jest
Advanced tools
Comparing version 0.1.1 to 0.1.2
{ | ||
"name":"jest", | ||
"description":"JavaScriptational State Transfer. JS restful API layer with Mongoose based resources. Inspired by python Tastypie", | ||
"version":"0.1.1", | ||
"version":"0.1.2", | ||
"author":"Ishai Jaffe <ishai@empeeric.com>", | ||
@@ -6,0 +6,0 @@ "contributors": [ |
@@ -589,4 +589,7 @@ var _ = require('underscore'), | ||
filters[field] = query[field]; | ||
else | ||
continue; | ||
else { | ||
if(this.strict) | ||
return 'filter ' + field_name + ' with operand ' + operand + ' is not allowed. see allowed filters in schema'; | ||
else | ||
continue; } | ||
} | ||
@@ -626,14 +629,31 @@ else | ||
} | ||
// support regex operators | ||
if(operand == 'contains') { | ||
filters[field.replace('__contains','__regex')] = this.escape_regex(filters[field]); | ||
filters[field.replace('__contains','')] = new RegExp(this.escape_regex(filters[field])); | ||
delete filters[field]; | ||
} | ||
if(operand == 'startswith') { | ||
filters[field.replace('__startswith','__regex')] = '^' + this.escape_regex(filters[field]); | ||
filters[field.replace('__startswith','')] = new RegExp('^' + this.escape_regex(filters[field])); | ||
delete filters[field]; | ||
} | ||
if(operand == 'endswith') { | ||
filters[field.replace('__endswith','__regex')] = this.escape_regex(filters[field] + '$'); | ||
filters[field.replace('__endswith','')] = new RegExp(this.escape_regex(filters[field] + '$')); | ||
delete filters[field]; | ||
} | ||
if(operand == 'iexact') { | ||
filters[field.replace('__iexact','')] = new RegExp('^' + this.escape_regex(filters[field]) + '$','i'); | ||
delete filters[field]; | ||
} | ||
if(operand == 'icontains') { | ||
filters[field.replace('__icontains','')] = new RegExp(this.escape_regex(filters[field]),'i'); | ||
delete filters[field]; | ||
} | ||
if(operand == 'istartswith') { | ||
filters[field.replace('__istartswith','')] = new RegExp('^' + this.escape_regex(filters[field]),'i'); | ||
delete filters[field]; | ||
} | ||
if(operand == 'iendswith') { | ||
filters[field.replace('__iendswith','')] = new RegExp(this.escape_regex(filters[field] + '$'),'i'); | ||
delete filters[field]; | ||
} | ||
if (field == 'or') | ||
@@ -640,0 +660,0 @@ or_filter = query[field].split(','); |
Install scripts
Supply chain riskInstall scripts are run when the package is installed. The majority of malware in npm is hidden in install scripts.
Found 2 instances in 1 package
Major refactor
Supply chain riskPackage has recently undergone a major refactor. It may be unstable or indicate significant internal changes. Use caution when updating to versions that include significant changes.
Found 1 instance in 1 package
Network access
Supply chain riskThis module accesses the network.
Found 3 instances in 1 package
Shell access
Supply chain riskThis module accesses the system shell. Accessing the system shell increases the risk of executing arbitrary code.
Found 1 instance in 1 package
Uses eval
Supply chain riskPackage uses eval() which is a dangerous function. This prevents the code from running in certain environments and increases the risk that the code may contain exploits or malicious behavior.
Found 2 instances in 1 package
Debug access
Supply chain riskUses debug, reflection and dynamic code execution features.
Found 1 instance in 1 package
Dynamic require
Supply chain riskDynamic require can indicate the package is performing dangerous or unsafe dynamic code execution.
Found 1 instance in 1 package
Environment variable access
Supply chain riskPackage accesses environment variables, which may be a sign of credential stuffing or data theft.
Found 9 instances in 1 package
Filesystem access
Supply chain riskAccesses the file system, and could potentially read sensitive data.
Found 1 instance in 1 package
SPDX disjunction
LicenseSPDX disjunction for an artifact's license information
Found 1 instance in 1 package
Mixed license
License(Experimental) Package contains multiple licenses.
Found 1 instance in 1 package
Unidentified License
License(Experimental) Something that seems like a license was found, but its contents could not be matched with a known license
Found 1 instance in 1 package
Major refactor
Supply chain riskPackage has recently undergone a major refactor. It may be unstable or indicate significant internal changes. Use caution when updating to versions that include significant changes.
Found 1 instance in 1 package
SPDX disjunction
LicenseSPDX disjunction for an artifact's license information
Found 1 instance in 1 package
No License Found
License(Experimental) License information could not be found
Found 1 instance in 1 package
4434176
297
35119
3
80
2
256
24