fast-redact
Advanced tools
fast-redact - npm Package Compare versions
Comparing version 1.1.14 to 1.2.0
@@ -41,4 +41,5 @@ 'use strict' | ||
| const compileRestore = restorer({secret, wcLen}) | ||
| const strict = 'strict' in opts ? opts.strict : true | ||
| return redactor({secret, wcLen, serialize}, state({ | ||
| return redactor({secret, wcLen, serialize, strict}, state({ | ||
| secret, | ||
@@ -45,0 +46,0 @@ censor, |
@@ -7,7 +7,7 @@ 'use strict' | ||
| function redactor ({secret, serialize, wcLen}, state) { | ||
| function redactor ({secret, serialize, wcLen, strict}, state) { | ||
| /* eslint-disable-next-line */ | ||
| const redact = Function('o', ` | ||
| if (typeof o !== 'object' || o == null) { | ||
| throw Error('fast-redact: primitives cannot be redacted') | ||
| ${strictImpl(strict)} | ||
| } | ||
@@ -47,3 +47,3 @@ const { censor, secret } = this | ||
| ${hops.reverse().map((p) => ` | ||
| case o${delim}${p} === censor: | ||
| case o${delim}${p} === censor: | ||
| secret[${escPath}].circle = ${JSON.stringify(p)} | ||
@@ -91,1 +91,5 @@ break | ||
| } | ||
| function strictImpl (strict) { | ||
| return strict === true ? `throw Error('fast-redact: primitives cannot be redacted')` : `return o` | ||
| } |
@@ -14,3 +14,3 @@ 'use strict' | ||
| wildcards, | ||
| wcLen | ||
| wcLen, | ||
| } = o | ||
@@ -17,0 +17,0 @@ const builder = [{secret, censor, compileRestore}] |
| { | ||
| "name": "fast-redact", | ||
| "version": "1.1.14", | ||
| "version": "1.2.0", | ||
| "description": "very fast object redaction", | ||
@@ -5,0 +5,0 @@ "main": "index.js", |
@@ -157,2 +157,7 @@ # fast-redact | ||
| #### `strict` – `Boolean` - `[true]` | ||
| The `strict` option, when set to `true`, will cause the redactor function to throw if instead | ||
| of an object it finds a primitive. When `strict` is set to `false`, the redactor function | ||
| will return the primitive value without being redacted. | ||
| ## Approach | ||
@@ -159,0 +164,0 @@ |
@@ -24,4 +24,4 @@ 'use strict' | ||
| test('throws when passed non-object', ({end, throws}) => { | ||
| const redact = fastRedact({paths: ['a.b.c'], serialize: false}) | ||
| test('throws when passed non-object using defaults', ({end, throws}) => { | ||
| const redact = fastRedact({paths: ['a.b.c']}) | ||
| throws(() => redact(1)) | ||
@@ -31,2 +31,16 @@ end() | ||
| test('throws when passed non-object using [strict: true]', ({end, throws}) => { | ||
| const redact = fastRedact({paths: ['a.b.c'], strict: true}) | ||
| throws(() => redact(1)) | ||
| end() | ||
| }) | ||
| test('returns original value when passed non-object using [strict: false]', ({end, is, doesNotThrow}) => { | ||
| const redact = fastRedact({paths: ['a.b.c'], strict: false}) | ||
| doesNotThrow(() => redact(1)) | ||
| const o = redact(1) | ||
| is(o, 1) | ||
| end() | ||
| }) | ||
| test('throws if a path is not a string', ({end, is, throws}) => { | ||
@@ -33,0 +47,0 @@ throws((e) => { |
New alerts
License Policy Violation
LicenseThis package is not allowed per your license policy. Review the package's license to ensure compliance.
Found 1 instance in 1 package
New author
Supply chain riskA new npm collaborator published a version of the package for the first time. New collaborators are usually benign additions to a project, but do indicate a change to the security surface area of a package.
Found 1 instance in 1 package
Uses eval
Supply chain riskPackage uses dynamic code execution (e.g., eval()), which is a dangerous practice. This can prevent the code from running in certain environments and increases the risk that the code may contain exploits or malicious behavior.
Found 1 instance in 1 package
Fixed alerts
License Policy Violation
LicenseThis package is not allowed per your license policy. Review the package's license to ensure compliance.
Found 1 instance in 1 package
Uses eval
Supply chain riskPackage uses dynamic code execution (e.g., eval()), which is a dangerous practice. This can prevent the code from running in certain environments and increases the risk that the code may contain exploits or malicious behavior.
Found 1 instance in 1 package
Improved metrics
- Number of lines in readme file
- increased by1.83%
278
Worsened metrics
- Total package byte prevSize
- decreased by-67.5%
56683
- Number of package files
- decreased by-48.65%
19
- Lines of code
- decreased by-26.51%
1281
- Number of medium supply chain risk alerts
- increased by50%
3