Skip to content

Commit

Permalink
Merge pull request #60 from deleonio/fix/vulnerability-prototype-poll…
Browse files Browse the repository at this point in the history
…ution

Fix Vulnerability - Ready
  • Loading branch information
keithamus authored Jan 26, 2021
2 parents a123018 + 49ce1f4 commit 7859e0e
Show file tree
Hide file tree
Showing 8 changed files with 15,754 additions and 51 deletions.
1 change: 1 addition & 0 deletions .gitignore
Original file line number Diff line number Diff line change
Expand Up @@ -16,6 +16,7 @@ components
node_modules
npm-debug.log

.nyc_output/
coverage/

pathval.js
8 changes: 4 additions & 4 deletions .travis.yml
Original file line number Diff line number Diff line change
Expand Up @@ -10,10 +10,10 @@ cache:
- node_modules

node_js:
- 0.10 # to be removed 2016-10-01
- 0.12 # to be removed 2016-12-31
- 4 # to be removed 2018-04-01
- 6 # to be removed 2019-04-01
# - 0.10 # to be removed 2016-10-01
# - 0.12 # to be removed 2016-12-31
# - 4 # to be removed 2018-04-01
# - 6 # to be removed 2019-04-01
- lts/* # safety net; don't remove
- node # safety net; don't remove

Expand Down
20 changes: 15 additions & 5 deletions index.js
Original file line number Diff line number Diff line change
Expand Up @@ -76,13 +76,20 @@ function parsePath(path) {
var str = path.replace(/([^\\])\[/g, '$1.[');
var parts = str.match(/(\\\.|[^.]+?)+/g);
return parts.map(function mapMatches(value) {
if (
value === 'constructor' ||
value === '__proto__' ||
value === 'prototype'
) {
return {};
}
var regexp = /^\[(\d+)\]$/;
var mArr = regexp.exec(value);
var parsed = null;
if (mArr) {
parsed = { i: parseFloat(mArr[1]) };
} else {
parsed = { p: value.replace(/\\([.\[\]])/g, '$1') };
parsed = { p: value.replace(/\\([.[\]])/g, '$1') };
}

return parsed;
Expand All @@ -107,7 +114,7 @@ function parsePath(path) {
function internalGetPathValue(obj, parsed, pathDepth) {
var temporaryValue = obj;
var res = null;
pathDepth = (typeof pathDepth === 'undefined' ? parsed.length : pathDepth);
pathDepth = typeof pathDepth === 'undefined' ? parsed.length : pathDepth;

for (var i = 0; i < pathDepth; i++) {
var part = parsed[i];
Expand All @@ -118,7 +125,7 @@ function internalGetPathValue(obj, parsed, pathDepth) {
temporaryValue = temporaryValue[part.p];
}

if (i === (pathDepth - 1)) {
if (i === pathDepth - 1) {
res = temporaryValue;
}
}
Expand Down Expand Up @@ -152,7 +159,7 @@ function internalSetPathValue(obj, val, parsed) {
part = parsed[i];

// If it's the last part of the path, we set the 'propName' value with the property name
if (i === (pathDepth - 1)) {
if (i === pathDepth - 1) {
propName = typeof part.p === 'undefined' ? part.i : part.p;
// Now we set the property with the name held by 'propName' on object with the desired val
tempObj[propName] = val;
Expand Down Expand Up @@ -199,7 +206,10 @@ function getPathInfo(obj, path) {
var parsed = parsePath(path);
var last = parsed[parsed.length - 1];
var info = {
parent: parsed.length > 1 ? internalGetPathValue(obj, parsed, parsed.length - 1) : obj,
parent:
parsed.length > 1 ?
internalGetPathValue(obj, parsed, parsed.length - 1) :
obj,
name: last.p || last.i,
value: internalGetPathValue(obj, parsed),
};
Expand Down
26 changes: 12 additions & 14 deletions karma.conf.js
Original file line number Diff line number Diff line change
@@ -1,11 +1,12 @@
/* eslint no-process-env: "off" */

'use strict';

var packageJson = require('./package.json');
var defaultTimeout = 120000;
var browserifyIstanbul = require('browserify-istanbul');
module.exports = function configureKarma(config) {
var localBrowsers = [
'PhantomJS',
];
var localBrowsers = [ 'PhantomJS' ];
var sauceLabsBrowsers = {
SauceChromeLatest: {
base: 'SauceLabs',
Expand Down Expand Up @@ -41,7 +42,9 @@ module.exports = function configureKarma(config) {
config.set({
basePath: '',
browsers: localBrowsers,
logLevel: process.env.npm_config_debug ? config.LOG_DEBUG : config.LOG_INFO,
logLevel: process.env.npm_config_debug ?
config.LOG_DEBUG :
config.LOG_INFO,
frameworks: [ 'browserify', 'mocha' ],
files: [ 'test/*.js' ],
exclude: [],
Expand All @@ -51,9 +54,7 @@ module.exports = function configureKarma(config) {
browserify: {
debug: true,
bare: true,
transform: [
browserifyIstanbul({ ignore: [ '**/node_modules/**', '**/test/**' ] }),
],
transform: [ browserifyIstanbul({ ignore: [ '**/node_modules/**', '**/test/**' ] }) ],
},
reporters: [ 'progress', 'coverage' ],
coverageReporter: {
Expand Down Expand Up @@ -82,14 +83,11 @@ module.exports = function configureKarma(config) {
browsers: localBrowsers.concat(Object.keys(sauceLabsBrowsers)),
sauceLabs: {
testName: packageJson.name,
tunnelIdentifier: process.env.TRAVIS_JOB_NUMBER || new Date().getTime(),
tunnelIdentifier:
process.env.TRAVIS_JOB_NUMBER || new Date().getTime(),
recordVideo: true,
startConnect: ('TRAVIS' in process.env) === false,
tags: [
'pathval_' + packageJson.version,
process.env.SAUCE_USERNAME + '@' + branch,
build,
],
startConnect: 'TRAVIS' in process.env === false,
tags: [ 'pathval_' + packageJson.version, process.env.SAUCE_USERNAME + '@' + branch, build ],
},
});
}
Expand Down
Loading

0 comments on commit 7859e0e

Please sign in to comment.