Comparing version 1.0.5 to 1.0.6
23
index.js
@@ -1,4 +0,19 @@ | ||
module.exports = function flatstr(s) { | ||
Number(s) | ||
return s | ||
} | ||
'use strict' | ||
try { | ||
var flatstr = Function('s', 'return %FlattenString(s)') | ||
} catch (e) { | ||
try { | ||
var v8 = require('v' + '8') | ||
v8.setFlagsFromString('--allow-natives-syntax') | ||
var flatstr = Function('s', 'return %FlattenString(s)') | ||
v8.setFlagsFromString('--no-allow-natives-syntax') | ||
} catch (e) { | ||
var flatstr = function flatstr(s) { | ||
Number(s) | ||
return s | ||
} | ||
} | ||
} | ||
module.exports = flatstr |
{ | ||
"name": "flatstr", | ||
"version": "1.0.5", | ||
"version": "1.0.6", | ||
"description": "Flattens the underlying C structures of a concatenated JavaScript string", | ||
@@ -5,0 +5,0 @@ "main": "index.js", |
@@ -62,19 +62,10 @@ # flatstr | ||
There are several ways to indirectly call `String::Flatten` (see `alt-benchmark.js`), but coercion to a number appears to be (one of) the cheapest. | ||
There are several ways to indirectly call `String::Flatten` (see `alt-benchmark.js`), | ||
but coercion to a number appears to be (one of) the cheapest. | ||
Here's the code: | ||
However since Node 10 the V8 version has stopped using Flatten in all | ||
places identified. Thus the code has been updated to seamlessly | ||
use the native runtime function `%FlattenString` without having to use | ||
the `--allow-natives-syntax` flag directly. | ||
```js | ||
module.exports = function flatstr(s) { | ||
Number(s) | ||
return s | ||
} | ||
``` | ||
Obviously, you could just use `Number` in your own code, and not use | ||
this module at all. However, this module serves the purpose of preventing | ||
misunderstandings in your code base (and potential removal of code that | ||
appears to be superfluous at first glance). Tests show that the additional | ||
function wrapper adds negligible overhead. | ||
One final note: calling flatstr too much can in fact negatively effect performance. For instance, don't call it every time you concat (if that | ||
@@ -81,0 +72,0 @@ was performant, v8 wouldn't be using trees in the first place). The best |
License Policy Violation
LicenseThis package is not allowed per your license policy. Review the package's license to ensure compliance.
Found 1 instance in 1 package
Uses eval
Supply chain riskPackage uses eval() which is a dangerous function. This prevents the code from running in certain environments and increases the risk that the code may contain exploits or malicious behavior.
Found 1 instance in 1 package
Dynamic require
Supply chain riskDynamic require can indicate the package is performing dangerous or unsafe dynamic code execution.
Found 1 instance in 1 package
License Policy Violation
LicenseThis package is not allowed per your license policy. Review the package's license to ensure compliance.
Found 1 instance in 1 package
11988
289
6
83
3
2