fast-json-stringify - npm Package Compare versions

Comparing version 0.13.1 to 0.14.0

index.js

 'use strict'
 
 var fastSafeStringify = require('fast-safe-stringify')
+var Ajv = require('ajv')
 
@@ -90,6 +91,15 @@ var uglify = null
 
+  var dependencies = []
+  var dependenciesName = []
   if (hasAdditionalPropertiesTrue(schema)) {
-    return (new Function('fastSafeStringify', code))(fastSafeStringify)
+    dependencies.push(fastSafeStringify)
+    dependenciesName.push('fastSafeStringify')
   }
-  return (new Function(code))()
+  if (hasAnyOf(schema)) {
+    dependencies.push(new Ajv())
+    dependenciesName.push('ajv')
+  }
+
+  dependenciesName.push(code)
+  return (Function.apply(null, dependenciesName).apply(null, dependencies))
 }
@@ -111,2 +121,16 @@
 
+function hasAnyOf (schema) {
+  if ('anyOf' in schema) { return true }
+
+  var objectKeys = Object.keys(schema)
+  for (var i = 0; i < objectKeys.length; i++) {
+    var value = schema[objectKeys[i]]
+    if (typeof value === 'object') {
+      if (hasAnyOf(value)) { return true }
+    }
+  }
+
+  return false
+}
+
 function $asNull () {
@@ -522,5 +546,19 @@ return 'null'
       code += `
-        json += ${funcName}(obj${accessor})
-      `
+json += ${funcName}(obj${accessor})
+    `
       break
+
+    case undefined:
+      if ('anyOf' in schema) {
+        schema.anyOf.forEach((s, index) => {
+          code += `
+            ${index === 0 ? 'if' : 'else if'}(ajv.validate(${require('util').inspect(s, {depth: null})}, obj${accessor}))
+              ${nested(laterCode, name, key, s, externalSchema, fullSchema, subKey).code}
+          `
+        })
+        code += `
+          else json+= null
+        `
+      } else throw new Error(`${schema} unsupported`)
+      break
     default:
@@ -527,0 +565,0 @@ throw new Error(`${type} unsupported`)

package.json

 {
   "name": "fast-json-stringify",
-  "version": "0.13.1",
+  "version": "0.14.0",
   "description": "Stringify your JSON at max speed",
   "main": "index.js",
   "scripts": {
+    "benchmark": "node bench.js",
     "test": "standard && tap test/*.test.js"
@@ -36,4 +37,5 @@ },
   "dependencies": {
+    "ajv": "^5.2.3",
     "fast-safe-stringify": "^1.2.0"
   }
 }

New alerts

License Policy Violation

License

This package is not allowed per your license policy. Review the package's license to ensure compliance.

Found 1 instance in 1 package

Uses eval

Supply chain risk

Package uses dynamic code execution (e.g., eval()), which is a dangerous practice. This can prevent the code from running in certain environments and increases the risk that the code may contain exploits or malicious behavior.

Found 1 instance in 1 package

Fixed alerts

License Policy Violation

License

This package is not allowed per your license policy. Review the package's license to ensure compliance.

Found 1 instance in 1 package

Uses eval

Supply chain risk

Package uses dynamic code execution (e.g., eval()), which is a dangerous practice. This can prevent the code from running in certain environments and increases the risk that the code may contain exploits or malicious behavior.

Found 1 instance in 1 package

Improved metrics

Total package byte prevSize

30921

increased by3.64%

Lines of code

738

increased by4.68%

Number of medium supply chain risk alerts

3

decreased by-25%

Worsened metrics

Dependency count

2

increased by100%

Dependency changes

• + Addedajv@^5.2.3

• + Addedajv@5.5.2(transitive)

• + Addedco@4.6.0(transitive)

• + Addedfast-deep-equal@1.1.0(transitive)

• + Addedfast-json-stable-stringify@2.1.0(transitive)

• + Addedjson-schema-traverse@0.3.1(transitive)