clone - npm Package Compare versions

Comparing version 2.1.1 to 2.1.2

clone.js

@@ -107,3 +107,9 @@ var clone = (function() {
     } else if (useBuffer && Buffer.isBuffer(parent)) {
-      child = new Buffer(parent.length);
+      if (Buffer.allocUnsafe) {
+        // Node.js >= 4.5.0
+        child = Buffer.allocUnsafe(parent.length);
+      } else {
+        // Older Node.js versions
+        child = new Buffer(parent.length);
+      }
       parent.copy(child);
@@ -110,0 +116,0 @@ return child;

package.json

@@ -11,3 +11,3 @@ {
   ],
-  "version": "2.1.1",
+  "version": "2.1.2",
   "repository": {
@@ -14,0 +14,0 @@ "type": "git",

README.md

@@ -8,3 +8,5 @@ # clone
 
+**XSS vulnerability detected**
 
+
 ## Installation
@@ -102,2 +104,8 @@
 
+### v2.1.2
+
+#### 2018-03-21
+
+  - Use `Buffer.allocUnsafe()` on Node >= 4.5.0 (contributed by @ChALkeR)
+
 ### v2.1.1
@@ -124,4 +132,12 @@
 
-### v1.0.2
+### v1.0.3
 
+#### 2017-11-08
+
+  - Close XSS vulnerability in the NPM package, which included the file
+    `test-apart-ctx.html`. This vulnerability was disclosed by Juho Nurminen of
+    2NS - Second Nature Security.
+
+### v1.0.2 (deprecated)
+
 #### 2015-03-25
@@ -133,3 +149,3 @@
 
-### v1.0.1
+### v1.0.1 (deprecated)
 
@@ -141,3 +157,3 @@ #### 2015-03-04
 
-### v1.0.0
+### v1.0.0 (deprecated)
 
@@ -144,0 +160,0 @@ #### 2015-02-10

No alert changes

Improved metrics

Total package byte prevSize

15879

increased by3.66%

Lines of code

226

increased by2.73%

Number of lines in readme file

195

increased by8.94%

No dependency changes