@thi.ng/paths
Advanced tools
Comparing version 4.1.13 to 4.2.0
@@ -6,26 +6,13 @@ # Change Log | ||
## [4.1.13](https://github.com/thi-ng/umbrella/compare/@thi.ng/paths@4.1.12...@thi.ng/paths@4.1.13) (2021-01-10) | ||
# [4.2.0](https://github.com/thi-ng/umbrella/compare/@thi.ng/paths@4.1.13...@thi.ng/paths@4.2.0) (2021-02-20) | ||
**Note:** Version bump only for package @thi.ng/paths | ||
### Features | ||
* **paths:** use updated/more safe isProtoPath() ([456fac1](https://github.com/thi-ng/umbrella/commit/456fac19a0178de589f31cdd7e7ec2d8a6406c6c)) | ||
## [4.1.12](https://github.com/thi-ng/umbrella/compare/@thi.ng/paths@4.1.11...@thi.ng/paths@4.1.12) (2021-01-02) | ||
**Note:** Version bump only for package @thi.ng/paths | ||
## [4.1.11](https://github.com/thi-ng/umbrella/compare/@thi.ng/paths@4.1.10...@thi.ng/paths@4.1.11) (2020-12-22) | ||
**Note:** Version bump only for package @thi.ng/paths | ||
# [4.1.0](https://github.com/thi-ng/umbrella/compare/@thi.ng/paths@4.0.11...@thi.ng/paths@4.1.0) (2020-07-08) | ||
@@ -32,0 +19,0 @@ |
@@ -35,8 +35,3 @@ 'use strict'; | ||
}; | ||
const isProtoPath = (path) => checks.isArray(path) | ||
? path.some((x) => x === "__proto__") | ||
: checks.isString(path) | ||
? path.indexOf("__proto__") >= 0 | ||
: false; | ||
const disallowProtoPath = (path) => (api.assert(!isProtoPath(path), `unsafe path: '${path}'`), path); | ||
const disallowProtoPath = (path) => (api.assert(!checks.isProtoPath(path), `unsafe path: '${path}'`), path); | ||
@@ -155,2 +150,3 @@ const defGetterUnsafe = (path) => defGetter(path); | ||
const ks = toPath(path); | ||
disallowProtoPath(ks); | ||
let [a, b, c, d] = ks; | ||
@@ -260,3 +256,2 @@ switch (ks.length) { | ||
exports.getInUnsafe = getInUnsafe; | ||
exports.isProtoPath = isProtoPath; | ||
exports.mutIn = mutIn; | ||
@@ -263,0 +258,0 @@ exports.mutInManyUnsafe = mutInManyUnsafe; |
@@ -1,1 +0,1 @@ | ||
!function(e,t){"object"==typeof exports&&"undefined"!=typeof module?t(exports,require("@thi.ng/api"),require("@thi.ng/checks"),require("@thi.ng/errors")):"function"==typeof define&&define.amd?define(["exports","@thi.ng/api","@thi.ng/checks","@thi.ng/errors"],t):t(((e="undefined"!=typeof globalThis?globalThis:e||self).thi=e.thi||{},e.thi.ng=e.thi.ng||{},e.thi.ng.paths={}),e.thi.ng.api,e.thi.ng.checks,e.thi.ng.errors)}(this,(function(e,t,n,r){"use strict";const u=e=>n.isArray(e)?e:n.isString(e)?e.length>0?e.split("."):[]:null!=e?[e]:[],s=e=>n.isArray(e)?e.some((e=>"__proto__"===e)):!!n.isString(e)&&e.indexOf("__proto__")>=0;function l(e){const t=u(e),[n,r,s,l]=t;switch(t.length){case 0:return e=>e;case 1:return e=>null!=e?e[n]:void 0;case 2:return e=>null!=e&&null!=(e=e[n])?e[r]:void 0;case 3:return e=>null!=e&&null!=(e=e[n])&&null!=(e=e[r])?e[s]:void 0;case 4:return e=>null!=e&&null!=(e=e[n])&&null!=(e=e[r])&&null!=(e=e[s])?e[l]:void 0;default:return e=>{const n=t.length-1;let r=e;for(let e=0;null!=r&&e<=n;e++)r=r[t[e]];return r}}}function i(e){const t=u(e),[n,r,s,l]=t;switch(t.length){case 0:return(e,t)=>t;case 1:return(e,t)=>((e=o(e))[n]=t,e);case 2:return(e,t)=>{let u;return(e=o(e))[n]=u=o(e[n]),u[r]=t,e};case 3:return(e,t)=>{let u,l;return(e=o(e))[n]=u=o(e[n]),u[r]=l=o(u[r]),l[s]=t,e};case 4:return(e,t)=>{let u,i,a;return(e=o(e))[n]=u=o(e[n]),u[r]=i=o(u[r]),i[s]=a=o(i[s]),a[l]=t,e};default:let e;for(let n=t.length;--n>=0;)e=a(t[n],e);return e}}const o=e=>n.isArray(e)||n.isTypedArray(e)?e.slice():Object.assign({},e),a=(e,t)=>(n,r)=>((n=o(n))[e]=t?t(n[e],r):r,n);function f(e,t,n,...r){return i(t)(e,n.apply(null,(r.unshift(l(t)(e)),r)))}function c(e,t){const n=u(t).slice();if(n.length){const t=n.pop();return f(e,n,(e=>(delete(e=Object.assign({},e))[t],e)))}}function h(e){const t=u(e);let[n,r,s,l]=t;switch(t.length){case 0:return(e,t)=>t;case 1:return(e,t)=>e?(e[n]=t,e):void 0;case 2:return(e,t)=>{let u;return e&&(u=e[n])?(u[r]=t,e):void 0};case 3:return(e,t)=>{let u;return e&&(u=e[n])&&(u=u[r])?(u[s]=t,e):void 0};case 4:return(e,t)=>{let u;return e&&(u=e[n])&&(u=u[r])&&(u=u[s])?(u[l]=t,e):void 0};default:return(e,n)=>{let r=e;const u=t.length-1;for(let e=0;e<u;e++)if(!(r=r[t[e]]))return;return r[t[u]]=n,e}}}function g(e,t,n){return h(t)(e,n)}function d(e,t,n){return i(t)(e,n)}function p(e,t){const n=l(e),r=i(e);return(e,...u)=>r(e,t.apply(null,(u.unshift(n(e)),u)))}e.copy=o,e.defGetter=l,e.defGetterUnsafe=e=>l(e),e.defMutator=h,e.defMutatorUnsafe=e=>h(e),e.defSetter=i,e.defSetterUnsafe=e=>i(e),e.defUpdater=p,e.defUpdaterUnsafe=(e,t)=>p(e,t),e.deleteIn=c,e.deleteInUnsafe=(e,t)=>c(e,t),e.disallowProtoPath=e=>(t.assert(!s(e),`unsafe path: '${e}'`),e),e.exists=(e,t)=>{if(null==e)return!1;for(let n=(t=u(t)).length-1,r=0;r<=n;r++){const u=t[r];if(!e.hasOwnProperty(u))return!1;if(null==(e=e[u])&&r<n)return!1}return!0},e.getIn=function(e,t){return l(t)(e)},e.getInUnsafe=(e,t)=>l(t)(e),e.isProtoPath=s,e.mutIn=g,e.mutInManyUnsafe=function(e,...t){const n=t.length;1&n&&r.illegalArgs(`require even number of args (got ${t.length})`);for(let r=0;r<n&&e;r+=2)e=g(e,t[r],t[r+1]);return e},e.mutInUnsafe=(e,t,n)=>h(t)(e,n),e.setIn=d,e.setInManyUnsafe=function(e,...t){const n=t.length;1&n&&r.illegalArgs(`require even number of KV args (got ${t.length})`);for(let r=0;r<n;r+=2)e=d(e,t[r],t[r+1]);return e},e.setInUnsafe=(e,t,n)=>i(t)(e,n),e.toPath=u,e.updateIn=f,e.updateInUnsafe=(e,t,n,...r)=>f(e,t,n,...r),Object.defineProperty(e,"__esModule",{value:!0})})); | ||
!function(e,t){"object"==typeof exports&&"undefined"!=typeof module?t(exports,require("@thi.ng/api"),require("@thi.ng/checks"),require("@thi.ng/errors")):"function"==typeof define&&define.amd?define(["exports","@thi.ng/api","@thi.ng/checks","@thi.ng/errors"],t):t(((e="undefined"!=typeof globalThis?globalThis:e||self).thi=e.thi||{},e.thi.ng=e.thi.ng||{},e.thi.ng.paths={}),e.thi.ng.api,e.thi.ng.checks,e.thi.ng.errors)}(this,(function(e,t,n,r){"use strict";const u=e=>n.isArray(e)?e:n.isString(e)?e.length>0?e.split("."):[]:null!=e?[e]:[],l=e=>(t.assert(!n.isProtoPath(e),`unsafe path: '${e}'`),e);function s(e){const t=u(e),[n,r,l,s]=t;switch(t.length){case 0:return e=>e;case 1:return e=>null!=e?e[n]:void 0;case 2:return e=>null!=e&&null!=(e=e[n])?e[r]:void 0;case 3:return e=>null!=e&&null!=(e=e[n])&&null!=(e=e[r])?e[l]:void 0;case 4:return e=>null!=e&&null!=(e=e[n])&&null!=(e=e[r])&&null!=(e=e[l])?e[s]:void 0;default:return e=>{const n=t.length-1;let r=e;for(let e=0;null!=r&&e<=n;e++)r=r[t[e]];return r}}}function i(e){const t=u(e),[n,r,l,s]=t;switch(t.length){case 0:return(e,t)=>t;case 1:return(e,t)=>((e=o(e))[n]=t,e);case 2:return(e,t)=>{let u;return(e=o(e))[n]=u=o(e[n]),u[r]=t,e};case 3:return(e,t)=>{let u,s;return(e=o(e))[n]=u=o(e[n]),u[r]=s=o(u[r]),s[l]=t,e};case 4:return(e,t)=>{let u,i,a;return(e=o(e))[n]=u=o(e[n]),u[r]=i=o(u[r]),i[l]=a=o(i[l]),a[s]=t,e};default:let e;for(let n=t.length;--n>=0;)e=a(t[n],e);return e}}const o=e=>n.isArray(e)||n.isTypedArray(e)?e.slice():Object.assign({},e),a=(e,t)=>(n,r)=>((n=o(n))[e]=t?t(n[e],r):r,n);function f(e,t,n,...r){return i(t)(e,n.apply(null,(r.unshift(s(t)(e)),r)))}function c(e,t){const n=u(t).slice();if(n.length){const t=n.pop();return f(e,n,(e=>(delete(e=Object.assign({},e))[t],e)))}}function h(e){const t=u(e);l(t);let[n,r,s,i]=t;switch(t.length){case 0:return(e,t)=>t;case 1:return(e,t)=>e?(e[n]=t,e):void 0;case 2:return(e,t)=>{let u;return e&&(u=e[n])?(u[r]=t,e):void 0};case 3:return(e,t)=>{let u;return e&&(u=e[n])&&(u=u[r])?(u[s]=t,e):void 0};case 4:return(e,t)=>{let u;return e&&(u=e[n])&&(u=u[r])&&(u=u[s])?(u[i]=t,e):void 0};default:return(e,n)=>{let r=e;const u=t.length-1;for(let e=0;e<u;e++)if(!(r=r[t[e]]))return;return r[t[u]]=n,e}}}function g(e,t,n){return h(t)(e,n)}function d(e,t,n){return i(t)(e,n)}function p(e,t){const n=s(e),r=i(e);return(e,...u)=>r(e,t.apply(null,(u.unshift(n(e)),u)))}e.copy=o,e.defGetter=s,e.defGetterUnsafe=e=>s(e),e.defMutator=h,e.defMutatorUnsafe=e=>h(e),e.defSetter=i,e.defSetterUnsafe=e=>i(e),e.defUpdater=p,e.defUpdaterUnsafe=(e,t)=>p(e,t),e.deleteIn=c,e.deleteInUnsafe=(e,t)=>c(e,t),e.disallowProtoPath=l,e.exists=(e,t)=>{if(null==e)return!1;for(let n=(t=u(t)).length-1,r=0;r<=n;r++){const u=t[r];if(!e.hasOwnProperty(u))return!1;if(null==(e=e[u])&&r<n)return!1}return!0},e.getIn=function(e,t){return s(t)(e)},e.getInUnsafe=(e,t)=>s(t)(e),e.mutIn=g,e.mutInManyUnsafe=function(e,...t){const n=t.length;1&n&&r.illegalArgs(`require even number of args (got ${t.length})`);for(let r=0;r<n&&e;r+=2)e=g(e,t[r],t[r+1]);return e},e.mutInUnsafe=(e,t,n)=>h(t)(e,n),e.setIn=d,e.setInManyUnsafe=function(e,...t){const n=t.length;1&n&&r.illegalArgs(`require even number of KV args (got ${t.length})`);for(let r=0;r<n;r+=2)e=d(e,t[r],t[r+1]);return e},e.setInUnsafe=(e,t,n)=>i(t)(e,n),e.toPath=u,e.updateIn=f,e.updateInUnsafe=(e,t,n,...r)=>f(e,t,n,...r),Object.defineProperty(e,"__esModule",{value:!0})})); |
@@ -1,2 +0,2 @@ | ||
import { toPath } from "./path"; | ||
import { disallowProtoPath, toPath } from "./path"; | ||
/** | ||
@@ -14,2 +14,3 @@ * Unchecked version of {@link defMutator}. | ||
const ks = toPath(path); | ||
disallowProtoPath(ks); | ||
let [a, b, c, d] = ks; | ||
@@ -16,0 +17,0 @@ switch (ks.length) { |
{ | ||
"name": "@thi.ng/paths", | ||
"version": "4.1.13", | ||
"version": "4.2.0", | ||
"description": "Immutable, optimized and optionally typed path-based object property / array accessors with structural sharing", | ||
@@ -45,12 +45,12 @@ "module": "./index.js", | ||
"@types/node": "^14.14.14", | ||
"mocha": "^8.2.1", | ||
"mocha": "^8.3.0", | ||
"nyc": "^15.1.0", | ||
"ts-node": "^9.1.1", | ||
"typedoc": "^0.20.4", | ||
"typescript": "^4.1.3" | ||
"typedoc": "^0.20.26", | ||
"typescript": "^4.1.5" | ||
}, | ||
"dependencies": { | ||
"@thi.ng/api": "^6.13.6", | ||
"@thi.ng/checks": "^2.8.0", | ||
"@thi.ng/errors": "^1.2.26" | ||
"@thi.ng/api": "^7.0.0", | ||
"@thi.ng/checks": "^2.9.0", | ||
"@thi.ng/errors": "^1.2.27" | ||
}, | ||
@@ -84,3 +84,3 @@ "files": [ | ||
"sideEffects": false, | ||
"gitHead": "ec0b1d686c9d5f8f73e2c170b9915c2dd875903f" | ||
"gitHead": "2cb9a54255d6a5d7f21c9875002b86c42dd038de" | ||
} |
@@ -30,14 +30,12 @@ import { NumOrString, Path } from "@thi.ng/api"; | ||
/** | ||
* Helper function to analyze given lookup path for presence of | ||
* `__proto__`. Returns true if the case. | ||
* Helper function to analyze given `path` using | ||
* {@link @thi.ng/checks#isProtoPath}. Throws an error if path contains any | ||
* property which might lead to prototype poisoning. | ||
* | ||
* @remarks | ||
* Also see {@link disallowProtoPath} | ||
* The following properties are considered illegal. | ||
* | ||
* @param path | ||
*/ | ||
export declare const isProtoPath: (path: Path) => boolean; | ||
/** | ||
* Helper function to analyze given path using {@link isProtoPath}. | ||
* Throws error if path contains `__proto__`. | ||
* - `__proto__` | ||
* - `prototype` | ||
* - `constructor` | ||
* | ||
@@ -44,0 +42,0 @@ * @param path |
22
path.js
import { assert } from "@thi.ng/api"; | ||
import { isArray, isString } from "@thi.ng/checks"; | ||
import { isArray, isProtoPath, isString } from "@thi.ng/checks"; | ||
/** | ||
@@ -55,18 +55,12 @@ * Converts the given key path to canonical form (array). | ||
/** | ||
* Helper function to analyze given lookup path for presence of | ||
* `__proto__`. Returns true if the case. | ||
* Helper function to analyze given `path` using | ||
* {@link @thi.ng/checks#isProtoPath}. Throws an error if path contains any | ||
* property which might lead to prototype poisoning. | ||
* | ||
* @remarks | ||
* Also see {@link disallowProtoPath} | ||
* The following properties are considered illegal. | ||
* | ||
* @param path | ||
*/ | ||
export const isProtoPath = (path) => isArray(path) | ||
? path.some((x) => x === "__proto__") | ||
: isString(path) | ||
? path.indexOf("__proto__") >= 0 | ||
: false; | ||
/** | ||
* Helper function to analyze given path using {@link isProtoPath}. | ||
* Throws error if path contains `__proto__`. | ||
* - `__proto__` | ||
* - `prototype` | ||
* - `constructor` | ||
* | ||
@@ -73,0 +67,0 @@ * @param path |
@@ -81,3 +81,3 @@ <!-- This file is generated - DO NOT EDIT! --> | ||
Package sizes (gzipped, pre-treeshake): ESM: 1.18 KB / CJS: 1.29 KB / UMD: 1.25 KB | ||
Package sizes (gzipped, pre-treeshake): ESM: 1.15 KB / CJS: 1.25 KB / UMD: 1.21 KB | ||
@@ -84,0 +84,0 @@ ## Dependencies |
Sorry, the diff of this file is not supported yet
Sorry, the diff of this file is not supported yet
License Policy Violation
LicenseThis package is not allowed per your license policy. Review the package's license to ensure compliance.
Found 1 instance in 1 package
License Policy Violation
LicenseThis package is not allowed per your license policy. Review the package's license to ensure compliance.
Found 1 instance in 1 package
108094
1396
+ Added@thi.ng/api@7.2.0(transitive)
- Removed@thi.ng/api@6.13.6(transitive)
Updated@thi.ng/api@^7.0.0
Updated@thi.ng/checks@^2.9.0
Updated@thi.ng/errors@^1.2.27