@poppinss/utils
Advanced tools
Comparing version 2.5.0 to 2.5.1
@@ -5,2 +5,4 @@ export { base64 } from './src/base64'; | ||
export { safeEqual } from './src/safeEqual'; | ||
export { safeParse } from './src/safeParse'; | ||
export { safeStringify } from './src/safeStringify'; | ||
export { fsReadAll } from './src/fsReadAll'; | ||
@@ -7,0 +9,0 @@ export { requireAll } from './src/requireAll'; |
@@ -38,2 +38,6 @@ "use strict"; | ||
Object.defineProperty(exports, "safeEqual", { enumerable: true, get: function () { return safeEqual_1.safeEqual; } }); | ||
var safeParse_1 = require("./src/safeParse"); | ||
Object.defineProperty(exports, "safeParse", { enumerable: true, get: function () { return safeParse_1.safeParse; } }); | ||
var safeStringify_1 = require("./src/safeStringify"); | ||
Object.defineProperty(exports, "safeStringify", { enumerable: true, get: function () { return safeStringify_1.safeStringify; } }); | ||
var fsReadAll_1 = require("./src/fsReadAll"); | ||
@@ -40,0 +44,0 @@ Object.defineProperty(exports, "fsReadAll", { enumerable: true, get: function () { return fsReadAll_1.fsReadAll; } }); |
@@ -1,2 +0,5 @@ | ||
import destr from 'destr'; | ||
export { destr as safeParse }; | ||
/** | ||
* Copied directly from https://github.com/nuxt-contrib/destr/blob/master/src/index.ts but | ||
* instead raises the malformed JSON exceptions over swallowing them | ||
*/ | ||
export declare function safeParse(val: string, reviver?: (this: any, key: string, value: any) => any): any; |
@@ -10,8 +10,34 @@ "use strict"; | ||
*/ | ||
var __importDefault = (this && this.__importDefault) || function (mod) { | ||
return (mod && mod.__esModule) ? mod : { "default": mod }; | ||
}; | ||
Object.defineProperty(exports, "__esModule", { value: true }); | ||
exports.safeParse = void 0; | ||
const destr_1 = __importDefault(require("destr")); | ||
exports.safeParse = destr_1.default; | ||
// https://github.com/fastify/secure-json-parse | ||
// https://github.com/hapijs/bourne | ||
const suspectProtoRx = /"(?:_|\\u005[Ff])(?:_|\\u005[Ff])(?:p|\\u0070)(?:r|\\u0072)(?:o|\\u006[Ff])(?:t|\\u0074)(?:o|\\u006[Ff])(?:_|\\u005[Ff])(?:_|\\u005[Ff])"\s*:/; | ||
const suspectConstructorRx = /"(?:c|\\u0063)(?:o|\\u006[Ff])(?:n|\\u006[Ee])(?:s|\\u0073)(?:t|\\u0074)(?:r|\\u0072)(?:u|\\u0075)(?:c|\\u0063)(?:t|\\u0074)(?:o|\\u006[Ff])(?:r|\\u0072)"\s*:/; | ||
const JsonSigRx = /^["{[]|^-?[0-9][0-9.]*$/; | ||
function jsonParseTransform(key, value, reviver) { | ||
if (key === '__proto__' || key === 'constructor') { | ||
return; | ||
} | ||
return reviver ? reviver(key, value) : value; | ||
} | ||
/** | ||
* Copied directly from https://github.com/nuxt-contrib/destr/blob/master/src/index.ts but | ||
* instead raises the malformed JSON exceptions over swallowing them | ||
*/ | ||
function safeParse(val, reviver) { | ||
if (typeof val !== 'string') { | ||
return val; | ||
} | ||
if (val === 'null') { | ||
return null; | ||
} | ||
if (!JsonSigRx.test(val)) { | ||
return val; | ||
} | ||
if (suspectProtoRx.test(val) || suspectConstructorRx.test(val)) { | ||
return JSON.parse(val, (key, value) => jsonParseTransform(key, value, reviver)); | ||
} | ||
return JSON.parse(val, reviver); | ||
} | ||
exports.safeParse = safeParse; |
{ | ||
"name": "@poppinss/utils", | ||
"version": "2.5.0", | ||
"version": "2.5.1", | ||
"description": "Handy utilities for repetitive work", | ||
@@ -81,3 +81,2 @@ "main": "build/index.js", | ||
"buffer-alloc": "^1.2.0", | ||
"destr": "^1.0.0", | ||
"fast-safe-stringify": "^2.0.7", | ||
@@ -84,0 +83,0 @@ "fs-readdir-recursive": "^1.1.0", |
License Policy Violation
LicenseThis package is not allowed per your license policy. Review the package's license to ensure compliance.
Found 1 instance in 1 package
License Policy Violation
LicenseThis package is not allowed per your license policy. Review the package's license to ensure compliance.
Found 1 instance in 1 package
67399
6
966
- Removeddestr@^1.0.0
- Removeddestr@1.2.2(transitive)