can-map - npm Package Compare versions

Comparing version 4.3.11 to 4.3.12

bubble_test.js

@@ -42,1 +42,15 @@ var QUnit = require("steal-qunit");
 });
+
+QUnit.test(".childrenOf should not bind nested non-Observables", function(assert){
+
+	var map = new CanMap({
+			type: Object.create({
+				label: "hello",
+			})
+	});
+	bubble.childrenOf(map, "change");
+	assert.equal(bubble.events(map.attr("type"), "change"), undefined, "non-Observable child does not bubble");
+	map.attr("type", new CanMap({}));
+	assert.equal(bubble.events(map.attr("type"), "change").length, 1, "replacing with Observable child bubbles");
+
+});

bubble.js

@@ -31,4 +31,9 @@ "use strict";
 var isMap = function(map) {
-	return (map && !canReflect.isFunctionLike(map) && 
-			canReflect.isMapLike(map) && !Array.isArray(map));
+	return (
+		map &&
+		!canReflect.isFunctionLike(map) && 
+		canReflect.isMapLike(map) &&
+		!Array.isArray(map) &&
+		canReflect.isObservableLike(map)
+	);
 };
@@ -198,3 +203,3 @@
 		// ## bubble.childrenOf
-		// Bubbles all the children of `parent`.
+		// Bubbles all the observable children of `parent`.
 		childrenOf: function (parent, eventName) {
@@ -201,0 +206,0 @@

package.json

 {
   "name": "can-map",
-  "version": "4.3.11",
+  "version": "4.3.12",
   "description": "Observable Objects",
@@ -5,0 +5,0 @@ "homepage": "http://canjs.com",

New alerts

License Policy Violation

License

This package is not allowed per your license policy. Review the package's license to ensure compliance.

Found 1 instance in 1 package

Major refactor

Supply chain risk

Package has recently undergone a major refactor. It may be unstable or indicate significant internal changes. Use caution when updating to versions that include significant changes.

Found 1 instance in 1 package

Uses eval

Supply chain risk

Package uses dynamic code execution (e.g., eval()), which is a dangerous practice. This can prevent the code from running in certain environments and increases the risk that the code may contain exploits or malicious behavior.

Found 1 instance in 1 package

Fixed alerts

License Policy Violation

License

This package is not allowed per your license policy. Review the package's license to ensure compliance.

Found 1 instance in 1 package

Improved metrics

Total package byte prevSize

274052

increased by207.71%

Number of package files

31

increased by14.81%

Lines of code

6576

increased by263.52%

Worsened metrics

Number of medium supply chain risk alerts

2

increased byInfinity%

No dependency changes