Huge News!Announcing our $40M Series B led by Abstract Ventures.Learn More →
content-security-policy-parser
Advanced tools
content-security-policy-parser - npm Package Compare versions
Comparing version 0.4.1 to 0.5.0
| # Changelog | ||
| ## 0.5.0 - 2024-01-26 | ||
| ### Fixed | ||
| - Fix prototype pollution bug when parsing `__proto__`. See [#11](https://github.com/helmetjs/content-security-policy-parser/issues/11) | ||
| ### Removed | ||
| - **Breaking:** Drop support for old Node versions. Node 18+ is now required | ||
| ## 0.4.1 - 2022-03-23 | ||
@@ -4,0 +14,0 @@ |
@@ -8,3 +8,13 @@ "use strict"; | ||
| !Object.prototype.hasOwnProperty.call(result, directiveKey)) { | ||
| result[directiveKey] = directiveValue; | ||
| if (directiveKey === "__proto__") { | ||
| Object.defineProperty(result, directiveKey, { | ||
| configurable: true, | ||
| enumerable: true, | ||
| writable: true, | ||
| value: directiveValue, | ||
| }); | ||
| } | ||
| else { | ||
| result[directiveKey] = directiveValue; | ||
| } | ||
| } | ||
@@ -11,0 +21,0 @@ }); |
@@ -5,3 +5,3 @@ { | ||
| "description": "Parse Content Security Policy directives.", | ||
| "version": "0.4.1", | ||
| "version": "0.5.0", | ||
| "license": "MIT", | ||
@@ -26,3 +26,3 @@ "keywords": [ | ||
| "engines": { | ||
| "node": ">=8.0.0" | ||
| "node": ">=18.0.0" | ||
| }, | ||
@@ -47,14 +47,13 @@ "main": "./dist/index.js", | ||
| "build": "npm run clean && tsc", | ||
| "test": "jest --config test/jest-config.json" | ||
| "test": "node --test --require ts-node/register test.ts" | ||
| }, | ||
| "devDependencies": { | ||
| "@types/jest": "^27.4.1", | ||
| "@typescript-eslint/eslint-plugin": "^5.16.0", | ||
| "@typescript-eslint/parser": "^5.16.0", | ||
| "eslint": "^8.11.0", | ||
| "jest": "^27.5.1", | ||
| "prettier": "^2.6.0", | ||
| "ts-jest": "^27.1.3", | ||
| "typescript": "^4.6.2" | ||
| "@typescript-eslint/eslint-plugin": "^6.19.1", | ||
| "@typescript-eslint/parser": "^6.19.1", | ||
| "eslint": "^8.56.0", | ||
| "prettier": "^3.2.4", | ||
| "ts-node": "^10.9.2", | ||
| "typescipt": "^1.0.0", | ||
| "typescript": "^5.3.3" | ||
| } | ||
| } |
@@ -11,3 +11,3 @@ # Content Security Policy parser | ||
| parse( | ||
| "default-src 'self'; script-src 'unsafe-eval' scripts.com; object-src; style-src styles.biz" | ||
| "default-src 'self'; script-src 'unsafe-eval' scripts.com; object-src; style-src styles.biz", | ||
| ); | ||
@@ -14,0 +14,0 @@ /* |
Sorry, the diff of this file is not supported yet
No alert changes
Improved metrics
- Total package byte prevSize
- increased by14.17%
4731
- Dev dependency count
- decreased by-12.5%
7
- Lines of code
- increased by58.82%
27
No dependency changes