From 6258cbefd4e4a9bf21548e5556f45afa825ad426 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Kat=20March=C3=A1n?= <kzm@sykosomatic.org>
Date: Wed, 24 May 2017 16:50:29 -0700
Subject: ssri@4.1.3

---
 node_modules/ssri/CHANGELOG.md | 10 ++++++++++
 node_modules/ssri/index.js     | 13 +++++++++----
 node_modules/ssri/package.json | 32 +++++++++++++++-----------------
 3 files changed, 34 insertions(+), 21 deletions(-)

(limited to 'node_modules')

diff --git a/node_modules/ssri/CHANGELOG.md b/node_modules/ssri/CHANGELOG.md
index 838a6fe69..46a0093e0 100644
--- a/node_modules/ssri/CHANGELOG.md
+++ b/node_modules/ssri/CHANGELOG.md
@@ -2,6 +2,16 @@
 
 All notable changes to this project will be documented in this file. See [standard-version](https://github.com/conventional-changelog/standard-version) for commit guidelines.
 
+<a name="4.1.3"></a>
+## [4.1.3](https://github.com/zkat/ssri/compare/v4.1.2...v4.1.3) (2017-05-24)
+
+
+### Bug Fixes
+
+* **check:** handle various bad hash corner cases better ([c2c262b](https://github.com/zkat/ssri/commit/c2c262b))
+
+
+
 <a name="4.1.2"></a>
 ## [4.1.2](https://github.com/zkat/ssri/compare/v4.1.1...v4.1.2) (2017-04-18)
 
diff --git a/node_modules/ssri/index.js b/node_modules/ssri/index.js
index 9c84dbc21..f01986fa5 100644
--- a/node_modules/ssri/index.js
+++ b/node_modules/ssri/index.js
@@ -95,7 +95,9 @@ class Integrity {
     const pickAlgorithm = (opts && opts.pickAlgorithm) || getPrioritizedHash
     const keys = Object.keys(this)
     if (!keys.length) {
-      throw new Error(`No algorithms available for ${this}`)
+      throw new Error(`No algorithms available for ${
+        JSON.stringify(this.toString())
+      }`)
     }
     return keys.reduce((acc, algo) => {
       return pickAlgorithm(acc, algo) || acc
@@ -199,8 +201,9 @@ module.exports.checkData = checkData
 function checkData (data, sri, opts) {
   opts = opts || {}
   sri = parse(sri, opts)
+  if (!Object.keys(sri).length) { return false }
   const algorithm = sri.pickAlgorithm(opts)
-  const digests = sri[algorithm]
+  const digests = sri[algorithm] || []
   const digest = crypto.createHash(algorithm).update(data).digest('base64')
   return digests.find(hash => hash.digest === digest) || false
 }
@@ -231,8 +234,9 @@ function integrityStream (opts) {
   opts = opts || {}
   // For verification
   const sri = opts.integrity && parse(opts.integrity, opts)
-  const algorithm = sri && sri.pickAlgorithm(opts)
-  const digests = sri && sri[algorithm]
+  const goodSri = sri && Object.keys(sri).length
+  const algorithm = goodSri && sri.pickAlgorithm(opts)
+  const digests = goodSri && sri[algorithm]
   // Calculating stream
   const algorithms = opts.algorithms || [algorithm || 'sha512']
   const hashes = algorithms.map(crypto.createHash)
@@ -253,6 +257,7 @@ function integrityStream (opts) {
     const match = (
       // Integrity verification mode
       opts.integrity &&
+      digests &&
       digests.find(hash => {
         return newSri[algorithm].find(newhash => {
           return hash.digest === newhash.digest
diff --git a/node_modules/ssri/package.json b/node_modules/ssri/package.json
index b828c974c..fae62d7c5 100644
--- a/node_modules/ssri/package.json
+++ b/node_modules/ssri/package.json
@@ -1,36 +1,36 @@
 {
-  "_from": "ssri@~4.1.2",
-  "_id": "ssri@4.1.2",
-  "_integrity": "sha1-PTxptJDQsQd3Kpv4GIHziuBx8ks=",
+  "_from": "ssri@4.1.3",
+  "_id": "ssri@4.1.3",
+  "_inBundle": false,
+  "_integrity": "sha512-vDXK4C5lxEMlMXyUvsaNAqyYkoMaScW8r6jUTg3uwUOMnvbMmNRSw3Cal0iiWHtMsQxga7NG4GShS0CKt3Pt1w==",
   "_location": "/ssri",
   "_phantomChildren": {},
   "_requested": {
-    "type": "range",
+    "type": "version",
     "registry": true,
-    "raw": "ssri@~4.1.2",
+    "raw": "ssri@4.1.3",
     "name": "ssri",
     "escapedName": "ssri",
-    "rawSpec": "~4.1.2",
+    "rawSpec": "4.1.3",
     "saveSpec": null,
-    "fetchSpec": "~4.1.2"
+    "fetchSpec": "4.1.3"
   },
   "_requiredBy": [
+    "#USER",
     "/",
     "/cacache",
     "/npm-registry-client",
     "/pacote",
     "/pacote/make-fetch-happen"
   ],
-  "_resolved": "https://registry.npmjs.org/ssri/-/ssri-4.1.2.tgz",
-  "_shasum": "3d3c69b490d0b107772a9bf81881f38ae071f24b",
-  "_shrinkwrap": null,
-  "_spec": "ssri@~4.1.2",
+  "_resolved": "https://registry.npmjs.org/ssri/-/ssri-4.1.3.tgz",
+  "_shasum": "ec8b5585cbfc726a5f9aad829efce238de831935",
+  "_spec": "ssri@4.1.3",
   "_where": "/Users/zkat/Documents/code/npm",
   "author": {
     "name": "Kat Marchán",
     "email": "kzm@sykosomatic.org"
   },
-  "bin": null,
   "bugs": {
     "url": "https://github.com/zkat/ssri/issues"
   },
@@ -47,11 +47,11 @@
   "deprecated": false,
   "description": "Standard Subresource Integrity library --  parses, serializes, generates, and verifies integrity metadata according to the SRI spec.",
   "devDependencies": {
-    "nyc": "^10.2.0",
+    "nyc": "^10.3.2",
     "standard": "^9.0.2",
     "standard-version": "^4.0.0",
     "tap": "^10.3.2",
-    "weallbehave": "^1.0.0",
+    "weallbehave": "^1.2.0",
     "weallcontribute": "^1.0.8"
   },
   "files": [
@@ -75,8 +75,6 @@
   "license": "CC0-1.0",
   "main": "index.js",
   "name": "ssri",
-  "optionalDependencies": {},
-  "peerDependencies": {},
   "repository": {
     "type": "git",
     "url": "git+https://github.com/zkat/ssri.git"
@@ -90,5 +88,5 @@
     "update-coc": "weallbehave -o . && git add CODE_OF_CONDUCT.md && git commit -m 'docs(coc): updated CODE_OF_CONDUCT.md'",
     "update-contrib": "weallcontribute -o . && git add CONTRIBUTING.md && git commit -m 'docs(contributing): updated CONTRIBUTING.md'"
   },
-  "version": "4.1.2"
+  "version": "4.1.3"
 }
-- 
cgit v1.2.3