Skip to content

Commit

Permalink
#261 Removed and replaced vulnerable packages
Browse files Browse the repository at this point in the history
Updated Packages
  • Loading branch information
Ayush Aher committed Jun 7, 2024
1 parent 4fab197 commit 6ff23e3
Show file tree
Hide file tree
Showing 4 changed files with 111 additions and 91 deletions.
117 changes: 59 additions & 58 deletions lib/Open/index.js
Original file line number Diff line number Diff line change
@@ -1,100 +1,101 @@
const fs = require('graceful-fs');
const directory = require('./directory');
const Stream = require('stream');
const fs = require("graceful-fs");
const directory = require("./directory");
const Stream = require("stream");
const axios = require("axios");

module.exports = {
buffer: function(buffer, options) {
buffer: function (buffer, options) {
const source = {
stream: function(offset, length) {
stream: function (offset, length) {
const stream = Stream.PassThrough();
const end = length ? offset + length : undefined;
stream.end(buffer.slice(offset, end));
return stream;
},
size: function() {
size: function () {
return Promise.resolve(buffer.length);
}
},
};
return directory(source, options);
},
file: function(filename, options) {
file: function (filename, options) {
const source = {
stream: function(start, length) {
stream: function (start, length) {
const end = length ? start + length : undefined;
return fs.createReadStream(filename, {start, end});
return fs.createReadStream(filename, { start, end });
},
size: function() {
return new Promise(function(resolve, reject) {
fs.stat(filename, function(err, d) {
if (err)
reject(err);
else
resolve(d.size);
size: function () {
return new Promise(function (resolve, reject) {
fs.stat(filename, function (err, d) {
if (err) reject(err);
else resolve(d.size);
});
});
}
},
};
return directory(source, options);
},

url: function(request, params, options) {
if (typeof params === 'string')
params = {url: params};
if (!params.url)
throw 'URL missing';
url: async function (params, options) {
if (typeof params === "string") params = { url: params };
if (!params.url) throw "URL missing";
params.headers = params.headers || {};

const source = {
stream : function(offset, length) {
const options = Object.create(params);
const end = length ? offset + length : '';
options.headers = Object.create(params.headers);
options.headers.range = 'bytes='+offset+'-' + end;
return request(options);
},
size: function() {
return new Promise(function(resolve, reject) {
const req = request(params);
req.on('response', function(d) {
req.abort();
if (!d.headers['content-length'])
reject(new Error('Missing content length header'));
else
resolve(d.headers['content-length']);
}).on('error', reject);
stream: function (offset, length) {
const stream = Stream.PassThrough();
const headers = Object.assign({}, params.headers, {
Range: `bytes=${offset}-${length ? offset + length - 1 : ""}`,
});
}

axios
.get(params.url, { headers, responseType: "stream" })
.then((response) => {
response.data.pipe(stream);
})
.catch((error) => {
stream.emit("error", error);
});

return stream;
},
size: function () {
return axios
.head(params.url, { headers: params.headers })
.then((response) => {
if (!response.headers["content-length"]) {
throw new Error("Missing content length header");
}
return parseInt(response.headers["content-length"], 10);
});
},
};

return directory(source, options);
},

s3 : function(client, params, options) {
s3: function (client, params, options) {
const source = {
size: function() {
return new Promise(function(resolve, reject) {
client.headObject(params, function(err, d) {
if (err)
reject(err);
else
resolve(d.ContentLength);
size: function () {
return new Promise(function (resolve, reject) {
client.headObject(params, function (err, d) {
if (err) reject(err);
else resolve(d.ContentLength);
});
});
},
stream: function(offset, length) {
stream: function (offset, length) {
const d = {};
for (const key in params)
d[key] = params[key];
const end = length ? offset + length : '';
d.Range = 'bytes='+offset+'-' + end;
for (const key in params) d[key] = params[key];
const end = length ? offset + length : "";
d.Range = "bytes=" + offset + "-" + end;
return client.getObject(d).createReadStream();
}
},
};

return directory(source, options);
},

custom: function(source, options) {
custom: function (source, options) {
return directory(source, options);
}
},
};
6 changes: 3 additions & 3 deletions package.json
Original file line number Diff line number Diff line change
Expand Up @@ -27,6 +27,7 @@
},
"license": "MIT",
"dependencies": {
"axios": "^1.7.2",
"big-integer": "^1.6.17",
"bluebird": "~3.4.1",
"duplexer2": "~0.1.4",
Expand All @@ -35,14 +36,13 @@
},
"devDependencies": {
"@eslint/js": "^9.2.0",
"aws-sdk": "^2.77.0",
"aws-sdk": "^2.1636.0",
"dirdiff": ">= 0.0.1 < 1",
"eslint": "^9.2.0",
"globals": "^15.2.0",
"iconv-lite": "^0.4.24",
"request": "^2.88.0",
"stream-buffers": ">= 0.2.5 < 1",
"tap": "^12.7.0",
"tap": "^19.2.2",
"temp": ">= 0.4.0 < 1"
},
"directories": {
Expand Down
52 changes: 34 additions & 18 deletions test/extractFromUrl.js
Original file line number Diff line number Diff line change
@@ -1,25 +1,41 @@
const test = require("tap").test;
const fs = require("fs");
const unzip = require("../");
const os = require("os");
const request = require("request");
const axios = require("axios");
const path = require("path");

test("extract zip from url", function (t) {
const extractPath = os.tmpdir() + "/node-unzip-extract-fromURL"; // Not using path resolve, cause it should be resolved in extract() function
unzip.Open.url(
request,
"https://github.com/h5bp/html5-boilerplate/releases/download/v7.3.0/html5-boilerplate_v7.3.0.zip"
)
.then(function(d) { return d.extract({ path: extractPath }); })
.then(function() {
const dirFiles = fs.readdirSync(extractPath);
const isPassing =
dirFiles.length > 10 &&
dirFiles.indexOf("css") > -1 &&
dirFiles.indexOf("index.html") > -1 &&
dirFiles.indexOf("favicon.ico") > -1;
test("extract zip from url", async function (t) {
const extractPath = path.join("../node-unzip-extract-fromURL"); // Ensure path is constructed correctly
const url =
"https://github.com/h5bp/html5-boilerplate/releases/download/v7.3.0/html5-boilerplate_v7.3.0.zip";

t.equal(isPassing, true);
t.end();
try {
// Fetch the zip file
const response = await axios({
method: "get",
url: url,
responseType: "arraybuffer", // Download the file as a buffer
});

// Buffer the response data
const buffer = Buffer.from(response.data);

// Extract the buffer
const directory = await unzip.Open.buffer(buffer);
await directory.extract({ path: extractPath });

// Check extracted files
const dirFiles = fs.readdirSync(extractPath);
const isPassing =
dirFiles.length > 10 &&
dirFiles.indexOf("css") > -1 &&
dirFiles.indexOf("index.html") > -1 &&
dirFiles.indexOf("favicon.ico") > -1;

t.equal(isPassing, true);
} catch (error) {
t.fail(error.message);
} finally {
t.end();
}
});
27 changes: 15 additions & 12 deletions test/openUrl.js
Original file line number Diff line number Diff line change
@@ -1,20 +1,23 @@
const test = require('tap').test;
const fs = require('fs');
const path = require('path');
const unzip = require('../');
const request = require('request');
const test = require("tap").test;
const fs = require("fs");
const path = require("path");
const unzip = require("../");

test("get content of a single file entry out of a 502 MB zip from web", function (t) {
return unzip.Open.url(request, 'https://github.com/twbs/bootstrap/releases/download/v4.0.0/bootstrap-4.0.0-dist.zip')
.then(function(d) {
const file = d.files.filter(function(d) {
return d.path === 'css/bootstrap-reboot.min.css';
return unzip.Open.url(
"https://github.com/twbs/bootstrap/releases/download/v4.0.0/bootstrap-4.0.0-dist.zip"
)
.then(function (d) {
const file = d.files.filter(function (d) {
return d.path === "css/bootstrap-reboot.min.css";
})[0];
return file.buffer();
})
.then(function(str) {
const fileStr = fs.readFileSync(path.join(__dirname, '../testData/bootstrap-reboot.min.css'), 'utf8');
.then(function (str) {
const fileStr = fs.readFileSync(
path.join(__dirname, "../testData/bootstrap-reboot.min.css")
);
t.equal(str.toString(), fileStr);
t.end();
});
});
});

0 comments on commit 6ff23e3

Please sign in to comment.