thinkjs - npm Package Compare versions
Comparing version 2.3.1 to 2.3.2
| { | ||
| "name": "thinkjs", | ||
| "description": "ThinkJS - Use full ES6/7 features to develop web applications, Support TypeScript", | ||
| "version": "2.3.1", | ||
| "version": "2.3.2", | ||
| "author": { | ||
@@ -6,0 +6,0 @@ "name": "welefen", |
@@ -8,2 +8,6 @@ 'use strict'; | ||
| */ | ||
| // https://github.com/pillarjs/cookies/blob/master/index.js#L52 | ||
| const SAME_SITE_REGEXP = /^(?:lax|none|strict)$/i; | ||
| let Cookie = { | ||
@@ -61,3 +65,3 @@ /** | ||
| let expires = options.expires; | ||
| if (expires){ | ||
| if (expires) { | ||
| if (!think.isDate(expires)) { | ||
@@ -67,6 +71,12 @@ expires = new Date(expires); | ||
| item.push('Expires=' + expires.toUTCString()); | ||
| } | ||
| } | ||
| if (options.httponly) { | ||
| item.push('HttpOnly'); | ||
| } | ||
| if (options.samesite) { | ||
| const samesite = options.samesite === true ? 'strict' : options.samesite.toLowerCase(); | ||
| if (SAME_SITE_REGEXP.test(samesite)) { | ||
| item.push('SameSite=' + samesite); | ||
| } | ||
| } | ||
| if (options.secure) { | ||
@@ -100,2 +110,2 @@ item.push('Secure'); | ||
| export default Cookie; | ||
| export default Cookie; |
New alerts
License Policy Violation
LicenseThis package is not allowed per your license policy. Review the package's license to ensure compliance.
Found 1 instance in 1 package
Fixed alerts
License Policy Violation
LicenseThis package is not allowed per your license policy. Review the package's license to ensure compliance.
Found 1 instance in 1 package
Network access
Supply chain riskThis module accesses the network.
Found 1 instance in 1 package
Uses eval
Supply chain riskPackage uses dynamic code execution (e.g., eval()), which is a dangerous practice. This can prevent the code from running in certain environments and increases the risk that the code may contain exploits or malicious behavior.
Found 1 instance in 1 package
Improved metrics
- Number of low supply chain risk alerts
- decreased by-47.73%
23
- Number of medium supply chain risk alerts
- decreased by-46.15%
7
Worsened metrics
- Total package byte prevSize
- decreased by-48.05%
668456
- Number of package files
- decreased by-33.13%
222
- Lines of code
- decreased by-52.07%
17713