strapi-utils
Advanced tools
Comparing version 3.5.0-next.0 to 3.5.0-next.1
@@ -114,4 +114,12 @@ 'use strict'; | ||
return whereClauses | ||
.filter(({ value }) => !_.isNil(value)) | ||
.filter(({ value }) => !_.isNull(value)) | ||
.map(({ field, operator, value }) => { | ||
if (_.isUndefined(value)) { | ||
const err = new Error( | ||
`The value of field: '${field}', in your where filter, is undefined.` | ||
); | ||
err.status = 400; | ||
throw err; | ||
} | ||
if (BOOLEAN_OPERATORS.includes(operator)) { | ||
@@ -150,5 +158,13 @@ return { | ||
normalizedClauses.forEach(({ field }) => { | ||
if (field.includes('.')) { | ||
const fieldDepth = field.split('.').length - 1; | ||
if (fieldDepth === 1) { | ||
// Check if the relational field exists | ||
getAssociationFromFieldKey({ model, field }); | ||
} else if (fieldDepth > 1) { | ||
const err = new Error( | ||
`Sorting on ${field} is not possible: you cannot sort at a depth greater than 1` | ||
); | ||
err.status = 400; | ||
throw err; | ||
} | ||
@@ -155,0 +171,0 @@ }); |
@@ -95,3 +95,3 @@ 'use strict'; | ||
const isPrivateAttribute = (model = {}, attributeName) => { | ||
return model.privateAttributes.includes(attributeName); | ||
return model && model.privateAttributes && model.privateAttributes.includes(attributeName); | ||
}; | ||
@@ -98,0 +98,0 @@ |
{ | ||
"name": "strapi-utils", | ||
"version": "3.5.0-next.0", | ||
"version": "3.5.0-next.1", | ||
"description": "Shared utilities for the Strapi packages", | ||
"homepage": "http://strapi.io", | ||
"homepage": "https://strapi.io", | ||
"keywords": [ | ||
@@ -19,3 +19,3 @@ "strapi", | ||
"date-fns": "^2.8.1", | ||
"lodash": "4.17.19", | ||
"lodash": "4.17.20", | ||
"pino": "^4.7.1", | ||
@@ -28,3 +28,3 @@ "pluralize": "^8.0.0", | ||
"name": "Strapi team", | ||
"url": "http://strapi.io" | ||
"url": "https://strapi.io" | ||
}, | ||
@@ -35,3 +35,3 @@ "maintainers": [ | ||
"email": "hi@strapi.io", | ||
"url": "http://strapi.io" | ||
"url": "https://strapi.io" | ||
} | ||
@@ -51,3 +51,3 @@ ], | ||
"license": "SEE LICENSE IN LICENSE", | ||
"gitHead": "e1181a0ca217dcae1609ee8aea39380c72d822ea" | ||
"gitHead": "ce77b2e98be9d7cdf6721784057c2da9a2d4a426" | ||
} |
@@ -7,3 +7,3 @@ # strapi-utils | ||
[![Build status](https://travis-ci.org/strapi/strapi-utils.svg?branch=master)](https://travis-ci.org/strapi/strapi-utils) | ||
[![Slack status](https://slack.strapi.io/badge.svg)](http://slack.strapi.io) | ||
[![Slack status](https://slack.strapi.io/badge.svg)](https://slack.strapi.io) | ||
@@ -18,4 +18,4 @@ Shared utilities between Strapi packages. | ||
- [Strapi website](http://strapi.io/) | ||
- [Strapi community on Slack](http://slack.strapi.io) | ||
- [Strapi website](https://strapi.io/) | ||
- [Strapi community on Slack](https://slack.strapi.io) | ||
- [Strapi news on Twitter](https://twitter.com/strapijs) |
Environment variable access
Supply chain riskPackage accesses environment variables, which may be a sign of credential stuffing or data theft.
Found 12 instances in 1 package
19
58519
23
1683
+ Addedlodash@4.17.20(transitive)
- Removedlodash@4.17.19(transitive)
Updatedlodash@4.17.20