node.js 弃用警告:当我将脚本移动到另一台服务器时,由于安全和可用性问题,不推荐使用 Buffer()
声明:本页面是StackOverFlow热门问题的中英对照翻译,遵循CC BY-SA 4.0协议,如果您需要使用它,必须同样遵循CC BY-SA许可,注明原文地址和作者信息,同时你必须将它归于原作者(不是我):StackOverFlow
原文地址: http://stackoverflow.com/questions/52165333/
Warning: these are provided under cc-by-sa 4.0 license. You are free to use/share it, But you must attribute it to the original authors (not me):
StackOverFlow
DeprecationWarning: Buffer() is deprecated due to security and usability issues when i move my script to another server
提问by Devendra Chauhan
Getting error when script move to other server.
脚本移动到其他服务器时出错。
(node:15707) [DEP0005] DeprecationWarning: Buffer() is deprecated due to security and usability issues. Please use the Buffer.alloc(), Buffer.allocUnsafe(), or Buffer.from() methods instead.
(节点:15707)[DEP0005] 弃用警告:由于安全和可用性问题,不推荐使用 Buffer()。请改用 Buffer.alloc()、Buffer.allocUnsafe() 或 Buffer.from() 方法。
Current Versions:
当前版本:
Ubuntu 16.04.4 LTS
Node - v10.9.0
NPM - 6.2.0
Previous Version:
上一版本:
Ubuntu 14.04.3 LTS
NPM - 3.10.10
Node - v6.10.3
exports.basicAuthentication = function (req, res, next) {
console.log("basicAuthentication");
if (!req.headers.authorization) {
return res.status(401).send({
message: "Unauthorised access"
});
}
var auth = req.headers.authorization;
var baseAuth = auth.replace("Basic", "");
baseAuth = baseAuth.trim();
var userPasswordString = new Buffer(baseAuth, 'base64').toString('ascii');
var credentials = userPasswordString.split(':');
var username = credentials[0] !== undefined ? credentials[0] : '';
var password = credentials[1] !== undefined ? credentials[1] : '';
var userQuery = {mobilenumber: username, otp: password};
console.log(userQuery);
User.findOne(userQuery).exec(function (err, userinfo) {
if (err || !userinfo) {
return res.status(401).send({
message: "Unauthorised access"
});
} else {
req.user = userinfo;
next();
}
});
}
回答by Nebojsa Sapic
new Buffer(number) // Old
Buffer.alloc(number) // New
new Buffer(string) // Old
Buffer.from(string) // New
new Buffer(string, encoding) // Old
Buffer.from(string, encoding) // New
new Buffer(...arguments) // Old
Buffer.from(...arguments) // New
Notethat Buffer.alloc() is also faster on the current Node.js versions than new Buffer(size).fill(0), which is what you would otherwise need to ensure zero-filling.
请注意,Buffer.alloc() 在当前 Node.js 版本上也比 new Buffer(size).fill(0) 更快,否则您需要确保零填充。
回答by iLuvLogix
The use of the deprecated new Buffer()constructor (i.E. as used by Yarn) can cause deprecation warnings. Therefore one should NOT use the deprecated/unsafe Buffer constructor.
使用已弃用的new Buffer()构造函数(即 Yarn 使用的即)可能会导致弃用警告。因此,不应使用已弃用/不安全的 Buffer 构造函数。
According to the deprecation warning new Buffer()should be replaced with one of:
根据弃用警告new Buffer()应替换为以下之一:
Buffer.alloc()Buffer.allocUnsafe()orBuffer.from()
Buffer.alloc()Buffer.allocUnsafe()或者Buffer.from()
Another option in order to avoid this issue would be using the safe-buffer package instead.
为了避免这个问题,另一种选择是使用安全缓冲包。
You can also try (when using yarn..):
您也可以尝试(使用纱线时..):
yarn global add yarn
as mentioned here: Link
正如这里提到的:链接
Another suggestion from the comments (thx to gkiely): self-update
评论中的另一个建议(感谢 gkiely):自我更新
Note: self-update is not available. See policiesfor enforcing versions within a project
注意:自我更新不可用。查看在项目中强制执行版本的政策
In order to update your version of Yarn, run
为了更新你的 Yarn 版本,运行
curl --compressed -o- -L https://yarnpkg.com/install.sh | bash
