contextify - npm Package Compare versions

Comparing version 0.0.6 to 0.0.7

package.json

@@ -9,3 +9,3 @@ {
   ],
-  "version": "0.0.6",
+  "version": "0.0.7",
   "repository": {
@@ -12,0 +12,0 @@ "type" : "git",

src/contextify.cc

@@ -197,8 +197,4 @@ #include "node.h"
     Persistent<Object> sandbox = info->sandbox;
-    // First check the sandbox object.
-    Local<Value> rv = sandbox->Get(property);
-    if (rv.IsEmpty() || rv->IsUndefined()) {
-        // Next, check the global object (things like Object, Array, etc).
-        // This needs to call GetRealNamedProperty or else we'll get stuck in
-        // an infinite loop here.
+    Local<Value> rv = sandbox->GetRealNamedProperty(property);
+    if (rv.IsEmpty()) {
         rv = info->global->GetRealNamedProperty(property);
@@ -228,3 +224,14 @@ }
     HandleScope scope;
-    return scope.Close(Integer::New(None));
+    Local<Value> wrapped = accessInfo.This()->GetHiddenValue(String::New("info"));
+    void* unwrapped = External::Unwrap(wrapped);
+    if (unwrapped == NULL) {
+        ThrowException(String::New("Called getGlobal() after dispose()."));
+        return scope.Close(Handle<Integer>());
+    }
+    ContextifyInfo* info = static_cast<ContextifyInfo*>(unwrapped);
+    if (!info->sandbox->GetRealNamedProperty(property).IsEmpty() ||
+        !info->global->GetRealNamedProperty(property).IsEmpty()) {
+        return scope.Close(Integer::New(None));
+    }
+    return scope.Close(Handle<Integer>());
 }
@@ -231,0 +238,0 @@

test/contextify.js

@@ -42,2 +42,12 @@ var Contextify = require('../lib/contextify.js');
 
+    'sandbox prototype properties should be searched' : function (test) {
+        var sandbox = {};
+        sandbox.__proto__ = {
+            prop1 : 'test'
+        };
+        Contextify(sandbox);
+        test.equal(sandbox.getGlobal().prop1, 'test');
+        test.done();
+    },
+
     // Make sure properties that aren't there...aren't there.
@@ -50,2 +60,26 @@ 'test for nonexistent properties' : function (test) {
 
+    // Make sure properties with value "undefined" are there.
+    'test for "undefined" properties' : function (test) {
+        var sandbox = { x: undefined };
+        Contextify(sandbox);
+        sandbox.run("_x = x");
+        test.equal(sandbox._x, undefined);
+        test.done();
+    },
+
+    'test for "undefined" variables' : function (test) {
+        var sandbox = { };
+        Contextify(sandbox);
+        // In JavaScript a declared variable is set to 'undefined'.
+        sandbox.run("var y; (function() { var _y ; y = _y })()");
+        test.equal(sandbox._y, undefined);
+        // This should apply to top-level variables (global properties).
+        sandbox.run("var z; _z = z");
+        test.equal(sandbox._z, undefined);
+        // Make sure nothing wacky happens when accessing global declared but
+        // undefined variables.
+        test.equal(sandbox.getGlobal().z, undefined);
+        test.done();
+    },
+
     // Make sure run can be called with a filename parameter.
@@ -52,0 +86,0 @@ 'test run with filename' : function (test) {

New alerts

New author

Supply chain risk

A new npm collaborator published a version of the package for the first time. New collaborators are usually benign additions to a project, but do indicate a change to the security surface area of a package.

Found 1 instance in 1 package

Fixed alerts

Non-existent author

Supply chain risk

The package was published by an npm account that no longer exists.

Found 1 instance in 1 package

Improved metrics

Total package byte prevSize

33667

7.13%

Number of package files

9

12.5%

Lines of code

437

7.64%

Number of high supply chain risk alerts

0

-100%

Worsened metrics

Number of medium supply chain risk alerts

1

Infinity%

No dependency changes