Comparing version 1.6.1 to 1.6.2
@@ -79,2 +79,3 @@ var isBuffer = require('is-buffer') | ||
| while (key2 !== undefined) { | ||
| if (key1 === '__proto__') { return } | ||
| var type = Object.prototype.toString.call(recipient[key1]) | ||
@@ -81,0 +82,0 @@ var isobject = ( |
| { | ||
| "name": "flat", | ||
| "version": "1.6.1", | ||
| "version": "1.6.2", | ||
| "main": "index.js", | ||
@@ -5,0 +5,0 @@ "scripts": { |
@@ -391,2 +391,16 @@ var assert = require('assert') | ||
| }) | ||
| test('should not pollute prototype', function () { | ||
| unflatten({ | ||
| '__proto__.polluted': true | ||
| }); | ||
| unflatten({ | ||
| 'prefix.__proto__.polluted': true | ||
| }); | ||
| unflatten({ | ||
| 'prefix.0.__proto__.polluted': true | ||
| }); | ||
| assert.notStrictEqual({}.polluted, true); | ||
| }) | ||
| }) | ||
@@ -393,0 +407,0 @@ |
Fixed alerts
Deprecated
MaintenanceThe maintainer of the package marked it as deprecated. This could indicate that a single version should not be used, or that the package is no longer maintained and any new vulnerabilities will not be fixed.
Found 1 instance in 1 package
Improved metrics
- Total package byte prevSize
- increased by2.09%
17019
- Lines of code
- increased by2.69%
496
- Number of high maintenance alerts
- decreased by-100%
0
Worsened metrics
- Number of package files
- decreased by-14.29%
6
No dependency changes