Fixes an issue with module hanging and failing to return any error when a corrupted private key was supplied. Now returns an error that the module was unable to parse the private key.
Minor bug fix release
Fix two minor bugs
Sometimes, when initialisation of sftp sub-system failed, the module would attempt to call sftp.end(), which would fail with an undefined reference error
When calling the get() method and supplying a destination stream for the data, if the soruce file did not exist on the remote server, the destination stream was not closed and could result in a resource leak.
Minor bug fixes
A couple of fairly minor changes to address some edge case issues
DOn't throw error or reject promise if end() method called when there is no active sftp connection. If end() is called and there is no active connection, just turn into a noop. Better to call end() when not needed than miss calling it because it might cause an error in some scenarios.
Don't throw exception or reject a promise when an 'unexpected' end or close event is seen. Logic for determining when a close or end event was 'unexpected' was not reliable enough. Besides, trying to identify unexpected close/end signals didn't really add any value. Now if a close or end signal occurs which was not 'expected', we will just log it. We do invalidate the sftp connection whenever we see an end/close event regardless.
Now use nullish coalescing instead of or'iing to set the various params for retry configuration. Previously, using or'ing meant you couldn't set a param to 0. Using ?? now allows this.
Made some minor changes to when the flags used to track event handling are reset. Previously, they were reset after temporary listeners were removed. We now do the reset after new temporary listeners are added.
None of the above changes are API breaking (for v9). Should be able to upgrade from any previous 9.x version with no issue.
Minor bug fix version
The get() method was not always returning a buffer when no destination argument was supplied due to a race condition between concat-stream and readStream finish event. When triggered, get() would return the concat-stream object instead of the buffer object it contains.
Major Release - New methods, API updates
This is a major new version which includes both new methods and API changes as well as some code cleanup and refactoring to improve performance.
API Changes
list() method now accepts a filter function instead of a regular expression to filter the list of items returned.
Ability to set autoClose in options passed into get() and put() methods has been removed. Tis option caused confusion for developers and made the logic overly complicated for rare use cases. You can not just use the new createReadStream() and createWriteStream() when you want low level control.
Ability to set 'end' property in pipe() operations used by get() and put() methods has been removed because it complicated the logic of get() and put() methods when only useful for a very small number of edge cases. Use getReadStream and getWriteStream and manage pipe() manually should you require this type of low level control
The 3rd argument to uploadDir() and downloadDir() methods has been changed. Previously, this argument was a filter function. It is now an object which can have properties of 'filter', to supply a filter function and useFastGet/useFastPut, a boolean used to tell the method to use the potentially faster fastGet() or fastPut() method to transfer data.
New Methods
createReadStream(): returns a read stream connected to a remote file on the sftp server
createWriteStream(): returns a write stream connected to a remote file on the sftp server
rcopy(): create a remote copy of a remote file on the sftp server
Other Changes
downloadDi()/uploadDir() now uses asynchronous calls to transfer files to help improve speed
The retry code used to retry making a connection after initial failure has been refactored and improved to more reliably handle retry options.
Management of temporary event listeners has been refactored to make management of event listeners when using internal calls to various methods more efficient.
Although not benchmarked, the performance of this version appears to be significantly better than previous versions. Running the test suite completes much faster, despite quite a new new tests being added for the new methods.
Minor update
Add longname property to description of each file in list() call
Change rmdir() to only do asynchronous processes on file deletion. Directory deletion done synchronously.
Fix issue with connect promise not handling corrupted private keys in a clean
way. Previously, the promise would not resolve and no error would be reported.
** v9.0.3
Fix issue with end() method test for active sftp connection. Previous test was
incorrect and could result in trying to call end() when there was no sftp subsystem
initialised.
Fix bug associated with closing destination stream in get() calls. When using the
get() method and supplying a destination stream, if the remote file did not exist, the
stream was not closed. This could cause a FD resource leak.
** v9.0.2
Change default close and end listeners so that they no longer throw/reject when
an unexpected end or close event is seen. Defining expected and unexpected was not
reliable and was not adding sufficient value to keep the concept.
Update to use nullish coalescing instead of or'ing. Allows setting values to 0
without them being overridden by default value.
Change when event handled flags are reset. Now reset them after adding new set of
listeners.
Don't raise error/reject when calling end() method if there is no active connection.
** v9.0.1
Minor bug fix. The get() method was not always returning a buffer object
when it was supposed to due to a race condition between concat-stream and
the reader finish event. Instead of returning the buffer, get() was
returning the concat-stream object.
** v9.0.0
New method: rcopy() to perfrom remote file copy
API Change: The list() method now accepts a filter function instead of a
regular expression.
API Change: The ability to set autoClose to false on read/write streams in
calls to get() and put() has been removed. This ability caused confusion for
developers and caused significant complication which was hard to justify. If
you need low level control over read and write streams, you can now use the
createReadStream() and createWriteStream() methods.
API Change: The ability to set the 'end' property for pipe() has been
removed in get() and put() methods. This option caused problems in many use
cases and was often confusing for developers. If you want low level control
over pip() operations, use the createReadStream() and createWriteStream()
methods and manage the pip() operation within client code.
API Change: The 3rd argument to uploadDir() and downloadDir() has been
Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.
Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
You can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/byte-pushers/bp-web/network/alerts).
Bumps ssh2 to 1.11.0 and updates ancestor dependency ssh2-sftp-client. These dependencies need to be updated together.
Updates
ssh2
from 0.8.9 to 1.11.0Commits
fb1aa6f
package: bump version to v1.11.0d1ebd71
package: bump eslint-config dev dependency versionf7c9f6d
package: bump nan dependency versiona95767c
package: bump version to v1.10.07786197
SFTP: drain buffer if channel opened with empty windowefc0f32
ci: add node v18.xdad6247
crypto: work around deprecated OpenSSL APIsb0fe169
crypto: ignore useless gcc warnings326b5d3
SFTP: rename closed status propertybd4c41a
SFTP: fix read() callback buffer argumentUpdates
ssh2-sftp-client
from 6.0.1 to 9.0.4Release notes
Sourced from ssh2-sftp-client's releases.
... (truncated)
Changelog
Sourced from ssh2-sftp-client's changelog.
... (truncated)
Commits
782ea8a
Clean up documentationa42f812
Prepare 9.0.4 release00eaf2b
Updates tests using private keys8a38641
Add missing try/catch in getConnection()80ea7de
Preparing 9.0.3 release1d4bd73
Fix closing of destination stream in get() calls681d06b
Merge pull request #425 from AndrewLane/patch-24ef5bf2
Fix bug in end() methodca7da22
Bump some dev dependencies55d2703
Typo fix on list function documentationDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting
@dependabot rebase
.Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) You can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/byte-pushers/bp-web/network/alerts).