contextify - npm Package Compare versions

Comparing version 0.0.6 to 0.0.7

package.json

@@ -9,3 +9,3 @@ {
   ],
-  "version": "0.0.6",
+  "version": "0.0.7",
   "repository": {
@@ -12,0 +12,0 @@ "type" : "git",

test/contextify.js

@@ -42,2 +42,12 @@ var Contextify = require('../lib/contextify.js');
 
+    'sandbox prototype properties should be searched' : function (test) {
+        var sandbox = {};
+        sandbox.__proto__ = {
+            prop1 : 'test'
+        };
+        Contextify(sandbox);
+        test.equal(sandbox.getGlobal().prop1, 'test');
+        test.done();
+    },
+
     // Make sure properties that aren't there...aren't there.
@@ -50,2 +60,26 @@ 'test for nonexistent properties' : function (test) {
 
+    // Make sure properties with value "undefined" are there.
+    'test for "undefined" properties' : function (test) {
+        var sandbox = { x: undefined };
+        Contextify(sandbox);
+        sandbox.run("_x = x");
+        test.equal(sandbox._x, undefined);
+        test.done();
+    },
+
+    'test for "undefined" variables' : function (test) {
+        var sandbox = { };
+        Contextify(sandbox);
+        // In JavaScript a declared variable is set to 'undefined'.
+        sandbox.run("var y; (function() { var _y ; y = _y })()");
+        test.equal(sandbox._y, undefined);
+        // This should apply to top-level variables (global properties).
+        sandbox.run("var z; _z = z");
+        test.equal(sandbox._z, undefined);
+        // Make sure nothing wacky happens when accessing global declared but
+        // undefined variables.
+        test.equal(sandbox.getGlobal().z, undefined);
+        test.done();
+    },
+
     // Make sure run can be called with a filename parameter.
@@ -52,0 +86,0 @@ 'test run with filename' : function (test) {

New alerts

License Policy Violation

License

This package is not allowed per your license policy. Review the package's license to ensure compliance.

Found 1 instance in 1 package

New author

Supply chain risk

A new npm collaborator published a version of the package for the first time. New collaborators are usually benign additions to a project, but do indicate a change to the security surface area of a package.

Found 1 instance in 1 package

Fixed alerts

License Policy Violation

License

This package is not allowed per your license policy. Review the package's license to ensure compliance.

Found 1 instance in 1 package

Non-existent author

Supply chain risk

The package was published by an npm account that no longer exists.

Found 1 instance in 1 package

Improved metrics

Total package byte prevSize

33667

increased by7.13%

Number of package files

9

increased by12.5%

Lines of code

437

increased by7.64%

Number of high supply chain risk alerts

0

decreased by-100%

Worsened metrics

Number of medium supply chain risk alerts

1

increased byInfinity%

No dependency changes