jest - npm Package Compare versions

Comparing version 0.1.0 to 0.1.1

mongoose_resource.js

@@ -99,2 +99,4 @@ var _ = require('underscore'),
                 {
+                    if(query_op == 'maxDistance')
+                        query_value = Number(query_value);
                     query.where(query_key)[query_op](query_value);
@@ -101,0 +103,0 @@ count_query.where(query_key)[query_op](query_value);

package.json

 {
 	"name":"jest",
 	"description":"JavaScriptational State Transfer. JS restful API layer with Mongoose based resources. Inspired by python Tastypie",
-	"version":"0.1.0",
+	"version":"0.1.1",
 	"author":"Ishai Jaffe <ishai@empeeric.com>",
@@ -6,0 +6,0 @@ "contributors": [

resource.js

@@ -606,19 +606,19 @@ var _ = require('underscore'),
             // support 'in' query
-            if (operand == 'in' || operand == 'near')
+            if (operand == 'in')
                 filters[field] = query[field].split(',');
             if(operand == 'near')
             {
-                if(filters[field].length > 2)
-                    return 'near filter only accepts two params: lat,lng as a list (i.e [23.32,43.231] ) or an object (i.e {"lat":23.32,"lng":43})';
-                if(filters[field].length == 1)
-                {
-                    try
-                    {
-                        filters[field] = JSON.parse(filters[field][0]);
-                    }
-                    catch(e)
-                    {
+                try{
+                    var json = JSON.parse(query[field]);
+                    if(json && json.lat && json.lng)
+                        filters[field] = {lng:Number(json.lng), lat:Number(json.lat)};
+                    else
                         return 'near filter only accepts two params: lat,lng as a list (i.e [23.32,43.231] ) or an object (i.e {"lat":23.32,"lng":43})';
-                    }
                 }
+                catch (e) {
+                    filters[field] = query[field].split(',');
+                    if(filters[field].length != 2)
+                        return 'near filter only accepts two params: lat,lng as a list (i.e [23.32,43.231] ) or an object (i.e {"lat":23.32,"lng":43})';
+                    filters[field] = {lng:Number(filters[field][1]), lat:Number(filters[field][0])};
+                }
 
@@ -625,0 +625,0 @@ }

New alerts

License Policy Violation

License

This package is not allowed per your license policy. Review the package's license to ensure compliance.

Found 1 instance in 1 package

Major refactor

Supply chain risk

Package has recently undergone a major refactor. It may be unstable or indicate significant internal changes. Use caution when updating to versions that include significant changes.

Found 1 instance in 1 package

No License Found

License

(Experimental) License information could not be found.

Found 1 instance in 1 package

Fixed alerts

License Policy Violation

License

This package is not allowed per your license policy. Review the package's license to ensure compliance.

Found 1 instance in 1 package

Install scripts

Supply chain risk

Install scripts are run when the package is installed. The majority of malware in npm is hidden in install scripts.

Found 2 instances in 1 package

Network access

Supply chain risk

This module accesses the network.

Found 3 instances in 1 package

Shell access

Supply chain risk

This module accesses the system shell. Accessing the system shell increases the risk of executing arbitrary code.

Found 1 instance in 1 package

Uses eval

Supply chain risk

Package uses dynamic code execution (e.g., eval()), which is a dangerous practice. This can prevent the code from running in certain environments and increases the risk that the code may contain exploits or malicious behavior.

Found 2 instances in 1 package

Debug access

Supply chain risk

Uses debug, reflection and dynamic code execution features.

Found 1 instance in 1 package

Dynamic require

Supply chain risk

Dynamic require can indicate the package is performing dangerous or unsafe dynamic code execution.

Found 1 instance in 1 package

Environment variable access

Supply chain risk

Package accesses environment variables, which may be a sign of credential stuffing or data theft.

Found 9 instances in 1 package

Filesystem access

Supply chain risk

Accesses the file system, and could potentially read sensitive data.

Found 1 instance in 1 package

Mixed license

License

(Experimental) Package contains multiple licenses.

Found 1 instance in 1 package

Unidentified License

License

(Experimental) Something that seems like a license was found, but its contents could not be matched with a known license.

Found 1 instance in 1 package

Improved metrics

Number of low license alerts

1

decreased by-50%

License quality

100

increased by25%

Number of high supply chain risk alerts

0

decreased by-100%

Number of low supply chain risk alerts

1

decreased by-99.59%

Number of medium supply chain risk alerts

1

decreased by-95.65%

Worsened metrics

Total package byte prevSize

56453

decreased by-98.73%

Number of package files

17

decreased by-94.28%

Lines of code

1513

decreased by-95.69%

No dependency changes