@trieb.work/server-utils - npm Package Compare versions

Comparing version 0.1.8 to 0.1.9

caching/redis.ts

@@ -57,6 +57,13 @@ import Redis from "ioredis";
 
-const getVersionedKey = (regularKey: string) =>
-  `${ENV || NODE_ENV}_${
-    VERCEL_GIT_COMMIT_SHA || USER
-  }_${regularKey}_${REDIS_CACHE_VERSIONKEY}`;
+type DefaultKey = "NODE_ENV"|"VERCEL_GIT_COMMIT_SHA"|"REDIS_CACHE_VERSIONKEY";
+const getVersionedKey = (regularKey: string, defaultKey: DefaultKey[]) =>
+  `${
+    defaultKey.includes("NODE_ENV") ? (ENV || NODE_ENV) : null
+  }_${
+    defaultKey.includes("VERCEL_GIT_COMMIT_SHA") ? (VERCEL_GIT_COMMIT_SHA || USER) : null
+  }_${
+    regularKey
+  }_${
+    defaultKey.includes("REDIS_CACHE_VERSIONKEY") ? (REDIS_CACHE_VERSIONKEY) : null
+  }`;
 
@@ -70,5 +77,6 @@ const getMd5 = (data: string) =>
   ttl = REDIS_CACHE_TTL_SEC,
+  defaultKey: DefaultKey[] = ["NODE_ENV", "VERCEL_GIT_COMMIT_SHA", "REDIS_CACHE_VERSIONKEY"]
 ) {
   return async function (...args: any[]): Promise<T> {
-    const versionedKey = getVersionedKey(key);
+    const versionedKey = getVersionedKey(key, defaultKey);
     const flatArgs = stringify(args);
@@ -75,0 +83,0 @@ const flatArgsMd5 = getMd5(flatArgs);

dist/index.js

 "use strict";
 var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
     if (k2 === undefined) k2 = k;
-    Object.defineProperty(o, k2, { enumerable: true, get: function() { return m[k]; } });
+    var desc = Object.getOwnPropertyDescriptor(m, k);
+    if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
+      desc = { enumerable: true, get: function() { return m[k]; } };
+    }
+    Object.defineProperty(o, k2, desc);
 }) : (function(o, m, k, k2) {
@@ -6,0 +10,0 @@ if (k2 === undefined) k2 = k;

dist/transform/deepMerge.js

@@ -6,4 +6,8 @@ "use strict";
     const target = {};
-    for (const source of sources) {
+    const filteredSources = sources.filter((source) => typeof source !== "undefined" && source !== null);
+    for (const source of filteredSources) {
         for (const key of Object.keys(source)) {
+            if ((source[key] === null || source[key] === undefined) && target[key] !== undefined) {
+                delete source[key]; // delete key so it will not get assigned to null or undefined in the `Object.assign(target ?? {}, source)` call
+            }
             if (source[key] instanceof Object && key in target) {
@@ -10,0 +14,0 @@ Object.assign(source[key], deepMerge(target[key], source[key]));

package.json

 {
   "name": "@trieb.work/server-utils",
   "description": "Internal trieb.work utils for server apps",
-  "version": "0.1.8",
+  "version": "0.1.9",
   "main": "dist/index.js",
@@ -6,0 +6,0 @@ "license": "Apache License 2.0",

New alerts

New author

Supply chain risk

A new npm collaborator published a version of the package for the first time. New collaborators are usually benign additions to a project, but do indicate a change to the security surface area of a package.

Found 1 instance in 1 package

Fixed alerts

Environment variable access

Supply chain risk

Package accesses environment variables, which may be a sign of credential stuffing or data theft.

Found 1 instance in 1 package

Improved metrics

Number of low supply chain risk alerts

2

decreased by-50%

Worsened metrics

Total package byte prevSize

19155

decreased by-23.65%

Number of package files

8

decreased by-50%

Lines of code

368

decreased by-23.01%

Number of medium supply chain risk alerts

1

increased byInfinity%

No dependency changes