From a8aa601ce08838f8a706cfe58dd8a4d78a16e4c1 Mon Sep 17 00:00:00 2001 From: Luciano Mammino Date: Sat, 25 Aug 2018 21:09:02 +0100 Subject: [PATCH] Ported http-security-headers middlewares by @willfarrell to 1.x --- README.md | 1 + lerna.json | 2 +- package-lock.json | 182 +++++++++--------- package.json | 2 +- packages/cache/package.json | 2 +- packages/core/package.json | 2 +- .../package.json | 2 +- packages/error-logger/package.json | 2 +- .../http-content-negotiation/package.json | 2 +- packages/http-cors/package.json | 2 +- packages/http-error-handler/package.json | 2 +- packages/http-event-normalizer/package.json | 2 +- packages/http-header-normalizer/package.json | 2 +- packages/http-json-body-parser/package.json | 2 +- packages/http-partial-response/package.json | 2 +- .../http-security-headers/__tests__/index.js | 97 ++++------ packages/http-security-headers/index.d.ts | 4 +- packages/http-security-headers/index.js | 45 ++--- packages/http-security-headers/package.json | 13 +- packages/http-security-headers/tsconfig.json | 3 +- .../http-urlencode-body-parser/package.json | 2 +- packages/input-output-logger/package.json | 2 +- packages/s3-key-normalizer/package.json | 2 +- packages/ssm/package.json | 2 +- packages/validator/package.json | 2 +- packages/warmup/package.json | 2 +- 26 files changed, 171 insertions(+), 212 deletions(-) diff --git a/README.md b/README.md index 0da233c17..ab44ef2a0 100644 --- a/README.md +++ b/README.md @@ -588,6 +588,7 @@ Currently available middlewares: - [`http-json-body-parser`](/packages/http-json-body-parser): Automatically parses HTTP requests with JSON body and converts the body into an object. Also handles gracefully broken JSON if used in combination of `httpErrorHandler`. - [`http-partial-response`](/packages/http-partial-response): Filter response objects attributes based on query string parameters. + - [`http-security-headers`](/packages/http-security-headers): Applies best practice security headers to responses. It's a simplified port of HelmetJS. - [`http-urlencode-body-parser`](/packages/http-urlencode-body-parser): Automatically parses HTTP requests with URL encoded body (typically the result of a form submit). - [`s3-key-normalizer`](/packages/s3-key-normalizer): Normalizes key names in s3 events. - [`ssm`](/packages/ssm): Fetches parameters from [AWS Systems Manager Parameter Store](https://docs.aws.amazon.com/systems-manager/latest/userguide/systems-manager-paramstore.html). diff --git a/lerna.json b/lerna.json index 5a2f8b7ca..d797fdc10 100644 --- a/lerna.json +++ b/lerna.json @@ -3,5 +3,5 @@ "packages": [ "packages/*" ], - "version": "1.0.0-alpha.14" + "version": "1.0.0-alpha.15" } diff --git a/package-lock.json b/package-lock.json index 3daecafe8..7d7fda089 100644 --- a/package-lock.json +++ b/package-lock.json @@ -1,6 +1,6 @@ { "name": "middy-monorepo", - "version": "1.0.0-alpha.14", + "version": "1.0.0-alpha.15", "lockfileVersion": 1, "requires": true, "dependencies": { @@ -80,7 +80,7 @@ "acorn-globals": { "version": "4.1.0", "resolved": "https://registry.npmjs.org/acorn-globals/-/acorn-globals-4.1.0.tgz", - "integrity": "sha512-KjZwU26uG3u6eZcfGbTULzFcsoz6pegNKtHPksZPOUsiKo5bUmiBPa38FuHZ/Eun+XYh/JCCkS9AS3Lu4McQOQ==", + "integrity": "sha1-q3FgJdvhfFTT74HTLs4rLZn+JTg=", "dev": true, "requires": { "acorn": "^5.0.0" @@ -158,7 +158,7 @@ "ansi-escapes": { "version": "3.1.0", "resolved": "https://registry.npmjs.org/ansi-escapes/-/ansi-escapes-3.1.0.tgz", - "integrity": "sha512-UgAb8H9D41AQnu/PbWlCofQVcnV4Gs2bBJi9eZPxfU/hgglFh3SMDMENRIqdr7H6XFnXdoknctFByVsCOotTVw==", + "integrity": "sha1-9zIHu4EgfXX9bIPxJa8m7qN4yjA=", "dev": true }, "ansi-regex": { @@ -176,7 +176,7 @@ "anymatch": { "version": "2.0.0", "resolved": "https://registry.npmjs.org/anymatch/-/anymatch-2.0.0.tgz", - "integrity": "sha512-5teOsQWABXHHBFP9y3skS5P3d/WfWXpv3FUpy+LorMrNYaT9pI4oLMQX7jzQ2KklNpGpWHzdCXTDT2Y3XGlZBw==", + "integrity": "sha1-vLJLTzeTTZqnrBe0ra+J58du8us=", "dev": true, "requires": { "micromatch": "^3.1.4", @@ -226,7 +226,7 @@ "arr-flatten": { "version": "1.1.0", "resolved": "https://registry.npmjs.org/arr-flatten/-/arr-flatten-1.1.0.tgz", - "integrity": "sha512-L3hKV5R/p5o81R7O02IGnwpDmkp6E982XhtbuwSe3O4qOtMMMtodicASA1Cny2U+aCXcNpml+m4dPsvsJ3jatg==", + "integrity": "sha1-NgSLv/TntH4TZkQxbJlmnqWukfE=", "dev": true }, "arr-union": { @@ -301,13 +301,13 @@ "astral-regex": { "version": "1.0.0", "resolved": "https://registry.npmjs.org/astral-regex/-/astral-regex-1.0.0.tgz", - "integrity": "sha512-+Ryf6g3BKoRc7jfp7ad8tM4TtMiaWvbF/1/sQcZPkkS7ag3D5nMBCe2UfOTONtAkaG0tO0ij3C5Lwmf1EiyjHg==", + "integrity": "sha1-bIw/uCfdQ+45GPJ7gngqt2WKb9k=", "dev": true }, "async": { "version": "2.6.1", "resolved": "https://registry.npmjs.org/async/-/async-2.6.1.tgz", - "integrity": "sha512-fNEiL2+AZt6AlAw/29Cr0UDe4sRAHCpEHh54WMz+Bb7QfNcFw4h3loofyJpLeQs4Yx7yuqu/2dLgM5hKOs6HlQ==", + "integrity": "sha1-skWiPKcZMAROxT+kaqAKPofGphA=", "dev": true, "requires": { "lodash": "^4.17.10" @@ -316,7 +316,7 @@ "async-limiter": { "version": "1.0.0", "resolved": "https://registry.npmjs.org/async-limiter/-/async-limiter-1.0.0.tgz", - "integrity": "sha512-jp/uFnooOiO+L211eZOoSyzpOITMXx1rBITauYykG3BRYPu8h0UcxsPNB04RR5vo4Tyz3+ay17tR6JVf9qzYWg==", + "integrity": "sha1-ePrtjD0HSrgfIrTphdeehzj3IPg=", "dev": true }, "asynckit": { @@ -357,7 +357,7 @@ "aws4": { "version": "1.7.0", "resolved": "https://registry.npmjs.org/aws4/-/aws4-1.7.0.tgz", - "integrity": "sha512-32NDda82rhwD9/JBCCkB+MRYDp0oSvlo2IL6rQWA10PQi7tDUM3eqMSltXmY+Oyl/7N3P3qNtAlv7X0d9bI28w==", + "integrity": "sha1-1NDpudv8p3vwjusKikcVUP454ok=", "dev": true }, "babel-code-frame": { @@ -374,7 +374,7 @@ "babel-core": { "version": "6.26.3", "resolved": "https://registry.npmjs.org/babel-core/-/babel-core-6.26.3.tgz", - "integrity": "sha512-6jyFLuDmeidKmUEb3NM+/yawG0M2bDZ9Z1qbZP59cyHLz8kYGKYwpJP0UwUKKUiTRNvxfLesJnTedqczP7cTDA==", + "integrity": "sha1-suLwnjQtDwyI4vAuBneUEl51wgc=", "dev": true, "requires": { "babel-code-frame": "^6.26.0", @@ -582,7 +582,7 @@ "babel-plugin-istanbul": { "version": "4.1.6", "resolved": "https://registry.npmjs.org/babel-plugin-istanbul/-/babel-plugin-istanbul-4.1.6.tgz", - "integrity": "sha512-PWP9FQ1AhZhS01T/4qLSKoHGY/xvkZdVBGlKM/HuxxS3+sC66HhTNR7+MpbO/so/cz/wY94MeSWJuP1hXIPfwQ==", + "integrity": "sha1-NsWbIZLvzoHFs3gyG3QXWt0cmkU=", "dev": true, "requires": { "babel-plugin-syntax-object-rest-spread": "^6.13.0", @@ -1037,7 +1037,7 @@ "base": { "version": "0.11.2", "resolved": "https://registry.npmjs.org/base/-/base-0.11.2.tgz", - "integrity": "sha512-5T6P4xPgpp0YDFvSWwEZ4NoE3aM4QBQXDzmVbraCkFj8zHM+mba8SyqB5DbZWyR7mYHo6Y7BdQo3MoA4m0TeQg==", + "integrity": "sha1-e95c7RRbbVUakNuH+DxVi060io8=", "dev": true, "requires": { "cache-base": "^1.0.1", @@ -1061,7 +1061,7 @@ "is-accessor-descriptor": { "version": "1.0.0", "resolved": "https://registry.npmjs.org/is-accessor-descriptor/-/is-accessor-descriptor-1.0.0.tgz", - "integrity": "sha512-m5hnHTkcVsPfqx3AKlyttIPb7J+XykHvJP2B9bZDjlhLIoEq4XoK64Vg7boZlVWYK6LUY94dYPEE7Lh0ZkZKcQ==", + "integrity": "sha1-FpwvbT3x+ZJhgHI2XJsOofaHhlY=", "dev": true, "requires": { "kind-of": "^6.0.0" @@ -1070,7 +1070,7 @@ "is-data-descriptor": { "version": "1.0.0", "resolved": "https://registry.npmjs.org/is-data-descriptor/-/is-data-descriptor-1.0.0.tgz", - "integrity": "sha512-jbRXy1FmtAoCjQkVmIVYwuuqDFUbaOeDjmed1tOGPrsMhtJA4rD9tkgA0F1qJ3gRFRXcHYVkdeaP50Q5rE/jLQ==", + "integrity": "sha1-2Eh2Mh0Oet0DmQQGq7u9NrqSaMc=", "dev": true, "requires": { "kind-of": "^6.0.0" @@ -1079,7 +1079,7 @@ "is-descriptor": { "version": "1.0.2", "resolved": "https://registry.npmjs.org/is-descriptor/-/is-descriptor-1.0.2.tgz", - "integrity": "sha512-2eis5WqQGV7peooDyLmNEPUrps9+SXX5c9pL3xEB+4e9HnGuDa7mB7kHxHw4CbqS9k1T2hOH3miL8n8WtiYVtg==", + "integrity": "sha1-OxWXRqZmBLBPjIFSS6NlxfFNhuw=", "dev": true, "requires": { "is-accessor-descriptor": "^1.0.0", @@ -1200,7 +1200,7 @@ "buffer-from": { "version": "1.1.0", "resolved": "https://registry.npmjs.org/buffer-from/-/buffer-from-1.1.0.tgz", - "integrity": "sha512-c5mRlguI/Pe2dSZmpER62rSCu0ryKmWddzRYsuXc50U2/g8jMOulc31VZMa4mYx31U5xsmSOpDCgH88Vl9cDGQ==", + "integrity": "sha1-h/yqOimDWOCt5uRCz86EB0DRrQQ=", "dev": true }, "builtin-modules": { @@ -1218,7 +1218,7 @@ "cache-base": { "version": "1.0.1", "resolved": "https://registry.npmjs.org/cache-base/-/cache-base-1.0.1.tgz", - "integrity": "sha512-AKcdTnFSWATd5/GCPRxr2ChwIJ85CeyrEyjRHlKxQ56d4XJMGym0uAiKn0xbLOGOl3+yRpOTi484dVCEc5AUzQ==", + "integrity": "sha1-Cn9GQWgxyLZi7jb+TnxZ129marI=", "dev": true, "requires": { "collection-visit": "^1.0.0", @@ -1339,13 +1339,13 @@ "circular-json": { "version": "0.3.3", "resolved": "https://registry.npmjs.org/circular-json/-/circular-json-0.3.3.tgz", - "integrity": "sha512-UZK3NBx2Mca+b5LsG7bY183pHWt5Y1xts4P3Pz7ENTwGVnJOUWbRb3ocjvX7hx9tq/yTAdclXm9sZ38gNuem4A==", + "integrity": "sha1-gVyZ6oT2gJUp0vRXkb34JxE1LWY=", "dev": true }, "class-utils": { "version": "0.3.6", "resolved": "https://registry.npmjs.org/class-utils/-/class-utils-0.3.6.tgz", - "integrity": "sha512-qOhPa/Fj7s6TY8H8esGu5QNpMMQxz79h+urzrNYN6mn+9BnxlDGf5QZ+XeCDsxSjPqsSR56XOZOJmpeurnLMeg==", + "integrity": "sha1-+TNprouafOAv1B+q0MqDAzGQxGM=", "dev": true, "requires": { "arr-union": "^3.1.0", @@ -1482,7 +1482,7 @@ "commander": { "version": "2.15.1", "resolved": "https://registry.npmjs.org/commander/-/commander-2.15.1.tgz", - "integrity": "sha512-VlfT9F3V0v+jr4yxPc5gg9s62/fIVWsd2Bk2iD435um1NlGMYdVCq+MjcXnhYq2icNOizHr1kK+5TI6H0Hy0ag==", + "integrity": "sha1-30boZ9D8Kuxmo0ZitAapzK//Ww8=", "dev": true }, "compare-func": { @@ -1872,7 +1872,7 @@ "cssstyle": { "version": "0.3.1", "resolved": "https://registry.npmjs.org/cssstyle/-/cssstyle-0.3.1.tgz", - "integrity": "sha512-tNvaxM5blOnxanyxI6panOsnfiyLRj3HV4qjqqS45WPNS1usdYWRUQjqTEEELK73lpeP/1KoIGYUwrBn/VcECA==", + "integrity": "sha1-bam0z/G8XXFubl/o4E/LG1Ckmt8=", "dev": true, "requires": { "cssom": "0.3.x" @@ -1908,7 +1908,7 @@ "data-urls": { "version": "1.0.0", "resolved": "https://registry.npmjs.org/data-urls/-/data-urls-1.0.0.tgz", - "integrity": "sha512-ai40PPQR0Fn1lD2PPie79CibnlMN2AYiDhwFX/rZHVsxbs5kNJSjegqXIprhouGXlRdEnfybva7kqRGnB6mypA==", + "integrity": "sha1-JIAt5OgcKY6oqTiLsNjkYcd0aE8=", "dev": true, "requires": { "abab": "^1.0.4", @@ -2018,7 +2018,7 @@ "define-property": { "version": "2.0.2", "resolved": "https://registry.npmjs.org/define-property/-/define-property-2.0.2.tgz", - "integrity": "sha512-jwK2UV4cnPpbcG7+VRARKTZPUWowwXA8bzH5NP6ud0oeAxyYPuGZUAC7hMugpCdz4BeSZl2Dl9k66CHJ/46ZYQ==", + "integrity": "sha1-1Flono1lS6d+AqgX+HENcCyxbp0=", "dev": true, "requires": { "is-descriptor": "^1.0.2", @@ -2028,7 +2028,7 @@ "is-accessor-descriptor": { "version": "1.0.0", "resolved": "https://registry.npmjs.org/is-accessor-descriptor/-/is-accessor-descriptor-1.0.0.tgz", - "integrity": "sha512-m5hnHTkcVsPfqx3AKlyttIPb7J+XykHvJP2B9bZDjlhLIoEq4XoK64Vg7boZlVWYK6LUY94dYPEE7Lh0ZkZKcQ==", + "integrity": "sha1-FpwvbT3x+ZJhgHI2XJsOofaHhlY=", "dev": true, "requires": { "kind-of": "^6.0.0" @@ -2037,7 +2037,7 @@ "is-data-descriptor": { "version": "1.0.0", "resolved": "https://registry.npmjs.org/is-data-descriptor/-/is-data-descriptor-1.0.0.tgz", - "integrity": "sha512-jbRXy1FmtAoCjQkVmIVYwuuqDFUbaOeDjmed1tOGPrsMhtJA4rD9tkgA0F1qJ3gRFRXcHYVkdeaP50Q5rE/jLQ==", + "integrity": "sha1-2Eh2Mh0Oet0DmQQGq7u9NrqSaMc=", "dev": true, "requires": { "kind-of": "^6.0.0" @@ -2046,7 +2046,7 @@ "is-descriptor": { "version": "1.0.2", "resolved": "https://registry.npmjs.org/is-descriptor/-/is-descriptor-1.0.2.tgz", - "integrity": "sha512-2eis5WqQGV7peooDyLmNEPUrps9+SXX5c9pL3xEB+4e9HnGuDa7mB7kHxHw4CbqS9k1T2hOH3miL8n8WtiYVtg==", + "integrity": "sha1-OxWXRqZmBLBPjIFSS6NlxfFNhuw=", "dev": true, "requires": { "is-accessor-descriptor": "^1.0.0", @@ -2101,7 +2101,7 @@ "diff": { "version": "3.5.0", "resolved": "https://registry.npmjs.org/diff/-/diff-3.5.0.tgz", - "integrity": "sha512-A46qtFgd+g7pDZinpnwiRJtxbC1hpgf0uzP3iG89scHk0AUC7A1TGxf5OiiOUv/JMZR8GOt8hL900hV0bOy5xA==", + "integrity": "sha1-gAwN0eCov7yVg1wgKtIg/jF+WhI=", "dev": true }, "doctrine": { @@ -2116,7 +2116,7 @@ "domexception": { "version": "1.0.1", "resolved": "https://registry.npmjs.org/domexception/-/domexception-1.0.1.tgz", - "integrity": "sha512-raigMkn7CJNNo6Ihro1fzG7wr3fHuYVytzquZKX5n0yizGsTcYgzdIUwj1X9pK0VvjeihV+XiclP+DjwbsSKug==", + "integrity": "sha1-k3RCZEymoxJh7zbj7Gd/6AVYLJA=", "dev": true, "requires": { "webidl-conversions": "^4.0.2" @@ -2490,7 +2490,7 @@ "esprima": { "version": "4.0.0", "resolved": "https://registry.npmjs.org/esprima/-/esprima-4.0.0.tgz", - "integrity": "sha512-oftTcaMu/EGrEIu904mWteKIv8vMuOgGYo7EhVJJN00R/EED9DCua/xxHRdYnKtcECzVg7xOWhflvJMnqcFZjw==", + "integrity": "sha1-RJnt3NERDgshi6zy+n9/WfVcqAQ=", "dev": true }, "esquery": { @@ -2532,7 +2532,7 @@ "exec-sh": { "version": "0.2.1", "resolved": "https://registry.npmjs.org/exec-sh/-/exec-sh-0.2.1.tgz", - "integrity": "sha512-aLt95pexaugVtQerpmE51+4QfWrNc304uez7jvj6fWnN8GeEHpttB8F36n8N7uVhUMbH/1enbxQ9HImZ4w/9qg==", + "integrity": "sha1-FjuYpuiea2W0fCoo0hW8H2OYnDg=", "dev": true, "requires": { "merge": "^1.1.3" @@ -2689,7 +2689,7 @@ "is-extendable": { "version": "1.0.1", "resolved": "https://registry.npmjs.org/is-extendable/-/is-extendable-1.0.1.tgz", - "integrity": "sha512-arnXMxT1hhoKo9k1LZdmlNyJdDDfy2v0fXjFlmok4+i8ul/6WlbVge9bhM74OpNPQPMGUToDtz+KXa1PneJxOA==", + "integrity": "sha1-p0cPnkJnM9gb2B4RVSZOOjUHyrQ=", "dev": true, "requires": { "is-plain-object": "^2.0.4" @@ -2952,7 +2952,7 @@ "fsevents": { "version": "1.2.4", "resolved": "https://registry.npmjs.org/fsevents/-/fsevents-1.2.4.tgz", - "integrity": "sha512-z8H8/diyk76B7q5wg+Ud0+CqzcAF3mBBI/bA5ne5zrRUUIvNkJY//D3BqyH571KuAC4Nr7Rw7CjWX4r0y9DvNg==", + "integrity": "sha1-9B3LGvJYKvNpLaNvxVy9jhBBxCY=", "dev": true, "optional": true, "requires": { @@ -3707,7 +3707,7 @@ "glob": { "version": "7.1.2", "resolved": "https://registry.npmjs.org/glob/-/glob-7.1.2.tgz", - "integrity": "sha512-MJTUg1kjuLeQCJ+ccE4Vpa6kKVXkPYJ2mOCQyUuKLcLQsdrMCpBPUi8qVE6+YuaJkozeA9NusTAw3hLr8Xe5EQ==", + "integrity": "sha1-wZyd+aAocC1nhhI4SmVSQExjbRU=", "dev": true, "requires": { "fs.realpath": "^1.0.0", @@ -3740,7 +3740,7 @@ "globals": { "version": "9.18.0", "resolved": "https://registry.npmjs.org/globals/-/globals-9.18.0.tgz", - "integrity": "sha512-S0nG3CLEQiY/ILxqtztTWH/3iRRdyBLw6KMDxnKMchrtbj2OFmehVh0WUCfW3DUrIgx/qFrJPICrq4Z4sTR9UQ==", + "integrity": "sha1-qjiWs+abSH8X4x7SFD1pqOMMLYo=", "dev": true }, "globby": { @@ -3914,7 +3914,7 @@ "html-encoding-sniffer": { "version": "1.0.2", "resolved": "https://registry.npmjs.org/html-encoding-sniffer/-/html-encoding-sniffer-1.0.2.tgz", - "integrity": "sha512-71lZziiDnsuabfdYiUeWdCVyKuqwWi23L8YeIgV9jSSZHCtb6wB1BKWooH7L3tn4/FuZJMVWyNaIDr4RGmaSYw==", + "integrity": "sha1-5w2EuU2lOqN14R/jo1G+ZkLKRvg=", "dev": true, "requires": { "whatwg-encoding": "^1.0.1" @@ -3955,7 +3955,7 @@ "import-local": { "version": "1.0.0", "resolved": "https://registry.npmjs.org/import-local/-/import-local-1.0.0.tgz", - "integrity": "sha512-vAaZHieK9qjGo58agRBg+bhHX3hoTZU/Oa3GESWLz7t1U62fk63aHuDJJEteXoDeTCcPmUT+z38gkHPZkkmpmQ==", + "integrity": "sha1-Xk/9wD9P5sAJxnKb6yljHC+CJ7w=", "dev": true, "requires": { "pkg-dir": "^2.0.0", @@ -4175,7 +4175,7 @@ "is-descriptor": { "version": "0.1.6", "resolved": "https://registry.npmjs.org/is-descriptor/-/is-descriptor-0.1.6.tgz", - "integrity": "sha512-avDYr0SB3DwO9zsMov0gKCESFYqCnE4hq/4z3TdUlukEy5t9C0YRq7HLrsN52NAcqXKaepeCD0n+B0arnVG3Hg==", + "integrity": "sha1-Nm2CQN3kh8pRgjsaufB6EKeCUco=", "dev": true, "requires": { "is-accessor-descriptor": "^0.1.6", @@ -4186,7 +4186,7 @@ "kind-of": { "version": "5.1.0", "resolved": "https://registry.npmjs.org/kind-of/-/kind-of-5.1.0.tgz", - "integrity": "sha512-NGEErnH6F2vUuXDh+OlbcKW7/wOcfdRHaZ7VWtqCztfHri/++YKmP51OdWeGPuqCOba6kk2OTe5d02VmTB80Pw==", + "integrity": "sha1-cpyR4thXt6QZofmqZWhcTDP1hF0=", "dev": true } } @@ -4277,7 +4277,7 @@ "is-odd": { "version": "2.0.0", "resolved": "https://registry.npmjs.org/is-odd/-/is-odd-2.0.0.tgz", - "integrity": "sha512-OTiixgpZAT1M4NHgS5IguFp/Vz2VI3U7Goh4/HA1adtwyLtSBrxYlcSYkhpAE07s4fKEcjrFxyvtQBND4vFQyQ==", + "integrity": "sha1-dkZiRnH9fqVYzNmieVGC8pWPGyQ=", "dev": true, "requires": { "is-number": "^4.0.0" @@ -4286,7 +4286,7 @@ "is-number": { "version": "4.0.0", "resolved": "https://registry.npmjs.org/is-number/-/is-number-4.0.0.tgz", - "integrity": "sha512-rSklcAIlf1OmFdyAqbnWTLVelsQ58uvZ66S/ZyawjWqIviTWCjg2PzVGw8WUA+nNuPTqb4wgA+NszrJ+08LlgQ==", + "integrity": "sha1-ACbjf1RU1z41bf5lZGmYZ8an8P8=", "dev": true } } @@ -4324,7 +4324,7 @@ "is-plain-object": { "version": "2.0.4", "resolved": "https://registry.npmjs.org/is-plain-object/-/is-plain-object-2.0.4.tgz", - "integrity": "sha512-h5PpgXkWitc38BBMYawTYMWJHFZJVnBquFE57xFpjB8pJFiF6gZ+bU+WyI/yqXiFR5mdLsgYNaPe8uao6Uv9Og==", + "integrity": "sha1-LBY7P6+xtgbZ0Xko8FwqHDjgdnc=", "dev": true, "requires": { "isobject": "^3.0.1" @@ -4417,7 +4417,7 @@ "is-windows": { "version": "1.0.2", "resolved": "https://registry.npmjs.org/is-windows/-/is-windows-1.0.2.tgz", - "integrity": "sha512-eXK1UInq2bPmjyX6e3VHIzMLobc4J94i4AWn+Hpq3OU5KkrRC96OAcR3PRJ/pGu6m8TRnBHP9dkXQVsT/COVIA==", + "integrity": "sha1-0YUOuXkezRjmGCzhKjDzlmNLsZ0=", "dev": true }, "isarray": { @@ -4447,7 +4447,7 @@ "istanbul-api": { "version": "1.3.1", "resolved": "https://registry.npmjs.org/istanbul-api/-/istanbul-api-1.3.1.tgz", - "integrity": "sha512-duj6AlLcsWNwUpfyfHt0nWIeRiZpuShnP40YTxOGQgtaN8fd6JYSxsvxUphTDy8V5MfDXo4s/xVCIIvVCO808g==", + "integrity": "sha1-TDsF0YwAFtECLgebmNyCxA9IiVQ=", "dev": true, "requires": { "async": "^2.1.4", @@ -4491,7 +4491,7 @@ "istanbul-lib-coverage": { "version": "1.2.0", "resolved": "https://registry.npmjs.org/istanbul-lib-coverage/-/istanbul-lib-coverage-1.2.0.tgz", - "integrity": "sha512-GvgM/uXRwm+gLlvkWHTjDAvwynZkL9ns15calTrmhGgowlwJBbWMYzWbKqE2DT6JDP1AFXKa+Zi0EkqNCUqY0A==", + "integrity": "sha1-99jy5CuX43/nlhFMsPnWi146Q0E=", "dev": true }, "istanbul-lib-hook": { @@ -4506,7 +4506,7 @@ "istanbul-lib-instrument": { "version": "1.10.1", "resolved": "https://registry.npmjs.org/istanbul-lib-instrument/-/istanbul-lib-instrument-1.10.1.tgz", - "integrity": "sha512-1dYuzkOCbuR5GRJqySuZdsmsNKPL3PTuyPevQfoCXJePT9C8y1ga75neU+Tuy9+yS3G/dgx8wgOmp2KLpgdoeQ==", + "integrity": "sha1-cktLbKzrqGktPx+dByfiecQBr3s=", "dev": true, "requires": { "babel-generator": "^6.18.0", @@ -4521,7 +4521,7 @@ "istanbul-lib-report": { "version": "1.1.4", "resolved": "https://registry.npmjs.org/istanbul-lib-report/-/istanbul-lib-report-1.1.4.tgz", - "integrity": "sha512-Azqvq5tT0U09nrncK3q82e/Zjkxa4tkFZv7E6VcqP0QCPn6oNljDPfrZEC/umNXds2t7b8sRJfs6Kmpzt8m2kA==", + "integrity": "sha1-6IbN9QXE672OCZ5DlqkNCijirLU=", "dev": true, "requires": { "istanbul-lib-coverage": "^1.2.0", @@ -4574,7 +4574,7 @@ "istanbul-reports": { "version": "1.3.0", "resolved": "https://registry.npmjs.org/istanbul-reports/-/istanbul-reports-1.3.0.tgz", - "integrity": "sha512-y2Z2IMqE1gefWUaVjrBm0mSKvUkaBy9Vqz8iwr/r40Y9hBbIteH5wqHG/9DLTfJ9xUnUT2j7A3+VVJ6EaYBllA==", + "integrity": "sha1-LzIugeHZUgdnWX3KPCCgzOiaNVQ=", "dev": true, "requires": { "handlebars": "^4.0.3" @@ -4887,7 +4887,7 @@ "jest-get-type": { "version": "22.4.3", "resolved": "https://registry.npmjs.org/jest-get-type/-/jest-get-type-22.4.3.tgz", - "integrity": "sha512-/jsz0Y+V29w1chdXVygEKSz2nBoHoYqNShPe+QgxSNjAuP1i8+k4LbQNrfoliKej0P45sivkSCh7yiD6ubHS3w==", + "integrity": "sha1-46hQTYR5NC3UQgI2syKGnxiQDOQ=", "dev": true }, "jest-haste-map": { @@ -5614,7 +5614,7 @@ "jsdom": { "version": "11.11.0", "resolved": "https://registry.npmjs.org/jsdom/-/jsdom-11.11.0.tgz", - "integrity": "sha512-ou1VyfjwsSuWkudGxb03FotDajxAto6USAlmMZjE2lc0jCznt7sBWkhfRBRaWwbnmDqdMSTKTLT5d9sBFkkM7A==", + "integrity": "sha1-30hu+tQa7pbFmtehkOJEnH6xEQ4=", "dev": true, "requires": { "abab": "^1.0.4", @@ -5762,7 +5762,7 @@ "left-pad": { "version": "1.3.0", "resolved": "https://registry.npmjs.org/left-pad/-/left-pad-1.3.0.tgz", - "integrity": "sha512-XI5MPzVNApjAyhQzphX8BkmKsKUxD4LdyK24iZeQGinBN9yTQT3bFlCBy/aVx2HrNcqQGsdot8ghrjyrvMCoEA==", + "integrity": "sha1-W4o6d2Xf4AEmHd6RVYnngvjJTR4=", "dev": true }, "lerna": { @@ -6395,13 +6395,13 @@ "mime-db": { "version": "1.33.0", "resolved": "https://registry.npmjs.org/mime-db/-/mime-db-1.33.0.tgz", - "integrity": "sha512-BHJ/EKruNIqJf/QahvxwQZXKygOQ256myeN/Ew+THcAa5q+PjyTTMMeNQC4DZw5AwfvelsUrA6B67NKMqXDbzQ==", + "integrity": "sha1-o0kgUKXLm2NFBUHjnZeI0icng9s=", "dev": true }, "mime-types": { "version": "2.1.18", "resolved": "https://registry.npmjs.org/mime-types/-/mime-types-2.1.18.tgz", - "integrity": "sha512-lc/aahn+t4/SWV/qcmumYjymLsWfN3ELhpmVuUFjgsORruuZPVSwAQryq+HHGvO/SI2KVX26bx+En+zhM8g8hQ==", + "integrity": "sha1-bzI/YKg9ERRvgx/xH9ZuL+VQO7g=", "dev": true, "requires": { "mime-db": "~1.33.0" @@ -6416,7 +6416,7 @@ "minimatch": { "version": "3.0.4", "resolved": "https://registry.npmjs.org/minimatch/-/minimatch-3.0.4.tgz", - "integrity": "sha512-yJHVQEhyqPLUTgt9B83PXu6W3rx4MvvHvSUvToogpwoGDOUQ+yDrR0HRot+yOCdCO7u4hX3pWft6kWBBcqh0UA==", + "integrity": "sha1-UWbihkV/AzBgZL5Ul+jbsMPTIIM=", "dev": true, "requires": { "brace-expansion": "^1.1.7" @@ -6441,7 +6441,7 @@ "mixin-deep": { "version": "1.3.1", "resolved": "https://registry.npmjs.org/mixin-deep/-/mixin-deep-1.3.1.tgz", - "integrity": "sha512-8ZItLHeEgaqEvd5lYBXfm4EZSFCX29Jb9K+lAHhDKzReKBQKj3R+7NOF6tjqYi9t4oI8VUfaWITJQm86wnXGNQ==", + "integrity": "sha1-pJ5yaNzhoNlpjkUybFYm3zVD0P4=", "dev": true, "requires": { "for-in": "^1.0.2", @@ -6451,7 +6451,7 @@ "is-extendable": { "version": "1.0.1", "resolved": "https://registry.npmjs.org/is-extendable/-/is-extendable-1.0.1.tgz", - "integrity": "sha512-arnXMxT1hhoKo9k1LZdmlNyJdDDfy2v0fXjFlmok4+i8ul/6WlbVge9bhM74OpNPQPMGUToDtz+KXa1PneJxOA==", + "integrity": "sha1-p0cPnkJnM9gb2B4RVSZOOjUHyrQ=", "dev": true, "requires": { "is-plain-object": "^2.0.4" @@ -6495,14 +6495,14 @@ "nan": { "version": "2.10.0", "resolved": "https://registry.npmjs.org/nan/-/nan-2.10.0.tgz", - "integrity": "sha512-bAdJv7fBLhWC+/Bls0Oza+mvTaNQtP+1RyhhhvD95pgUJz6XM5IzgmxOkItJ9tkoCiplvAnXI1tNmmUD/eScyA==", + "integrity": "sha1-ltDNYQ69WNS03pzAxoKM2pnHVI8=", "dev": true, "optional": true }, "nanomatch": { "version": "1.2.9", "resolved": "https://registry.npmjs.org/nanomatch/-/nanomatch-1.2.9.tgz", - "integrity": "sha512-n8R9bS8yQ6eSXaV6jHUpKzD8gLsin02w1HSFiegwrs9E098Ylhw5jdyKPaYqvHknHaSCKTPp7C8dGCQ0q9koXA==", + "integrity": "sha1-h59xUMstq3pHElkGbBBO7m4Pp8I=", "dev": true, "requires": { "arr-diff": "^4.0.0", @@ -6534,7 +6534,7 @@ "node-notifier": { "version": "5.2.1", "resolved": "https://registry.npmjs.org/node-notifier/-/node-notifier-5.2.1.tgz", - "integrity": "sha512-MIBs+AAd6dJ2SklbbE8RUDRlIVhU8MaNLh1A9SUZDUHPiZkWLFde6UNwG41yQHZEToHgJMXqyVZ9UcS/ReOVTg==", + "integrity": "sha1-+jE90I9VF9sOJQLldY1mSsafneo=", "dev": true, "requires": { "growly": "^1.3.0", @@ -6546,7 +6546,7 @@ "normalize-package-data": { "version": "2.4.0", "resolved": "https://registry.npmjs.org/normalize-package-data/-/normalize-package-data-2.4.0.tgz", - "integrity": "sha512-9jjUFbTPfEy3R/ad/2oNbKtW9Hgovl5O1FvFWKkKblNXoN/Oou6+9+KKohPK13Yc3/TyunyWhJp6gvRNR/PPAw==", + "integrity": "sha1-EvlaMH1YNSB1oEkHuErIvpisAS8=", "dev": true, "requires": { "hosted-git-info": "^2.1.4", @@ -6743,7 +6743,7 @@ "os-locale": { "version": "2.1.0", "resolved": "https://registry.npmjs.org/os-locale/-/os-locale-2.1.0.tgz", - "integrity": "sha512-3sslG3zJbEYcaC4YVAvDorjGxc7tv6KVATnLPZONiljsUncvihe9BQoVCEs0RZ1kmf4Hk9OBqlZfJZWI4GanKA==", + "integrity": "sha1-QrwpAKa1uL0XN2yOiCtlr8zyS/I=", "dev": true, "requires": { "execa": "^0.7.0", @@ -6829,7 +6829,7 @@ "parse5": { "version": "4.0.0", "resolved": "https://registry.npmjs.org/parse5/-/parse5-4.0.0.tgz", - "integrity": "sha512-VrZ7eOd3T1Fk4XWNXMgiGBK/z0MG48BWG2uQNU4I72fkQuKUTZpl+u9k+CxEG0twMVzSmXEEz12z5Fnw1jIQFA==", + "integrity": "sha1-bXhlbj2o14tOwLkG98CO8d/j9gg=", "dev": true }, "pascalcase": { @@ -6951,7 +6951,7 @@ "pn": { "version": "1.1.0", "resolved": "https://registry.npmjs.org/pn/-/pn-1.1.0.tgz", - "integrity": "sha512-2qHaIQr2VLRFoxe2nASzsV6ef4yOOH+Fi9FBOVH6cqeSgUnoyySPZkxzLuzd+RYOQTRpROA0ztTMqxROKSb/nA==", + "integrity": "sha1-4vTO8OIZ9GPBeas3Rj5OHs3Muvs=", "dev": true }, "posix-character-classes": { @@ -7068,7 +7068,7 @@ "randomatic": { "version": "3.0.0", "resolved": "https://registry.npmjs.org/randomatic/-/randomatic-3.0.0.tgz", - "integrity": "sha512-VdxFOIEY3mNO5PtSRkkle/hPJDHvQhK21oa73K4yAc9qmp6N429gAyF1gZMOTMeS0/AYzaV/2Trcef+NaIonSA==", + "integrity": "sha1-01SQAw6091eN4pLObfsEqRoSiSM=", "dev": true, "requires": { "is-number": "^4.0.0", @@ -7079,7 +7079,7 @@ "is-number": { "version": "4.0.0", "resolved": "https://registry.npmjs.org/is-number/-/is-number-4.0.0.tgz", - "integrity": "sha512-rSklcAIlf1OmFdyAqbnWTLVelsQ58uvZ66S/ZyawjWqIviTWCjg2PzVGw8WUA+nNuPTqb4wgA+NszrJ+08LlgQ==", + "integrity": "sha1-ACbjf1RU1z41bf5lZGmYZ8an8P8=", "dev": true } } @@ -7173,7 +7173,7 @@ "realpath-native": { "version": "1.0.0", "resolved": "https://registry.npmjs.org/realpath-native/-/realpath-native-1.0.0.tgz", - "integrity": "sha512-XJtlRJ9jf0E1H1SLeJyQ9PGzQD7S65h1pRXEcAeK48doKOnKxcgPeNohJvD5u/2sI9J1oke6E8bZHS/fmW1UiQ==", + "integrity": "sha1-eIVyGoO0O9Uydgnw3eyySCMF/fA=", "dev": true, "requires": { "util.promisify": "^1.0.0" @@ -7215,7 +7215,7 @@ "regex-cache": { "version": "0.4.4", "resolved": "https://registry.npmjs.org/regex-cache/-/regex-cache-0.4.4.tgz", - "integrity": "sha512-nVIZwtCjkC9YgvWkpM55B5rBhBYRZhAaJbgcFYXXsHnbZ9UZI9nnVWYZpBlCqv9ho2eZryPnWrZGsOdPwVWXWQ==", + "integrity": "sha1-db3FiioUls7EihKDW8VMjVYjNt0=", "dev": true, "requires": { "is-equal-shallow": "^0.1.3" @@ -7224,7 +7224,7 @@ "regex-not": { "version": "1.0.2", "resolved": "https://registry.npmjs.org/regex-not/-/regex-not-1.0.2.tgz", - "integrity": "sha512-J6SDjUgDxQj5NusnOtdFxDwN/+HWykR8GELwctJ7mdqhcyy1xEc4SRFHUXvxTp661YaVKAjfRLZ9cCqS6tn32A==", + "integrity": "sha1-H07OJ+ALC2XgJHpoEOaoXYOldSw=", "dev": true, "requires": { "extend-shallow": "^3.0.2", @@ -7455,7 +7455,7 @@ "ret": { "version": "0.1.15", "resolved": "https://registry.npmjs.org/ret/-/ret-0.1.15.tgz", - "integrity": "sha512-TTlYpa+OL+vMMNG24xSlQGEJ3B/RzEfUlLct7b5G/ytav+wPrplCpVMFuwzXbkecJrb6IYo1iFb0S9v37754mg==", + "integrity": "sha1-uKSCXVvbH8P29Twrwz+BOIaBx7w=", "dev": true }, "right-align": { @@ -7480,7 +7480,7 @@ "rsvp": { "version": "3.6.2", "resolved": "https://registry.npmjs.org/rsvp/-/rsvp-3.6.2.tgz", - "integrity": "sha512-OfWGQTb9vnwRjwtA2QwpG2ICclHC3pgXZO5xt8H2EfgDquO0qVdSb5T88L4qJVAEugbS56pAuV4XZM58UX8ulw==", + "integrity": "sha1-LpZJFZmpbN4bUV1WdKj3qRRSkmo=", "dev": true }, "run-async": { @@ -7574,7 +7574,7 @@ "set-value": { "version": "2.0.0", "resolved": "https://registry.npmjs.org/set-value/-/set-value-2.0.0.tgz", - "integrity": "sha512-hw0yxk9GT/Hr5yJEYnHNKYXkIA8mVJgd9ditYZCe16ZczcaELYYcfvaXesNACk2O8O0nTiPQcQhGUQj8JLzeeg==", + "integrity": "sha1-ca5KiPD+77v1LR6mBPP7MV67YnQ=", "dev": true, "requires": { "extend-shallow": "^2.0.1", @@ -7612,7 +7612,7 @@ "shellwords": { "version": "0.1.1", "resolved": "https://registry.npmjs.org/shellwords/-/shellwords-0.1.1.tgz", - "integrity": "sha512-vFwSUfQvqybiICwZY5+DAWIPLKsWO31Q91JSKl3UYv+K5c2QRPzn0qzec6QPu1Qc9eHYItiP3NdJqNVqetYAww==", + "integrity": "sha1-1rkYHBpI05cyTISHHvvPxz/AZUs=", "dev": true }, "signal-exit": { @@ -7639,7 +7639,7 @@ "snapdragon": { "version": "0.8.2", "resolved": "https://registry.npmjs.org/snapdragon/-/snapdragon-0.8.2.tgz", - "integrity": "sha512-FtyOnWN/wCHTVXOMwvSv26d+ko5vWlIDD6zoUJ7LW8vh+ZBC8QdljveRP+crNrtBwioEUWy/4dMtbBjA4ioNlg==", + "integrity": "sha1-ZJIufFZbDhQgS6GqfWlkJ40lGC0=", "dev": true, "requires": { "base": "^0.11.1", @@ -7675,7 +7675,7 @@ "snapdragon-node": { "version": "2.1.1", "resolved": "https://registry.npmjs.org/snapdragon-node/-/snapdragon-node-2.1.1.tgz", - "integrity": "sha512-O27l4xaMYt/RSQ5TR3vpWCAB5Kb/czIcqUFOM/C4fYcLnbZUc1PkjTAMjof2pBWaSTwOUd6qUHcFGVGj7aIwnw==", + "integrity": "sha1-bBdfhv8UvbByRWPo88GwIaKGhTs=", "dev": true, "requires": { "define-property": "^1.0.0", @@ -7695,7 +7695,7 @@ "is-accessor-descriptor": { "version": "1.0.0", "resolved": "https://registry.npmjs.org/is-accessor-descriptor/-/is-accessor-descriptor-1.0.0.tgz", - "integrity": "sha512-m5hnHTkcVsPfqx3AKlyttIPb7J+XykHvJP2B9bZDjlhLIoEq4XoK64Vg7boZlVWYK6LUY94dYPEE7Lh0ZkZKcQ==", + "integrity": "sha1-FpwvbT3x+ZJhgHI2XJsOofaHhlY=", "dev": true, "requires": { "kind-of": "^6.0.0" @@ -7704,7 +7704,7 @@ "is-data-descriptor": { "version": "1.0.0", "resolved": "https://registry.npmjs.org/is-data-descriptor/-/is-data-descriptor-1.0.0.tgz", - "integrity": "sha512-jbRXy1FmtAoCjQkVmIVYwuuqDFUbaOeDjmed1tOGPrsMhtJA4rD9tkgA0F1qJ3gRFRXcHYVkdeaP50Q5rE/jLQ==", + "integrity": "sha1-2Eh2Mh0Oet0DmQQGq7u9NrqSaMc=", "dev": true, "requires": { "kind-of": "^6.0.0" @@ -7713,7 +7713,7 @@ "is-descriptor": { "version": "1.0.2", "resolved": "https://registry.npmjs.org/is-descriptor/-/is-descriptor-1.0.2.tgz", - "integrity": "sha512-2eis5WqQGV7peooDyLmNEPUrps9+SXX5c9pL3xEB+4e9HnGuDa7mB7kHxHw4CbqS9k1T2hOH3miL8n8WtiYVtg==", + "integrity": "sha1-OxWXRqZmBLBPjIFSS6NlxfFNhuw=", "dev": true, "requires": { "is-accessor-descriptor": "^1.0.0", @@ -7726,7 +7726,7 @@ "snapdragon-util": { "version": "3.0.1", "resolved": "https://registry.npmjs.org/snapdragon-util/-/snapdragon-util-3.0.1.tgz", - "integrity": "sha512-mbKkMdQKsjX4BAL4bRYTj21edOf8cN7XHdYUJEe+Zn99hVEYcMvKPct1IqNe7+AZPirn8BCDOQBHQZknqmKlZQ==", + "integrity": "sha1-+VZHlIbyrNeXAGk/b3uAXkWrVuI=", "dev": true, "requires": { "kind-of": "^3.2.0" @@ -7839,7 +7839,7 @@ "split-string": { "version": "3.1.0", "resolved": "https://registry.npmjs.org/split-string/-/split-string-3.1.0.tgz", - "integrity": "sha512-NzNVhJDYpwceVVii8/Hu6DKfD2G+NrQHlS/V/qgv763EYudVwEcMQNxd2lh+0VrUByXN/oJkl5grOhYWvQUYiw==", + "integrity": "sha1-fLCd2jqGWFcFxks5pkZgOGguj+I=", "dev": true, "requires": { "extend-shallow": "^3.0.0" @@ -7940,7 +7940,7 @@ "string-width": { "version": "2.1.1", "resolved": "https://registry.npmjs.org/string-width/-/string-width-2.1.1.tgz", - "integrity": "sha512-nOqH59deCq9SRHlxq1Aw85Jnt4w6KvLKqWVik6oA9ZklXLNIOlqg4F2yrT1MVaTjAqvVwdfeZ7w7aCvJD7ugkw==", + "integrity": "sha1-q5Pyeo3BPSjKyBXEYhQ6bZASrp4=", "dev": true, "requires": { "is-fullwidth-code-point": "^2.0.0", @@ -8136,7 +8136,7 @@ "test-exclude": { "version": "4.2.1", "resolved": "https://registry.npmjs.org/test-exclude/-/test-exclude-4.2.1.tgz", - "integrity": "sha512-qpqlP/8Zl+sosLxBcVKl9vYy26T9NPalxSzzCP/OY6K7j938ui2oKgo+kRZYfxAeIpLqpbVnsHq1tyV70E4lWQ==", + "integrity": "sha1-36Ii8DSAvKaSB8pyizfXS0X3JPo=", "dev": true, "requires": { "arrify": "^1.0.1", @@ -8230,7 +8230,7 @@ "to-regex": { "version": "3.0.2", "resolved": "https://registry.npmjs.org/to-regex/-/to-regex-3.0.2.tgz", - "integrity": "sha512-FWtleNAtZ/Ki2qtqej2CXTOayOH9bHDQF+Q48VpWyDXjbYxA4Yz8iDB31zXOBUlOHHKidDbqGVrTUvQMPmBGBw==", + "integrity": "sha1-E8/dmzNlUvMLUfM6iuG0Knp1mc4=", "dev": true, "requires": { "define-property": "^2.0.2", @@ -8342,7 +8342,7 @@ "typings-tester": { "version": "0.3.1", "resolved": "https://registry.npmjs.org/typings-tester/-/typings-tester-0.3.1.tgz", - "integrity": "sha512-KvsNMCKtPK87zn6xAVM+EAYBKt8UqfaajdtZv6GylHtmdfhjC4vRXXqfxO46lFeOgm7dfc8carJDjdd0wunNBw==", + "integrity": "sha1-U7uXhLDr17kxkub82QjxRQGvOHg=", "dev": true, "requires": { "commander": "^2.12.2" @@ -8497,7 +8497,7 @@ "use": { "version": "3.1.0", "resolved": "https://registry.npmjs.org/use/-/use-3.1.0.tgz", - "integrity": "sha512-6UJEQM/L+mzC3ZJNM56Q4DFGLX/evKGRg15UJHGB9X5j5Z3AFbgZvjUh2yq/UJUY4U5dh7Fal++XbNg1uzpRAw==", + "integrity": "sha1-FHFr8D/f79AwQK71jYtLhfOnxUQ=", "dev": true, "requires": { "kind-of": "^6.0.2" @@ -8512,7 +8512,7 @@ "util.promisify": { "version": "1.0.0", "resolved": "https://registry.npmjs.org/util.promisify/-/util.promisify-1.0.0.tgz", - "integrity": "sha512-i+6qA2MPhvoKLuxnJNpXAGhg7HphQOSUq2LKMZD0m15EiskXUkMvKdF4Uui0WYeCUGea+o2cw/ZuwehtfsrNkA==", + "integrity": "sha1-RA9xZaRZyaFtwUXrjnLzVocJcDA=", "dev": true, "requires": { "define-properties": "^1.1.2", @@ -8522,7 +8522,7 @@ "uuid": { "version": "3.1.0", "resolved": "https://registry.npmjs.org/uuid/-/uuid-3.1.0.tgz", - "integrity": "sha512-DIWtzUkw04M4k3bf1IcpS2tngXEL26YUD2M0tMDUpnUrz2hgzUBlD55a4FjdLGPvfHxS6uluGWvaVEqgBcVa+g==", + "integrity": "sha1-PdPT55Crwk17DToDT/q6vijrvAQ=", "dev": true }, "validate-npm-package-license": { @@ -8594,13 +8594,13 @@ "webidl-conversions": { "version": "4.0.2", "resolved": "https://registry.npmjs.org/webidl-conversions/-/webidl-conversions-4.0.2.tgz", - "integrity": "sha512-YQ+BmxuTgd6UXZW3+ICGfyqRyHXVlD5GtQr5+qjiNW7bF0cqrzX500HVXPBOvgXb5YnzDd+h0zqyv61KUD7+Sg==", + "integrity": "sha1-qFWYCx8LazWbodXZ+zmulB+qY60=", "dev": true }, "whatwg-encoding": { "version": "1.0.3", "resolved": "https://registry.npmjs.org/whatwg-encoding/-/whatwg-encoding-1.0.3.tgz", - "integrity": "sha512-jLBwwKUhi8WtBfsMQlL4bUUcT8sMkAtQinscJAe/M4KHCkHuUJAF6vuB0tueNIw4c8ziO6AkRmgY+jL3a0iiPw==", + "integrity": "sha1-V8I1vIZX6RTSTho5fTyC2u4Ka6M=", "dev": true, "requires": { "iconv-lite": "0.4.19" @@ -8617,7 +8617,7 @@ "whatwg-mimetype": { "version": "2.1.0", "resolved": "https://registry.npmjs.org/whatwg-mimetype/-/whatwg-mimetype-2.1.0.tgz", - "integrity": "sha512-FKxhYLytBQiUKjkYteN71fAUA3g6KpNXoho1isLiLSB3N1G4F35Q5vUxWfKFhBwi5IWF27VE6WxhrnnC+m0Mew==", + "integrity": "sha1-8PIddsu6cjYutgnb7SowzRf8x9Q=", "dev": true }, "whatwg-url": { @@ -8718,7 +8718,7 @@ "write-file-atomic": { "version": "2.3.0", "resolved": "https://registry.npmjs.org/write-file-atomic/-/write-file-atomic-2.3.0.tgz", - "integrity": "sha512-xuPeK4OdjWqtfi59ylvVL0Yn35SF3zgcAcv7rBPFHVaEapaDr4GdGgm3j7ckTwH9wHL7fGmgfAnb0+THrHb8tA==", + "integrity": "sha1-H/YVdcLipOjlENb6TiQ8zhg5mas=", "dev": true, "requires": { "graceful-fs": "^4.1.11", @@ -8767,7 +8767,7 @@ "ws": { "version": "4.1.0", "resolved": "https://registry.npmjs.org/ws/-/ws-4.1.0.tgz", - "integrity": "sha512-ZGh/8kF9rrRNffkLFV4AzhvooEclrOH0xaugmqGsIfFgOE/pIz4fMc4Ef+5HSQqTEug2S9JZIWDR47duDSLfaA==", + "integrity": "sha1-qXm119TaaL9U7+BAiWfDJIaacok=", "dev": true, "requires": { "async-limiter": "~1.0.0", @@ -8777,7 +8777,7 @@ "xml-name-validator": { "version": "3.0.0", "resolved": "https://registry.npmjs.org/xml-name-validator/-/xml-name-validator-3.0.0.tgz", - "integrity": "sha512-A5CUptxDsvxKJEU3yO6DuWBSJz/qizqzJKOMIfUJHETbBw/sFaDxgd6fxm1ewUaM0jZ444Fc5vC5ROYurg/4Pw==", + "integrity": "sha1-auc+Bt5NjG5H+fsYH3jWSK1FfGo=", "dev": true }, "xml2js": { diff --git a/package.json b/package.json index 2333e52d2..41be787c5 100644 --- a/package.json +++ b/package.json @@ -1,6 +1,6 @@ { "name": "middy-monorepo", - "version": "1.0.0-alpha.14", + "version": "1.0.0-alpha.15", "description": "🛵 The stylish Node.js middleware engine for AWS Lambda", "engines": { "node": ">=6.10" diff --git a/packages/cache/package.json b/packages/cache/package.json index aeb89cb39..d4f2c6264 100644 --- a/packages/cache/package.json +++ b/packages/cache/package.json @@ -1,6 +1,6 @@ { "name": "@middy/cache", - "version": "1.0.0-alpha.14", + "version": "1.0.0-alpha.15", "description": "Cache middleware for the middy framework", "engines": { "node": ">=6.10" diff --git a/packages/core/package.json b/packages/core/package.json index 2c1ab6e25..5627f1d19 100644 --- a/packages/core/package.json +++ b/packages/core/package.json @@ -1,6 +1,6 @@ { "name": "@middy/core", - "version": "1.0.0-alpha.14", + "version": "1.0.0-alpha.15", "description": "🛵 The stylish Node.js middleware engine for AWS Lambda (core package)", "engines": { "node": ">=6.10" diff --git a/packages/do-not-wait-for-empty-event-loop/package.json b/packages/do-not-wait-for-empty-event-loop/package.json index 70ec72e57..2eca62bd8 100644 --- a/packages/do-not-wait-for-empty-event-loop/package.json +++ b/packages/do-not-wait-for-empty-event-loop/package.json @@ -1,6 +1,6 @@ { "name": "@middy/do-not-wait-for-empty-event-loop", - "version": "1.0.0-alpha.14", + "version": "1.0.0-alpha.15", "description": "Middleware for the middy framework that allows to easily disable the wait for empty event loop in a Lambda function", "engines": { "node": ">=6.10" diff --git a/packages/error-logger/package.json b/packages/error-logger/package.json index 47bdcaeea..d5193fa4c 100644 --- a/packages/error-logger/package.json +++ b/packages/error-logger/package.json @@ -1,6 +1,6 @@ { "name": "@middy/error-logger", - "version": "1.0.0-alpha.14", + "version": "1.0.0-alpha.15", "description": "Input and output logger middleware for the middy framework", "engines": { "node": ">=6.10" diff --git a/packages/http-content-negotiation/package.json b/packages/http-content-negotiation/package.json index d103fc803..95b2a6fee 100644 --- a/packages/http-content-negotiation/package.json +++ b/packages/http-content-negotiation/package.json @@ -1,6 +1,6 @@ { "name": "@middy/http-content-negotiation", - "version": "1.0.0-alpha.14", + "version": "1.0.0-alpha.15", "description": "Http content negotiation middleware for the middy framework", "engines": { "node": ">=6.10" diff --git a/packages/http-cors/package.json b/packages/http-cors/package.json index 9ef0336e7..1f435e3d5 100644 --- a/packages/http-cors/package.json +++ b/packages/http-cors/package.json @@ -1,6 +1,6 @@ { "name": "@middy/http-cors", - "version": "1.0.0-alpha.14", + "version": "1.0.0-alpha.15", "description": "CORS (Cross-Origin Resource Sharing) middleware for the middy framework", "engines": { "node": ">=6.10" diff --git a/packages/http-error-handler/package.json b/packages/http-error-handler/package.json index 783fdcdf4..3e34d7797 100644 --- a/packages/http-error-handler/package.json +++ b/packages/http-error-handler/package.json @@ -1,6 +1,6 @@ { "name": "@middy/http-error-handler", - "version": "1.0.0-alpha.14", + "version": "1.0.0-alpha.15", "description": "Http error handler middleware for the middy framework", "engines": { "node": ">=6.10" diff --git a/packages/http-event-normalizer/package.json b/packages/http-event-normalizer/package.json index 176a60498..bfb49368d 100644 --- a/packages/http-event-normalizer/package.json +++ b/packages/http-event-normalizer/package.json @@ -1,6 +1,6 @@ { "name": "@middy/http-event-normalizer", - "version": "1.0.0-alpha.14", + "version": "1.0.0-alpha.15", "description": "Http event normalizer middleware for the middy framework", "engines": { "node": ">=6.10" diff --git a/packages/http-header-normalizer/package.json b/packages/http-header-normalizer/package.json index c2387fb31..ffac4ac3e 100644 --- a/packages/http-header-normalizer/package.json +++ b/packages/http-header-normalizer/package.json @@ -1,6 +1,6 @@ { "name": "@middy/http-header-normalizer", - "version": "1.0.0-alpha.14", + "version": "1.0.0-alpha.15", "description": "Http header normalizer middleware for the middy framework", "engines": { "node": ">=6.10" diff --git a/packages/http-json-body-parser/package.json b/packages/http-json-body-parser/package.json index 6cd00dbf0..7c1a18dda 100644 --- a/packages/http-json-body-parser/package.json +++ b/packages/http-json-body-parser/package.json @@ -1,6 +1,6 @@ { "name": "@middy/http-json-body-parser", - "version": "1.0.0-alpha.14", + "version": "1.0.0-alpha.15", "description": "Http JSON body parser middleware for the middy framework", "engines": { "node": ">=6.10" diff --git a/packages/http-partial-response/package.json b/packages/http-partial-response/package.json index bb7881a81..99ae89820 100644 --- a/packages/http-partial-response/package.json +++ b/packages/http-partial-response/package.json @@ -1,6 +1,6 @@ { "name": "@middy/http-partial-response", - "version": "1.0.0-alpha.14", + "version": "1.0.0-alpha.15", "description": "Http partial response middleware for the middy framework", "engines": { "node": ">=6.10" diff --git a/packages/http-security-headers/__tests__/index.js b/packages/http-security-headers/__tests__/index.js index 9754f2597..cd3aba533 100644 --- a/packages/http-security-headers/__tests__/index.js +++ b/packages/http-security-headers/__tests__/index.js @@ -1,4 +1,3 @@ -const { invoke } = require('../../test-helpers') const middy = require('../../core') const httpSecurityHeaders = require('../') @@ -7,7 +6,7 @@ const createDefaultObjectResponse = () => {}, { statusCode: 200, - body: { firstname: 'john', lastname: 'doe' } + body: {firstname: 'john', lastname: 'doe'} } ) @@ -29,16 +28,16 @@ const createHeaderObjectResponse = () => {}, { statusCode: 200, - body: { firstname: 'john', lastname: 'doe' }, + body: {firstname: 'john', lastname: 'doe'}, headers: { - Server: 'AMZN', + 'Server': 'AMZN', 'X-Powered-By': 'MiddyJS' } } ) describe('🔒 Middleware Http Security Headers', () => { - test('It should return default security headers', async () => { + test('It should modify default security headers', () => { const handler = middy((event, context, cb) => cb(null, createDefaultObjectResponse()) ) @@ -49,22 +48,20 @@ describe('🔒 Middleware Http Security Headers', () => { httpMethod: 'GET' } - const response = await invoke(handler, event) + handler(event, {}, (_, response) => { + expect(response.headers['X-DNS-Prefetch-Control']).toEqual('off') + expect(response.headers['X-Powered-By']).toEqual(undefined) + expect(response.headers['Strict-Transport-Security']).toEqual('max-age=15552000; includeSubDomains; preload') + expect(response.headers['X-Download-Options']).toEqual('noopen') + expect(response.headers['X-Content-Type-Options']).toEqual('nosniff') + expect(response.headers['Referrer-Policy']).toEqual('no-referrer') - expect(response.statusCode).toEqual(200) - expect(response.headers['X-DNS-Prefetch-Control']).toEqual('off') - expect(response.headers['X-Powered-By']).toEqual(undefined) - expect(response.headers['Strict-Transport-Security']).toEqual('max-age=15552000; includeSubDomains; preload') - expect(response.headers['X-Download-Options']).toEqual('noopen') - expect(response.headers['X-Content-Type-Options']).toEqual('nosniff') - expect(response.headers['Referrer-Policy']).toEqual('no-referrer') - expect(response.headers['X-Permitted-Cross-Domain-Policies']).toEqual('none') - - expect(response.headers['X-Frame-Options']).toEqual(undefined) - expect(response.headers['X-XSS-Protection']).toEqual(undefined) + expect(response.headers['X-Frame-Options']).toEqual(undefined) + expect(response.headers['X-XSS-Protection']).toEqual(undefined) + }) }) - test('It should return default security headers when HTML', async () => { + test('It should modify default security headers when HTML', () => { const handler = middy((event, context, cb) => cb(null, createHtmlObjectResponse()) ) @@ -75,21 +72,20 @@ describe('🔒 Middleware Http Security Headers', () => { httpMethod: 'GET' } - const response = await invoke(handler, event) - - expect(response.headers['X-DNS-Prefetch-Control']).toEqual('off') - expect(response.headers['X-Powered-By']).toEqual(undefined) - expect(response.headers['Strict-Transport-Security']).toEqual('max-age=15552000; includeSubDomains; preload') - expect(response.headers['X-Download-Options']).toEqual('noopen') - expect(response.headers['X-Content-Type-Options']).toEqual('nosniff') - expect(response.headers['Referrer-Policy']).toEqual('no-referrer') - expect(response.headers['X-Permitted-Cross-Domain-Policies']).toEqual('none') + handler(event, {}, (_, response) => { + expect(response.headers['X-DNS-Prefetch-Control']).toEqual('off') + expect(response.headers['X-Powered-By']).toEqual(undefined) + expect(response.headers['Strict-Transport-Security']).toEqual('max-age=15552000; includeSubDomains; preload') + expect(response.headers['X-Download-Options']).toEqual('noopen') + expect(response.headers['X-Content-Type-Options']).toEqual('nosniff') + expect(response.headers['Referrer-Policy']).toEqual('no-referrer') - expect(response.headers['X-Frame-Options']).toEqual('DENY') - expect(response.headers['X-XSS-Protection']).toEqual('1; mode=block') + expect(response.headers['X-Frame-Options']).toEqual('DENY') + expect(response.headers['X-XSS-Protection']).toEqual('1; mode=block') + }) }) - test('It should modify default security headers', async () => { + test('It should modify default security headers', () => { const handler = middy((event, context, cb) => cb(null, createHeaderObjectResponse()) ) @@ -100,14 +96,13 @@ describe('🔒 Middleware Http Security Headers', () => { httpMethod: 'GET' } - const response = await invoke(handler, event) - - expect(response.statusCode).toEqual(200) - expect(response.headers.Server).toEqual(undefined) - expect(response.headers['X-Powered-By']).toEqual(undefined) + handler(event, {}, (_, response) => { + expect(response.headers['Server']).toEqual(undefined) + expect(response.headers['X-Powered-By']).toEqual(undefined) + }) }) - test('It should modify default security headers', async () => { + test('It should modify default security headers', () => { const handler = middy((event, context, cb) => cb(null, createHtmlObjectResponse()) ) @@ -123,9 +118,6 @@ describe('🔒 Middleware Http Security Headers', () => { hidePoweredBy: { setTo: 'Other' }, - permittedCrossDomainPolicies: { - policy: 'all' - }, xssFilter: { reportUri: 'https://example.com/report' } @@ -135,28 +127,11 @@ describe('🔒 Middleware Http Security Headers', () => { httpMethod: 'GET' } - const response = await invoke(handler, event) - - expect(response.statusCode).toEqual(200) - expect(response.headers['X-Permitted-Cross-Domain-Policies']).toEqual('all') - expect(response.headers['X-DNS-Prefetch-Control']).toEqual('on') - expect(response.headers['X-Powered-By']).toEqual('Other') - expect(response.headers['Strict-Transport-Security']).toEqual('max-age=15552000') - expect(response.headers['X-XSS-Protection']).toEqual('1; mode=block; report=https://example.com/report') - }) - - test('It should catch thrown errors', async () => { - const handler = middy(async () => { - throw new Error('This error should not return 200') + handler(event, {}, (_, response) => { + expect(response.headers['X-DNS-Prefetch-Control']).toEqual('on') + expect(response.headers['X-Powered-By']).toEqual('Other') + expect(response.headers['Strict-Transport-Security']).toEqual('max-age=15552000') + expect(response.headers['X-XSS-Protection']).toEqual('1; mode=block; report=https://example.com/report') }) - - handler.use(httpSecurityHeaders()) - - const event = { - httpMethod: 'GET' - } - - const response = await invoke(handler, event) - expect(response.statusCode).toEqual(500) }) }) diff --git a/packages/http-security-headers/index.d.ts b/packages/http-security-headers/index.d.ts index 31dde2357..68a802cea 100644 --- a/packages/http-security-headers/index.d.ts +++ b/packages/http-security-headers/index.d.ts @@ -1,4 +1,4 @@ -import middy from '@middy/core' +import middy from '../core' interface IHTTPSecurityHeadersOptions { dnsPrefetchControl?: { @@ -31,6 +31,6 @@ interface IHTTPSecurityHeadersOptions { xssFilter?: Object } -declare const httpSecurityHeaders : middy.Middleware +declare function httpSecurityHeaders(opts?: IHTTPSecurityHeadersOptions): middy.IMiddyMiddlewareObject; export default httpSecurityHeaders diff --git a/packages/http-security-headers/index.js b/packages/http-security-headers/index.js index 2026535bf..a93e1ecd3 100644 --- a/packages/http-security-headers/index.js +++ b/packages/http-security-headers/index.js @@ -26,9 +26,6 @@ const defaults = { noSniff: { action: 'nosniff' }, - permittedCrossDomainPolicies: { - policy: 'none' // none, master-only, by-content-type, by-ftp-filename, all - }, referrerPolicy: { policy: 'no-referrer' }, @@ -105,12 +102,6 @@ helmet.referrerPolicy = (headers, options) => { return headers } -// https://github.com/helmetjs/crossdomain -helmet.permittedCrossDomainPolicies = (headers, options) => { - headers['X-Permitted-Cross-Domain-Policies'] = options.policy - return headers -} - // https://github.com/helmetjs/x-xss-protection helmetHtmlOnly.xssFilter = (headers, options) => { let header = '1; mode=block' @@ -121,30 +112,28 @@ helmetHtmlOnly.xssFilter = (headers, options) => { return headers } -module.exports = (opts = {}) => { +const response = (opts, handler, next) => { opts = Object.assign({}, defaults, opts) - const response = (handler, next) => { - handler.response = handler.response || { statusCode: 500 } // catch thrown errors, prevent default statusCode - handler.response.headers = handler.response.headers || {} + handler.response = handler.response || {} + handler.response.headers = handler.response.headers || {} + + Object.keys(helmet).forEach(key => { + const options = Object.assign({}, defaults[key], opts[key]) + handler.response.headers = helmet[key](handler.response.headers, options) + }) - Object.keys(helmet).forEach(key => { + if (handler.response.headers['Content-Type'] && handler.response.headers['Content-Type'].indexOf('text/html') !== -1) { + Object.keys(helmetHtmlOnly).forEach(key => { const options = Object.assign({}, defaults[key], opts[key]) - handler.response.headers = helmet[key](handler.response.headers, options) + handler.response.headers = helmetHtmlOnly[key](handler.response.headers, options) }) - - if (handler.response.headers['Content-Type'] && handler.response.headers['Content-Type'].indexOf('text/html') !== -1) { - Object.keys(helmetHtmlOnly).forEach(key => { - const options = Object.assign({}, defaults[key], opts[key]) - handler.response.headers = helmetHtmlOnly[key](handler.response.headers, options) - }) - } - - next() } - return { - after: response, - onError: response - } + next() } + +module.exports = (opts = {}) => ({ + after: response.bind(null, opts), + onError: response.bind(null, opts) +}) diff --git a/packages/http-security-headers/package.json b/packages/http-security-headers/package.json index 8cb4b5323..b045cb623 100644 --- a/packages/http-security-headers/package.json +++ b/packages/http-security-headers/package.json @@ -1,9 +1,9 @@ { - "name": "@middy/http-security-headers", - "version": "1.0.0", + "name": "@middy/http-security-header", + "version": "1.0.0-alpha.15", "description": "Applies best practice security headers to responses. It's a simplified port of HelmetJS", "engines": { - "node": ">=10" + "node": ">=6.10" }, "engineStrict": true, "publishConfig": { @@ -44,10 +44,5 @@ "homepage": "https://github.com/middyjs/middy#readme", "peerDependencies": { "@middy/core": ">=1.0.0-alpha" - }, - "devDependencies": { - "@middy/core": "^1.0.0", - "es6-promisify": "^6.0.2" - }, - "gitHead": "7a6c0fbb8ab71d6a2171e678697de9f237568431" + } } diff --git a/packages/http-security-headers/tsconfig.json b/packages/http-security-headers/tsconfig.json index 973bcb3a4..284bed26f 100644 --- a/packages/http-security-headers/tsconfig.json +++ b/packages/http-security-headers/tsconfig.json @@ -2,8 +2,7 @@ "compilerOptions": { "module": "commonjs", "lib": ["es2015"], - "target": "es2015", - "esModuleInterop": true + "target": "es2015" }, "files": [ "index.d.ts" diff --git a/packages/http-urlencode-body-parser/package.json b/packages/http-urlencode-body-parser/package.json index d04b3ec73..705e662b5 100644 --- a/packages/http-urlencode-body-parser/package.json +++ b/packages/http-urlencode-body-parser/package.json @@ -1,6 +1,6 @@ { "name": "@middy/http-urlencode-body-parser", - "version": "1.0.0-alpha.14", + "version": "1.0.0-alpha.15", "description": "Urlencode body parser middleware for the middy framework", "engines": { "node": ">=6.10" diff --git a/packages/input-output-logger/package.json b/packages/input-output-logger/package.json index 14d75ec1d..f520f0801 100644 --- a/packages/input-output-logger/package.json +++ b/packages/input-output-logger/package.json @@ -1,6 +1,6 @@ { "name": "@middy/input-output-logger", - "version": "1.0.0-alpha.14", + "version": "1.0.0-alpha.15", "description": "Input and output logger middleware for the middy framework", "engines": { "node": ">=6.10" diff --git a/packages/s3-key-normalizer/package.json b/packages/s3-key-normalizer/package.json index 3d89db3c3..aae388d5d 100644 --- a/packages/s3-key-normalizer/package.json +++ b/packages/s3-key-normalizer/package.json @@ -1,6 +1,6 @@ { "name": "@middy/s3-key-normalizer", - "version": "1.0.0-alpha.14", + "version": "1.0.0-alpha.15", "description": "S3 key normalizer middleware for the middy framework", "engines": { "node": ">=6.10" diff --git a/packages/ssm/package.json b/packages/ssm/package.json index a592b8389..01cfdb867 100644 --- a/packages/ssm/package.json +++ b/packages/ssm/package.json @@ -1,6 +1,6 @@ { "name": "@middy/ssm", - "version": "1.0.0-alpha.14", + "version": "1.0.0-alpha.15", "description": "SSM (EC2 Systems Manager) parameters middleware for the middy framework", "engines": { "node": ">=6.10" diff --git a/packages/validator/package.json b/packages/validator/package.json index 96a260364..2102739d7 100644 --- a/packages/validator/package.json +++ b/packages/validator/package.json @@ -1,6 +1,6 @@ { "name": "@middy/validator", - "version": "1.0.0-alpha.14", + "version": "1.0.0-alpha.15", "description": "Validator middleware for the middy framework", "engines": { "node": ">=6.10" diff --git a/packages/warmup/package.json b/packages/warmup/package.json index 47e4348c7..5d5f47a2b 100644 --- a/packages/warmup/package.json +++ b/packages/warmup/package.json @@ -1,6 +1,6 @@ { "name": "@middy/warmup", - "version": "1.0.0-alpha.14", + "version": "1.0.0-alpha.15", "description": "Warmup (cold start mitigation) middleware for the middy framework", "engines": { "node": ">=6.10"