Huge News!Announcing our $40M Series B led by Abstract Ventures.Learn More
Socket
Sign inDemoInstall
Socket

@poppinss/utils

Package Overview
Dependencies
Maintainers
1
Versions
89
Alerts
File Explorer

Advanced tools

Socket logo

Install Socket

Detect and block malicious and high-risk dependencies

Install

@poppinss/utils - npm Package Compare versions

Comparing version 2.5.0 to 2.5.1

2

build/index.d.ts

@@ -5,2 +5,4 @@ export { base64 } from './src/base64';

export { safeEqual } from './src/safeEqual';
export { safeParse } from './src/safeParse';
export { safeStringify } from './src/safeStringify';
export { fsReadAll } from './src/fsReadAll';

@@ -7,0 +9,0 @@ export { requireAll } from './src/requireAll';

@@ -38,2 +38,6 @@ "use strict";

Object.defineProperty(exports, "safeEqual", { enumerable: true, get: function () { return safeEqual_1.safeEqual; } });
var safeParse_1 = require("./src/safeParse");
Object.defineProperty(exports, "safeParse", { enumerable: true, get: function () { return safeParse_1.safeParse; } });
var safeStringify_1 = require("./src/safeStringify");
Object.defineProperty(exports, "safeStringify", { enumerable: true, get: function () { return safeStringify_1.safeStringify; } });
var fsReadAll_1 = require("./src/fsReadAll");

@@ -40,0 +44,0 @@ Object.defineProperty(exports, "fsReadAll", { enumerable: true, get: function () { return fsReadAll_1.fsReadAll; } });

7

build/src/safeParse.d.ts

@@ -1,2 +0,5 @@

import destr from 'destr';
export { destr as safeParse };
/**
* Copied directly from https://github.com/nuxt-contrib/destr/blob/master/src/index.ts but
* instead raises the malformed JSON exceptions over swallowing them
*/
export declare function safeParse(val: string, reviver?: (this: any, key: string, value: any) => any): any;

@@ -10,8 +10,34 @@ "use strict";

*/
var __importDefault = (this && this.__importDefault) || function (mod) {
return (mod && mod.__esModule) ? mod : { "default": mod };
};
Object.defineProperty(exports, "__esModule", { value: true });
exports.safeParse = void 0;
const destr_1 = __importDefault(require("destr"));
exports.safeParse = destr_1.default;
// https://github.com/fastify/secure-json-parse
// https://github.com/hapijs/bourne
const suspectProtoRx = /"(?:_|\\u005[Ff])(?:_|\\u005[Ff])(?:p|\\u0070)(?:r|\\u0072)(?:o|\\u006[Ff])(?:t|\\u0074)(?:o|\\u006[Ff])(?:_|\\u005[Ff])(?:_|\\u005[Ff])"\s*:/;
const suspectConstructorRx = /"(?:c|\\u0063)(?:o|\\u006[Ff])(?:n|\\u006[Ee])(?:s|\\u0073)(?:t|\\u0074)(?:r|\\u0072)(?:u|\\u0075)(?:c|\\u0063)(?:t|\\u0074)(?:o|\\u006[Ff])(?:r|\\u0072)"\s*:/;
const JsonSigRx = /^["{[]|^-?[0-9][0-9.]*$/;
function jsonParseTransform(key, value, reviver) {
if (key === '__proto__' || key === 'constructor') {
return;
}
return reviver ? reviver(key, value) : value;
}
/**
* Copied directly from https://github.com/nuxt-contrib/destr/blob/master/src/index.ts but
* instead raises the malformed JSON exceptions over swallowing them
*/
function safeParse(val, reviver) {
if (typeof val !== 'string') {
return val;
}
if (val === 'null') {
return null;
}
if (!JsonSigRx.test(val)) {
return val;
}
if (suspectProtoRx.test(val) || suspectConstructorRx.test(val)) {
return JSON.parse(val, (key, value) => jsonParseTransform(key, value, reviver));
}
return JSON.parse(val, reviver);
}
exports.safeParse = safeParse;
{
"name": "@poppinss/utils",
"version": "2.5.0",
"version": "2.5.1",
"description": "Handy utilities for repetitive work",

@@ -81,3 +81,2 @@ "main": "build/index.js",

"buffer-alloc": "^1.2.0",
"destr": "^1.0.0",
"fast-safe-stringify": "^2.0.7",

@@ -84,0 +83,0 @@ "fs-readdir-recursive": "^1.1.0",

SocketSocket SOC 2 Logo

Product

  • Package Alerts
  • Integrations
  • Docs
  • Pricing
  • FAQ
  • Roadmap
  • Changelog

Packages

npm

Stay in touch

Get open source security insights delivered straight into your inbox.


  • Terms
  • Privacy
  • Security

Made with ⚡️ by Socket Inc