lodash-es - npm Package Compare versions
Comparing version 4.17.20 to 4.17.21
@@ -48,3 +48,3 @@ /** | ||
| /** Used as the semantic version number. */ | ||
| var VERSION = '4.17.20'; | ||
| var VERSION = '4.17.21'; | ||
@@ -51,0 +51,0 @@ /** Used to compose bitmasks for function metadata. */ |
| { | ||
| "name": "lodash-es", | ||
| "version": "4.17.20", | ||
| "version": "4.17.21", | ||
| "description": "Lodash exported as ES modules.", | ||
@@ -5,0 +5,0 @@ "keywords": "es6, modules, stdlib, util", |
| import root from './_root.js'; | ||
| import toString from './toString.js'; | ||
| /** Used to match leading and trailing whitespace. */ | ||
| /** Used to match leading whitespace. */ | ||
| var reTrimStart = /^\s+/; | ||
@@ -6,0 +6,0 @@ |
@@ -1,2 +0,2 @@ | ||
| # lodash-es v4.17.20 | ||
| # lodash-es v4.17.21 | ||
@@ -10,2 +10,2 @@ The [Lodash](https://lodash.com/) library exported as [ES](http://www.ecma-international.org/ecma-262/6.0/) modules. | ||
| See the [package source](https://github.com/lodash/lodash/tree/4.17.20-es) for more details. | ||
| See the [package source](https://github.com/lodash/lodash/tree/4.17.21-es) for more details. |
@@ -13,2 +13,5 @@ import assignInWith from './assignInWith.js'; | ||
| /** Error message constants. */ | ||
| var INVALID_TEMPL_VAR_ERROR_TEXT = 'Invalid `variable` option passed into `_.template`'; | ||
| /** Used to match empty string literals in compiled template source. */ | ||
@@ -20,2 +23,14 @@ var reEmptyStringLeading = /\b__p \+= '';/g, | ||
| /** | ||
| * Used to validate the `validate` option in `_.template` variable. | ||
| * | ||
| * Forbids characters which could potentially change the meaning of the function argument definition: | ||
| * - "()," (modification of function parameters) | ||
| * - "=" (default value) | ||
| * - "[]{}" (destructuring of function parameters) | ||
| * - "/" (beginning of a comment) | ||
| * - whitespace | ||
| */ | ||
| var reForbiddenIdentifierChars = /[()=,{}\[\]\/\s]/; | ||
| /** | ||
| * Used to match | ||
@@ -215,2 +230,8 @@ * [ES template delimiters](http://ecma-international.org/ecma-262/7.0/#sec-template-literal-lexical-components). | ||
| } | ||
| // Throw an error if a forbidden character was found in `variable`, to prevent | ||
| // potential command injection attacks. | ||
| else if (reForbiddenIdentifierChars.test(variable)) { | ||
| throw new Error(INVALID_TEMPL_VAR_ERROR_TEXT); | ||
| } | ||
| // Cleanup code by stripping empty strings. | ||
@@ -217,0 +238,0 @@ source = (isEvaluating ? source.replace(reEmptyStringLeading, '') : source) |
@@ -0,1 +1,2 @@ | ||
| import baseTrim from './_baseTrim.js'; | ||
| import isObject from './isObject.js'; | ||
@@ -7,5 +8,2 @@ import isSymbol from './isSymbol.js'; | ||
| /** Used to match leading and trailing whitespace. */ | ||
| var reTrim = /^\s+|\s+$/g; | ||
| /** Used to detect bad signed hexadecimal string values. */ | ||
@@ -60,3 +58,3 @@ var reIsBadHex = /^[-+]0x[0-9a-f]+$/i; | ||
| } | ||
| value = value.replace(reTrim, ''); | ||
| value = baseTrim(value); | ||
| var isBinary = reIsBinary.test(value); | ||
@@ -63,0 +61,0 @@ return (isBinary || reIsOctal.test(value)) |
| import baseToString from './_baseToString.js'; | ||
| import baseTrim from './_baseTrim.js'; | ||
| import castSlice from './_castSlice.js'; | ||
@@ -8,5 +9,2 @@ import charsEndIndex from './_charsEndIndex.js'; | ||
| /** Used to match leading and trailing whitespace. */ | ||
| var reTrim = /^\s+|\s+$/g; | ||
| /** | ||
@@ -37,3 +35,3 @@ * Removes leading and trailing whitespace or specified characters from `string`. | ||
| if (string && (guard || chars === undefined)) { | ||
| return string.replace(reTrim, ''); | ||
| return baseTrim(string); | ||
| } | ||
@@ -40,0 +38,0 @@ if (!string || !(chars = baseToString(chars))) { |
@@ -6,6 +6,4 @@ import baseToString from './_baseToString.js'; | ||
| import toString from './toString.js'; | ||
| import trimmedEndIndex from './_trimmedEndIndex.js'; | ||
| /** Used to match leading and trailing whitespace. */ | ||
| var reTrimEnd = /\s+$/; | ||
| /** | ||
@@ -33,3 +31,3 @@ * Removes trailing whitespace or specified characters from `string`. | ||
| if (string && (guard || chars === undefined)) { | ||
| return string.replace(reTrimEnd, ''); | ||
| return string.slice(0, trimmedEndIndex(string) + 1); | ||
| } | ||
@@ -36,0 +34,0 @@ if (!string || !(chars = baseToString(chars))) { |
@@ -7,3 +7,3 @@ import baseToString from './_baseToString.js'; | ||
| /** Used to match leading and trailing whitespace. */ | ||
| /** Used to match leading whitespace. */ | ||
| var reTrimStart = /^\s+/; | ||
@@ -10,0 +10,0 @@ |
New alerts
License Policy Violation
LicenseThis package is not allowed per your license policy. Review the package's license to ensure compliance.
Found 1 instance in 1 package
Fixed alerts
License Policy Violation
LicenseThis package is not allowed per your license policy. Review the package's license to ensure compliance.
Found 1 instance in 1 package
New author
Supply chain riskA new npm collaborator published a version of the package for the first time. New collaborators are usually benign additions to a project, but do indicate a change to the security surface area of a package.
Found 1 instance in 1 package
Improved metrics
- Total package byte prevSize
- increased by0.8%
636080
- Number of package files
- increased by0.78%
650
- Lines of code
- increased by0.24%
19700
- Number of medium supply chain risk alerts
- decreased by-33.33%
2