Skip to content

Update several packages to the latest version and fix the subsequent lint violations #55

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
ar27111994 merged 10 commits into from
Apr 16, 2026
Merged

Update several packages to the latest version and fix the subsequent lint violations #55

Show file tree
Hide file tree
Changes from 6 commits
Commits
Show all changes
10 commits
Select commit Hold shift + click to select a range
47da6b8
chore(deps): bump the dependencies group with 9 updates
dependabot[bot] Apr 15, 2026
de5361d
Merge branch 'main' into dependabot/npm_and_yarn/dependencies-ef52ae3e33
ar27111994 Apr 15, 2026
9ec9269
fix: resolve lint findings in forwarding and test helpers
ar27111994 Apr 16, 2026
a9336d0
fix: validate Content-Length header with Number.isFinite and bump eng…
Copilot Apr 16, 2026
b38af5d
docs: add comment explaining Number.isFinite guard intent for Content…
Copilot Apr 16, 2026
e2f3558
Potential fix for pull request finding 'CodeQL / Type confusion throu…
ar27111994 Apr 16, 2026
aae4aaa
fix: remove redundant type check.
ar27111994 Apr 16, 2026
da788e7
test(forwarding): cover invalid content-length fallback
ar27111994 Apr 16, 2026
314a285
feat: implement strict Content-Length parsing and enhance fallback lo…
ar27111994 Apr 16, 2026
8e16118
test(forwarding): add case for unsafe integer in content-length fallback
ar27111994 Apr 16, 2026
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
176 changes: 93 additions & 83 deletions package-lock.json
View file
Open in desktop

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

10 changes: 5 additions & 5 deletions package.json
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -61,22 +61,22 @@
},
"homepage": "https://github.com/ar27111994/webhook-debugger-logger#readme",
"engines": {
"node": ">=20"
"node": ">=20.19.0"
},
"overrides": {
"basic-ftp": "5.2.2"
},
"devDependencies": {
"@apify/actor-memory-expression": "^0.1.6",
"@eslint/js": "^9.39.2",
"@eslint/js": "^10.0.1",
"@types/compression": "^1.8.1",
Comment thread
ar27111994 marked this conversation as resolved.
"@types/cors": "^2.8.19",
"@types/express": "^5.0.6",
"@types/jest": "^30.0.0",
"@types/node": "^25.0.6",
"@types/supertest": "^6.0.3",
"@types/supertest": "^7.2.0",
"eslint": "^10.0.0",
"eslint-plugin-sonarjs": "^3.0.7",
"eslint-plugin-sonarjs": "^4.0.2",
"eventsource": "^4.1.0",
"globals": "^17.0.0",
"husky": "^9.1.7",
Expand All @@ -85,7 +85,7 @@
"prettier": "^3.8.0",
"supertest": "^7.2.2",
"ts-api-utils": "^2.4.0",
"typescript": "^5.9.3"
"typescript": "^6.0.2"
},
"publishConfig": {
"access": "public",
Expand Down
37 changes: 24 additions & 13 deletions src/services/ForwardingService.js
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -268,20 +268,31 @@ export class ForwardingService {

// 3. Defensive Body Size Check
const MAX_FORWARD_BODY = APP_CONSTS.MAX_ALLOWED_PAYLOAD_SIZE;
let bodySize = 0;
if (req.headers[HTTP_HEADERS.CONTENT_LENGTH]) {
bodySize = parseInt(String(req.headers[HTTP_HEADERS.CONTENT_LENGTH]), 10);
if (Array.isArray(req.body)) {
log.warn(
{ bodyType: "array" },
LOG_MESSAGES.FORWARD_PAYLOAD_TOO_LARGE,
);
return;
}
Comment thread
ar27111994 marked this conversation as resolved.
Outdated
// parseInt on a missing/empty/non-numeric header returns NaN; Number.isFinite
// rejects NaN/Infinity so we fall through to measure the body directly.
const parsedContentLength = parseInt(
String(req.headers[HTTP_HEADERS.CONTENT_LENGTH] ?? ""),
10,
);
let bodySize;
if (Number.isFinite(parsedContentLength)) {
bodySize = parsedContentLength;
Comment thread
ar27111994 marked this conversation as resolved.
Outdated
} else if (Buffer.isBuffer(req.body)) {
bodySize = req.body.length;
Comment thread
ar27111994 marked this conversation as resolved.
Dismissed
} else if (typeof req.body === "string") {
bodySize = Buffer.byteLength(req.body);
} else {
Comment thread
ar27111994 marked this conversation as resolved.
if (Buffer.isBuffer(req.body)) {
bodySize = req.body.length;
} else if (typeof req.body === "string") {
bodySize = Buffer.byteLength(req.body);
} else {
try {
bodySize = Buffer.byteLength(JSON.stringify(req.body));
} catch {
bodySize = 0;
}
try {
bodySize = Buffer.byteLength(JSON.stringify(req.body));
} catch {
bodySize = 0;
}
}

Expand Down
1 change: 1 addition & 0 deletions tests/setup/helpers/constant-discovery.js
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -39,6 +39,7 @@ for (const entry of readdirSync(dir, { withFileTypes: true })) {
} catch (error) {
throw new Error(
`Failed to discover constant modules at ${constsDir}: ${/** @type {Error} */ (error).message}`,
{ cause: error },
);
}
}
Loading
Loading