Version 10.1.0 of eslint-config-hapi just got published.

This version is covered by your current version range and after updating it in your project the build failed.

As eslint-config-hapi is “only” a devDependency of this project it might not break production or downstream projects, but “only” your build or test tools – preventing new deploys or publishes.

I recommend you give this issue a high priority. I’m sure you can resolve this 💪

Your Greenkeeper Bot 🌴

It seems the library cannot be loaded with module imports on modern browsers.

The purpose would be to allow such imports since JavaScript imports are now available with all major browsers. Including an esm file or adapting existing files in the NPM package to have a default or another export would allow something like the following:

import psl from 'psl';

It would also be nice to be able to import only the desired function:

import {parse} from 'psl';

Version 1.1.23

Steps to reproduce
pls.parse("foo--bar.am")

Expected Behavior
{ error: "Label can't contains two '-'", ... }

Actual Behavior
{ sld: "foo--bar", ... }

var psl = require('psl');

// Parse domain without subdomain
var parsed = psl.parse('resourcehub.in.gov');
console.log(parsed.domain); // we are getting 'in.gov'

Expected output 'resourcehub.in.gov'
Please add 'in.gov' to the list.

psl.isValid("domain.com.")

returns true, but shouldn't.

It would be ideal if we used the atom feed to update to refresh the official list and run new tests. I'm not sure if you would want it to automatically push to the repository or package mangers, but it would be good if the delta between updates was minimized.

This package has had no updates in a year and a half and deprecation warnings are stacking up. It has almost 30 million weekly downloads from NPM. Would appreciate if downstream package maintainers would consider taking over maintenance or forking.

Hello,

some endpoint addresses of AWS services in rules.json differ from the official addresses in the AWS documentation. For example:

# Rules.json
"s3-us-west-1.amazonaws.com"
# AWS Docs
"s3.us-west-1.amazonaws.com"

This is probably a minor issue, but still wanted to let you know.

URLs like www-.test.com are invalid so they return an error and no other info, but it would be good if they returned the parsed information as well as the error

please remove instantcloud.cn in data.json, this website with pornographic content in head

Just stumbled here while looking for a way to parse only the domain name (no subs) from a string. I briefly looked over this (haven't played with it yet), but looks to be exactly what I was looking for... and the list is updateable (I think).

Has anyone turned this into a php as a class or anything? I need to use this in php and would prefer to do so, but if need be I can make this js method work. Just thought I would ask and maybe I haven't seen or found the php equivalent yet.

Punycode.js doesn't implement Nameprep (unicode normalization). idna-uts46, however, does.

parse-domain

Hi,

Trying to use import instead of require for the module, but getting an error. I've tried
import * as psl from 'psl' but to no avail. Any input?

Why does psl think cloudfront.net is a tld? The list at http://data.iana.org/TLD/tlds-alpha-by-domain.txt doesn't indicate it is one.

console.log(psl.parsed('d31qbv1cthcecs.cloudfront.net')
{
  input: 'd31qbv1cthcecs.cloudfront.net',
  tld: 'cloudfront.net',
  sld: 'd31qbv1cthcecs',
  domain: 'd31qbv1cthcecs.cloudfront.net',
  subdomain: null,
  listed: true
}

Is there a similar project for PHP?

Version 1.5.0

Based on the question here: https://stackoverflow.com/a/2183140/6162048 subdomains containing _ can be considered valid.
From there, _jabber._tcp.gmail.com is considered valid. This module however returns LABEL_INVALID_CHARS.

How should we treat cases like that when trying to use this module?

Hello,

psl.isValid('www.co.uk') returns true but probably should not.
Seems like sld: 'www' should not be allowed?
https://jsfiddle.net/L4sv5pw6/2/

Thanks

Example:

> require('psl').get('1.2.3.4')
'3.4'

I think this should return the entire IP and not part of it.

This also does not work with ipv6:

> require('psl').get('2001:0db8:85a3:0000:0000:8a2e:0370:7334')
null

I'm not sure if this is within the scope of this module though. Is this module used to get the domain (in a cookie sense) on which a cookie can be set when given a hostname (domain or ip) or is this module only used to provide the public suffix when given a real domain?

Hi!

Thanks for an awesome package I love it!

I wanted to use it in my dashboard project showing tens of certificates with tens to hundreds alternative domains - turned out the processing is just too slow :(

I also used lodash _.memoize function to tabulate the get method results but I am still on 13 seconds processing time on i7 proc.

I was wondering whether it could be possible to improve the search in the rule database as it seems to be the most expensive part.

It comes to my mind to somehow init the searching structure before use and then just use pre-processed rule database. E.g., the profiler shows Punycode.toASCII is quite expensive - 86.8% of the get processing time in the findRule method:

return internals.rules.reduce(function (memo, rule) {
    var punySuffix = Punycode.toASCII(rule.suffix);  // <--- overhead
    if (!internals.endsWith(punyDomain, '.' + punySuffix) && punyDomain !== punySuffix) {
      return memo;
    }
    // ...
}

The Punycode.toASCII call is called on static rules each time the get is called. PunySuffix could be pre-computed for static rules to optimize batch requests which saves a lot of time. Also the if condition can be swapped to firstly evaluate punyDomain !== punySuffix. If it fails the lazy evaluation skips the endsWith check.

Profiler shows this is the critical path with significant overhead. There are also further improvements possible - e.g., to sort the database / build a suffix tree and reduce O(N) to O(lg(N)) where N is the database size.

My profiller results:

total: 12963 ms
findrule: 12937 ms (99.8%)
findrule -> reduce: 12934 ms (99.8%)
toASCII: 11248 ms (86.8%)

just for illustration, without memoizing 993 domains took 15980 ms.

Pls let me know what you think about this improvement. I could also do a PR later if you let me know how do you like to have it implemented.

Thanks for considering!

Version 1.1.23

Steps to reproduce
psl.parse('test.co.bz')

Expected Behavior
{ domain: "test.co.bz", tld: "co.bz", ... }

Actual Behavior
{ domain: "co.bz", tld: "bz", ... }

The project calls require('punycode'), using the Node punycode module which has been deprecated since v7 (2016). The Node docs now recommend using punycode.js in place of it.

This also means that when this library is used in a project using webpack, webpack must be manually configured to load punycode.js as a replacement for the punycode module because webpack since v5 (2020) no longer defaults to including shims for Node APIs like punycode.

It would be helpful if this library switched to using punycode.js instead of the Node punycode module.

Version 14.3.0 of browserify just got published.

This version is covered by your current version range and after updating it in your project the build failed.

As browserify is “only” a devDependency of this project it might not break production or downstream projects, but “only” your build or test tools – preventing new deploys or publishes.

I recommend you give this issue a high priority. I’m sure you can resolve this 💪

Your Greenkeeper Bot 🌴

npm version : 5.10.0
node version : 8.9.4
phantomjs version : 2.1.1 (binary created from source code)

successfully working on X86 ubuntu.

But facing below issue on Power RHEL while npm test -f:

57 tests completed
48 tests failed

Any lead would be helpful.
Thanks.

I've made some benchmarks and performance of psl is around 2k ops/sec:

psl#isValid x 2,310 ops/sec ±2.00% (92 runs sampled)
psl#parse x 2,428 ops/sec ±0.24% (97 runs sampled)
psl#parse invalid domain x 2,415 ops/sec ±1.56% (94 runs sampled)

by using maps it is possible to increase speed to 300k ops/sec:

psl#isValid x 349,961 ops/sec ±0.48% (95 runs sampled)
psl#parse x 346,816 ops/sec ±0.18% (99 runs sampled)
psl#parse invalid domain x 375,047 ops/sec ±0.16% (96 runs sampled)

Hi,

Unless I'm missing something, are these results erroneous ?

Version: 1.1.23
https://i.imgur.com/950xpqU.png
tested in Chrome 63 and Firefox 58 (Debian)
https://codepen.io/anon/pen/ddRrqo?editors=1010

This line contains invalid unicode:
https://github.com/lupomontero/psl/blob/797ccb41136a75b5737ea1e4d2bdcaad0dac02de/data/rules.json#LL929C3-L929C8

After checking publicsuffix.org, there simply is a diff with the actual code.

Moreover, this issue breaks compatibility with deno, which relies on a stricter punycode implementation in rust (in my case, I rely on psl through crawlee)

Feel free to check (and merge 😁 ) my PR in a second

The devDependency browserify was updated from 16.3.0 to 16.4.0.

🚨 View failing branch.

This version is covered by your current version range and after updating it in your project the build failed.

browserify is a devDependency of this project. It might not break your production code or affect downstream projects, but probably breaks your build or test tools, which may prevent deploying or publishing.

Your Greenkeeper Bot 🌴

Is there an easy way to modify this to work in GAS? GAS does not support require as they have their own module system. I probably do not need the punycode stuff if that makes it more difficult.

psl.parse('testing.com.in')

returns

{ input: 'testing.com.in', tld: 'in', sld: 'com', domain: 'com.in', subdomain: 'testing', listed: true }

I can see com.in in the public suffix list so not sure why this is not returning correctly

The devDependency uglify-js was updated from 3.5.15 to 3.6.0.

🚨 View failing branch.

This version is covered by your current version range and after updating it in your project the build failed.

uglify-js is a devDependency of this project. It might not break your production code or affect downstream projects, but probably breaks your build or test tools, which may prevent deploying or publishing.

Your Greenkeeper Bot 🌴

Hey @lupomontero,

I'm enjoying using psl - thanks for your work on it!

One extra I'd like is the ability to load the rules from an external data file rather than using the internal one. This might just be to track the upstream MPSL more closely, or it would allow you to fork the MPSL and make custom changes for particular applications. Would you be open to this kind of change?

If so, what kind of interface would you like? I've got a prototype in my fork:

https://github.com/gavincarr/psl

that allows you to do e.g. var psl = require('psl').loadData('effective_tld_names.dat'); to synchronously load a (MPSL format, not json) data file at require time.

Thoughts?

sub-domain with github.io results invalid

https://runkit.com/shivashanmugam/5d5a918aeaec0b0014422629

Version 1.8.0

Steps to reproduce
psl.isValid('platform.sh')

Expected Behavior
true

Actual Behavior
false

Why?
platform.sh is not a TLD while .sh is.

also an advantage, if the repository's license is checked by automatic tools

This is only being used in https://github.com/wrangr/psl/blob/master/data/build.js#L9

See #39

Hello. Can you add it.com to the psl? They have come back online. Thx.

psl validates the regular expression /^[a-z0-9-]+$/ and returns 'LABEL_INVALID_CHARS' if not valid.
This is wrong according to rfc 2181 section 11 Name Syntax:

The DNS itself places only one restriction on the particular labels that can be used to identify resource records. That one restriction relates to the length of the label and the full name....Implementations of the DNS protocols must not place any restrictions on the labels that can be used

The validation of LABEL_INVALID_CHARS should be removed

Several files include the term 'master' and 'slave' which is considered to be oppressive language by the IETF:

https://tools.ietf.org/id/draft-knodel-terminology-00.html

When I try to do the below I receive "null" value inside domain key

const domain = psl.parse(window.location.host);

Hi! Just wondering if there's any interest in implementing a function along the lines of isCookieDomainAcceptable() from libpsl: https://rockdaboot.github.io/libpsl/libpsl-Public-Suffix-List-functions.html#psl-is-cookie-domain-acceptable

This might be useful for cookie handling libraries that currently have to call psl.get() and implement their own logic around checking for cookie validity. I understand if this library wants to remain small, but I noticed this useful function in libpsl and wondered if there was interest in including it in the JS counterpart.

Hi @lupomontero ,
I'm a member of cdnjs team and we want to host this library.
I found that the files published on NPM are different from GitHub repository.
Files on NPM looks like as follow:

.
├── data
│   └── rules.json
├── index.js
├── karma.conf.js
├── package.json
└── README.md

I think it's better to get main files from GitHub. Or will the files under dist folder be published on NPM in the future? This will affect our decision using git or npm auto-update config.
Thank you.

cdnjs/cdnjs#8942

The dependency event-stream version 3.3.6 contains a backdoor via a library it uses, flatmap-stream. The linked issue explains the situation.

Since package.json specifies "event-stream": "^3.3.4",, it was possible to pull in the back door if you updated psl's dependencies during the period of time that event-stream 3.3.6 was available.

One fix would be to lock event-stream to exactly 3.3.4.

I'm pretty new to Electron/electron-packager/package.json so I don't know enough about its bowels to know what's going on exactly, but somehow when I package an Electron app up that uses psl, it'll copy over index.js and the other files, but the data folder gets lots in the process and I have to manually copy it over for everything to work. If I do then everything is roses, but if not then obviously index.js will fail when it tries to require the json file.

If anyone has a specific pointer for how to address this, I'd be happy to try to take it on. I'm assuming it has something to do with the package.json file not properly referencing the required folder, but I don't actually know that. It's also possible electron-packager is ignoring subdirectories, in which case sorry to waste your time, I just know that in a collection of 100+ node_modules this is the only one that's failing for me.

Thanks for your help!

Using punycode is deprecated in Node v21. See documentation https://nodejs.org/api/punycode.html. Maybe try replacing with NPM Package punycode

punycode is used here:

Fix:

1. npm i punycode
2. change from require("punycode") to require("punycode/")

AnWeber/httpyac#577

Issue exists where overlapping suffixes aren't handled correctly, and state URL as invalid.

For example:
gov.uk - valid URL since "gov" is the sld, and ".uk" is the tld. However, this incorrectly states the URL is invalid, since "gov.uk" is also a tld in its own right (e.g. "data.gov.uk", where "data" is the sld and "gov.uk" is the tld).

Same goes for other overlapping tlds, such as github.io.

Here is the error:

./node_modules/.bin/tslint -p tsconfig.json
src/helpers/custom-domains.ts:5:22 - error TS2307: Cannot find module 'psl'.

5 import * as psl from 'psl';
                       ~~~~~

npm ERR! code ELIFECYCLE
npm ERR! errno 2
npm ERR! [email protected] build: `yarn run lint && ./node_modules/.bin/tsc`
npm ERR! Exit status 2
npm ERR! 
npm ERR! Failed at the [email protected] build script.
npm ERR! This is probably not a problem with npm. There is likely additional logging output above.

npm ERR! A complete log of this run can be found in:
npm ERR!     /home/X/.npm/_logs/2018-08-03T13_56_09_536Z-debug.log

Error: functions predeploy error: Command terminated with non-zero exit code2
error Command failed with exit code 1.

Simply forcing version 1.1.28 of psl fixes the issue.

Steps to reproduce:

const parsed = psl.parse('health-check-tool-2-api-izeboapi4q-nn.a.run.app')
console.log(parsed.domain)

expected:
run.app

actual:
health-check-tool-2-api-izeboapi4q-nn.a.run.app

version:
"psl": "^1.9.0",

p.s app.run is the default google cloud run domain

from examples on readme

// Parse domain with nested subdomains
var parsed = psl.parse('a.b.c.d.foo.com');
console.log(parsed.tld); // 'com'
console.log(parsed.sld); // 'foo'
console.log(parsed.domain); // 'foo.com'
console.log(parsed.subdomain); // 'a.b.c.d'

Also added a request publicsuffix/list#1710

While com is public, pepsi is private and not mentioned in the public list.