dashdash - npm Package Compare versions

Comparing version 1.3.1 to 1.3.2

CHANGES.md

 # node-dashdash changelog
 
+## 1.3.2
+
+- Fix a subtlety where a *bool* option using both `env` and `default` didn't
+  work exactly correctly. If `default: false` then all was fine (by luck).
+  However, if you had an option like this:
+
+        options: [ {
+            names: ['verbose', 'v'],
+            env: 'FOO_VERBOSE',
+            'default': true,    // <--- this
+            type: 'bool'
+        } ],
+
+  wanted `FOO_VERBOSE=0` to make the option false, then you need the fix
+  in this version of dashdash.
+
+
 ## 1.3.1
@@ -4,0 +21,0 @@

lib/dashdash.js

@@ -419,3 +419,3 @@ /**
     this.options.forEach(function (o) {
-        if (o.default && opts[o.key] === undefined) {
+        if (o.default !== undefined && opts[o.key] === undefined) {
             opts[o.key] = o.default;
@@ -425,3 +425,2 @@ }
 
-
     opts._order = _order;
@@ -428,0 +427,0 @@ opts._args = _args;

package.json

 {
     "name": "dashdash",
     "description": "A light, featureful and explicit option parsing library.",
-    "version": "1.3.1",
+    "version": "1.3.2",
     "author": "Trent Mick (trentm.com)",
@@ -6,0 +6,0 @@ "repository": {

test/basics.test.js

@@ -664,4 +664,48 @@ /*
     },
+
+    {
+        options: [ {
+            names: ['verbose', 'v'],
+            env: 'FOO_VERBOSE',
+            'default': false,
+            type: 'bool'
+        } ],
+        argv: 'node foo.js',
+        expect: { verbose: false, _args: [] }
+    },
+    {
+        options: [ {
+            names: ['verbose', 'v'],
+            env: 'FOO_VERBOSE',
+            'default': false,
+            type: 'bool'
+        } ],
+        argv: 'node foo.js',
+        env: {FOO_VERBOSE: '1'},
+        expect: { verbose: true, _args: [] }
+    },
+    {
+        options: [ {
+            names: ['verbose', 'v'],
+            env: 'FOO_VERBOSE',
+            'default': false,
+            type: 'bool'
+        } ],
+        argv: 'node foo.js',
+        env: {FOO_VERBOSE: '0'},
+        expect: { verbose: false, _args: [] }
+    },
+    {
+        options: [ {
+            names: ['verbose', 'v'],
+            env: 'FOO_VERBOSE',
+            'default': false,
+            type: 'bool'
+        } ],
+        argv: 'node foo.js -v',
+        env: {FOO_VERBOSE: '0'},
+        expect: { verbose: true, _args: [] }
+    },
 ];
-cases.forEach(function (c, i) {
+cases.forEach(function (c, num) {
     var expect = c.expect;
@@ -694,3 +738,3 @@ delete c.expect;
     }
-    var testName = format('case %d: %s%s', i, envStr, argv.join(' '));
+    var testName = format('case %d: %s%s', num, envStr, argv.join(' '));
     if (TEST_FILTER && !~testName.indexOf(TEST_FILTER)) {
@@ -700,3 +744,3 @@ return;
     test(testName, function (t) {
-        debug('--', i)
+        debug('--', num)
         debug('c: %j', c)
@@ -703,0 +747,0 @@ var parser = new dashdash.Parser(c);

New alerts

Environment variable access

Supply chain risk

Package accesses environment variables, which may be a sign of credential stuffing or data theft.

Found 2 instances in 1 package

Fixed alerts

Environment variable access

Supply chain risk

Package accesses environment variables, which may be a sign of credential stuffing or data theft.

Found 2 instances in 1 package

Improved metrics

Total package byte prevSize

107214

1.51%

Lines of code

1906

2.31%

No dependency changes