Deprecate includeSubdomains (lowercase d)

See <https://github.com/helmetjs/hsts/issues/21>.

index.js

@@ -1,8 +1,14 @@
+var deprecate = require('depd')('hsts')
+
 var DEFAULT_MAX_AGE = 180 * 24 * 60 * 60
 
 module.exports = function hsts (options) {
   options = options || {}
 
+  if ('includeSubdomains' in options) {
+    deprecate('The "includeSubdomains" parameter is deprecated. Use "includeSubDomains" (with a capital D) instead.')
+  }
+
   var maxAge = options.maxAge != null ? options.maxAge : DEFAULT_MAX_AGE
   var includeSubDomains = (options.includeSubDomains !== false) && (options.includeSubdomains !== false)
   var setIf = options.hasOwnProperty('setIf') ? options.setIf : alwaysTrue

package.json

@@ -37,5 +37,8 @@
       "beforeEach",
       "it"
     ]
+  },
+  "dependencies": {
+    "depd": "2.0.0"
   }
 }

test/index.js

@@ -95,13 +95,23 @@ describe('hsts', function () {
       .expect('Strict-Transport-Security', 'max-age=15552000')
   })
 
-  it('can disable subdomains with the includeSubdomains option', function () {
-    return request(app({
+  it('can disable subdomains with the includeSubdomains option, but a deprecation warning is shown', function () {
+    // We can remove this test in hsts@3.
+    const deprecationPromise = new Promise(resolve => {
+      process.on('deprecation', (deprecationError) => {
+        assert(deprecationError.message.indexOf('The "includeSubdomains" parameter is deprecated. Use "includeSubDomains" (with a capital D) instead.') !== -1)
+        resolve()
+      })
+    })
+
+    const supertestPromise = request(app({
       includeSubdomains: false
     }))
       .get('/')
       .expect(200)
       .expect('Strict-Transport-Security', 'max-age=15552000')
+
+    return Promise.all([deprecationPromise, supertestPromise])
   })
 
   it('can enable preloading', function () {