Launch Week Day 3: Introducing Organization Notifications in Socket.Learn More
Socket
Book a DemoSign in
Socket

lodash.escape

Package Overview
Dependencies
Maintainers
3
Versions
14
Alerts
File Explorer

Advanced tools

Socket logo

Install Socket

Detect and block malicious and high-risk dependencies

Install

lodash.escape - npm Package Compare versions

Comparing version
3.0.0
to
3.1.0
+22
LICENSE
Copyright 2012-2016 The Dojo Foundation <http://dojofoundation.org/>
Based on Underscore.js, copyright 2009-2016 Jeremy Ashkenas,
DocumentCloud and Investigative Reporters & Editors <http://underscorejs.org/>
Permission is hereby granted, free of charge, to any person obtaining
a copy of this software and associated documentation files (the
"Software"), to deal in the Software without restriction, including
without limitation the rights to use, copy, modify, merge, publish,
distribute, sublicense, and/or sell copies of the Software, and to
permit persons to whom the Software is furnished to do so, subject to
the following conditions:
The above copyright notice and this permission notice shall be
included in all copies or substantial portions of the Software.
THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
+122
-19
/**
* lodash 3.0.0 (Custom Build) <https://lodash.com/>
* Build: `lodash modern modularize exports="npm" -o ./`
* Copyright 2012-2015 The Dojo Foundation <http://dojofoundation.org/>
* Based on Underscore.js 1.7.0 <http://underscorejs.org/LICENSE>
* Copyright 2009-2015 Jeremy Ashkenas, DocumentCloud and Investigative Reporters & Editors
* lodash 3.1.0 (Custom Build) <https://lodash.com/>
* Build: `lodash modularize exports="npm" -o ./`
* Copyright 2012-2016 The Dojo Foundation <http://dojofoundation.org/>
* Based on Underscore.js 1.8.3 <http://underscorejs.org/LICENSE>
* Copyright 2009-2016 Jeremy Ashkenas, DocumentCloud and Investigative Reporters & Editors
* Available under MIT license <https://lodash.com/license>
*/
var baseToString = require('lodash._basetostring');
/** Used as references for various `Number` constants. */
var INFINITY = 1 / 0;
/** `Object#toString` result references. */
var symbolTag = '[object Symbol]';
/** Used to match HTML entities and HTML characters. */

@@ -36,11 +41,110 @@ var reUnescapedHtml = /[&<>"'`]/g,

/** Used for built-in method references. */
var objectProto = global.Object.prototype;
/**
* Converts the characters "&", "<", ">", '"', "'", and '`', in `string` to
* Used to resolve the [`toStringTag`](http://ecma-international.org/ecma-262/6.0/#sec-object.prototype.tostring)
* of values.
*/
var objectToString = objectProto.toString;
/** Built-in value references. */
var _Symbol = global.Symbol;
/** Used to convert symbols to primitives and strings. */
var symbolProto = _Symbol ? _Symbol.prototype : undefined,
symbolToString = _Symbol ? symbolProto.toString : undefined;
/**
* Checks if `value` is object-like. A value is object-like if it's not `null`
* and has a `typeof` result of "object".
*
* @static
* @memberOf _
* @category Lang
* @param {*} value The value to check.
* @returns {boolean} Returns `true` if `value` is object-like, else `false`.
* @example
*
* _.isObjectLike({});
* // => true
*
* _.isObjectLike([1, 2, 3]);
* // => true
*
* _.isObjectLike(_.noop);
* // => false
*
* _.isObjectLike(null);
* // => false
*/
function isObjectLike(value) {
return !!value && typeof value == 'object';
}
/**
* Checks if `value` is classified as a `Symbol` primitive or object.
*
* @static
* @memberOf _
* @category Lang
* @param {*} value The value to check.
* @returns {boolean} Returns `true` if `value` is correctly classified, else `false`.
* @example
*
* _.isSymbol(Symbol.iterator);
* // => true
*
* _.isSymbol('abc');
* // => false
*/
function isSymbol(value) {
return typeof value == 'symbol' ||
(isObjectLike(value) && objectToString.call(value) == symbolTag);
}
/**
* Converts `value` to a string if it's not one. An empty string is returned
* for `null` and `undefined` values. The sign of `-0` is preserved.
*
* @static
* @memberOf _
* @category Lang
* @param {*} value The value to process.
* @returns {string} Returns the string.
* @example
*
* _.toString(null);
* // => ''
*
* _.toString(-0);
* // => '-0'
*
* _.toString([1, 2, 3]);
* // => '1,2,3'
*/
function toString(value) {
// Exit early for strings to avoid a performance hit in some environments.
if (typeof value == 'string') {
return value;
}
if (value == null) {
return '';
}
if (isSymbol(value)) {
return _Symbol ? symbolToString.call(value) : '';
}
var result = (value + '');
return (result == '0' && (1 / value) == -INFINITY) ? '-0' : result;
}
/**
* Converts the characters "&", "<", ">", '"', "'", and "\`" in `string` to
* their corresponding HTML entities.
*
* **Note:** No other characters are escaped. To escape additional characters
* use a third-party library like [_he_](https://mths.be/he).
* **Note:** No other characters are escaped. To escape additional
* characters use a third-party library like [_he_](https://mths.be/he).
*
* Though the ">" character is escaped for symmetry, characters like
* ">" and "/" don't require escaping in HTML and have no special meaning
* ">" and "/" don't need escaping in HTML and have no special meaning
* unless they're part of a tag or unquoted attribute value.

@@ -50,11 +154,11 @@ * See [Mathias Bynens's article](https://mathiasbynens.be/notes/ambiguous-ampersands)

*
* Backticks are escaped because in Internet Explorer < 9, they can break out
* of attribute values or HTML comments. See [#102](https://html5sec.org/#102),
* [#108](https://html5sec.org/#108), and [#133](https://html5sec.org/#133) of
* the [HTML5 Security Cheatsheet](https://html5sec.org/) for more details.
*
* When working with HTML you should always quote attribute values to reduce
* XSS vectors. See [Ryan Grove's article](http://wonko.com/post/html-escaping)
* Backticks are escaped because in IE < 9, they can break out of
* attribute values or HTML comments. See [#59](https://html5sec.org/#59),
* [#102](https://html5sec.org/#102), [#108](https://html5sec.org/#108), and
* [#133](https://html5sec.org/#133) of the [HTML5 Security Cheatsheet](https://html5sec.org/)
* for more details.
*
* When working with HTML you should always [quote attribute values](http://wonko.com/post/html-escaping)
* to reduce XSS vectors.
*
* @static

@@ -71,4 +175,3 @@ * @memberOf _

function escape(string) {
// Reset `lastIndex` because in IE < 9 `String#replace` does not.
string = baseToString(string);
string = toString(string);
return (string && reHasUnescapedHtml.test(string))

@@ -75,0 +178,0 @@ ? string.replace(reUnescapedHtml, escapeHtmlChar)

+5
-10
{
"name": "lodash.escape",
"version": "3.0.0",
"description": "The modern build of lodash’s `_.escape` as a module.",
"version": "3.1.0",
"description": "The lodash method `_.escape` exported as a module.",
"homepage": "https://lodash.com/",
"icon": "https://lodash.com/icon.svg",
"license": "MIT",
"keywords": "lodash, lodash-modularized, stdlib, util",
"keywords": "lodash, lodash-modularized, stdlib, util, escape",
"author": "John-David Dalton <john.david.dalton@gmail.com> (http://allyoucanleet.com/)",
"contributors": [
"John-David Dalton <john.david.dalton@gmail.com> (http://allyoucanleet.com/)",
"Benjamin Tan <demoneaux@gmail.com> (https://d10.github.io/)",
"Blaine Bublitz <blaine@iceddev.com> (http://www.iceddev.com/)",
"Kit Cambridge <github@kitcambridge.be> (http://kitcambridge.be/)",
"Blaine Bublitz <blaine@iceddev.com> (https://github.com/phated)",
"Mathias Bynens <mathias@qiwi.be> (https://mathiasbynens.be/)"
],
"repository": "lodash/lodash",
"scripts": { "test": "echo \"See https://travis-ci.org/lodash/lodash-cli for testing details.\"" },
"dependencies": {
"lodash._basetostring": "^3.0.0"
}
"scripts": { "test": "echo \"See https://travis-ci.org/lodash/lodash-cli for testing details.\"" }
}

@@ -1,4 +0,4 @@

# lodash.escape v3.0.0
# lodash.escape v3.1.0
The [modern build](https://github.com/lodash/lodash/wiki/Build-Differences) of [lodash’s](https://lodash.com/) `_.escape` exported as a [Node.js](http://nodejs.org/)/[io.js](https://iojs.org/) module.
The [lodash](https://lodash.com/) method `_.escape` exported as a [Node.js](https://nodejs.org/) module.

@@ -8,3 +8,2 @@ ## Installation

Using npm:
```bash

@@ -15,4 +14,3 @@ $ {sudo -H} npm i -g npm

In Node.js/io.js:
In Node.js:
```js

@@ -22,2 +20,2 @@ var escape = require('lodash.escape');

See the [documentation](https://lodash.com/docs#escape) or [package source](https://github.com/lodash/lodash/blob/3.0.0-npm-packages/lodash.escape) for more details.
See the [documentation](https://lodash.com/docs#escape) or [package source](https://github.com/lodash/lodash/blob/3.1.0-npm-packages/lodash.escape) for more details.
Copyright 2012-2015 The Dojo Foundation <http://dojofoundation.org/>
Based on Underscore.js 1.7.0, copyright 2009-2015 Jeremy Ashkenas,
DocumentCloud and Investigative Reporters & Editors <http://underscorejs.org/>
Permission is hereby granted, free of charge, to any person obtaining
a copy of this software and associated documentation files (the
"Software"), to deal in the Software without restriction, including
without limitation the rights to use, copy, modify, merge, publish,
distribute, sublicense, and/or sell copies of the Software, and to
permit persons to whom the Software is furnished to do so, subject to
the following conditions:
The above copyright notice and this permission notice shall be
included in all copies or substantial portions of the Software.
THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.