000 +0000 @@ -2,10 +2,11 @@ var assert = require('assert') var fs = require('fs') var net = require('net') +var zlib = require('zlib') var destroy = require('..') -describe('destroy', function () { +describe('destroy(stream)', function () { it('should destroy a stream', function () { var stream = fs.createReadStream('package.json') assert(!isdestroyed(stream)) @@ -28,18 +29,18 @@ var _open = fs.open var waitclose = false - function cleanup() { + function cleanup () { fs.close = _close fs.open = _open } - fs.close = function close() { + fs.close = function close () { _close.apply(this, arguments) cleanup() done() } - fs.open = function open() { + fs.open = function open () { waitclose = true _open.apply(this, arguments) } @@ -61,7 +62,7 @@ it('should destroy a socket', function (done) { var server = net.createServer(function (connection) { socket.on('close', function () { - done() + server.close(done) }) destroy(connection) }) @@ -72,9 +73,87 @@ }) }) }) + + ;['Gunzip', 'Inflate', 'InflateRaw', 'Unzip'].forEach(function (type) { + var method = 'create' + type + + describe('Zlib.' + type, function () { + it('should destroy a zlib stream', function () { + var stream = zlib[method]() + assert(!isdestroyed(stream)) + destroy(stream) + assert(isdestroyed(stream)) + }) + + it('should destroy a zlib stream after write', function () { + var stream = zlib[method]() + assert(!isdestroyed(stream)) + stream.write('') + destroy(stream) + assert(isdestroyed(stream)) + }) + + it('should destroy a zlib stream after error', function (done) { + var stream = zlib[method]() + assert(!isdestroyed(stream)) + stream.on('error', function () { + destroy(stream) + assert(isdestroyed(stream)) + done() + }) + stream.write('foobar_invalid') + }) + }) + }) + + ;['Gzip', 'Deflate', 'DeflateRaw'].forEach(function (type) { + var method = 'create' + type + + describe('Zlib.' + type, function () { + it('should destroy a zlib stream', function () { + var stream = zlib[method]() + assert(!isdestroyed(stream)) + destroy(stream) + assert(isdestroyed(stream)) + }) + + it('should destroy a zlib stream after write', function () { + var stream = zlib[method]() + assert(!isdestroyed(stream)) + stream.write('') + destroy(stream) + assert(isdestroyed(stream)) + }) + }) + }) +}) + +describe('destroy(stream, suppress)', function () { + it('should destroy a stream', function () { + var stream = fs.createReadStream('package.json') + assert(!isdestroyed(stream)) + destroy(stream, true) + assert(isdestroyed(stream)) + }) + + it('should handle falsey values', function () { + destroy(0, true) + }) + + it('should handle random object', function () { + destroy({}, true) + }) + + it('should suppress errors after destroy', function () { + var stream = fs.createReadStream('package2.json') + assert(!isdestroyed(stream)) + destroy(stream, true) + assert(isdestroyed(stream)) + }) }) -function isdestroyed(stream) { - // readable for 0.8, destroyed for 0.10+ - return stream.readable === false || stream.destroyed === true +function isdestroyed (stream) { + // readable for 0.8, destroyed for 0.10+, _closed for zlib < 8 + return stream.readable === false || stream.destroyed === true || + stream._closed === true } diff -Nru node-send-0.17.2/destroy/.travis.yml node-send-0.18.0+~cs1.19.1/destroy/.travis.yml --- node-send-0.17.2/destroy/.travis.yml 2016-01-16 03:11:01.000000000 +0000 +++ node-send-0.18.0+~cs1.19.1/destroy/.travis.yml 1970-01-01 00:00:00.000000000 +0000 @@ -1,20 +0,0 @@ -language: node_js -node_js: - - "0.8" - - "0.10" - - "0.12" - - "1.8" - - "2.5" - - "3.3" - - "4.2" - - "5.3" -sudo: false -before_install: - # Setup Node.js version-specific dependencies - - "test $TRAVIS_NODE_VERSION != '0.8' || npm rm --save-dev istanbul" -script: - # Run test script, depending on istanbul install - - "test ! -z $(npm -ps ls istanbul) || npm test" - - "test -z $(npm -ps ls istanbul) || npm run-script test-travis" -after_script: - - "test -e ./coverage/lcov.info && npm install coveralls@2 && cat ./coverage/lcov.info | coveralls" diff -Nru node-send-0.17.2/.github/workflows/ci.yml node-send-0.18.0+~cs1.19.1/.github/workflows/ci.yml --- node-send-0.17.2/.github/workflows/ci.yml 2021-12-11 23:35:45.000000000 +0000 +++ node-send-0.18.0+~cs1.19.1/.github/workflows/ci.yml 2022-03-24 02:53:50.000000000 +0000 @@ -26,6 +26,10 @@ - Node.js 11.x - Node.js 12.x - Node.js 13.x + - Node.js 14.x + - Node.js 15.x + - Node.js 16.x + - Node.js 17.x include: - name: Node.js 0.8 @@ -63,11 +67,11 @@ - name: Node.js 6.x node-version: "6.17" - npm-i: mocha@6.2.3 nyc@14.1.1 + npm-i: mocha@6.2.3 nyc@14.1.1 supertest@6.1.6 - name: Node.js 7.x node-version: "7.10" - npm-i: mocha@6.2.3 nyc@14.1.1 + npm-i: mocha@6.2.3 nyc@14.1.1 supertest@6.1.6 - name: Node.js 8.x node-version: "8.16" @@ -92,16 +96,16 @@ node-version: "13.14" - name: Node.js 14.x - node-version: "14.18" + node-version: "14.19" - name: Node.js 15.x node-version: "15.14" - name: Node.js 16.x - node-version: "16.13" + node-version: "16.14" - name: Node.js 17.x - node-version: "17.2" + node-version: "17.7" steps: - uses: actions/checkout@v2 diff -Nru node-send-0.17.2/HISTORY.md node-send-0.18.0+~cs1.19.1/HISTORY.md --- node-send-0.17.2/HISTORY.md 2021-12-11 23:35:45.000000000 +0000 +++ node-send-0.18.0+~cs1.19.1/HISTORY.md 2022-03-24 02:53:50.000000000 +0000 @@ -1,3 +1,18 @@ +0.18.0 / 2022-03-23 +=================== + + * Fix emitted 416 error missing headers property + * Limit the headers removed for 304 response + * deps: depd@2.0.0 + - Replace internal `eval` usage with `Function` constructor + - Use instance methods on `process` to check for listeners + * deps: destroy@1.2.0 + * deps: http-errors@2.0.0 + - deps: depd@2.0.0 + - deps: statuses@2.0.1 + * deps: on-finished@2.4.1 + * deps: statuses@2.0.1 + 0.17.2 / 2021-12-11 =================== diff -Nru node-send-0.17.2/index.js node-send-0.18.0+~cs1.19.1/index.js --- node-send-0.17.2/index.js 2021-12-11 23:35:45.000000000 +0000 +++ node-send-0.18.0+~cs1.19.1/index.js 2022-03-24 02:53:50.000000000 +0000 @@ -1,7 +1,7 @@ /*! * send * Copyright(c) 2012 TJ Holowaychuk - * Copyright(c) 2014-2016 Douglas Christopher Wilson + * Copyright(c) 2014-2022 Douglas Christopher Wilson * MIT Licensed */ @@ -267,13 +267,11 @@ SendStream.prototype.error = function error (status, err) { // emit if listeners instead of responding if (hasListeners(this, 'error')) { - return this.emit('error', createError(status, err, { - expose: false - })) + return this.emit('error', createHttpError(status, err)) } var res = this.res - var msg = statuses[status] || String(status) + var msg = statuses.message[status] || String(status) var doc = createHtmlDocument('Error', escapeHtml(msg)) // clear existing headers @@ -349,21 +347,19 @@ } /** - * Strip content-* header fields. + * Strip various content header fields for a change in entity. * * @private */ SendStream.prototype.removeContentHeaderFields = function removeContentHeaderFields () { var res = this.res - var headers = getHeaderNames(res) - for (var i = 0; i < headers.length; i++) { - var header = headers[i] - if (header.substr(0, 8) === 'content-' && header !== 'content-location') { - res.removeHeader(header) - } - } + res.removeHeader('Content-Encoding') + res.removeHeader('Content-Language') + res.removeHeader('Content-Length') + res.removeHeader('Content-Range') + res.removeHeader('Content-Type') } /** @@ -787,8 +783,6 @@ */ SendStream.prototype.stream = function stream (path, options) { - // TODO: this is all lame, refactor meeee - var finished = false var self = this var res = this.res @@ -797,20 +791,18 @@ this.emit('stream', stream) stream.pipe(res) - // response finished, done with the fd - onFinished(res, function onfinished () { - finished = true - destroy(stream) - }) + // cleanup + function cleanup () { + destroy(stream, true) + } - // error handling code-smell - stream.on('error', function onerror (err) { - // request already finished - if (finished) return + // response finished, cleanup + onFinished(res, cleanup) - // clean up stream - finished = true - destroy(stream) + // error handling + stream.on('error', function onerror (err) { + // clean up stream early + cleanup() // error self.onStatError(err) @@ -975,6 +967,24 @@ } /** + * Create a HttpError object from simple arguments. + * + * @param {number} status + * @param {Error|object} err + * @private + */ + +function createHttpError (status, err) { + if (!err) { + return createError(status) + } + + return err instanceof Error + ? createError(status, err, { expose: false }) + : createError(status, err) +} + +/** * decodeURIComponent. * * Allows V8 to only deoptimize this fn instead of all diff -Nru node-send-0.17.2/LICENSE node-send-0.18.0+~cs1.19.1/LICENSE --- node-send-0.17.2/LICENSE 2021-12-11 23:35:45.000000000 +0000 +++ node-send-0.18.0+~cs1.19.1/LICENSE 2022-03-24 02:53:50.000000000 +0000 @@ -1,7 +1,7 @@ (The MIT License) Copyright (c) 2012 TJ Holowaychuk -Copyright (c) 2014-2016 Douglas Christopher Wilson +Copyright (c) 2014-2022 Douglas Christopher Wilson Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the diff -Nru node-send-0.17.2/package.json node-send-0.18.0+~cs1.19.1/package.json --- node-send-0.17.2/package.json 2021-12-11 23:35:45.000000000 +0000 +++ node-send-0.18.0+~cs1.19.1/package.json 2022-03-24 02:53:50.000000000 +0000 @@ -1,7 +1,7 @@ { "name": "send", "description": "Better streaming static file server with Range and conditional-GET support", - "version": "0.17.2", + "version": "0.18.0", "author": "TJ Holowaychuk ", "contributors": [ "Douglas Christopher Wilson ", @@ -17,36 +17,37 @@ ], "dependencies": { "debug": "2.6.9", - "depd": "~1.1.2", - "destroy": "~1.0.4", + "depd": "2.0.0", + "destroy": "1.2.0", "encodeurl": "~1.0.2", "escape-html": "~1.0.3", "etag": "~1.8.1", "fresh": "0.5.2", - "http-errors": "1.8.1", + "http-errors": "2.0.0", "mime": "1.6.0", "ms": "2.1.3", - "on-finished": "~2.3.0", + "on-finished": "2.4.1", "range-parser": "~1.2.1", - "statuses": "~1.5.0" + "statuses": "2.0.1" }, "devDependencies": { "after": "0.8.2", "eslint": "7.32.0", "eslint-config-standard": "14.1.1", - "eslint-plugin-import": "2.25.3", + "eslint-plugin-import": "2.25.4", "eslint-plugin-markdown": "2.2.1", "eslint-plugin-node": "11.1.0", "eslint-plugin-promise": "5.2.0", "eslint-plugin-standard": "4.1.0", - "mocha": "9.1.3", + "mocha": "9.2.2", "nyc": "15.1.0", - "supertest": "6.1.6" + "supertest": "6.2.2" }, "files": [ "HISTORY.md", "LICENSE", "README.md", + "SECURITY.md", "index.js" ], "engines": { diff -Nru node-send-0.17.2/README.md node-send-0.18.0+~cs1.19.1/README.md --- node-send-0.17.2/README.md 2021-12-11 23:35:45.000000000 +0000 +++ node-send-0.18.0+~cs1.19.1/README.md 2022-03-24 02:53:50.000000000 +0000 @@ -318,8 +318,8 @@ [appveyor-url]: https://ci.appveyor.com/project/dougwilson/send [coveralls-image]: https://badgen.net/coveralls/c/github/pillarjs/send/master [coveralls-url]: https://coveralls.io/r/pillarjs/send?branch=master -[github-actions-ci-image]: https://badgen.net/github/checks/pillarjs/send/master?label=ci -[github-actions-ci-url]: https://github.com/pillarjs/send/actions?query=workflow%3Aci +[github-actions-ci-image]: https://badgen.net/github/checks/pillarjs/send/master?label=linux +[github-actions-ci-url]: https://github.com/pillarjs/send/actions/workflows/ci.yml [node-image]: https://badgen.net/npm/node/send [node-url]: https://nodejs.org/en/download/ [npm-downloads-image]: https://badgen.net/npm/dm/send diff -Nru node-send-0.17.2/SECURITY.md node-send-0.18.0+~cs1.19.1/SECURITY.md --- node-send-0.17.2/SECURITY.md 1970-01-01 00:00:00.000000000 +0000 +++ node-send-0.18.0+~cs1.19.1/SECURITY.md 2022-03-24 02:53:50.000000000 +0000 @@ -0,0 +1,24 @@ +# Security Policies and Procedures + +## Reporting a Bug + +The `send` team and community take all security bugs seriously. Thank you +for improving the security of Express. We appreciate your efforts and +responsible disclosure and will make every effort to acknowledge your +contributions. + +Report security bugs by emailing the current owner(s) of `send`. This information +can be found in the npm registry using the command `npm owner ls send`. +If unsure or unable to get the information from the above, open an issue +in the [project issue tracker](https://github.com/pillarjs/send/issues) +asking for the current contact information. + +To ensure the timely response to your report, please ensure that the entirety +of the report is contained within the email body and not solely behind a web +link or an attachment. + +At least one owner will acknowledge your email within 48 hours, and will send a +more detailed response within 48 hours indicating the next steps in handling +your report. After the initial reply to your report, the owners will +endeavor to keep you informed of the progress towards a fix and full +announcement, and may ask for additional information or guidance. diff -Nru node-send-0.17.2/test/send.js node-send-0.18.0+~cs1.19.1/test/send.js --- node-send-0.17.2/test/send.js 2021-12-11 23:35:45.000000000 +0000 +++ node-send-0.18.0+~cs1.19.1/test/send.js 2022-03-24 02:53:50.000000000 +0000 @@ -440,6 +440,27 @@ }) }) + it('should not remove all Content-* headers', function (done) { + var server = createServer({ root: fixtures }, function (req, res) { + res.setHeader('Content-Location', 'http://localhost/name.txt') + res.setHeader('Content-Security-Policy', 'default-src \'self\'') + }) + + request(server) + .get('/name.txt') + .expect(200, function (err, res) { + if (err) return done(err) + request(server) + .get('/name.txt') + .set('If-None-Match', res.headers.etag) + .expect(shouldNotHaveHeader('Content-Length')) + .expect(shouldNotHaveHeader('Content-Type')) + .expect('Content-Location', 'http://localhost/name.txt') + .expect('Content-Security-Policy', 'default-src \'self\'') + .expect(304, done) + }) + }) + describe('where "If-Match" is set', function () { it('should respond with 200 when "*"', function (done) { request(app) @@ -643,6 +664,24 @@ .expect('Content-Range', 'bytes */9') .expect(416, done) }) + + it('should emit error 416 with content-range header', function (done) { + var server = http.createServer(function (req, res) { + send(req, req.url, { root: fixtures }) + .on('error', function (err) { + res.setHeader('X-Content-Range', err.headers['Content-Range']) + res.statusCode = err.statusCode + res.end(err.message) + }) + .pipe(res) + }) + + request(server) + .get('/nums.txt') + .set('Range', 'bytes=9-50') + .expect('X-Content-Range', 'bytes */9') + .expect(416, done) + }) }) describe('when syntactically invalid', function () { diff -Nru node-send-0.17.2/types-send/index.d.ts node-send-0.18.0+~cs1.19.1/types-send/index.d.ts --- node-send-0.17.2/types-send/index.d.ts 1970-01-01 00:00:00.000000000 +0000 +++ node-send-0.18.0+~cs1.19.1/types-send/index.d.ts 2021-07-06 16:34:33.000000000 +0000 @@ -0,0 +1,231 @@ +// Type definitions for send 0.17 +// Project: https://github.com/pillarjs/send +// Definitions by: Mike Jerred +// Piotr Błażejewicz +// Definitions: https://github.com/DefinitelyTyped/DefinitelyTyped + +/// + +import * as stream from "stream"; +import * as fs from "fs"; +import * as m from "mime"; + +/** + * Create a new SendStream for the given path to send to a res. + * The req is the Node.js HTTP request and the path is a urlencoded path to send (urlencoded, not the actual file-system path). + */ +declare function send(req: stream.Readable, path: string, options?: send.SendOptions): send.SendStream; + +declare namespace send { + const mime: typeof m; + interface SendOptions { + /** + * Enable or disable accepting ranged requests, defaults to true. + * Disabling this will not send Accept-Ranges and ignore the contents of the Range request header. + */ + acceptRanges?: boolean | undefined; + + /** + * Enable or disable setting Cache-Control response header, defaults to true. + * Disabling this will ignore the maxAge option. + */ + cacheControl?: boolean | undefined; + + /** + * Set how "dotfiles" are treated when encountered. + * A dotfile is a file or directory that begins with a dot ("."). + * Note this check is done on the path itself without checking if the path actually exists on the disk. + * If root is specified, only the dotfiles above the root are checked (i.e. the root itself can be within a dotfile when when set to "deny"). + * 'allow' No special treatment for dotfiles. + * 'deny' Send a 403 for any request for a dotfile. + * 'ignore' Pretend like the dotfile does not exist and 404. + * The default value is similar to 'ignore', with the exception that this default will not ignore the files within a directory that begins with a dot, for backward-compatibility. + */ + dotfiles?: "allow" | "deny" | "ignore" | undefined; + + /** + * Byte offset at which the stream ends, defaults to the length of the file minus 1. + * The end is inclusive in the stream, meaning end: 3 will include the 4th byte in the stream. + */ + end?: number | undefined; + + /** + * Enable or disable etag generation, defaults to true. + */ + etag?: boolean | undefined; + + /** + * If a given file doesn't exist, try appending one of the given extensions, in the given order. + * By default, this is disabled (set to false). + * An example value that will serve extension-less HTML files: ['html', 'htm']. + * This is skipped if the requested file already has an extension. + */ + extensions?: string[] | string | boolean | undefined; + + /** + * Enable or disable the immutable directive in the Cache-Control response header, defaults to false. + * If set to true, the maxAge option should also be specified to enable caching. + * The immutable directive will prevent supported clients from making conditional requests during the life of the maxAge option to check if the file has changed. + * @default false + */ + immutable?: boolean | undefined; + + /** + * By default send supports "index.html" files, to disable this set false or to supply a new index pass a string or an array in preferred order. + */ + index?: string[] | string | boolean | undefined; + + /** + * Enable or disable Last-Modified header, defaults to true. + * Uses the file system's last modified value. + */ + lastModified?: boolean | undefined; + + /** + * Provide a max-age in milliseconds for http caching, defaults to 0. + * This can also be a string accepted by the ms module. + */ + maxAge?: string | number | undefined; + + /** + * Serve files relative to path. + */ + root?: string | undefined; + + /** + * Byte offset at which the stream starts, defaults to 0. + * The start is inclusive, meaning start: 2 will include the 3rd byte in the stream. + */ + start?: number | undefined; + } + + interface SendStream extends stream.Stream { + /** + * @deprecated pass etag as option + * Enable or disable etag generation. + */ + etag(val: boolean): SendStream; + + /** + * @deprecated use dotfiles option + * Enable or disable "hidden" (dot) files. + */ + hidden(val: boolean): SendStream; + + /** + * @deprecated pass index as option + * Set index `paths`, set to a falsy value to disable index support. + */ + index(paths: string[] | string): SendStream; + + /** + * @deprecated pass root as option + * Set root `path`. + */ + root(paths: string): SendStream; + + /** + * @deprecated pass root as option + * Set root `path`. + */ + from(paths: string): SendStream; + + /** + * @deprecated pass maxAge as option + * Set max-age to `maxAge`. + */ + maxage(maxAge: string | number): SendStream; + + /** + * Emit error with `status`. + */ + error(status: number, error?: Error): void; + + /** + * Check if the pathname ends with "/". + */ + hasTrailingSlash(): boolean; + + /** + * Check if this is a conditional GET request. + */ + isConditionalGET(): boolean; + + /** + * Strip content-* header fields. + */ + removeContentHeaderFields(): void; + + /** + * Respond with 304 not modified. + */ + notModified(): void; + + /** + * Raise error that headers already sent. + */ + headersAlreadySent(): void; + + /** + * Check if the request is cacheable, aka responded with 2xx or 304 (see RFC 2616 section 14.2{5,6}). + */ + isCachable(): boolean; + + /** + * Handle stat() error. + */ + onStatError(error: Error): void; + + /** + * Check if the cache is fresh. + */ + isFresh(): boolean; + + /** + * Check if the range is fresh. + */ + isRangeFresh(): boolean; + + /** + * Redirect to path. + */ + redirect(path: string): void; + + /** + * Pipe to `res`. + */ + pipe(res: T): T; + + /** + * Transfer `path`. + */ + send(path: string, stat?: fs.Stats): void; + + /** + * Transfer file for `path`. + */ + sendFile(path: string): void; + + /** + * Transfer index for `path`. + */ + sendIndex(path: string): void; + + /** + * Transfer index for `path`. + */ + stream(path: string, options?: {}): void; + + /** + * Set content-type based on `path` if it hasn't been explicitly set. + */ + type(path: string): void; + + /** + * Set response header fields, most fields may be pre-defined. + */ + setHeader(path: string, stat: fs.Stats): void; + } +} + +export = send; diff -Nru node-send-0.17.2/types-send/LICENSE node-send-0.18.0+~cs1.19.1/types-send/LICENSE --- node-send-0.17.2/types-send/LICENSE 1970-01-01 00:00:00.000000000 +0000 +++ node-send-0.18.0+~cs1.19.1/types-send/LICENSE 2021-07-06 16:34:33.000000000 +0000 @@ -0,0 +1,21 @@ + MIT License + + Copyright (c) Microsoft Corporation. + + Permission is hereby granted, free of charge, to any person obtaining a copy + of this software and associated documentation files (the "Software"), to deal + in the Software without restriction, including without limitation the rights + to use, copy, modify, merge, publish, distribute, sublicense, and/or sell + copies of the Software, and to permit persons to whom the Software is + furnished to do so, subject to the following conditions: + + The above copyright notice and this permission notice shall be included in all + copies or substantial portions of the Software. + + THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR + IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, + FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE + AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER + LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, + OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE + SOFTWARE diff -Nru node-send-0.17.2/types-send/package.json node-send-0.18.0+~cs1.19.1/types-send/package.json --- node-send-0.17.2/types-send/package.json 1970-01-01 00:00:00.000000000 +0000 +++ node-send-0.18.0+~cs1.19.1/types-send/package.json 2021-07-06 16:34:33.000000000 +0000 @@ -0,0 +1,33 @@ +{ + "name": "@types/send", + "version": "0.17.1", + "description": "TypeScript definitions for send", + "homepage": "https://github.com/DefinitelyTyped/DefinitelyTyped/tree/master/types/send", + "license": "MIT", + "contributors": [ + { + "name": "Mike Jerred", + "url": "https://github.com/MikeJerred", + "githubUsername": "MikeJerred" + }, + { + "name": "Piotr Błażejewicz", + "url": "https://github.com/peterblazejewicz", + "githubUsername": "peterblazejewicz" + } + ], + "main": "", + "types": "index.d.ts", + "repository": { + "type": "git", + "url": "https://github.com/DefinitelyTyped/DefinitelyTyped.git", + "directory": "types/send" + }, + "scripts": {}, + "dependencies": { + "@types/mime": "^1", + "@types/node": "*" + }, + "typesPublisherContentHash": "11d86e6b6fa2c78b8659b4ad9d2f295175d5f4bd5fa11649b26a8c945ee3ffb3", + "typeScriptVersion": "3.6" +} \ No newline at end of file diff -Nru node-send-0.17.2/types-send/README.md node-send-0.18.0+~cs1.19.1/types-send/README.md --- node-send-0.17.2/types-send/README.md 1970-01-01 00:00:00.000000000 +0000 +++ node-send-0.18.0+~cs1.19.1/types-send/README.md 2021-07-06 16:34:33.000000000 +0000 @@ -0,0 +1,16 @@ +# Installation +> `npm install --save @types/send` + +# Summary +This package contains type definitions for send (https://github.com/pillarjs/send). + +# Details +Files were exported from https://github.com/DefinitelyTyped/DefinitelyTyped/tree/master/types/send. + +### Additional Details + * Last updated: Tue, 06 Jul 2021 16:34:33 GMT + * Dependencies: [@types/mime](https://npmjs.com/package/@types/mime), [@types/node](https://npmjs.com/package/@types/node) + * Global values: none + +# Credits +These definitions were written by [Mike Jerred](https://github.com/MikeJerred), and [Piotr Błażejewicz](https://github.com/peterblazejewicz).