@putout/operate - npm Package Compare versions

Comparing version 6.8.0 to 6.9.0

lib/compute.js

 'use strict';
 
-const {
-    isLiteral,
-    isObjectExpression,
-} = require('@babel/types');
+const {isObjectExpression} = require('@babel/types');
 
@@ -14,7 +11,15 @@ const {getBindingPath} = require('./get-binding');
 
-module.exports.compute = (path) => {
+module.exports.compute = compute;
+function compute(path) {
     const {node} = path;
+    const {confident, value} = path.evaluate();
     
+    if (confident)
+        return [COMPUTED, value];
+    
+    if (path.isBinaryExpression())
+        return parseBinaryExpression(path);
+    
     if (isExtractable(path))
-        return [true, extract(node)];
+        return [COMPUTED, extract(node)];
     
@@ -28,5 +33,2 @@ const bindingPath = parseBindingPath(path);
     
-    if (isLiteral(bindingNode.init))
-        return [true, extract(bindingNode.init)];
-    
     if (isObjectExpression(bindingNode.init))
@@ -36,3 +38,3 @@ return parseObjectExpression(node, bindingNode);
     return [NOT_COMPUTED];
-};
+}
 
@@ -45,3 +47,3 @@ function parseBindingPath(path) {
     
-    if (path.isMemberExpression())
+    if (isSimpleMemberExpression(path))
         return getBindingPath(path, extract(node.object));
@@ -69,10 +71,43 @@
     
-    if (path.isLiteral())
-        return true;
+    return parentPath.isObjectProperty({computed});
+}
+
+function isSimpleMemberExpression(path) {
+    const objectPath = path.get('object');
     
-    if (parentPath.isObjectProperty({computed}))
-        return true;
+    if (!path.isMemberExpression())
+        return false;
     
-    return false;
+    if (objectPath.isMemberExpression())
+        return false;
+    
+    if (objectPath.isCallExpression())
+        return false;
+    
+    return true;
 }
 
+const binary = {
+    init: (op, fn) => binary[op] = fn,
+};
+
+function parseBinaryExpression(path) {
+    const {operator} = path.node;
+    const leftPath = path.get('left');
+    const rightPath = path.get('right');
+    const [computedLeft, left] = compute(leftPath);
+    
+    if (!computedLeft)
+        return [NOT_COMPUTED];
+    
+    const [computedRight, right] = compute(rightPath);
+    
+    if (!computedRight)
+        return [NOT_COMPUTED];
+    
+    const line = `return a ${operator} b`;
+    const fn = binary[operator] || binary.init(operator, Function('a', 'op', 'b', line));
+    
+    return [COMPUTED, fn(left, operator, right)];
+}
+

package.json

 {
   "name": "@putout/operate",
-  "version": "6.8.0",
+  "version": "6.9.0",
   "author": "coderaiser <mnemonic.enemy@gmail.com> (https://github.com/coderaiser)",
@@ -5,0 +5,0 @@ "description": "operate on ast",

New alerts

Uses eval

Supply chain risk

Package uses dynamic code execution (e.g., eval()), which is a dangerous practice. This can prevent the code from running in certain environments and increases the risk that the code may contain exploits or malicious behavior.

Found 1 instance in 1 package

Improved metrics

Total package byte prevSize

12628

increased by8.23%

Lines of code

214

increased by12.63%

Worsened metrics

Number of medium supply chain risk alerts

1

increased byInfinity%

No dependency changes