@endo/eventual-send - npm Package Compare versions

Comparing version 0.17.0 to 0.17.1

package.json

 {
   "name": "@endo/eventual-send",
-  "version": "0.17.0",
+  "version": "0.17.1",
   "description": "Extend a Promise class to implement the eventual-send API",
@@ -33,4 +33,4 @@ "type": "module",
   "devDependencies": {
-    "@endo/lockdown": "^0.1.26",
-    "@endo/ses-ava": "^0.2.38",
+    "@endo/lockdown": "^0.1.27",
+    "@endo/ses-ava": "^0.2.39",
     "ava": "^5.2.0",
@@ -53,10 +53,5 @@ "c8": "^7.7.3",
     "extends": [
-      "@endo"
+      "plugin:@endo/internal"
     ]
   },
-  "prettier": {
-    "arrowParens": "avoid",
-    "trailingComma": "all",
-    "singleQuote": true
-  },
   "publishConfig": {
@@ -71,3 +66,3 @@ "access": "public"
   },
-  "gitHead": "0053227a37ee76ee8a3dce6059dd55140ed0ce6d"
+  "gitHead": "8141f58debaec420cbc2a7cb698e888566d430ba"
 }

src/handled-promise.js

@@ -511,3 +511,3 @@ /// <reference types="ses" />
         try {
-          resolve(trackedDoDispatch(handlerName, handler, o));
+          resolve(harden(trackedDoDispatch(handlerName, handler, o)));
         } catch (reason) {
@@ -514,0 +514,0 @@ reject(harden(reason));

src/index.test-d.ts

@@ -1,2 +0,2 @@
-/* eslint-disable @endo/no-polymorphic-call, import/no-extraneous-dependencies, no-restricted-globals, prettier/prettier */
+/* eslint-disable @endo/no-polymorphic-call, import/no-extraneous-dependencies, no-restricted-globals */
 import { expectType } from 'tsd';
@@ -8,3 +8,3 @@ import { E } from '../test/get-hp.js';
   Primary,
-  Local = DataOnly<Primary>
+  Local = DataOnly<Primary>,
 > = import('@endo/eventual-send').FarRef<Primary, Local>;
@@ -11,0 +11,0 @@

src/track-turns.js

 /* global globalThis */
 // @ts-nocheck
 
+const { freeze } = Object;
+
 // NOTE: We can't import these because they're not in scope before lockdown.
@@ -25,8 +27,15 @@ // import { assert, details as X, Fail } from '@agoric/assert';
 
-// Track-turns is disabled by default and can be enabled by an environment
-// option. We intend to change the default after verifying that having
-// the feature enabled in production does not cause memory to leak.
-const ENABLED = env.TRACK_TURNS === 'enabled';
+const validOptionValues = freeze([undefined, 'enabled', 'disabled']);
 
-// We hoist these functions out of trackTurns() to discourage the
+// Track-turns is enabled by default and can be disabled by an environment
+// option.
+const envOptionValue = env.TRACK_TURNS;
+if (!validOptionValues.includes(envOptionValue)) {
+  throw new TypeError(
+    `unrecognized TRACK_TURNS ${JSON.stringify(envOptionValue)}`,
+  );
+}
+const ENABLED = (envOptionValue || 'disabled') === 'enabled';
+
+// We hoist the following functions out of trackTurns() to discourage the
 // closures from holding onto 'args' or 'func' longer than necessary,
@@ -70,3 +79,3 @@ // which we've seen cause HandledPromise arguments to be retained for
       Promise.resolve(result).catch(addRejectionNote(detailsNote));
-      return harden(result);
+      return result;
     } finally {
@@ -73,0 +82,0 @@ hiddenPriorError = undefined;

Fixed alerts

New author

Supply chain risk

A new npm collaborator published a version of the package for the first time. New collaborators are usually benign additions to a project, but do indicate a change to the security surface area of a package.

Found 1 instance in 1 package

Improved metrics

Total package byte prevSize

63503

increased by0.12%

Lines of code

1256

increased by0.56%

Number of medium supply chain risk alerts

0

decreased by-100%

No dependency changes