browserify
Advanced tools
Comparing version 1.4.2 to 1.4.3
@@ -0,1 +1,9 @@ | ||
function filter (xs, fn) { | ||
var res = []; | ||
for (var i = 0; i < xs.length; i++) { | ||
if (fn(xs[i], i, xs)) res.push(xs[i]); | ||
} | ||
return res; | ||
} | ||
// resolves . and .. elements in a path array with directory names there | ||
@@ -59,3 +67,3 @@ // must be no slashes, empty elements, or device names (c:\) in the array | ||
// Normalize the path | ||
resolvedPath = normalizeArray(resolvedPath.split('/').filter(function(p) { | ||
resolvedPath = normalizeArray(filter(resolvedPath.split('/'), function(p) { | ||
return !!p; | ||
@@ -74,3 +82,3 @@ }), !resolvedAbsolute).join('/'); | ||
// Normalize the path | ||
path = normalizeArray(path.split('/').filter(function(p) { | ||
path = normalizeArray(filter(path.split('/'), function(p) { | ||
return !!p; | ||
@@ -93,3 +101,3 @@ }), !isAbsolute).join('/'); | ||
var paths = Array.prototype.slice.call(arguments, 0); | ||
return exports.normalize(paths.filter(function(p, index) { | ||
return exports.normalize(filter(paths, function(p, index) { | ||
return p && typeof p === 'string'; | ||
@@ -96,0 +104,0 @@ }).join('/')); |
@@ -0,1 +1,17 @@ | ||
var Object_keys = function (obj) { | ||
if (Object.keys) return Object.keys(obj) | ||
else { | ||
var res = []; | ||
for (var key in obj) res.push(key) | ||
return res; | ||
} | ||
}; | ||
var forEach = function (xs, fn) { | ||
if (xs.forEach) return xs.forEach(fn) | ||
else for (var i = 0; i < xs.length; i++) { | ||
fn(xs[i], i, xs); | ||
} | ||
}; | ||
var Script = exports.Script = function NodeScript (code) { | ||
@@ -6,9 +22,27 @@ if (!(this instanceof Script)) return new Script(code); | ||
var iframe = document.createElement('iframe'); | ||
if (!iframe.style) iframe.style = {}; | ||
iframe.style.display = 'none'; | ||
var iframeCapable = true; // until proven otherwise | ||
if (navigator.appName === 'Microsoft Internet Explorer') { | ||
var m = navigator.appVersion.match(/\bMSIE (\d+\.\d+);/); | ||
if (m && parseFloat(m[1]) < 9.0) { | ||
iframeCapable = false; | ||
} | ||
} | ||
Script.prototype.runInNewContext = function (context) { | ||
if (!context) context = {}; | ||
var iframe = document.createElement('iframe'); | ||
//iframe.setAttribute('src', 'about:blank'); | ||
if (!iframe.style) iframe.style = {}; | ||
iframe.style.display = 'none'; | ||
if (!iframeCapable) { | ||
var keys = Object_keys(context); | ||
var args = []; | ||
for (var i = 0; i < keys.length; i++) { | ||
args.push(context[keys[i]]); | ||
} | ||
var fn = new Function(keys, 'return ' + this.code); | ||
return fn.apply(null, args); | ||
} | ||
@@ -22,9 +56,26 @@ document.body.appendChild(iframe); | ||
Object.keys(context).forEach(function (key) { | ||
forEach(Object_keys(context), function (key) { | ||
win[key] = context[key]; | ||
iframe[key] = context[key]; | ||
}); | ||
if (win.eval) { | ||
// chrome and ff can just .eval() | ||
var res = win.eval(this.code); | ||
} | ||
else { | ||
// this works in IE9 but not anything newer | ||
iframe.setAttribute('src', | ||
'javascript:__browserifyVmResult=(' + this.code + ')' | ||
); | ||
if ('__browserifyVmResult' in win) { | ||
var res = win.__browserifyVmResult; | ||
} | ||
else { | ||
iframeCapable = false; | ||
res = this.runInThisContext(context); | ||
} | ||
} | ||
var res = win.eval(this.code); | ||
Object.keys(win).forEach(function (key) { | ||
forEach(Object_keys(win), function (key) { | ||
context[key] = win[key]; | ||
@@ -34,2 +85,3 @@ }); | ||
document.body.removeChild(iframe); | ||
return res; | ||
@@ -49,3 +101,3 @@ }; | ||
Object.keys(Script.prototype).forEach(function (name) { | ||
forEach(Object_keys(Script.prototype), function (name) { | ||
exports[name] = Script[name] = function (code) { | ||
@@ -64,6 +116,7 @@ var s = Script(code); | ||
// seems to just make a shallow copy | ||
return Object.keys(context).reduce(function (acc, key) { | ||
acc[key] = context[key]; | ||
return acc; | ||
}, {}); | ||
var copy = {}; | ||
forEach(Object_keys(context), function (key) { | ||
copy[key] = context[key]; | ||
}); | ||
return copy; | ||
}; |
var vm = require('vm'); | ||
var $ = require('jquery'); | ||
$(window).ready(function () { | ||
var fn = window.onload = function () { | ||
var res = vm.runInNewContext('a + 2 * b', { a : 5, b : 4 }); | ||
$('#result').text(res); | ||
}); | ||
document.getElementById('result').innerHTML = res; | ||
}; | ||
if (document.readyState === 'complete') fn(); |
@@ -7,6 +7,6 @@ var connect = require('connect'); | ||
entry : __dirname + '/main.js', | ||
require : { jquery : 'jquery-browserify' }, | ||
watch : true | ||
})); | ||
server.listen(9393); | ||
console.log('Listening on 9393...'); | ||
server.listen(8080); | ||
console.log('Listening on 8080...'); |
{ | ||
"name" : "browserify", | ||
"version" : "1.4.2", | ||
"version" : "1.4.3", | ||
"description" : "Browser-side require() for js directories and npm modules", | ||
@@ -5,0 +5,0 @@ "main" : "index.js", |
@@ -119,13 +119,20 @@ var require = function (file, cwd) { | ||
Object.keys(require.modules) | ||
.forEach(function (x) { | ||
if (x.slice(0, basedir.length + 1) === basedir + '/') { | ||
var f = x.slice(basedir.length); | ||
require.modules[to + f] = require.modules[basedir + f]; | ||
} | ||
else if (x === basedir) { | ||
require.modules[to] = require.modules[basedir]; | ||
} | ||
}) | ||
; | ||
var keys = Object_keys(require.modules); | ||
for (var i = 0; i < keys.length; i++) { | ||
var key = keys[i]; | ||
if (key.slice(0, basedir.length + 1) === basedir + '/') { | ||
var f = key.slice(basedir.length); | ||
require.modules[to + f] = require.modules[basedir + f]; | ||
} | ||
else if (key === basedir) { | ||
require.modules[to] = require.modules[basedir]; | ||
} | ||
} | ||
}; | ||
var Object_keys = Object.keys || function (obj) { | ||
var res = []; | ||
for (var key in obj) res.push(key) | ||
return res; | ||
}; |
License Policy Violation
LicenseThis package is not allowed per your license policy. Review the package's license to ensure compliance.
Found 1 instance in 1 package
Uses eval
Supply chain riskPackage uses dynamic code execution (e.g., eval()), which is a dangerous practice. This can prevent the code from running in certain environments and increases the risk that the code may contain exploits or malicious behavior.
Found 1 instance in 1 package
License Policy Violation
LicenseThis package is not allowed per your license policy. Review the package's license to ensure compliance.
Found 1 instance in 1 package
83900
87
2105
37
4