fast-loops - npm Package Compare versions

Comparing version 1.1.3 to 1.1.4

es/objectMergeDeep.js

@@ -10,5 +10,10 @@ function _typeof(obj) { if (typeof Symbol === "function" && typeof Symbol.iterator === "symbol") { _typeof = function _typeof(obj) { return typeof obj; }; } else { _typeof = function _typeof(obj) { return obj && typeof Symbol === "function" && obj.constructor === Symbol && obj !== Symbol.prototype ? "symbol" : typeof obj; }; } return _typeof(obj); }
     for (var key in obj) {
+      // see https://github.com/robinweser/fast-loops/issues/18
+      if (key === '__proto__' || key === 'constructor' || key === 'prototype') {
+        continue;
+      }
+
       var value = obj[key];
 
-      if (_typeof(value) === 'object' && !Array.isArray(value)) {
+      if (_typeof(value) === 'object' && !Array.isArray(value) && value !== null) {
         base[key] = objectMergeDeep(base[key], value);
@@ -15,0 +20,0 @@ continue;

lib/objectMergeDeep.js

@@ -17,5 +17,10 @@ "use strict";
     for (var key in obj) {
+      // see https://github.com/robinweser/fast-loops/issues/18
+      if (key === '__proto__' || key === 'constructor' || key === 'prototype') {
+        continue;
+      }
+
       var value = obj[key];
 
-      if (_typeof(value) === 'object' && !Array.isArray(value)) {
+      if (_typeof(value) === 'object' && !Array.isArray(value) && value !== null) {
         base[key] = objectMergeDeep(base[key], value);
@@ -22,0 +27,0 @@ continue;

package.json

 {
   "name": "fast-loops",
-  "version": "1.1.3",
+  "version": "1.1.4",
   "description": "Small, performant & immutable iteration utilities for Arrays and Objects",
@@ -30,3 +30,3 @@ "main": "lib/index.js",
     "lint": "eslint modules/**/*.js",
-    "release": "git pull --rebase && yarn run check && yarn build && npm publish",
+    "release": "yarn run check && yarn build && npm publish",
     "test": "cross-env BABEL_ENV=commonjs jest",
@@ -33,0 +33,0 @@ "test:coverage": "cross-env BABEL_ENV=commonjs jest --coverage",

New alerts

License Policy Violation

License

This package is not allowed per your license policy. Review the package's license to ensure compliance.

Found 1 instance in 1 package

Major refactor

Supply chain risk

Package has recently undergone a major refactor. It may be unstable or indicate significant internal changes. Use caution when updating to versions that include significant changes.

Found 1 instance in 1 package

Fixed alerts

License Policy Violation

License

This package is not allowed per your license policy. Review the package's license to ensure compliance.

Found 1 instance in 1 package

Worsened metrics

Total package byte prevSize

32561

decreased by-64.97%

Number of package files

49

decreased by-7.55%

Lines of code

731

decreased by-72.4%

Number of medium supply chain risk alerts

1

increased byInfinity%

No dependency changes