pprof-format - npm Package Compare versions

Comparing version 2.0.6 to 2.0.7

dist/index.js

@@ -122,3 +122,7 @@ "use strict";
 function push(value, list) {
-    return Array.isArray(list) ? list.concat(value) : [value];
+    if (list == null) {
+        return [value];
+    }
+    list.push(value);
+    return list;
 }
@@ -125,0 +129,0 @@ function measureNumber(number) {

dist/index.test.js

@@ -7,2 +7,25 @@ "use strict";
  */
+var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    var desc = Object.getOwnPropertyDescriptor(m, k);
+    if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
+      desc = { enumerable: true, get: function() { return m[k]; } };
+    }
+    Object.defineProperty(o, k2, desc);
+}) : (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    o[k2] = m[k];
+}));
+var __setModuleDefault = (this && this.__setModuleDefault) || (Object.create ? (function(o, v) {
+    Object.defineProperty(o, "default", { enumerable: true, value: v });
+}) : function(o, v) {
+    o["default"] = v;
+});
+var __importStar = (this && this.__importStar) || function (mod) {
+    if (mod && mod.__esModule) return mod;
+    var result = {};
+    if (mod != null) for (var k in mod) if (k !== "default" && Object.prototype.hasOwnProperty.call(mod, k)) __createBinding(result, mod, k);
+    __setModuleDefault(result, mod);
+    return result;
+};
 var __importDefault = (this && this.__importDefault) || function (mod) {
@@ -13,2 +36,6 @@ return (mod && mod.__esModule) ? mod : { "default": mod };
 const tap_1 = __importDefault(require("tap"));
+const profile_1 = require("../testing/proto/profile");
+const zlib_1 = require("zlib");
+const fs = __importStar(require("fs"));
+const { decode, toObject } = profile_1.perftools.profiles.Profile;
 const index_js_1 = require("./index.js");
@@ -299,2 +326,21 @@ tap_1.default.Test.prototype.addAssert('constructs', 3, function (Type, data, encodings, message) {
 });
+function profileToObject(profile) {
+    profile.stringTable = profile.stringTable.strings;
+    return profile;
+}
+tap_1.default.test('Protobufjs compat', (t) => {
+    t.test('encodes correctly', (t) => {
+        const profile = new index_js_1.Profile(profileData);
+        const encodedProfile = profile.encode();
+        const decodedProfile = decode(encodedProfile);
+        t.same(profileToObject(profile), toObject(decodedProfile, { longs: String, defaults: true }));
+        t.end();
+    });
+    t.test('decodes correctly', (t) => {
+        const buf = (0, zlib_1.gunzipSync)(fs.readFileSync('./testing/test.pprof'));
+        t.same(profileToObject(index_js_1.Profile.decode(buf)), toObject(decode(buf), { longs: String, defaults: true }));
+        t.end();
+    });
+    t.end();
+});
 //# sourceMappingURL=index.test.js.map

package.json

 {
   "name": "pprof-format",
-  "version": "2.0.6",
+  "version": "2.0.7",
   "description": "Pure JavaScript pprof encoder and decoder",
@@ -21,3 +21,4 @@ "author": "Datadog Inc. <info@datadoghq.com>",
     "pretest": "yarn build",
-    "test": "node dist/index.test.js"
+    "test": "node dist/index.test.js",
+    "proto": "mkdir -p proto && pbjs -t static-module -w commonjs -o testing/proto/profile.js testing/proto/profile.proto && pbts -o testing/proto/profile.d.ts testing/proto/profile.js"
   },
@@ -43,2 +44,4 @@ "homepage": "https://github.com/DataDog/pprof-format#readme",
     "eslint": "^8.25.0",
+    "protobufjs": "^7.2.2",
+    "protobufjs-cli": "^1.1.1",
     "tap": "^16.3.0",
@@ -45,0 +48,0 @@ "typescript": "^4.8.4"

New alerts

License Policy Violation

License

This package is not allowed per your license policy. Review the package's license to ensure compliance.

Found 1 instance in 1 package

Native code

Supply chain risk

Contains native code (e.g., compiled binaries or shared libraries). Including native code can obscure malicious behavior.

Found 1 instance in 1 package

Major refactor

Supply chain risk

Package has recently undergone a major refactor. It may be unstable or indicate significant internal changes. Use caution when updating to versions that include significant changes.

Found 1 instance in 1 package

Uses eval

Supply chain risk

Package uses dynamic code execution (e.g., eval()), which is a dangerous practice. This can prevent the code from running in certain environments and increases the risk that the code may contain exploits or malicious behavior.

Found 1 instance in 1 package

Filesystem access

Supply chain risk

Accesses the file system, and could potentially read sensitive data.

Found 1 instance in 1 package

Mixed license

License

(Experimental) Package contains multiple licenses.

Found 1 instance in 1 package

Fixed alerts

License Policy Violation

License

This package is not allowed per your license policy. Review the package's license to ensure compliance.

Found 1 instance in 1 package

Improved metrics

Total package byte prevSize

588117

increased by476.38%

Number of package files

27

increased by22.73%

Lines of code

5263

increased by280.55%

Worsened metrics

Dev dependency count

8

increased by33.33%

Number of low license alerts

2

increased by100%

Number of low supply chain risk alerts

1

increased byInfinity%

Number of medium supply chain risk alerts

3

increased byInfinity%

No dependency changes