Huge News!Announcing our $40M Series B led by Abstract Ventures.Learn More →
vm2 - npm Package Compare versions
Comparing version 3.4.1 to 3.4.2
@@ -9,2 +9,4 @@ const fs = require('fs'); | ||
| const PROTECTED = ['constructor', '__proto__']; | ||
| const _compileToJS = function compileToJS(code, compiler) { | ||
@@ -36,3 +38,6 @@ if ('function' === typeof compiler) return compiler(code); | ||
| return new Proxy(object, { | ||
| get: (target, key) => _freeze(object[key]), | ||
| get: (target, key) => { | ||
| if (PROTECTED.includes(key)) return Reflect.get(target, key); | ||
| return _freeze(Reflect.get(target, key)); | ||
| }, | ||
| set: (target, key) => { throw new VMError('Object is read-only.') }, | ||
@@ -55,11 +60,14 @@ setPrototypeOf: (target, key) => { throw new VMError('Object is read-only.') }, | ||
| return new Proxy(object, { | ||
| get: (target, key) => _protect(object[key]), | ||
| get: (target, key) => { | ||
| if (PROTECTED.includes(key)) return Reflect.get(target, key); | ||
| return _freeze(Reflect.get(target, key)); | ||
| }, | ||
| set: (target, key, value) => { | ||
| if (PROTECTED.includes(key)) throw new VMError(`Changing ${key} on protected object is prohibited.`); | ||
| if (typeof value === 'function') throw new VMError('Assigning a function to protected object is prohibited.'); | ||
| object[key] = value | ||
| return Reflect.set(target, key, value); | ||
| }, | ||
| setPrototypeOf: (target, key) => { throw new VMError('Changing prototype on protected object is prohibited.') }, | ||
| defineProperty: (target, key) => { throw new VMError('Defining property on protected object is prohibited.') }, | ||
| deleteProperty: (target, key) => delete object[key], | ||
| isExtensible: (target, key) => false, | ||
| deleteProperty: (target, key) => Reflect.deleteProperty(target, key), | ||
| preventExtensions: (target) => { throw new VMError('Method is prohibited on protected object.') } | ||
@@ -66,0 +74,0 @@ }); |
@@ -16,3 +16,3 @@ { | ||
| ], | ||
| "version": "3.4.1", | ||
| "version": "3.4.2", | ||
| "main": "index.js", | ||
@@ -19,0 +19,0 @@ "repository": { |
Sorry, the diff of this file is not supported yet
New alerts
License Policy Violation
LicenseThis package is not allowed per your license policy. Review the package's license to ensure compliance.
Found 1 instance in 1 package
Fixed alerts
License Policy Violation
LicenseThis package is not allowed per your license policy. Review the package's license to ensure compliance.
Found 1 instance in 1 package
Worsened metrics
- Total package byte prevSize
- decreased by-0.57%
73624
- Number of package files
- decreased by-6.67%
14
- Lines of code
- decreased by-1.3%
1825
No dependency changes