@mikro-orm/core - npm Package Compare versions

Comparing version 7.1.4-dev.0 to 7.1.4-dev.1

package.json

 {
   "name": "@mikro-orm/core",
-  "version": "7.1.4-dev.0",
+  "version": "7.1.4-dev.1",
   "description": "TypeScript ORM for Node.js based on Data Mapper, Unit of Work and Identity Map patterns. Supports MongoDB, MySQL, PostgreSQL and SQLite databases as well as usage with vanilla JavaScript.",
@@ -5,0 +5,0 @@ "keywords": [

utils/EntityComparator.js

@@ -396,3 +396,21 @@ import { clone } from './clone.js';
         }
-        lines.push(`  for (let k in result) { if (Object.hasOwn(result, k) && !mapped[k] && ret[k] === undefined) ret[k] = result[k]; }`);
+        // pass through any unmapped columns (e.g. extra selections or virtual props). for embeddables we restrict
+        // this to declared keys, otherwise JSON keys not part of the schema leak into the original data while
+        // hydration drops them from the entity, diverging the snapshot and triggering spurious updates.
+        let knownKeysGuard = '';
+        if (meta.embeddable) {
+            const knownKeys = new Set();
+            for (const m of meta.polymorphs?.length ? meta.polymorphs : [meta]) {
+                for (const prop of m.props) {
+                    knownKeys.add(prop.name);
+                    if (prop.embedded) {
+                        knownKeys.add(prop.embedded[1]);
+                    }
+                    prop.fieldNames?.forEach(field => knownKeys.add(field));
+                }
+            }
+            context.set('knownKeys', knownKeys);
+            knownKeysGuard = ' && knownKeys.has(k)';
+        }
+        lines.push(`  for (let k in result) { if (Object.hasOwn(result, k) && !mapped[k] && ret[k] === undefined${knownKeysGuard}) ret[k] = result[k]; }`);
         const code = `// compiled mapper for entity ${meta.className}\n` +
@@ -399,0 +417,0 @@ `return function(result) {\n  const ret = {};\n${lines.join('\n')}\n  return ret;\n}`;

utils/Utils.js

@@ -144,3 +144,3 @@ import { clone } from './clone.js';
     static PK_SEPARATOR = '~~~';
-    static #ORM_VERSION = '7.1.4-dev.0';
+    static #ORM_VERSION = '7.1.4-dev.1';
     /**
@@ -147,0 +147,0 @@ * Checks if the argument is instance of `Object`. Returns false for arrays.

New alerts

AI-detected potential code anomaly

Supply chain risk

AI has identified unusual behaviors that may pose a security risk.

Found 1 instance in 1 package

Fixed alerts

AI-detected potential code anomaly

Supply chain risk

AI has identified unusual behaviors that may pose a security risk.

Found 1 instance in 1 package

Improved metrics

Total package byte prevSize

1561050

0.07%

Lines of code

33446

0.06%

No dependency changes