Huge News!Announcing our $40M Series B led by Abstract Ventures.Learn More
Socket
Sign inDemoInstall
Socket
Sign inDemoInstall

object-path-immutable

Package Overview
Dependencies
Maintainers
1
Versions
23
Alerts
File Explorer

Advanced tools

License
Socket logo

Install Socket

Detect and block malicious and high-risk dependencies

Install

object-path-immutable - npm Package Compare versions

Comparing version 4.1.1 to 4.1.2

SECURITY.md

4

cjs/object-path-immutable.js

@@ -5,3 +5,3 @@ 'use strict';

var isPlainObject = _interopDefault(require('is-plain-object'));
var isPlainObject = require('is-plain-object');
var op = _interopDefault(require('object-path'));

@@ -79,3 +79,3 @@

function _deepMerge (dest, src) {
if (dest !== src && isPlainObject(dest) && isPlainObject(src)) {
if (dest !== src && isPlainObject.isPlainObject(dest) && isPlainObject.isPlainObject(src)) {
var merged = {};

@@ -82,0 +82,0 @@ for (var key in dest) {

2

esm/object-path-immutable.js

@@ -1,2 +0,2 @@

import isPlainObject from 'is-plain-object';
import { isPlainObject } from 'is-plain-object';
import op from 'object-path';

@@ -3,0 +3,0 @@

4

object-path-immutable.d.ts

@@ -16,3 +16,3 @@ type Path = string | ReadonlyArray<number | string>;

export function wrap<T>(obj: T): WrappedObject<T>
export function get<T = object>(src: T, path?: Path, defaultValue?: any): T
export function get<T = object, S = any>(src: T, path?: Path, defaultValue?: S): S
export function set<T = object>(src: T, path?: Path, value?: any): T

@@ -23,4 +23,4 @@ export function push<T = object>(src: T, path?: Path, value?: any): T

export function merge<T = object>(src: T, path?: Path, source?: any): T
export function update<T = object>(src: T, path?: Path, updater?: (formerValue: any) => any): WrappedObject<T>
export function update<T = object>(src: T, path?: Path, updater?: (formerValue: any) => any): T
export function insert<T = object>(src: T, path?: Path, value?: any, index?: number): T
}

18

package.json
{
"name": "object-path-immutable",
"version": "4.1.1",
"version": "4.1.2",
"description": "Modify deep object properties without modifying the original object (immutability). Works great with React and Redux.",

@@ -21,3 +21,3 @@ "author": "Mario Casciaro <m@mario.fyi>",

"build": "rollup -c",
"pretest": "standard",
"standard": "standard",
"test": "npm run build && mocha test/test.js",

@@ -30,15 +30,15 @@ "coveralls": "nyc npm test && nyc report --reporter=text-lcov | coveralls",

"dependencies": {
"is-plain-object": "^3.0.0",
"object-path": "^0.11.5"
"is-plain-object": "^5.0.0",
"object-path": "^0.11.8"
},
"devDependencies": {
"chai": "^4.2.0",
"coveralls": "^3.1.0",
"chai": "^4.3.4",
"coveralls": "^3.1.1",
"mocha": "^9.1.1",
"mocha-lcov-reporter": "^1.3.0",
"nyc": "^15.1.0",
"mocha": "^8.2.0",
"mocha-lcov-reporter": "^1.3.0",
"rollup": "^1.32.1",
"rollup-plugin-commonjs": "^10.1.0",
"rollup-plugin-node-resolve": "^5.2.0",
"standard": "^14.3.4"
"standard": "^16.0.3"
},

@@ -45,0 +45,0 @@ "keywords": [

2

src/object-path-immutable.js

@@ -1,2 +0,2 @@

import isPlainObject from 'is-plain-object'
import { isPlainObject } from 'is-plain-object'
import op from 'object-path'

@@ -3,0 +3,0 @@

23

test/test.js

@@ -204,2 +204,7 @@ /* globals describe, it */

})
it('[security] it should not override an object\'s prototype', function () {
op.set({}, '__proto__.injected', 'yo')
expect({}.injected).to.be.undefined
})
})

@@ -539,2 +544,11 @@

})
it('[security] it should not assign object\'s prototype', function () {
op.set({}, 'test', {
__proto__: {
injected: true
}
})
expect({}.injected).to.be.undefined
})
})

@@ -654,2 +668,11 @@

})
it('[security] it should not merge into object\'s prototype', function () {
op.merge({}, 'test', {
__proto__: {
injected: true
}
})
expect({}.injected).to.be.undefined
})
})

@@ -656,0 +679,0 @@

205

umd/object-path-immutable.js

@@ -8,13 +8,2 @@ (function (global, factory) {

/*!
* isobject <https://github.com/jonschlinkert/isobject>
*
* Copyright (c) 2014-2017, Jon Schlinkert.
* Released under the MIT License.
*/
function isObject(val) {
return val != null && typeof val === 'object' && Array.isArray(val) === false;
}
/*!
* is-plain-object <https://github.com/jonschlinkert/is-plain-object>

@@ -26,5 +15,4 @@ *

function isObjectObject(o) {
return isObject(o) === true
&& Object.prototype.toString.call(o) === '[object Object]';
function isObject(o) {
return Object.prototype.toString.call(o) === '[object Object]';
}

@@ -35,11 +23,11 @@

if (isObjectObject(o) === false) return false;
if (isObject(o) === false) return false;
// If has modified constructor
ctor = o.constructor;
if (typeof ctor !== 'function') return false;
if (ctor === undefined) return true;
// If has modified prototype
prot = ctor.prototype;
if (isObjectObject(prot) === false) return false;
if (isObject(prot) === false) return false;

@@ -62,3 +50,3 @@ // If constructor does not have an Object-specific method

var objectPath = createCommonjsModule(function (module) {
(function (root, factory){
(function (root, factory) {

@@ -69,7 +57,8 @@ /*istanbul ignore next:cant test*/

}
})(commonjsGlobal, function(){
})(commonjsGlobal, function () {
var toStr = Object.prototype.toString;
function hasOwnProperty(obj, prop) {
if(obj == null) {
function hasOwnProperty (obj, prop) {
if (obj == null) {
return false

@@ -81,51 +70,51 @@ }

function isEmpty(value){
function isEmpty (value) {
if (!value) {
return true;
return true
}
if (isArray(value) && value.length === 0) {
return true;
return true
} else if (typeof value !== 'string') {
for (var i in value) {
if (hasOwnProperty(value, i)) {
return false;
}
for (var i in value) {
if (hasOwnProperty(value, i)) {
return false
}
return true;
}
return true
}
return false;
return false
}
function toString(type){
return toStr.call(type);
function toString (type) {
return toStr.call(type)
}
function isObject(obj){
return typeof obj === 'object' && toString(obj) === "[object Object]";
function isObject (obj) {
return typeof obj === 'object' && toString(obj) === '[object Object]'
}
var isArray = Array.isArray || function(obj){
var isArray = Array.isArray || function (obj) {
/*istanbul ignore next:cant test*/
return toStr.call(obj) === '[object Array]';
return toStr.call(obj) === '[object Array]'
};
function isBoolean(obj){
return typeof obj === 'boolean' || toString(obj) === '[object Boolean]';
function isBoolean (obj) {
return typeof obj === 'boolean' || toString(obj) === '[object Boolean]'
}
function getKey(key){
function getKey (key) {
var intKey = parseInt(key);
if (intKey.toString() === key) {
return intKey;
return intKey
}
return key;
return key
}
function factory(options) {
function factory (options) {
options = options || {};
var objectPath = function(obj) {
return Object.keys(objectPath).reduce(function(proxy, prop) {
if(prop === 'create') {
return proxy;
var objectPath = function (obj) {
return Object.keys(objectPath).reduce(function (proxy, prop) {
if (prop === 'create') {
return proxy
}

@@ -138,4 +127,4 @@

return proxy;
}, {});
return proxy
}, {})
};

@@ -154,9 +143,28 @@

function getShallowProperty(obj, prop) {
function getShallowProperty (obj, prop) {
if (hasShallowProperty(obj, prop)) {
return obj[prop];
return obj[prop]
}
}
function set(obj, path, value, doNotReplace){
var getShallowPropertySafely;
if (options.includeInheritedProps) {
getShallowPropertySafely = function (obj, currentPath) {
if (typeof currentPath !== 'string' && typeof currentPath !== 'number') {
currentPath = String(currentPath);
}
var currentValue = getShallowProperty(obj, currentPath);
if (currentPath === '__proto__' || currentPath === 'prototype' ||
(currentPath === 'constructor' && typeof currentValue === 'function')) {
throw new Error('For security reasons, object\'s magic properties cannot be set')
}
return currentValue
};
} else {
getShallowPropertySafely = function (obj, currentPath) {
return getShallowProperty(obj, currentPath)
};
}
function set (obj, path, value, doNotReplace) {
if (typeof path === 'number') {

@@ -166,13 +174,9 @@ path = [path];

if (!path || path.length === 0) {
return obj;
return obj
}
if (typeof path === 'string') {
return set(obj, path.split('.').map(getKey), value, doNotReplace);
return set(obj, path.split('.').map(getKey), value, doNotReplace)
}
var currentPath = path[0];
var currentValue = getShallowProperty(obj, currentPath);
if (options.includeInheritedProps && (currentPath === '__proto__' ||
(currentPath === 'constructor' && typeof currentValue === 'function'))) {
throw new Error('For security reasons, object\'s magic properties cannot be set')
}
var currentValue = getShallowPropertySafely(obj, currentPath);
if (path.length === 1) {

@@ -182,3 +186,3 @@ if (currentValue === void 0 || !doNotReplace) {

}
return currentValue;
return currentValue
}

@@ -188,3 +192,3 @@

//check if we assume an array
if(typeof path[1] === 'number') {
if (typeof path[1] === 'number') {
obj[currentPath] = [];

@@ -196,3 +200,3 @@ } else {

return set(obj[currentPath], path.slice(1), value, doNotReplace);
return set(obj[currentPath], path.slice(1), value, doNotReplace)
}

@@ -208,3 +212,3 @@

if (!path || path.length === 0) {
return !!obj;
return !!obj
}

@@ -215,22 +219,22 @@

if((typeof j === 'number' && isArray(obj) && j < obj.length) ||
if ((typeof j === 'number' && isArray(obj) && j < obj.length) ||
(options.includeInheritedProps ? (j in Object(obj)) : hasOwnProperty(obj, j))) {
obj = obj[j];
} else {
return false;
return false
}
}
return true;
return true
};
objectPath.ensureExists = function (obj, path, value){
return set(obj, path, value, true);
objectPath.ensureExists = function (obj, path, value) {
return set(obj, path, value, true)
};
objectPath.set = function (obj, path, value, doNotReplace){
return set(obj, path, value, doNotReplace);
objectPath.set = function (obj, path, value, doNotReplace) {
return set(obj, path, value, doNotReplace)
};
objectPath.insert = function (obj, path, value, at){
objectPath.insert = function (obj, path, value, at) {
var arr = objectPath.get(obj, path);

@@ -245,8 +249,8 @@ at = ~~at;

objectPath.empty = function(obj, path) {
objectPath.empty = function (obj, path) {
if (isEmpty(path)) {
return void 0;
return void 0
}
if (obj == null) {
return void 0;
return void 0
}

@@ -256,11 +260,11 @@

if (!(value = objectPath.get(obj, path))) {
return void 0;
return void 0
}
if (typeof value === 'string') {
return objectPath.set(obj, path, '');
return objectPath.set(obj, path, '')
} else if (isBoolean(value)) {
return objectPath.set(obj, path, false);
return objectPath.set(obj, path, false)
} else if (typeof value === 'number') {
return objectPath.set(obj, path, 0);
return objectPath.set(obj, path, 0)
} else if (isArray(value)) {

@@ -275,7 +279,7 @@ value.length = 0;

} else {
return objectPath.set(obj, path, null);
return objectPath.set(obj, path, null)
}
};
objectPath.push = function (obj, path /*, values */){
objectPath.push = function (obj, path /*, values */) {
var arr = objectPath.get(obj, path);

@@ -295,10 +299,10 @@ if (!isArray(arr)) {

if ((value = objectPath.get(obj, paths[i])) !== void 0) {
return value;
return value
}
}
return defaultValue;
return defaultValue
};
objectPath.get = function (obj, path, defaultValue){
objectPath.get = function (obj, path, defaultValue) {
if (typeof path === 'number') {

@@ -308,25 +312,25 @@ path = [path];

if (!path || path.length === 0) {
return obj;
return obj
}
if (obj == null) {
return defaultValue;
return defaultValue
}
if (typeof path === 'string') {
return objectPath.get(obj, path.split('.'), defaultValue);
return objectPath.get(obj, path.split('.'), defaultValue)
}
var currentPath = getKey(path[0]);
var nextObj = getShallowProperty(obj, currentPath);
var nextObj = getShallowPropertySafely(obj, currentPath);
if (nextObj === void 0) {
return defaultValue;
return defaultValue
}
if (path.length === 1) {
return nextObj;
return nextObj
}
return objectPath.get(obj[currentPath], path.slice(1), defaultValue);
return objectPath.get(obj[currentPath], path.slice(1), defaultValue)
};
objectPath.del = function del(obj, path) {
objectPath.del = function del (obj, path) {
if (typeof path === 'number') {

@@ -337,18 +341,19 @@ path = [path];

if (obj == null) {
return obj;
return obj
}
if (isEmpty(path)) {
return obj;
return obj
}
if(typeof path === 'string') {
return objectPath.del(obj, path.split('.'));
if (typeof path === 'string') {
return objectPath.del(obj, path.split('.'))
}
var currentPath = getKey(path[0]);
getShallowPropertySafely(obj, currentPath);
if (!hasShallowProperty(obj, currentPath)) {
return obj;
return obj
}
if(path.length === 1) {
if (path.length === 1) {
if (isArray(obj)) {

@@ -360,9 +365,9 @@ obj.splice(currentPath, 1);

} else {
return objectPath.del(obj[currentPath], path.slice(1));
return objectPath.del(obj[currentPath], path.slice(1))
}
return obj;
return obj
};
return objectPath;
return objectPath
}

@@ -373,3 +378,3 @@

mod.withInheritedProps = factory({includeInheritedProps: true});
return mod;
return mod
});

@@ -376,0 +381,0 @@ });

SocketSocket SOC 2 Logo

Product

  • Package Alerts
  • Integrations
  • Docs
  • Pricing
  • FAQ
  • Roadmap
  • Changelog

About

Packages

npm

Go

Maven

PyPI

Rubygems

Stay in touch

Get open source security insights delivered straight into your inbox.

  • Terms
  • Privacy
  • Security

Made with ⚡️ by Socket Inc