qs - npm Package Compare versions
+4
-0
@@ -0,1 +1,5 @@ | ||
| ## **6.11.4** | ||
| - [Fix] fix regressions from robustness refactor | ||
| - [actions] update reusable workflows | ||
| ## **6.11.3** | ||
@@ -2,0 +6,0 @@ - [Robustness] avoid `.push`, use `void` |
+1
-1
@@ -199,3 +199,3 @@ 'use strict'; | ||
| if (segment) { | ||
| keys[keys.length] = '[' + key.slice(segment.index + ']'); | ||
| keys[keys.length] = '[' + key.slice(segment.index) + ']'; | ||
| } | ||
@@ -202,0 +202,0 @@ |
+1
-1
@@ -11,3 +11,3 @@ 'use strict'; | ||
| for (var i = 0; i < 256; ++i) { | ||
| array[array.length] = '%' + ((i < 16 ? '0' : '' + i.toString(16)).toUpperCase()); | ||
| array[array.length] = '%' + ((i < 16 ? '0' : '') + i.toString(16)).toUpperCase(); | ||
| } | ||
@@ -14,0 +14,0 @@ |
+1
-1
@@ -5,3 +5,3 @@ { | ||
| "homepage": "https://github.com/ljharb/qs", | ||
| "version": "6.11.3", | ||
| "version": "6.11.4", | ||
| "repository": { | ||
@@ -8,0 +8,0 @@ "type": "git", |
+9
-0
@@ -92,2 +92,11 @@ 'use strict'; | ||
| t.test('correctly computes the remainder when depth is exceeded', function (st) { | ||
| st.deepEqual( | ||
| qs.parse('a[b][c][d][e]=f', { depth: 2 }), | ||
| { a: { b: { c: { '[d][e]': 'f' } } } }, | ||
| 'the remainder is "[d][e]", not the full original key' | ||
| ); | ||
| st.end(); | ||
| }); | ||
| t.test('uses original key when depth = 0', function (st) { | ||
@@ -94,0 +103,0 @@ st.deepEqual(qs.parse('a[0]=b&a[1]=c', { depth: 0 }), { 'a[0]': 'b', 'a[1]': 'c' }); |
@@ -25,2 +25,8 @@ 'use strict'; | ||
| t.test('correctly encodes low-byte characters', function (st) { | ||
| st.equal(qs.stringify({ a: String.fromCharCode(1) }), 'a=%01', 'encodes 0x01'); | ||
| st.equal(qs.stringify({ a: String.fromCharCode(15) }), 'a=%0F', 'encodes 0x0F'); | ||
| st.end(); | ||
| }); | ||
| t.test('stringifies falsy values', function (st) { | ||
@@ -27,0 +33,0 @@ st.equal(qs.stringify(undefined), ''); |
Sorry, the diff of this file is too big to display
New alerts
Uses eval
Supply chain riskPackage uses dynamic code execution (e.g., eval()), which is a dangerous practice. This can prevent the code from running in certain environments and increases the risk that the code may contain exploits or malicious behavior.
Found 1 instance in 1 package
Long strings
Supply chain riskContains long string literals, which may be a sign of obfuscated or packed code.
Found 1 instance in 1 package
URL strings
Supply chain riskPackage contains fragments of external URLs or IP addresses, which the package may be accessing at runtime.
Found 1 instance in 1 package
Fixed alerts
Deprecated
MaintenanceThe maintainer of the package marked it as deprecated. This could indicate that a single version should not be used, or that the package is no longer maintained and any new vulnerabilities will not be fixed.
Found 1 instance in 1 package
Uses eval
Supply chain riskPackage uses dynamic code execution (e.g., eval()), which is a dangerous practice. This can prevent the code from running in certain environments and increases the risk that the code may contain exploits or malicious behavior.
Found 1 instance in 1 package
AI-detected potential code anomaly
Supply chain riskAI has identified unusual behaviors that may pose a security risk.
Found 1 instance in 1 package
Long strings
Supply chain riskContains long string literals, which may be a sign of obfuscated or packed code.
Found 1 instance in 1 package
URL strings
Supply chain riskPackage contains fragments of external URLs or IP addresses, which the package may be accessing at runtime.
Found 1 instance in 1 package
Improved metrics
- Total package byte prevSize
257341
0.27%- Lines of code
4698
0.28%- Number of medium maintenance alerts
0
-100%- Number of low supply chain risk alerts
10
-9.09%