qs - npm Package Compare versions

Package Overview

Dependencies

Maintainers

Versions

Advanced tools

Install Socket

Detect and block malicious and high-risk dependencies

Install

Comparing version 6.10.3 to 6.10.4

151

CHANGELOG.md

		@@ -0,1 +1,6 @@
		## 6.10.4
		- [Fix] `stringify`: with `arrayFormat: comma`, include an explicit `[]` on a single-item array (#441)
		- [meta] use `npmignore` to autogenerate an npmignore file
		- [Dev Deps] update `eslint`, `@ljharb/eslint-config`, `aud`, `has-symbol`, `object-inspect`, `tape`

		## 6.10.3
		@@ -30,2 +35,14 @@ - [Fix] `parse`: ignore `__proto__` keys (#428)

		## 6.9.7
		- [Fix] `parse`: ignore `__proto__` keys (#428)
		- [Fix] `stringify`: avoid encoding arrayformat comma when `encodeValuesOnly = true` (#424)
		- [Robustness] `stringify`: avoid relying on a global `undefined` (#427)
		- [readme] remove travis badge; add github actions/codecov badges; update URLs
		- [Docs] add note and links for coercing primitive values (#408)
		- [Tests] clean up stringify tests slightly
		- [meta] fix README.md (#399)
		- Revert "[meta] ignore eclint transitive audit warning"
		- [actions] backport actions from main
		- [Dev Deps] backport updates from main

		## 6.9.6
		@@ -79,2 +96,15 @@ - [Fix] restore `dist` dir; mistakenly removed in d4f6c32

		## 6.8.3
		- [Fix] `parse`: ignore `__proto__` keys (#428)
		- [Robustness] `stringify`: avoid relying on a global `undefined` (#427)
		- [Fix] `stringify`: avoid encoding arrayformat comma when `encodeValuesOnly = true` (#424)
		- [readme] remove travis badge; add github actions/codecov badges; update URLs
		- [Tests] clean up stringify tests slightly
		- [Docs] add note and links for coercing primitive values (#408)
		- [meta] fix README.md (#399)
		- [actions] backport actions from main
		- [Dev Deps] backport updates from main
		- [Refactor] `stringify`: reduce branching
		- [meta] do not publish workflow files

		## 6.8.2
		@@ -111,2 +141,15 @@ - [Fix] proper comma parsing of URL-encoded commas (#361)

		## 6.7.3
		- [Fix] `parse`: ignore `__proto__` keys (#428)
		- [Fix] `stringify`: avoid encoding arrayformat comma when `encodeValuesOnly = true` (#424)
		- [Robustness] `stringify`: avoid relying on a global `undefined` (#427)
		- [readme] remove travis badge; add github actions/codecov badges; update URLs
		- [Docs] add note and links for coercing primitive values (#408)
		- [meta] fix README.md (#399)
		- [meta] do not publish workflow files
		- [actions] backport actions from main
		- [Dev Deps] backport updates from main
		- [Tests] use `nyc` for coverage
		- [Tests] clean up stringify tests slightly

		## 6.7.2
		@@ -150,2 +193,28 @@ - [Fix] proper comma parsing of URL-encoded commas (#361)

		## 6.6.1
		- [Fix] `parse`: ignore `__proto__` keys (#428)
		- [Fix] fix for an impossible situation: when the formatter is called with a non-string value
		- [Fix] `utils.merge`: avoid a crash with a null target and an array source
		- [Fix] `utils.merge`: avoid a crash with a null target and a truthy non-array source
		- [Fix] correctly parse nested arrays
		- [Robustness] `stringify`: avoid relying on a global `undefined` (#427)
		- [Robustness] `stringify`: cache `Object.prototype.hasOwnProperty`
		- [Refactor] `formats`: tiny bit of cleanup.
		- [Refactor] `utils`: `isBuffer`: small tweak; add tests
		- [Refactor]: `stringify`/`utils`: cache `Array.isArray`
		- [Refactor] `utils`: reduce observable [[Get]]s
		- [Refactor] use cached `Array.isArray`
		- [Refactor] `parse`/`stringify`: make a function to normalize the options
		- [readme] remove travis badge; add github actions/codecov badges; update URLs
		- [Docs] Clarify the need for "arrayLimit" option
		- [meta] fix README.md (#399)
		- [meta] do not publish workflow files
		- [meta] Clean up license text so it’s properly detected as BSD-3-Clause
		- [meta] add FUNDING.yml
		- [meta] Fixes typo in CHANGELOG.md
		- [actions] backport actions from main
		- [Tests] fix Buffer tests to work in node < 4.5 and node < 5.10
		- [Tests] always use `String(x)` over `x.toString()`
		- [Dev Deps] backport from main

		## 6.6.0
		@@ -167,2 +236,26 @@ - [New] Add support for iso-8859-1, utf8 "sentinel" and numeric entities (#268)

		## 6.5.3
		- [Fix] `parse`: ignore `__proto__` keys (#428)
		- [Fix]` `utils.merge`: avoid a crash with a null target and a truthy non-array source
		- [Fix] correctly parse nested arrays
		- [Fix] `stringify`: fix a crash with `strictNullHandling` and a custom `filter`/`serializeDate` (#279)
		- [Fix] `utils`: `merge`: fix crash when `source` is a truthy primitive & no options are provided
		- [Fix] when `parseArrays` is false, properly handle keys ending in `[]`
		- [Fix] fix for an impossible situation: when the formatter is called with a non-string value
		- [Fix] `utils.merge`: avoid a crash with a null target and an array source
		- [Refactor] `utils`: reduce observable [[Get]]s
		- [Refactor] use cached `Array.isArray`
		- [Refactor] `stringify`: Avoid arr = arr.concat(...), push to the existing instance (#269)
		- [Refactor] `parse`: only need to reassign the var once
		- [Robustness] `stringify`: avoid relying on a global `undefined` (#427)
		- [readme] remove travis badge; add github actions/codecov badges; update URLs
		- [Docs] Clean up license text so it’s properly detected as BSD-3-Clause
		- [Docs] Clarify the need for "arrayLimit" option
		- [meta] fix README.md (#399)
		- [meta] add FUNDING.yml
		- [actions] backport actions from main
		- [Tests] always use `String(x)` over `x.toString()`
		- [Tests] remove nonexistent tape option
		- [Dev Deps] backport from main

		## 6.5.2
		@@ -194,2 +287,23 @@ - [Fix] use `safer-buffer` instead of `Buffer` constructor

		## 6.4.1
		- [Fix] `parse`: ignore `__proto__` keys (#428)
		- [Fix] fix for an impossible situation: when the formatter is called with a non-string value
		- [Fix] use `safer-buffer` instead of `Buffer` constructor
		- [Fix] `utils.merge`: avoid a crash with a null target and an array source
		- [Fix]` `utils.merge`: avoid a crash with a null target and a truthy non-array source
		- [Fix] `stringify`: fix a crash with `strictNullHandling` and a custom `filter`/`serializeDate` (#279)
		- [Fix] `utils`: `merge`: fix crash when `source` is a truthy primitive & no options are provided
		- [Fix] when `parseArrays` is false, properly handle keys ending in `[]`
		- [Robustness] `stringify`: avoid relying on a global `undefined` (#427)
		- [Refactor] use cached `Array.isArray`
		- [Refactor] `stringify`: Avoid arr = arr.concat(...), push to the existing instance (#269)
		- [readme] remove travis badge; add github actions/codecov badges; update URLs
		- [Docs] Clarify the need for "arrayLimit" option
		- [meta] fix README.md (#399)
		- [meta] Clean up license text so it’s properly detected as BSD-3-Clause
		- [meta] add FUNDING.yml
		- [actions] backport actions from main
		- [Tests] remove nonexistent tape option
		- [Dev Deps] backport from main

		## 6.4.0
		@@ -204,2 +318,22 @@ - [New] `qs.stringify`: add `encodeValuesOnly` option

		## 6.3.3
		- [Fix] `parse`: ignore `__proto__` keys (#428)
		- [Fix] fix for an impossible situation: when the formatter is called with a non-string value
		- [Fix] `utils.merge`: avoid a crash with a null target and an array source
		- [Fix]` `utils.merge`: avoid a crash with a null target and a truthy non-array source
		- [Fix] `stringify`: fix a crash with `strictNullHandling` and a custom `filter`/`serializeDate` (#279)
		- [Fix] `utils`: `merge`: fix crash when `source` is a truthy primitive & no options are provided
		- [Fix] when `parseArrays` is false, properly handle keys ending in `[]`
		- [Robustness] `stringify`: avoid relying on a global `undefined` (#427)
		- [Refactor] use cached `Array.isArray`
		- [Refactor] `stringify`: Avoid arr = arr.concat(...), push to the existing instance (#269)
		- [Docs] Clarify the need for "arrayLimit" option
		- [meta] fix README.md (#399)
		- [meta] Clean up license text so it’s properly detected as BSD-3-Clause
		- [meta] add FUNDING.yml
		- [actions] backport actions from main
		- [Tests] use `safer-buffer` instead of `Buffer` constructor
		- [Tests] remove nonexistent tape option
		- [Dev Deps] backport from main

		## 6.3.2
		@@ -238,2 +372,19 @@ - [Fix] follow `allowPrototypes` option during merge (#201, #200)

		## 6.2.4
		- [Fix] `parse`: ignore `__proto__` keys (#428)
		- [Fix] `utils.merge`: avoid a crash with a null target and an array source
		- [Fix] `utils.merge`: avoid a crash with a null target and a truthy non-array source
		- [Fix] `utils`: `merge`: fix crash when `source` is a truthy primitive & no options are provided
		- [Fix] when `parseArrays` is false, properly handle keys ending in `[]`
		- [Robustness] `stringify`: avoid relying on a global `undefined` (#427)
		- [Refactor] use cached `Array.isArray`
		- [Docs] Clarify the need for "arrayLimit" option
		- [meta] fix README.md (#399)
		- [meta] Clean up license text so it’s properly detected as BSD-3-Clause
		- [meta] add FUNDING.yml
		- [actions] backport actions from main
		- [Tests] use `safer-buffer` instead of `Buffer` constructor
		- [Tests] remove nonexistent tape option
		- [Dev Deps] backport from main

		## 6.2.3
		@@ -240,0 +391,0 @@ - [Fix] follow `allowPrototypes` option during merge (#201, #200)

lib/stringify.js

		@@ -129,3 +129,3 @@ 'use strict';
		}
		return [formatter(keyValue) + '=' + valuesJoined];
		return [formatter(keyValue) + (i === 1 ? '[]' : '') + '=' + valuesJoined];
		}
		@@ -132,0 +132,0 @@ return [formatter(keyValue) + '=' + formatter(encoder(obj, defaults.encoder, charset, 'value', format))];

package.json

		@@ -5,3 +5,3 @@ {
		"homepage": "https://github.com/ljharb/qs",
		"version": "6.10.3",
		"version": "6.10.4",
		"repository": {
		@@ -37,21 +37,23 @@ "type": "git",
		"devDependencies": {
		"@ljharb/eslint-config": "^20.1.0",
		"aud": "^1.1.5",
		"@ljharb/eslint-config": "^21.0.0",
		"aud": "^2.0.0",
		"browserify": "^16.5.2",
		"eclint": "^2.8.1",
		"eslint": "^8.6.0",
		"eslint": "=8.8.0",
		"evalmd": "^0.0.19",
		"for-each": "^0.3.3",
		"has-symbols": "^1.0.2",
		"has-symbols": "^1.0.3",
		"iconv-lite": "^0.5.1",
		"in-publish": "^2.0.1",
		"mkdirp": "^0.5.5",
		"npmignore": "^0.3.0",
		"nyc": "^10.3.2",
		"object-inspect": "^1.12.0",
		"object-inspect": "^1.12.2",
		"qs-iconv": "^1.0.4",
		"safe-publish-latest": "^2.0.0",
		"safer-buffer": "^2.1.2",
		"tape": "^5.4.0"
		"tape": "^5.5.3"
		},
		"scripts": {
		"prepack": "npmignore --auto --commentLines=autogenerated",
		"prepublishOnly": "safe-publish-latest && npm run dist",
		@@ -64,13 +66,15 @@ "prepublish": "not-in-publish \|\| npm run prepublishOnly",
		"readme": "evalmd README.md",
		"postlint": "eclint check * lib/* test/* !dist/*",
		"lint": "eslint .",
		"postlint": "eclint check $(git ls-files \| xargs find 2> /dev/null \| grep -vE 'node_modules\|\\.git' \| grep -v dist/)",
		"lint": "eslint --ext=js,mjs .",
		"dist": "mkdirp dist && browserify --standalone Qs lib/index.js > dist/qs.js"
		},
		"license": "BSD-3-Clause",
		"greenkeeper": {
		"publishConfig": {
		"ignore": [
		"iconv-lite",
		"mkdirp"
		"!dist/*",
		"bower.json",
		"component.json",
		".github/workflows"
		]
		}
		}

test/parse.js

		@@ -143,2 +143,5 @@ 'use strict';
		st.deepEqual(qs.parse('a[21]=a', { arrayLimit: 20 }), { a: { 21: 'a' } });

		st.deepEqual(qs.parse('a[20]=a'), { a: ['a'] });
		st.deepEqual(qs.parse('a[21]=a'), { a: { 21: 'a' } });
		st.end();
		@@ -382,2 +385,3 @@ });
		st.deepEqual(qs.parse('?foo=bar', { ignoreQueryPrefix: false }), { '?foo': 'bar' });

		st.end();
		@@ -411,2 +415,12 @@ });
		st.deepEqual(qs.parse('foo', { comma: true, strictNullHandling: true }), { foo: null });

		// test cases inversed from from stringify tests
		st.deepEqual(qs.parse('a[0]=c'), { a: ['c'] });
		st.deepEqual(qs.parse('a[]=c'), { a: ['c'] });
		st.deepEqual(qs.parse('a[]=c', { comma: true }), { a: ['c'] });

		st.deepEqual(qs.parse('a[0]=c&a[1]=d'), { a: ['c', 'd'] });
		st.deepEqual(qs.parse('a[]=c&a[]=d'), { a: ['c', 'd'] });
		st.deepEqual(qs.parse('a=c,d', { comma: true }), { a: ['c', 'd'] });

		st.end();
		@@ -413,0 +427,0 @@ });

test/stringify.js

		@@ -134,2 +134,16 @@ 'use strict';

		t.test('stringifies an array value with one item vs multiple items', function (st) {
		st.equal(qs.stringify({ a: ['c'] }, { encodeValuesOnly: true, arrayFormat: 'indices' }), 'a[0]=c');
		st.equal(qs.stringify({ a: ['c'] }, { encodeValuesOnly: true, arrayFormat: 'brackets' }), 'a[]=c');
		st.equal(qs.stringify({ a: ['c'] }, { encodeValuesOnly: true, arrayFormat: 'comma' }), 'a[]=c'); // so it parses back as an array
		st.equal(qs.stringify({ a: ['c'] }, { encodeValuesOnly: true }), 'a[0]=c');

		st.equal(qs.stringify({ a: ['c', 'd'] }, { encodeValuesOnly: true, arrayFormat: 'indices' }), 'a[0]=c&a[1]=d');
		st.equal(qs.stringify({ a: ['c', 'd'] }, { encodeValuesOnly: true, arrayFormat: 'brackets' }), 'a[]=c&a[]=d');
		st.equal(qs.stringify({ a: ['c', 'd'] }, { encodeValuesOnly: true, arrayFormat: 'comma' }), 'a=c,d');
		st.equal(qs.stringify({ a: ['c', 'd'] }, { encodeValuesOnly: true }), 'a[0]=c&a[1]=d');

		st.end();
		});

		t.test('stringifies a nested array value', function (st) {
		@@ -718,12 +732,10 @@ st.equal(qs.stringify({ a: { b: ['c', 'd'] } }, { encodeValuesOnly: true, arrayFormat: 'indices' }), 'a[b][0]=c&a[b][1]=d');
		t.test('Edge cases and unknown formats', function (st) {
		['UFO1234', false, 1234, null, {}, []].forEach(
		function (format) {
		st['throws'](
		function () {
		qs.stringify({ a: 'b c' }, { format: format });
		},
		new TypeError('Unknown format option provided.')
		);
		}
		);
		['UFO1234', false, 1234, null, {}, []].forEach(function (format) {
		st['throws'](
		function () {
		qs.stringify({ a: 'b c' }, { format: format });
		},
		new TypeError('Unknown format option provided.')
		);
		});
		st.end();
		@@ -730,0 +742,0 @@ });

.editorconfig

Sorry, the diff of this file is not supported yet

.eslintrc

Sorry, the diff of this file is not supported yet

dist/qs.js

Sorry, the diff of this file is too big to display

Improved metrics

Worsened metrics