zan-sku - npm Package Compare versions

Comparing version 4.2.0 to 4.2.1

lib/components/SKUGroup.js

@@ -159,2 +159,3 @@ 'use strict';
         if (data > 0) {
+          sku.leaf = [];
           sku[optionValue] = data;
@@ -161,0 +162,0 @@ sku[optionText] = text;

lib/Sku.js

@@ -25,5 +25,5 @@ 'use strict';
 
-var _clone = require('lodash/clone');
+var _cloneDeep = require('lodash/cloneDeep');
 
-var _clone2 = _interopRequireDefault(_clone);
+var _cloneDeep2 = _interopRequireDefault(_cloneDeep);
 
@@ -78,3 +78,2 @@ var _SKUGroup = require('./components/SKUGroup');
 
-      sku = (0, _clone2['default'])(sku);
       if (data.some(function (item, idx) {
@@ -97,3 +96,3 @@ return item[optionValue] === sku[optionValue] && index !== idx;
         skuTree.push(sku);
-        _this.setState({ skuTree: [].concat(skuTree) });
+        _this.setState({ skuTree: (0, _cloneDeep2['default'])(skuTree) });
       }
@@ -100,0 +99,0 @@ data = [].concat(data);

package.json

 {
   "name": "zan-sku",
-  "version": "4.2.0",
+  "version": "4.2.1",
   "description": "这是一个React组件",
@@ -5,0 +5,0 @@ "repository": "url/to/your/component",

src/components/SKUGroup.js

@@ -46,2 +46,3 @@ import React, { Component, PureComponent } from 'react';
       if (data > 0) {
+        sku.leaf = [];
         sku[optionValue] = data;
@@ -48,0 +49,0 @@ sku[optionText] = text;

src/Sku.js

@@ -5,3 +5,3 @@ import React, { Component, PureComponent } from 'react';
 import { Notify } from 'zent';
-import clone from 'lodash/clone';
+import cloneDeep from 'lodash/cloneDeep';
 import SKUGroup from './components/SKUGroup';
@@ -63,3 +63,2 @@ import SKUButton from './components/SKUButton';
     let { data, skuTree } = this.state;
-    sku = clone(sku);
     if (
@@ -82,3 +81,3 @@ data.some(
       skuTree.push(sku);
-      this.setState({ skuTree: [].concat(skuTree) });
+      this.setState({ skuTree: cloneDeep(skuTree) });
     }
@@ -85,0 +84,0 @@ data = [].concat(data);

New alerts

Major refactor

Supply chain risk

Package has recently undergone a major refactor. It may be unstable or indicate significant internal changes. Use caution when updating to versions that include significant changes.

Found 1 instance in 1 package

Uses eval

Supply chain risk

Package uses dynamic code execution (e.g., eval()), which is a dangerous practice. This can prevent the code from running in certain environments and increases the risk that the code may contain exploits or malicious behavior.

Found 1 instance in 1 package

Environment variable access

Supply chain risk

Package accesses environment variables, which may be a sign of credential stuffing or data theft.

Found 2 instances in 1 package

Improved metrics

Total package byte prevSize

1032806

increased by1037.89%

Lines of code

28915

increased by1122.62%

Worsened metrics

Number of low supply chain risk alerts

21

increased by2000%

Number of medium supply chain risk alerts

4

increased byInfinity%

No dependency changes