lodash.templatesettings - npm Package Compare versions

Comparing version 4.1.0 to 4.2.0

index.js

 /**
- * lodash (Custom Build) <https://lodash.com/>
+ * Lodash (Custom Build) <https://lodash.com/>
  * Build: `lodash modularize exports="npm" -o ./`
- * Copyright jQuery Foundation and other contributors <https://jquery.org/>
+ * Copyright OpenJS Foundation and other contributors <https://openjsf.org/>
  * Released under MIT license <https://lodash.com/license>
@@ -15,6 +15,8 @@ * Based on Underscore.js 1.8.3 <http://underscorejs.org/LICENSE>
 /** `Object#toString` result references. */
-var symbolTag = '[object Symbol]';
+var nullTag = '[object Null]',
+    symbolTag = '[object Symbol]',
+    undefinedTag = '[object Undefined]';
 
 /** Used to match HTML entities and HTML characters. */
-var reUnescapedHtml = /[&<>"'`]/g,
+var reUnescapedHtml = /[&<>"']/g,
     reHasUnescapedHtml = RegExp(reUnescapedHtml.source);
@@ -32,4 +34,3 @@
   '"': '&quot;',
-  "'": '&#39;',
-  '`': '&#96;'
+  "'": '&#39;'
 };
@@ -47,2 +48,22 @@
 /**
+ * A specialized version of `_.map` for arrays without support for iteratee
+ * shorthands.
+ *
+ * @private
+ * @param {Array} [array] The array to iterate over.
+ * @param {Function} iteratee The function invoked per iteration.
+ * @returns {Array} Returns the new mapped array.
+ */
+function arrayMap(array, iteratee) {
+  var index = -1,
+      length = array == null ? 0 : array.length,
+      result = Array(length);
+
+  while (++index < length) {
+    result[index] = iteratee(array[index], index, array);
+  }
+  return result;
+}
+
+/**
  * The base implementation of `_.propertyOf` without support for deep paths.
@@ -72,11 +93,15 @@ *
 
+/** Used to check objects for own properties. */
+var hasOwnProperty = objectProto.hasOwnProperty;
+
 /**
  * Used to resolve the
- * [`toStringTag`](http://ecma-international.org/ecma-262/6.0/#sec-object.prototype.tostring)
+ * [`toStringTag`](http://ecma-international.org/ecma-262/7.0/#sec-object.prototype.tostring)
  * of values.
  */
-var objectToString = objectProto.toString;
+var nativeObjectToString = objectProto.toString;
 
 /** Built-in value references. */
-var Symbol = root.Symbol;
+var Symbol = root.Symbol,
+    symToStringTag = Symbol ? Symbol.toStringTag : undefined;
 
@@ -89,4 +114,4 @@ /** Used to convert symbols to primitives and strings. */
  * By default, the template delimiters used by lodash are like those in
- * embedded Ruby (ERB). Change the following template settings to use
- * alternative delimiters.
+ * embedded Ruby (ERB) as well as ES2015 template strings. Change the
+ * following template settings to use alternative delimiters.
  *
@@ -150,2 +175,18 @@ * @static
 /**
+ * The base implementation of `getTag` without fallbacks for buggy environments.
+ *
+ * @private
+ * @param {*} value The value to query.
+ * @returns {string} Returns the `toStringTag`.
+ */
+function baseGetTag(value) {
+  if (value == null) {
+    return value === undefined ? undefinedTag : nullTag;
+  }
+  return (symToStringTag && symToStringTag in Object(value))
+    ? getRawTag(value)
+    : objectToString(value);
+}
+
+/**
  * The base implementation of `_.toString` which doesn't convert nullish
@@ -163,2 +204,6 @@ * values to empty strings.
   }
+  if (isArray(value)) {
+    // Recursively convert values (susceptible to call stack limits).
+    return arrayMap(value, baseToString) + '';
+  }
   if (isSymbol(value)) {
@@ -172,2 +217,65 @@ return symbolToString ? symbolToString.call(value) : '';
 /**
+ * A specialized version of `baseGetTag` which ignores `Symbol.toStringTag` values.
+ *
+ * @private
+ * @param {*} value The value to query.
+ * @returns {string} Returns the raw `toStringTag`.
+ */
+function getRawTag(value) {
+  var isOwn = hasOwnProperty.call(value, symToStringTag),
+      tag = value[symToStringTag];
+
+  try {
+    value[symToStringTag] = undefined;
+    var unmasked = true;
+  } catch (e) {}
+
+  var result = nativeObjectToString.call(value);
+  if (unmasked) {
+    if (isOwn) {
+      value[symToStringTag] = tag;
+    } else {
+      delete value[symToStringTag];
+    }
+  }
+  return result;
+}
+
+/**
+ * Converts `value` to a string using `Object.prototype.toString`.
+ *
+ * @private
+ * @param {*} value The value to convert.
+ * @returns {string} Returns the converted string.
+ */
+function objectToString(value) {
+  return nativeObjectToString.call(value);
+}
+
+/**
+ * Checks if `value` is classified as an `Array` object.
+ *
+ * @static
+ * @memberOf _
+ * @since 0.1.0
+ * @category Lang
+ * @param {*} value The value to check.
+ * @returns {boolean} Returns `true` if `value` is an array, else `false`.
+ * @example
+ *
+ * _.isArray([1, 2, 3]);
+ * // => true
+ *
+ * _.isArray(document.body.children);
+ * // => false
+ *
+ * _.isArray('abc');
+ * // => false
+ *
+ * _.isArray(_.noop);
+ * // => false
+ */
+var isArray = Array.isArray;
+
+/**
  * Checks if `value` is object-like. A value is object-like if it's not `null`
@@ -197,3 +305,3 @@ * and has a `typeof` result of "object".
 function isObjectLike(value) {
-  return !!value && typeof value == 'object';
+  return value != null && typeof value == 'object';
 }
@@ -220,3 +328,3 @@
   return typeof value == 'symbol' ||
-    (isObjectLike(value) && objectToString.call(value) == symbolTag);
+    (isObjectLike(value) && baseGetTag(value) == symbolTag);
 }
@@ -232,4 +340,4 @@
  * @category Lang
- * @param {*} value The value to process.
- * @returns {string} Returns the string.
+ * @param {*} value The value to convert.
+ * @returns {string} Returns the converted string.
  * @example
@@ -251,4 +359,4 @@ *
 /**
- * Converts the characters "&", "<", ">", '"', "'", and "\`" in `string` to
- * their corresponding HTML entities.
+ * Converts the characters "&", "<", ">", '"', and "'" in `string` to their
+ * corresponding HTML entities.
  *
@@ -264,8 +372,2 @@ * **Note:** No other characters are escaped. To escape additional
  *
- * Backticks are escaped because in IE < 9, they can break out of
- * attribute values or HTML comments. See [#59](https://html5sec.org/#59),
- * [#102](https://html5sec.org/#102), [#108](https://html5sec.org/#108), and
- * [#133](https://html5sec.org/#133) of the
- * [HTML5 Security Cheatsheet](https://html5sec.org/) for more details.
- *
  * When working with HTML you should always
@@ -272,0 +374,0 @@ * [quote attribute values](http://wonko.com/post/html-escaping) to reduce

package.json

 {
   "name": "lodash.templatesettings",
-  "version": "4.1.0",
-  "description": "The lodash method `_.templateSettings` exported as a module.",
+  "version": "4.2.0",
+  "description": "The Lodash method `_.templateSettings` exported as a module.",
   "homepage": "https://lodash.com/",
@@ -9,7 +9,6 @@ "icon": "https://lodash.com/icon.svg",
   "keywords": "lodash-modularized, templatesettings",
-  "author": "John-David Dalton <john.david.dalton@gmail.com> (http://allyoucanleet.com/)",
+  "author": "John-David Dalton <john.david.dalton@gmail.com>",
   "contributors": [
-    "John-David Dalton <john.david.dalton@gmail.com> (http://allyoucanleet.com/)",
-    "Blaine Bublitz <blaine.bublitz@gmail.com> (https://github.com/phated)",
-    "Mathias Bynens <mathias@qiwi.be> (https://mathiasbynens.be/)"
+    "John-David Dalton <john.david.dalton@gmail.com>",
+    "Mathias Bynens <mathias@qiwi.be>"
   ],
@@ -19,4 +18,4 @@ "repository": "lodash/lodash",
   "dependencies": {
-    "lodash._reinterpolate": "~3.0.0"
+    "lodash._reinterpolate": "^3.0.0"
   }
 }

README.md

@@ -1,4 +0,4 @@
-# lodash.templatesettings v4.1.0
+# lodash.templatesettings v4.2.0
 
-The [lodash](https://lodash.com/) method `_.templateSettings` exported as a [Node.js](https://nodejs.org/) module.
+The [Lodash](https://lodash.com/) method `_.templateSettings` exported as a [Node.js](https://nodejs.org/) module.
 
@@ -18,2 +18,2 @@ ## Installation
 
-See the [documentation](https://lodash.com/docs#templateSettings) or [package source](https://github.com/lodash/lodash/blob/4.1.0-npm-packages/lodash.templatesettings) for more details.
+See the [documentation](https://lodash.com/docs#templateSettings) or [package source](https://github.com/lodash/lodash/blob/4.2.0-npm-packages/lodash.templatesettings) for more details.

New alerts

License Policy Violation

License

This package is not allowed per your license policy. Review the package's license to ensure compliance.

Found 1 instance in 1 package

Fixed alerts

License Policy Violation

License

This package is not allowed per your license policy. Review the package's license to ensure compliance.

Found 1 instance in 1 package

Major refactor

Supply chain risk

Package has recently undergone a major refactor. It may be unstable or indicate significant internal changes. Use caution when updating to versions that include significant changes.

Found 1 instance in 1 package

Improved metrics

Total package byte prevSize

12852

increased by20.54%

Lines of code

346

increased by36.76%

Number of medium supply chain risk alerts

1

decreased by-50%

Dependency changes

• Updatedlodash._reinterpolate@^3.0.0