Permalink
Comparing changes
Choose two branches to see what’s changed or to start a new pull request.
If you need to, you can also or
learn more about diff comparisons.
Open a pull request
Create a new pull request by comparing changes across two branches. If you need to, you can also .
Learn more about diff comparisons here.
...
- 6 commits
- 15 files changed
- 2 contributors
Commits on Feb 14, 2020
Commits on Feb 17, 2020
-
fix: IntegrityStream responds to mutating opts object mid-stream
This allows us to start a stream, then get the integrity value mid-way through, and THEN update the options with the expected integrity.
-
chore: consistent project setup
- Update devDeps - Run lint after tests, not before - Push to github before publishing, not after - Use GitHub Actions for CI instead of appveyor/travis - Remove outdated CoC, PR template, etc. PR-URL: #11 Credit: @claudiahdz Close: #11 Reviewed-by: @isaacs
Commits on Feb 18, 2020
-
fix: throw null when sri is empty or bad
BREAKING CHANGE: adds a new error that will be thrown. Empty SRIs are no longer considered valid for checking, only when using integrityStream to calculate the SRI value. PR-URL: #12 Credit: @claudiahdz Close: #12 Reviewed-by: @isaacs
-
fix: harden SRI parsing against ../ funny business
The actual security fix this relates to is already fixed in cacache, but defense in depth is a good and valuable thing. BREAKING CHANGE: SRI values with `../` in the algorithm name now throw as invalid (which they always probably should have!)
-
Loading
This comparison is taking too long to generate.
Unfortunately it looks like we can’t render this comparison for you right now. It might be too big, or there might be something weird with your repository.
You can try running this command locally to see the comparison on your machine:
git diff v7.1.0...v8.0.0