From 66e1c2834c0e189201cb65196ec3101372459b02 Mon Sep 17 00:00:00 2001 From: Sam Verschueren Date: Mon, 7 Oct 2019 07:35:44 +0200 Subject: [PATCH 1/6] Meta tweaks --- .editorconfig | 2 +- .npmrc | 1 + .travis.yml | 2 ++ license | 18 +++---------- package.json | 70 +++++++++++++++++++++++++-------------------------- 5 files changed, 42 insertions(+), 51 deletions(-) create mode 100644 .npmrc diff --git a/.editorconfig b/.editorconfig index 98a761d..1c6314a 100644 --- a/.editorconfig +++ b/.editorconfig @@ -7,6 +7,6 @@ charset = utf-8 trim_trailing_whitespace = true insert_final_newline = true -[{package.json,*.yml}] +[*.yml] indent_style = space indent_size = 2 diff --git a/.npmrc b/.npmrc new file mode 100644 index 0000000..9cf9495 --- /dev/null +++ b/.npmrc @@ -0,0 +1 @@ +package-lock=false \ No newline at end of file diff --git a/.travis.yml b/.travis.yml index 23875fc..e90fad9 100644 --- a/.travis.yml +++ b/.travis.yml @@ -1,5 +1,7 @@ language: node_js node_js: + - '12' + - '10' - '8' - '6' - '4' diff --git a/license b/license index 78b0855..57d1f37 100644 --- a/license +++ b/license @@ -2,20 +2,8 @@ The MIT License (MIT) Copyright (c) Sam Verschueren (github.com/SamVerschueren) -Permission is hereby granted, free of charge, to any person obtaining a copy -of this software and associated documentation files (the "Software"), to deal -in the Software without restriction, including without limitation the rights -to use, copy, modify, merge, publish, distribute, sublicense, and/or sell -copies of the Software, and to permit persons to whom the Software is -furnished to do so, subject to the following conditions: +Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal in the Software without restriction, including without limitation the rights to use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the Software, and to permit persons to whom the Software is furnished to do so, subject to the following conditions: -The above copyright notice and this permission notice shall be included in -all copies or substantial portions of the Software. +The above copyright notice and this permission notice shall be included in all copies or substantial portions of the Software. -THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR -IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, -FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE -AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER -LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, -OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN -THE SOFTWARE. +THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. diff --git a/package.json b/package.json index 183bd7c..0acb129 100644 --- a/package.json +++ b/package.json @@ -1,37 +1,37 @@ { - "name": "decode-uri-component", - "version": "0.2.0", - "description": "A better decodeURIComponent", - "license": "MIT", - "repository": "SamVerschueren/decode-uri-component", - "author": { - "name": "Sam Verschueren", - "email": "sam.verschueren@gmail.com", - "url": "github.com/SamVerschueren" - }, - "engines": { - "node": ">=0.10" - }, - "scripts": { - "test": "xo && nyc ava", - "coveralls": "nyc report --reporter=text-lcov | coveralls" - }, - "files": [ - "index.js" - ], - "keywords": [ - "decode", - "uri", - "component", - "decodeuricomponent", - "components", - "decoder", - "url" - ], - "devDependencies": { - "ava": "^0.17.0", - "coveralls": "^2.13.1", - "nyc": "^10.3.2", - "xo": "^0.16.0" - } + "name": "decode-uri-component", + "version": "0.2.0", + "description": "A better decodeURIComponent", + "license": "MIT", + "repository": "SamVerschueren/decode-uri-component", + "author": { + "name": "Sam Verschueren", + "email": "sam.verschueren@gmail.com", + "url": "github.com/SamVerschueren" + }, + "engines": { + "node": ">=0.10" + }, + "scripts": { + "test": "xo && nyc ava", + "coveralls": "nyc report --reporter=text-lcov | coveralls" + }, + "files": [ + "index.js" + ], + "keywords": [ + "decode", + "uri", + "component", + "decodeuricomponent", + "components", + "decoder", + "url" + ], + "devDependencies": { + "ava": "^0.17.0", + "coveralls": "^2.13.1", + "nyc": "^10.3.2", + "xo": "^0.16.0" + } } From a65045724e6234acef87f31da499d4807b20b134 Mon Sep 17 00:00:00 2001 From: Sam Verschueren Date: Mon, 7 Oct 2019 07:41:29 +0200 Subject: [PATCH 2/6] Tidelift tasks --- .github/funding.yml | 1 + .github/security.md | 3 +++ readme.md | 13 +++++++++++++ 3 files changed, 17 insertions(+) create mode 100644 .github/funding.yml create mode 100644 .github/security.md diff --git a/.github/funding.yml b/.github/funding.yml new file mode 100644 index 0000000..6d41774 --- /dev/null +++ b/.github/funding.yml @@ -0,0 +1 @@ +tidelift: npm/decode-uri-component diff --git a/.github/security.md b/.github/security.md new file mode 100644 index 0000000..5358dc5 --- /dev/null +++ b/.github/security.md @@ -0,0 +1,3 @@ +# Security Policy + +To report a security vulnerability, please use the [Tidelift security contact](https://tidelift.com/security). Tidelift will coordinate the fix and disclosure. diff --git a/readme.md b/readme.md index 795c87f..d1f7a77 100644 --- a/readme.md +++ b/readme.md @@ -68,3 +68,16 @@ An encoded component of a Uniform Resource Identifier. ## License MIT © [Sam Verschueren](https://github.com/SamVerschueren) + + +--- + +
+ + Get professional support for this package with a Tidelift subscription + +
+ + Tidelift helps make open source sustainable for maintainers while giving companies
assurances about security, maintenance, and licensing for their dependencies. + +
From 486d7e26d3a8c0fbe860fb651fe1bc98c2f2be30 Mon Sep 17 00:00:00 2001 From: r-browser-app-team <43392236+r-browser-app-team@users.noreply.github.com> Date: Wed, 30 Nov 2022 00:09:19 +0900 Subject: [PATCH 3/6] Update license (#1) --- license | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/license b/license index 57d1f37..8dbcd53 100644 --- a/license +++ b/license @@ -1,6 +1,6 @@ The MIT License (MIT) -Copyright (c) Sam Verschueren (github.com/SamVerschueren) +Copyright (c) 2017, Sam Verschueren (github.com/SamVerschueren) Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal in the Software without restriction, including without limitation the rights to use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the Software, and to permit persons to whom the Software is furnished to do so, subject to the following conditions: From 746ca5dcb6667c5d364e782d53c542830e4c10b9 Mon Sep 17 00:00:00 2001 From: Sam Verschueren Date: Thu, 1 Dec 2022 16:59:32 +0100 Subject: [PATCH 4/6] Fix issue where decode throws - fixes #6 --- index.js | 6 +++--- test.js | 5 ++++- 2 files changed, 7 insertions(+), 4 deletions(-) diff --git a/index.js b/index.js index 691499b..d33e06e 100644 --- a/index.js +++ b/index.js @@ -6,7 +6,7 @@ var multiMatcher = new RegExp('(' + token + ')+', 'gi'); function decodeComponents(components, split) { try { // Try to decode the entire string first - return decodeURIComponent(components.join('')); + return [decodeURIComponent(components.join(''))]; } catch (err) { // Do nothing } @@ -28,12 +28,12 @@ function decode(input) { try { return decodeURIComponent(input); } catch (err) { - var tokens = input.match(singleMatcher); + var tokens = input.match(singleMatcher) || []; for (var i = 1; i < tokens.length; i++) { input = decodeComponents(tokens, i).join(''); - tokens = input.match(singleMatcher); + tokens = input.match(singleMatcher) || []; } return input; diff --git a/test.js b/test.js index 85adb1d..c083cc6 100644 --- a/test.js +++ b/test.js @@ -32,7 +32,10 @@ const tests = { '%C2x': '\uFFFDx', '%C2%B5': 'µ', '%C2%B5%': 'µ%', - '%%C2%B5%': '%µ%' + '%%C2%B5%': '%µ%', + + // This should actually return `%ea%baZ%ba`, but fixes a DOS attack for now + '%ea%ba%5a%ba': '꺺' }; function macro(t, input, expected) { From 76abc939783fe3900fadb7d384a74d324d5557f3 Mon Sep 17 00:00:00 2001 From: Sam Verschueren Date: Thu, 1 Dec 2022 17:03:07 +0100 Subject: [PATCH 5/6] Switch to GitHub workflows --- .github/workflows/main.yaml | 27 +++++++++++++++++++++++++++ .travis.yml | 11 ----------- readme.md | 2 +- 3 files changed, 28 insertions(+), 12 deletions(-) create mode 100644 .github/workflows/main.yaml delete mode 100644 .travis.yml diff --git a/.github/workflows/main.yaml b/.github/workflows/main.yaml new file mode 100644 index 0000000..0063223 --- /dev/null +++ b/.github/workflows/main.yaml @@ -0,0 +1,27 @@ +name: CI +on: + - push + - pull_request +jobs: + test: + name: Node.js ${{ matrix.node-version }} + runs-on: ubuntu-latest + strategy: + fail-fast: false + matrix: + node-version: + - '18' + - '16' + - '14' + - '12' + - '10' + - '8' + - '6' + - '4' + steps: + - uses: actions/checkout@v3 + - uses: actions/setup-node@v3 + with: + node-version: ${{ matrix.node-version }} + - run: npm install + - run: npm test diff --git a/.travis.yml b/.travis.yml deleted file mode 100644 index e90fad9..0000000 --- a/.travis.yml +++ /dev/null @@ -1,11 +0,0 @@ -language: node_js -node_js: - - '12' - - '10' - - '8' - - '6' - - '4' - - '0.12' - - '0.10' -after_script: - - npm run coveralls diff --git a/readme.md b/readme.md index d1f7a77..3ed99b0 100644 --- a/readme.md +++ b/readme.md @@ -1,6 +1,6 @@ # decode-uri-component -[![Build Status](https://travis-ci.org/SamVerschueren/decode-uri-component.svg?branch=master)](https://travis-ci.org/SamVerschueren/decode-uri-component) [![Coverage Status](https://coveralls.io/repos/SamVerschueren/decode-uri-component/badge.svg?branch=master&service=github)](https://coveralls.io/github/SamVerschueren/decode-uri-component?branch=master) +![CI](https://github.com/SamVerschueren/decode-uri-component/workflows/CI/badge.svg) [![Coverage Status](https://coveralls.io/repos/SamVerschueren/decode-uri-component/badge.svg?branch=master&service=github)](https://coveralls.io/github/SamVerschueren/decode-uri-component?branch=master) > A better [decodeURIComponent](https://developer.mozilla.org/en/docs/Web/JavaScript/Reference/Global_Objects/decodeURIComponent) From 3c8a373dd4837e89b3f970e01295dd03e1405a33 Mon Sep 17 00:00:00 2001 From: Sam Verschueren Date: Thu, 1 Dec 2022 17:11:28 +0100 Subject: [PATCH 6/6] 0.2.1 --- package.json | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/package.json b/package.json index 0acb129..1666841 100644 --- a/package.json +++ b/package.json @@ -1,6 +1,6 @@ { "name": "decode-uri-component", - "version": "0.2.0", + "version": "0.2.1", "description": "A better decodeURIComponent", "license": "MIT", "repository": "SamVerschueren/decode-uri-component",