Skip to content

Commit

Permalink
[0.5.x] Migrate to lodash-es (#62)
Browse files Browse the repository at this point in the history 
* fix(sec): updated lodash to 4.17 due to CWE-1321 in the old package lodash.set

* formatting

* Migrate to lodash-es

* lint

---------

Co-authored-by: Tim MacDonald <[email protected]>
  • Loading branch information
@timacdonald
dij-qhoekman and timacdonald authored Jan 23, 2024
1 parent 1e62b13 commit fb6276f
Show file tree
Hide file tree
Showing 9 changed files with 15 additions and 48 deletions.
8 changes: 2 additions & 6 deletions packages/alpine/package.json
View file
Original file line number Diff line number Diff line change
Expand Up @@ -32,15 +32,11 @@
},
"dependencies": {
"laravel-precognition": "0.5.3",
"lodash.clonedeep": "^4.5.0",
"lodash.get": "^4.4.2",
"lodash.set": "^4.3.2"
"lodash-es": "^4.17.21"
},
"devDependencies": {
"@types/alpinejs": "^3.7.1",
"@types/lodash.clonedeep": "^4.5.7",
"@types/lodash.get": "^4.4.7",
"@types/lodash.set": "^4.3.7",
"@types/lodash-es": "^4.17.12",
"typescript": "^5.0.0"
}
}
4 changes: 1 addition & 3 deletions packages/alpine/src/index.ts
View file
Original file line number Diff line number Diff line change
@@ -1,8 +1,6 @@
import { Alpine as TAlpine } from 'alpinejs'
import { client, Config, createValidator, RequestMethod, resolveName, toSimpleValidationErrors, ValidationConfig, resolveUrl, resolveMethod } from 'laravel-precognition'
import cloneDeep from 'lodash.clonedeep'
import get from 'lodash.get'
import set from 'lodash.set'
import { cloneDeep, get, set } from 'lodash-es'
import { Form } from './types.js'

export { client }
Expand Down
14 changes: 2 additions & 12 deletions packages/core/package.json
View file
Original file line number Diff line number Diff line change
Expand Up @@ -29,20 +29,10 @@
},
"dependencies": {
"axios": "^1.4.0",
"lodash.debounce": "^4.0.8",
"lodash.get": "^4.4.2",
"lodash.isequal": "^4.0.8",
"lodash.merge": "^4.6.2",
"lodash.omit": "^4.5.0",
"lodash.set": "^4.3.2"
"lodash-es": "^4.17.21"
},
"devDependencies": {
"@types/lodash.debounce": "^4.0.7",
"@types/lodash.get": "^4.4.7",
"@types/lodash.isequal": "^4.0.7",
"@types/lodash.merge": "^4.0.7",
"@types/lodash.omit": "^4.5.7",
"@types/lodash.set": "^4.3.7",
"@types/lodash-es": "^4.17.12",
"@types/node": "^20.1.0",
"typescript": "^5.0.0",
"vitest": "^0.31.3"
Expand Down
2 changes: 1 addition & 1 deletion packages/core/src/client.ts
View file
Original file line number Diff line number Diff line change
@@ -1,5 +1,5 @@
import { isAxiosError, isCancel, AxiosInstance, AxiosResponse, default as Axios } from 'axios'
import merge from 'lodash.merge'
import { merge } from 'lodash-es'
import { Config, Client, RequestFingerprintResolver, StatusHandler, SuccessResolver, RequestMethod } from './types.js'

/**
Expand Down
11 changes: 3 additions & 8 deletions packages/core/src/validator.ts
View file
Original file line number Diff line number Diff line change
@@ -1,12 +1,7 @@
import debounce from 'lodash.debounce'
import isequal from 'lodash.isequal'
import get from 'lodash.get'
import set from 'lodash.set'
import { debounce, isEqual, get, set, omit, merge } from 'lodash-es'
import { ValidationCallback, Config, NamedInputEvent, SimpleValidationErrors, ValidationErrors, Validator as TValidator, ValidatorListeners, ValidationConfig } from './types.js'
import { client, isFile } from './client.js'
import { isAxiosError } from 'axios'
import omit from 'lodash.omit'
import merge from 'lodash.merge'

export const createValidator = (callback: ValidationCallback, initialData: Record<string, unknown> = {}): TValidator => {
/**
Expand Down Expand Up @@ -110,7 +105,7 @@ export const createValidator = (callback: ValidationCallback, initialData: Recor
const setErrors = (value: ValidationErrors|SimpleValidationErrors): (() => void)[] => {
const prepared = toValidationErrors(value)

if (! isequal(errors, prepared)) {
if (! isEqual(errors, prepared)) {
errors = prepared

return listeners.errorsChanged
Expand Down Expand Up @@ -225,7 +220,7 @@ export const createValidator = (callback: ValidationCallback, initialData: Recor
},
onBefore: () => {
const beforeValidationResult = (config.onBeforeValidation ?? ((previous, next) => {
return ! isequal(previous, next)
return ! isEqual(previous, next)
}))({ data, touched }, { data: oldData, touched: oldTouched })

if (beforeValidationResult === false) {
Expand Down
8 changes: 2 additions & 6 deletions packages/react/package.json
View file
Original file line number Diff line number Diff line change
Expand Up @@ -32,14 +32,10 @@
},
"dependencies": {
"laravel-precognition": "0.5.3",
"lodash.clonedeep": "^4.5.0",
"lodash.get": "^4.4.2",
"lodash.set": "^4.3.2"
"lodash-es": "^4.17.21"
},
"devDependencies": {
"@types/lodash.clonedeep": "^4.5.7",
"@types/lodash.get": "^4.4.7",
"@types/lodash.set": "^4.3.7",
"@types/lodash-es": "^4.17.12",
"@types/react": "^18.2.6",
"typescript": "^5.0.0"
}
Expand Down
4 changes: 1 addition & 3 deletions packages/react/src/index.ts
View file
Original file line number Diff line number Diff line change
@@ -1,7 +1,5 @@
import { resolveName, client, createValidator, Config, RequestMethod, Validator, toSimpleValidationErrors, ValidationConfig, resolveUrl, resolveMethod } from 'laravel-precognition'
import cloneDeep from 'lodash.clonedeep'
import get from 'lodash.get'
import set from 'lodash.set'
import { cloneDeep, get, set } from 'lodash-es'
import { useRef, useState } from 'react'
import { Form } from './types.js'

Expand Down
8 changes: 2 additions & 6 deletions packages/vue/package.json
View file
Original file line number Diff line number Diff line change
Expand Up @@ -32,14 +32,10 @@
},
"dependencies": {
"laravel-precognition": "0.5.3",
"lodash.clonedeep": "^4.5.0",
"lodash.get": "^4.4.2",
"lodash.set": "^4.3.2"
"lodash-es": "^4.17.21"
},
"devDependencies": {
"@types/lodash.clonedeep": "^4.5.7",
"@types/lodash.get": "^4.4.7",
"@types/lodash.set": "^4.3.7",
"@types/lodash-es": "^4.17.12",
"typescript": "^5.0.0"
}
}
4 changes: 1 addition & 3 deletions packages/vue/src/index.ts
View file
Original file line number Diff line number Diff line change
@@ -1,9 +1,7 @@
import { Config, RequestMethod, client, createValidator, toSimpleValidationErrors, ValidationConfig, resolveUrl, resolveMethod , resolveName } from 'laravel-precognition'
import { Form } from './types.js'
import { reactive, ref, toRaw } from 'vue'
import cloneDeep from 'lodash.clonedeep'
import get from 'lodash.get'
import set from 'lodash.set'
import { cloneDeep, get, set } from 'lodash-es'

export { client }

Expand Down

0 comments on commit fb6276f

Please sign in to comment.