@aws-sdk/util-endpoints
Advanced tools
Comparing version 3.201.0 to 3.202.0
@@ -6,2 +6,13 @@ # Change Log | ||
# [3.202.0](https://github.com/aws/aws-sdk-js-v3/compare/v3.201.0...v3.202.0) (2022-11-02) | ||
### Bug Fixes | ||
* **util-endpoints:** evaluateTemplate implementation without RegExp/Function ([#4136](https://github.com/aws/aws-sdk-js-v3/issues/4136)) ([5c8a6fb](https://github.com/aws/aws-sdk-js-v3/commit/5c8a6fbe34267337b14774b8e47e9d584a29ecd4)) | ||
# [3.201.0](https://github.com/aws/aws-sdk-js-v3/compare/v3.200.0...v3.201.0) (2022-11-01) | ||
@@ -8,0 +19,0 @@ |
@@ -5,7 +5,4 @@ "use strict"; | ||
const lib_1 = require("../lib"); | ||
const ATTR_SHORTHAND_REGEX = new RegExp("\\${([\\w]+)#([\\w]+)}", "g"); | ||
const evaluateTemplate = (template, options) => { | ||
const templateToEvaluate = template | ||
.replace(new RegExp(`\{([^{}]+)\}`, "g"), "${$1}") | ||
.replace(new RegExp(`\{\\$\{([^{}]+)\}\}`, "g"), "{$1}"); | ||
const evaluatedTemplateArr = []; | ||
const templateContext = { | ||
@@ -15,16 +12,31 @@ ...options.endpointParams, | ||
}; | ||
const attrShortHandList = templateToEvaluate.match(ATTR_SHORTHAND_REGEX) || []; | ||
const attrShortHandMap = attrShortHandList.reduce((acc, attrShortHand) => { | ||
const indexOfHash = attrShortHand.indexOf("#"); | ||
const refName = attrShortHand.substring(2, indexOfHash); | ||
const attrName = attrShortHand.substring(indexOfHash + 1, attrShortHand.length - 1); | ||
acc[attrShortHand] = (0, lib_1.getAttr)(templateContext[refName], attrName); | ||
return acc; | ||
}, {}); | ||
const templateWithAttr = Object.entries(attrShortHandMap).reduce((acc, [shortHand, value]) => acc.replace(shortHand, value), templateToEvaluate); | ||
const templateContextNames = Object.keys(templateContext); | ||
const templateContextValues = Object.values(templateContext); | ||
const templateWithTildeEscaped = templateWithAttr.replace(/\`/g, "\\`"); | ||
return new Function(...templateContextNames, `return \`${templateWithTildeEscaped}\``)(...templateContextValues); | ||
let currentIndex = 0; | ||
while (currentIndex < template.length) { | ||
const openingBraceIndex = template.indexOf("{", currentIndex); | ||
if (openingBraceIndex === -1) { | ||
evaluatedTemplateArr.push(template.slice(currentIndex)); | ||
break; | ||
} | ||
evaluatedTemplateArr.push(template.slice(currentIndex, openingBraceIndex)); | ||
const closingBraceIndex = template.indexOf("}", openingBraceIndex); | ||
if (closingBraceIndex === -1) { | ||
evaluatedTemplateArr.push(template.slice(openingBraceIndex)); | ||
break; | ||
} | ||
if (template[openingBraceIndex + 1] === "{" && template[closingBraceIndex + 1] === "}") { | ||
evaluatedTemplateArr.push(template.slice(openingBraceIndex + 1, closingBraceIndex)); | ||
currentIndex = closingBraceIndex + 2; | ||
} | ||
const parameterName = template.substring(openingBraceIndex + 1, closingBraceIndex); | ||
if (parameterName.includes("#")) { | ||
const [refName, attrName] = parameterName.split("#"); | ||
evaluatedTemplateArr.push((0, lib_1.getAttr)(templateContext[refName], attrName)); | ||
} | ||
else { | ||
evaluatedTemplateArr.push(templateContext[parameterName]); | ||
} | ||
currentIndex = closingBraceIndex + 1; | ||
} | ||
return evaluatedTemplateArr.join(""); | ||
}; | ||
exports.evaluateTemplate = evaluateTemplate; |
import { getAttr } from "../lib"; | ||
const ATTR_SHORTHAND_REGEX = new RegExp("\\${([\\w]+)#([\\w]+)}", "g"); | ||
export const evaluateTemplate = (template, options) => { | ||
const templateToEvaluate = template | ||
.replace(new RegExp(`\{([^{}]+)\}`, "g"), "${$1}") | ||
.replace(new RegExp(`\{\\$\{([^{}]+)\}\}`, "g"), "{$1}"); | ||
const evaluatedTemplateArr = []; | ||
const templateContext = { | ||
@@ -11,15 +8,30 @@ ...options.endpointParams, | ||
}; | ||
const attrShortHandList = templateToEvaluate.match(ATTR_SHORTHAND_REGEX) || []; | ||
const attrShortHandMap = attrShortHandList.reduce((acc, attrShortHand) => { | ||
const indexOfHash = attrShortHand.indexOf("#"); | ||
const refName = attrShortHand.substring(2, indexOfHash); | ||
const attrName = attrShortHand.substring(indexOfHash + 1, attrShortHand.length - 1); | ||
acc[attrShortHand] = getAttr(templateContext[refName], attrName); | ||
return acc; | ||
}, {}); | ||
const templateWithAttr = Object.entries(attrShortHandMap).reduce((acc, [shortHand, value]) => acc.replace(shortHand, value), templateToEvaluate); | ||
const templateContextNames = Object.keys(templateContext); | ||
const templateContextValues = Object.values(templateContext); | ||
const templateWithTildeEscaped = templateWithAttr.replace(/\`/g, "\\`"); | ||
return new Function(...templateContextNames, `return \`${templateWithTildeEscaped}\``)(...templateContextValues); | ||
let currentIndex = 0; | ||
while (currentIndex < template.length) { | ||
const openingBraceIndex = template.indexOf("{", currentIndex); | ||
if (openingBraceIndex === -1) { | ||
evaluatedTemplateArr.push(template.slice(currentIndex)); | ||
break; | ||
} | ||
evaluatedTemplateArr.push(template.slice(currentIndex, openingBraceIndex)); | ||
const closingBraceIndex = template.indexOf("}", openingBraceIndex); | ||
if (closingBraceIndex === -1) { | ||
evaluatedTemplateArr.push(template.slice(openingBraceIndex)); | ||
break; | ||
} | ||
if (template[openingBraceIndex + 1] === "{" && template[closingBraceIndex + 1] === "}") { | ||
evaluatedTemplateArr.push(template.slice(openingBraceIndex + 1, closingBraceIndex)); | ||
currentIndex = closingBraceIndex + 2; | ||
} | ||
const parameterName = template.substring(openingBraceIndex + 1, closingBraceIndex); | ||
if (parameterName.includes("#")) { | ||
const [refName, attrName] = parameterName.split("#"); | ||
evaluatedTemplateArr.push(getAttr(templateContext[refName], attrName)); | ||
} | ||
else { | ||
evaluatedTemplateArr.push(templateContext[parameterName]); | ||
} | ||
currentIndex = closingBraceIndex + 1; | ||
} | ||
return evaluatedTemplateArr.join(""); | ||
}; |
@@ -6,2 +6,2 @@ import { EvaluateOptions, Expression } from "../types"; | ||
options: EvaluateOptions | ||
) => any; | ||
) => import("../types").FunctionReturn; |
@@ -5,2 +5,2 @@ import { EvaluateOptions } from "../types"; | ||
options: EvaluateOptions | ||
) => any; | ||
) => string; |
import { EvaluateOptions, Expression } from "../types"; | ||
export declare const evaluateExpression: (obj: Expression, keyName: string, options: EvaluateOptions) => any; | ||
export declare const evaluateExpression: (obj: Expression, keyName: string, options: EvaluateOptions) => import("../types").FunctionReturn; |
import { EvaluateOptions } from "../types"; | ||
export declare const evaluateTemplate: (template: string, options: EvaluateOptions) => any; | ||
export declare const evaluateTemplate: (template: string, options: EvaluateOptions) => string; |
{ | ||
"name": "@aws-sdk/util-endpoints", | ||
"version": "3.201.0", | ||
"version": "3.202.0", | ||
"description": "Utilities to help with endpoint resolution", | ||
@@ -5,0 +5,0 @@ "main": "./dist-cjs/index.js", |
Uses eval
Supply chain riskPackage uses eval() which is a dangerous function. This prevents the code from running in certain environments and increases the risk that the code may contain exploits or malicious behavior.
Found 1 instance in 1 package
92967
1881
0