brianhansonxyz/rspade_system
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Update npm packages (73 packages including @jqhtml 2.3.36)

Browse Source 
Update npm registry domain from privatenpm.hanson.xyz to npm.internal.hanson.xyz

🤖 Generated with [Claude Code](https://claude.com/claude-code)

Co-Authored-By: Claude <noreply@anthropic.com>
This commit is contained in:
root
2026-02-20 11:31:28 +00:00
parent d01a6179aa
commit b5eb27a827
1690 changed files with 47348 additions and 16848 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
node_modules/qs/.editorconfig generated vendored
View File

@@ -7,7 +7,7 @@ end_of_line = lf
charset = utf-8
trim_trailing_whitespace = true
insert_final_newline = true
max_line_length = 160
max_line_length = 180
quote_type = single
[test/*]

177
node_modules/qs/CHANGELOG.md generated vendored
View File

@@ -1,5 +1,22 @@
## **6.15.0**
- [New] `parse`: add `strictMerge` option to wrap object/primitive conflicts in an array (#425, #122)
- [Fix] `duplicates` option should not apply to bracket notation keys (#514)
## **6.14.2**
- [Fix] `parse`: mark overflow objects for indexed notation exceeding `arrayLimit` (#546)
- [Fix] `arrayLimit` means max count, not max index, in `combine`/`merge`/`parseArrayValue`
- [Fix] `parse`: throw on `arrayLimit` exceeded with indexed notation when `throwOnLimitExceeded` is true (#529)
- [Fix] `parse`: enforce `arrayLimit` on `comma`-parsed values
- [Fix] `parse`: fix error message to reflect arrayLimit as max index; remove extraneous comments (#545)
- [Robustness] avoid `.push`, use `void`
- [readme] document that `addQueryPrefix` does not add `?` to empty output (#418)
- [readme] clarify `parseArrays` and `arrayLimit` documentation (#543)
- [readme] replace runkit CI badge with shields.io check-runs badge
- [meta] fix changelog typo (`arrayLength``arrayLimit`)
- [actions] fix rebase workflow permissions
## **6.14.1**
- [Fix] ensure arrayLength applies to `[]` notation as well
- [Fix] ensure `arrayLimit` applies to `[]` notation as well
- [Fix] `parse`: when a custom decoder returns `null` for a key, ignore that key
- [Refactor] `parse`: extract key segment splitting helper
- [meta] add threat model
@@ -17,6 +34,17 @@
- [Dev Deps] update `es-value-fixtures`, `has-bigints`, `has-proto`, `has-symbols`
- [Tests] increase coverage
## **6.13.3**
[Fix] fix regressions from robustness refactor
[actions] update reusable workflows
## **6.13.2**
- [Robustness] avoid `.push`, use `void`
- [readme] clarify `parseArrays` and `arrayLimit` documentation (#543)
- [readme] document that `addQueryPrefix` does not add `?` to empty output (#418)
- [readme] replace runkit CI badge with shields.io check-runs badge
- [actions] fix rebase workflow permissions
## **6.13.1**
- [Fix] `stringify`: avoid a crash when a `filter` key is `null`
- [Fix] `utils.merge`: functions should not be stringified into keys
@@ -33,6 +61,17 @@
- [New] `parse`: add `strictDepth` option (#511)
- [Tests] use `npm audit` instead of `aud`
## **6.12.5**
- [Fix] fix regressions from robustness refactor
- [actions] update reusable workflows
## **6.12.4**
- [Robustness] avoid `.push`, use `void`
- [readme] clarify `parseArrays` and `arrayLimit` documentation (#543)
- [readme] document that `addQueryPrefix` does not add `?` to empty output (#418)
- [readme] replace runkit CI badge with shields.io check-runs badge
- [actions] fix rebase workflow permissions
## **6.12.3**
- [Fix] `parse`: properly account for `strictNullHandling` when `allowEmptyArrays`
- [meta] fix changelog indentation
@@ -70,6 +109,17 @@
- [Dev Deps] pin `glob`, since v10.3.8+ requires a broken `jackspeak`
- [Dev Deps] pin `jackspeak` since 2.1.2+ depends on npm aliases, which kill the install process in npm < 6
## **6.11.4**
- [Fix] fix regressions from robustness refactor
- [actions] update reusable workflows
## **6.11.3**
- [Robustness] avoid `.push`, use `void`
- [readme] clarify `parseArrays` and `arrayLimit` documentation (#543)
- [readme] document that `addQueryPrefix` does not add `?` to empty output (#418)
- [readme] replace runkit CI badge with shields.io check-runs badge
- [actions] fix rebase workflow permissions
## **6.11.2**
- [Fix] `parse`: Fix parsing when the global Object prototype is frozen (#473)
- [Tests] add passing test cases with empty keys (#473)
@@ -87,6 +137,17 @@
- [New] [Fix] `stringify`: revert 0e903c0; add `commaRoundTrip` option (#442)
- [readme] fix version badge
## **6.10.7**
- [Fix] fix regressions from robustness refactor
- [actions] update reusable workflows
## **6.10.6**
- [Robustness] avoid `.push`, use `void`
- [readme] clarify `parseArrays` and `arrayLimit` documentation (#543)
- [readme] document that `addQueryPrefix` does not add `?` to empty output (#418)
- [readme] replace runkit CI badge with shields.io check-runs badge
- [actions] fix rebase workflow permissions
## **6.10.5**
- [Fix] `stringify`: with `arrayFormat: comma`, properly include an explicit `[]` on a single-item array (#434)
@@ -124,6 +185,18 @@
- [Tests] use `ljharb/actions/node/install` instead of `ljharb/actions/node/run`
- [Tests] Revert "[meta] ignore eclint transitive audit warning"
## **6.9.9**
- [Fix] fix regressions from robustness refactor
- [meta] add `npmignore` to autogenerate an npmignore file
- [actions] update reusable workflows
## **6.9.8**
- [Robustness] avoid `.push`, use `void`
- [readme] clarify `parseArrays` and `arrayLimit` documentation (#543)
- [readme] document that `addQueryPrefix` does not add `?` to empty output (#418)
- [readme] replace runkit CI badge with shields.io check-runs badge
- [actions] fix rebase workflow permissions
## **6.9.7**
- [Fix] `parse`: ignore `__proto__` keys (#428)
- [Fix] `stringify`: avoid encoding arrayformat comma when `encodeValuesOnly = true` (#424)
@@ -184,6 +257,18 @@
- [Tests] up to `node` `v12.10`, `v11.15`, `v10.16`, `v8.16`
- [Tests] `Buffer.from` in node v5.0-v5.9 and v4.0-v4.4 requires a TypedArray
## **6.8.5**
- [Fix] fix regressions from robustness refactor
- [meta] add `npmignore` to autogenerate an npmignore file
- [actions] update reusable workflows
## **6.8.4**
- [Robustness] avoid `.push`, use `void`
- [readme] clarify `parseArrays` and `arrayLimit` documentation (#543)
- [readme] document that `addQueryPrefix` does not add `?` to empty output (#418)
- [readme] replace runkit CI badge with shields.io check-runs badge
- [actions] fix rebase workflow permissions
## **6.8.3**
- [Fix] `parse`: ignore `__proto__` keys (#428)
- [Robustness] `stringify`: avoid relying on a global `undefined` (#427)
@@ -228,6 +313,18 @@
- [meta] add FUNDING.yml
- [meta] Clean up license text so its properly detected as BSD-3-Clause
## **6.7.5**
- [Fix] fix regressions from robustness refactor
- [meta] add `npmignore` to autogenerate an npmignore file
- [actions] update reusable workflows
## **6.7.4**
- [Robustness] avoid `.push`, use `void`
- [readme] clarify `parseArrays` and `arrayLimit` documentation (#543)
- [readme] document that `addQueryPrefix` does not add `?` to empty output (#418)
- [readme] replace runkit CI badge with shields.io check-runs badge
- [actions] fix rebase workflow permissions
## **6.7.3**
- [Fix] `parse`: ignore `__proto__` keys (#428)
- [Fix] `stringify`: avoid encoding arrayformat comma when `encodeValuesOnly = true` (#424)
@@ -279,6 +376,18 @@
- [Tests] fix Buffer tests to work in node < 4.5 and node < 5.10
- [Tests] temporarily allow coverage to fail
## **6.6.3**
- [Fix] fix regressions from robustness refactor
- [meta] add `npmignore` to autogenerate an npmignore file
- [actions] update reusable workflows
## **6.6.2**
- [Robustness] avoid `.push`, use `void`
- [readme] clarify `parseArrays` and `arrayLimit` documentation (#543)
- [readme] document that `addQueryPrefix` does not add `?` to empty output (#418)
- [readme] replace runkit CI badge with shields.io check-runs badge
- [actions] fix rebase workflow permissions
## **6.6.1**
- [Fix] `parse`: ignore `__proto__` keys (#428)
- [Fix] fix for an impossible situation: when the formatter is called with a non-string value
@@ -321,6 +430,18 @@
- [Dev Deps] update `browserify`, `eslint`, `@ljharb/eslint-config`, `iconv-lite`, `safe-publish-latest`, `tape`
- [Tests] up to `node` `v10.10`, `v9.11`, `v8.12`, `v6.14`, `v4.9`; pin included builds to LTS
## **6.5.5**
- [Fix] fix regressions from robustness refactor
- [meta] add `npmignore` to autogenerate an npmignore file
- [actions] update reusable workflows
## **6.5.4**
- [Robustness] avoid `.push`, use `void`
- [readme] clarify `parseArrays` and `arrayLimit` documentation (#543)
- [readme] document that `addQueryPrefix` does not add `?` to empty output (#418)
- [readme] replace runkit CI badge with shields.io check-runs badge
- [actions] fix rebase workflow permissions
## **6.5.3**
- [Fix] `parse`: ignore `__proto__` keys (#428)
- [Fix] `utils.merge`: avoid a crash with a null target and a truthy non-array source
@@ -371,6 +492,18 @@
- [Tests] up to `node` `v8.1`, `v7.10`, `v6.11`; npm v4.6 breaks on node < v1; npm v5+ breaks on node < v4
- [Tests] add `editorconfig-tools`
## **6.4.3**
- [Fix] fix regressions from robustness refactor
- [meta] add `npmignore` to autogenerate an npmignore file
- [actions] update reusable workflows
## **6.4.2**
- [Robustness] avoid `.push`, use `void`
- [readme] clarify `parseArrays` and `arrayLimit` documentation (#543)
- [readme] replace runkit CI badge with shields.io check-runs badge
- [readme] replace travis CI badge with shields.io check-runs badge
- [actions] fix rebase workflow permissions
## **6.4.1**
- [Fix] `parse`: ignore `__proto__` keys (#428)
- [Fix] fix for an impossible situation: when the formatter is called with a non-string value
@@ -401,6 +534,17 @@
- [Tests] up to `node` `v7.7`, `v6.10`,` v4.8`; disable osx builds since they block linux builds
- [eslint] reduce warnings
## **6.3.5**
- [Fix] fix regressions from robustness refactor
- [meta] add `npmignore` to autogenerate an npmignore file
- [actions] update reusable workflows
## **6.3.4**
- [Robustness] avoid `.push`, use `void`
- [readme] clarify `parseArrays` and `arrayLimit` documentation (#543)
- [readme] replace travis CI badge with shields.io check-runs badge
- [actions] fix rebase workflow permissions
## **6.3.3**
- [Fix] `parse`: ignore `__proto__` keys (#428)
- [Fix] fix for an impossible situation: when the formatter is called with a non-string value
@@ -454,6 +598,17 @@
- [Tests] skip Object.create tests when null objects are not available
- [Tests] Turn on eslint for test files (#175)
## **6.2.6**
- [Fix] fix regression from robustness refactor
- [meta] add `npmignore` to autogenerate an npmignore file
- [actions] update reusable workflows
## **6.2.5**
- [Robustness] avoid `.push`, use `void`
- [readme] clarify `parseArrays` and `arrayLimit` documentation (#543)
- [readme] replace travis CI badge with shields.io check-runs badge
- [actions] fix rebase workflow permissions
## **6.2.4**
- [Fix] `parse`: ignore `__proto__` keys (#428)
- [Fix] `utils.merge`: avoid a crash with a null target and an array source
@@ -492,6 +647,16 @@
- [New] add "encoder" and "decoder" options, for custom param encoding/decoding (#160)
- [Fix] fix compacting of nested sparse arrays (#150)
## **6.1.4**
- [Fix] fix regression from robustness refactor
- [meta] add `npmignore` to autogenerate an npmignore file
- [actions] update reusable workflows
## **6.1.3**
- [Robustness] avoid `.push`, use `void`
- [readme] clarify `parseArrays` and `arrayLimit` documentation (#543)
- [readme] replace travis CI badge with shields.io check-runs badge
## **6.1.2**
- [Fix] follow `allowPrototypes` option during merge (#201, #200)
- [Fix] chmod a-x
@@ -506,6 +671,16 @@
- [Fix] "sort" option should work at a depth of 3 or more (#151)
- [Fix] Restore `dist` directory; will be removed in v7 (#148)
## **6.0.6**
- [Fix] fix regression from robustness refactor
- [meta] add `npmignore` to autogenerate an npmignore file
- [actions] update reusable workflows
## **6.0.5**
- [Robustness] avoid `.push`, use `void`
- [readme] clarify `parseArrays` and `arrayLimit` documentation (#543)
- [readme] replace travis CI badge with shields.io check-runs badge
## **6.0.4**
- [Fix] follow `allowPrototypes` option during merge (#201, #200)
- [Fix] chmod a-x

33
node_modules/qs/README.md generated vendored
View File

@@ -197,6 +197,11 @@ assert.deepEqual(qs.parse('foo=bar&foo=baz', { duplicates: 'first' }), { foo: 'b
assert.deepEqual(qs.parse('foo=bar&foo=baz', { duplicates: 'last' }), { foo: 'baz' });
```
Note that keys with bracket notation (`[]`) always combine into arrays, regardless of the `duplicates` setting:
```javascript
assert.deepEqual(qs.parse('a=1&a=2&b[]=1&b[]=2', { duplicates: 'last' }), { a: '2', b: ['1', '2'] });
```
If you have to deal with legacy browsers or services, there's also support for decoding percent-encoded octets as iso-8859-1:
```javascript
@@ -282,8 +287,8 @@ var withIndexedEmptyString = qs.parse('a[0]=b&a[1]=&a[2]=c');
assert.deepEqual(withIndexedEmptyString, { a: ['b', '', 'c'] });
```
**qs** will also limit specifying indices in an array to a maximum index of `20`.
Any array members with an index of greater than `20` will instead be converted to an object with the index as the key.
**qs** will also limit arrays to a maximum of `20` elements.
Any array members with an index of `20` or greater will instead be converted to an object with the index as the key.
This is needed to handle cases when someone sent, for example, `a[999999999]` and it will take significant time to iterate over this huge array.
```javascript
@@ -310,7 +315,8 @@ try {
When `throwOnLimitExceeded` is set to `false` (default), **qs** will parse up to the specified `arrayLimit` and if the limit is exceeded, the array will instead be converted to an object with the index as the key
To disable array parsing entirely, set `parseArrays` to `false`.
To prevent array syntax (`a[]`, `a[0]`) from being parsed as arrays, set `parseArrays` to `false`.
Note that duplicate keys (e.g. `a=b&a=c`) may still produce arrays when `duplicates` is `'combine'` (the default).
```javascript
var noParsingArrays = qs.parse('a[]=b', { parseArrays: false });
@@ -324,6 +330,19 @@ var mixedNotation = qs.parse('a[0]=b&a[b]=c');
assert.deepEqual(mixedNotation, { a: { '0': 'b', b: 'c' } });
```
When a key appears as both a plain value and an object, **qs** will by default wrap the conflicting values in an array (`strictMerge` defaults to `true`):
```javascript
assert.deepEqual(qs.parse('a[b]=c&a=d'), { a: [{ b: 'c' }, 'd'] });
assert.deepEqual(qs.parse('a=d&a[b]=c'), { a: ['d', { b: 'c' }] });
```
To restore the legacy behavior (where the primitive is used as a key with value `true`), set `strictMerge` to `false`:
```javascript
assert.deepEqual(qs.parse('a[b]=c&a=d', { strictMerge: false }), { a: { b: 'c', d: true } });
```
You can also create arrays of objects:
```javascript
@@ -512,6 +531,12 @@ The query string may optionally be prepended with a question mark:
assert.equal(qs.stringify({ a: 'b', c: 'd' }, { addQueryPrefix: true }), '?a=b&c=d');
```
Note that when the output is an empty string, the prefix will not be added:
```javascript
assert.equal(qs.stringify({}, { addQueryPrefix: true }), '');
```
The delimiter may be overridden with stringify as well:
```javascript
@@ -723,7 +748,7 @@ Save time, reduce risk, and improve code health, while paying the maintainers of
[downloads-url]: https://npm-stat.com/charts.html?package=qs
[codecov-image]: https://codecov.io/gh/ljharb/qs/branch/main/graphs/badge.svg
[codecov-url]: https://app.codecov.io/gh/ljharb/qs/
[actions-image]: https://img.shields.io/endpoint?url=https://github-actions-badge-u3jn4tfpocch.runkit.sh/ljharb/qs
[actions-image]: https://img.shields.io/github/check-runs/ljharb/qs/main
[actions-url]: https://github.com/ljharb/qs/actions
## Acknowledgements

32
node_modules/qs/dist/qs.js generated vendored
View File

File diff suppressed because one or more lines are too long

35
node_modules/qs/lib/parse.js generated vendored
View File

@@ -25,6 +25,7 @@ var defaults = {
parseArrays: true,
plainObjects: false,
strictDepth: false,
strictMerge: true,
strictNullHandling: false,
throwOnLimitExceeded: false
};
@@ -63,7 +64,7 @@ var parseValues = function parseQueryStringValues(str, options) {
var cleanStr = options.ignoreQueryPrefix ? str.replace(/^\?/, '') : str;
cleanStr = cleanStr.replace(/%5B/gi, '[').replace(/%5D/gi, ']');
var limit = options.parameterLimit === Infinity ? undefined : options.parameterLimit;
var limit = options.parameterLimit === Infinity ? void undefined : options.parameterLimit;
var parts = cleanStr.split(
options.delimiter,
options.throwOnLimitExceeded ? limit + 1 : limit
@@ -130,9 +131,16 @@ var parseValues = function parseQueryStringValues(str, options) {
val = isArray(val) ? [val] : val;
}
if (options.comma && isArray(val) && val.length > options.arrayLimit) {
if (options.throwOnLimitExceeded) {
throw new RangeError('Array limit exceeded. Only ' + options.arrayLimit + ' element' + (options.arrayLimit === 1 ? '' : 's') + ' allowed in an array.');
}
val = utils.combine([], val, options.arrayLimit, options.plainObjects);
}
if (key !== null) {
var existing = has.call(obj, key);
if (existing && options.duplicates === 'combine') {
if (existing && (options.duplicates === 'combine' || part.indexOf('[]=') > -1)) {
obj[key] = utils.combine(
obj[key],
val,
@@ -180,17 +188,21 @@ var parseObject = function (chain, val, options, valuesParsed) {
var cleanRoot = root.charAt(0) === '[' && root.charAt(root.length - 1) === ']' ? root.slice(1, -1) : root;
var decodedRoot = options.decodeDotInKeys ? cleanRoot.replace(/%2E/g, '.') : cleanRoot;
var index = parseInt(decodedRoot, 10);
if (!options.parseArrays && decodedRoot === '') {
obj = { 0: leaf };
} else if (
!isNaN(index)
var isValidArrayIndex = !isNaN(index)
&& root !== decodedRoot
&& String(index) === decodedRoot
&& index >= 0
&& (options.parseArrays && index <= options.arrayLimit)
) {
&& options.parseArrays;
if (!options.parseArrays && decodedRoot === '') {
obj = { 0: leaf };
} else if (isValidArrayIndex && index < options.arrayLimit) {
obj = [];
obj[index] = leaf;
} else if (isValidArrayIndex && options.throwOnLimitExceeded) {
throw new RangeError('Array limit exceeded. Only ' + options.arrayLimit + ' element' + (options.arrayLimit === 1 ? '' : 's') + ' allowed in an array.');
} else if (isValidArrayIndex) {
obj[index] = leaf;
utils.markOverflow(obj, index);
} else if (decodedRoot !== '__proto__') {
obj[decodedRoot] = leaf;
}
@@ -230,7 +242,7 @@ var splitKeyIntoSegments = function splitKeyIntoSegments(givenKey, options) {
}
}
keys.push(parent);
keys[keys.length] = parent;
}
var i = 0;
@@ -244,7 +256,7 @@ var splitKeyIntoSegments = function splitKeyIntoSegments(givenKey, options) {
}
}
keys.push(segment[1]);
keys[keys.length] = segment[1];
}
if (segment) {
@@ -252,7 +264,7 @@ var splitKeyIntoSegments = function splitKeyIntoSegments(givenKey, options) {
throw new RangeError('Input depth exceeded depth option of ' + options.depth + ' and strictDepth is true');
}
keys.push('[' + key.slice(segment.index) + ']');
keys[keys.length] = '[' + key.slice(segment.index) + ']';
}
return keys;
@@ -328,6 +340,7 @@ var normalizeParseOptions = function normalizeParseOptions(opts) {
parseArrays: opts.parseArrays !== false,
plainObjects: typeof opts.plainObjects === 'boolean' ? opts.plainObjects : defaults.plainObjects,
strictDepth: typeof opts.strictDepth === 'boolean' ? !!opts.strictDepth : defaults.strictDepth,
strictMerge: typeof opts.strictMerge === 'boolean' ? !!opts.strictMerge : defaults.strictMerge,
strictNullHandling: typeof opts.strictNullHandling === 'boolean' ? opts.strictNullHandling : defaults.strictNullHandling,
throwOnLimitExceeded: typeof opts.throwOnLimitExceeded === 'boolean' ? opts.throwOnLimitExceeded : false
};

38
node_modules/qs/lib/utils.js generated vendored
View File

@@ -30,7 +30,7 @@ var setMaxIndex = function setMaxIndex(obj, maxIndex) {
var hexTable = (function () {
var array = [];
for (var i = 0; i < 256; ++i) {
array.push('%' + ((i < 16 ? '0' : '') + i.toString(16)).toUpperCase());
array[array.length] = '%' + ((i < 16 ? '0' : '') + i.toString(16)).toUpperCase();
}
return array;
@@ -46,7 +46,7 @@ var compactQueue = function compactQueue(queue) {
for (var j = 0; j < obj.length; ++j) {
if (typeof obj[j] !== 'undefined') {
compacted.push(obj[j]);
compacted[compacted.length] = obj[j];
}
}
@@ -74,13 +74,19 @@ var merge = function merge(target, source, options) {
if (typeof source !== 'object' && typeof source !== 'function') {
if (isArray(target)) {
target.push(source);
var nextIndex = target.length;
if (options && typeof options.arrayLimit === 'number' && nextIndex > options.arrayLimit) {
return markOverflow(arrayToObject(target.concat(source), options), nextIndex);
}
target[nextIndex] = source;
} else if (target && typeof target === 'object') {
if (isOverflow(target)) {
// Add at next numeric index for overflow objects
var newIndex = getMaxIndex(target) + 1;
target[newIndex] = source;
setMaxIndex(target, newIndex);
} else if (options && options.strictMerge) {
return [target, source];
} else if (
(options && (options.plainObjects || options.allowPrototypes))
|| !has.call(Object.prototype, source)
@@ -107,7 +113,11 @@ var merge = function merge(target, source, options) {
}
return markOverflow(result, getMaxIndex(source) + 1);
}
return [target].concat(source);
var combined = [target].concat(source);
if (options && typeof options.arrayLimit === 'number' && combined.length > options.arrayLimit) {
return markOverflow(arrayToObject(combined, options), combined.length - 1);
}
return combined;
}
var mergeTarget = target;
@@ -122,7 +132,7 @@ var merge = function merge(target, source, options) {
if (targetItem && typeof targetItem === 'object' && item && typeof item === 'object') {
target[i] = merge(targetItem, item, options);
} else {
target.push(item);
target[target.length] = item;
}
} else {
target[i] = item;
@@ -139,6 +149,17 @@ var merge = function merge(target, source, options) {
} else {
acc[key] = value;
}
if (isOverflow(source) && !isOverflow(acc)) {
markOverflow(acc, getMaxIndex(source));
}
if (isOverflow(acc)) {
var keyNum = parseInt(key, 10);
if (String(keyNum) === key && keyNum >= 0 && keyNum > getMaxIndex(acc)) {
setMaxIndex(acc, keyNum);
}
}
return acc;
}, mergeTarget);
};
@@ -255,8 +276,8 @@ var compact = function compact(value) {
var key = keys[j];
var val = obj[key];
if (typeof val === 'object' && val !== null && refs.indexOf(val) === -1) {
queue.push({ obj: obj, prop: key });
refs.push(val);
queue[queue.length] = { obj: obj, prop: key };
refs[refs.length] = val;
}
}
}
@@ -298,7 +319,7 @@ var maybeMap = function maybeMap(val, fn) {
if (isArray(val)) {
var mapped = [];
for (var i = 0; i < val.length; i += 1) {
mapped.push(fn(val[i]));
mapped[mapped.length] = fn(val[i]);
}
return mapped;
}
@@ -315,6 +336,7 @@ module.exports = {
isBuffer: isBuffer,
isOverflow: isOverflow,
isRegExp: isRegExp,
markOverflow: markOverflow,
maybeMap: maybeMap,
merge: merge
};

2
node_modules/qs/package.json generated vendored
View File

@@ -2,7 +2,7 @@
"name": "qs",
"description": "A querystring parser that supports nesting and arrays, with a depth limit",
"homepage": "https://github.com/ljharb/qs",
"version": "6.14.1",
"version": "6.15.0",
"repository": {
"type": "git",
"url": "https://github.com/ljharb/qs.git"

198
node_modules/qs/test/parse.js generated vendored
View File

@@ -261,11 +261,11 @@ test('parse()', function (t) {
});
t.test('limits specific array indices to arrayLimit', function (st) {
st.deepEqual(qs.parse('a[20]=a', { arrayLimit: 20 }), { a: ['a'] });
st.deepEqual(qs.parse('a[21]=a', { arrayLimit: 20 }), { a: { 21: 'a' } });
st.deepEqual(qs.parse('a[19]=a', { arrayLimit: 20 }), { a: ['a'] });
st.deepEqual(qs.parse('a[20]=a', { arrayLimit: 20 }), { a: { 20: 'a' } });
st.deepEqual(qs.parse('a[20]=a'), { a: ['a'] });
st.deepEqual(qs.parse('a[21]=a'), { a: { 21: 'a' } });
st.deepEqual(qs.parse('a[19]=a'), { a: ['a'] });
st.deepEqual(qs.parse('a[20]=a'), { a: { 20: 'a' } });
st.end();
});
@@ -483,7 +483,7 @@ test('parse()', function (t) {
t.test('allows overriding array limit', function (st) {
st.deepEqual(qs.parse('a[0]=b', { arrayLimit: -1 }), { a: { 0: 'b' } });
st.deepEqual(qs.parse('a[0]=b', { arrayLimit: 0 }), { a: ['b'] });
st.deepEqual(qs.parse('a[0]=b', { arrayLimit: 0 }), { a: { 0: 'b' } });
st.deepEqual(qs.parse('a[-1]=b', { arrayLimit: -1 }), { a: { '-1': 'b' } });
st.deepEqual(qs.parse('a[-1]=b', { arrayLimit: 0 }), { a: { '-1': 'b' } });
@@ -784,25 +784,25 @@ test('parse()', function (t) {
t.test('add keys to objects', function (st) {
st.deepEqual(
qs.parse('a[b]=c&a=d'),
qs.parse('a[b]=c&a=d', { strictMerge: false }),
{ a: { b: 'c', d: true } },
'can add keys to objects'
);
st.deepEqual(
qs.parse('a[b]=c&a=toString'),
qs.parse('a[b]=c&a=toString', { strictMerge: false }),
{ a: { b: 'c' } },
'can not overwrite prototype'
);
st.deepEqual(
qs.parse('a[b]=c&a=toString', { allowPrototypes: true }),
qs.parse('a[b]=c&a=toString', { strictMerge: false, allowPrototypes: true }),
{ a: { b: 'c', toString: true } },
'can overwrite prototype with allowPrototypes true'
);
st.deepEqual(
qs.parse('a[b]=c&a=toString', { plainObjects: true }),
qs.parse('a[b]=c&a=toString', { strictMerge: false, plainObjects: true }),
{ __proto__: null, a: { __proto__: null, b: 'c', toString: true } },
'can overwrite prototype with plainObjects true'
);
@@ -810,6 +810,34 @@ test('parse()', function (t) {
st.end();
});
t.test('strictMerge wraps object and primitive into an array', function (st) {
st.deepEqual(
qs.parse('a[b]=c&a=d'),
{ a: [{ b: 'c' }, 'd'] },
'object then primitive produces array'
);
st.deepEqual(
qs.parse('a=d&a[b]=c'),
{ a: ['d', { b: 'c' }] },
'primitive then object produces array'
);
st.deepEqual(
qs.parse('a[b]=c&a=toString'),
{ a: [{ b: 'c' }, 'toString'] },
'prototype-colliding value is preserved in array'
);
st.deepEqual(
qs.parse('a[b]=c&a=toString', { plainObjects: true }),
{ __proto__: null, a: [{ __proto__: null, b: 'c' }, 'toString'] },
'plainObjects preserved in array wrapping'
);
st.end();
});
t.test('dunder proto is ignored', function (st) {
var payload = 'categories[__proto__]=login&categories[__proto__]&categories[length]=42';
var result = qs.parse(payload, { allowPrototypes: true });
@@ -1118,6 +1146,7 @@ test('parse()', function (t) {
});
st.test('throws error when array limit exceeded', function (sst) {
// 4 elements exceeds limit of 3
sst['throws'](
function () {
qs.parse('a[]=1&a[]=2&a[]=3&a[]=4', { arrayLimit: 3, throwOnLimitExceeded: true });
@@ -1128,6 +1157,14 @@ test('parse()', function (t) {
sst.end();
});
st.test('does not throw when at limit', function (sst) {
// 3 elements = limit of 3, should not throw
var result = qs.parse('a[]=1&a[]=2&a[]=3', { arrayLimit: 3, throwOnLimitExceeded: true });
sst.ok(Array.isArray(result.a), 'result is an array');
sst.deepEqual(result.a, ['1', '2', '3'], 'all values present');
sst.end();
});
st.test('converts array to object if length is greater than limit', function (sst) {
var result = qs.parse('a[1]=1&a[2]=2&a[3]=3&a[4]=4&a[5]=5&a[6]=6', { arrayLimit: 5 });
@@ -1135,6 +1172,40 @@ test('parse()', function (t) {
sst.end();
});
st.test('throws error when indexed notation exceeds arrayLimit with throwOnLimitExceeded', function (sst) {
sst['throws'](
function () {
qs.parse('a[1001]=b', { arrayLimit: 1000, throwOnLimitExceeded: true });
},
new RangeError('Array limit exceeded. Only 1000 elements allowed in an array.'),
'throws error for a single index exceeding arrayLimit'
);
sst['throws'](
function () {
qs.parse('a[0]=1&a[1]=2&a[2]=3&a[10]=4', { arrayLimit: 6, throwOnLimitExceeded: true, allowSparse: true });
},
new RangeError('Array limit exceeded. Only 6 elements allowed in an array.'),
'throws error when a sparse index exceeds arrayLimit'
);
sst.end();
});
st.test('does not throw for indexed notation within arrayLimit with throwOnLimitExceeded', function (sst) {
var result = qs.parse('a[4]=b', { arrayLimit: 5, throwOnLimitExceeded: true, allowSparse: true });
sst.ok(Array.isArray(result.a), 'result is an array');
sst.equal(result.a.length, 5, 'array has correct length');
sst.equal(result.a[4], 'b', 'value at index 4 is correct');
sst.end();
});
st.test('silently converts to object for indexed notation exceeding arrayLimit without throwOnLimitExceeded', function (sst) {
var result = qs.parse('a[1001]=b', { arrayLimit: 1000 });
sst.deepEqual(result, { a: { 1001: 'b' } }, 'converts to object without throwing');
sst.end();
});
st.end();
});
@@ -1186,6 +1257,34 @@ test('`duplicates` option', function (t) {
'duplicates: last'
);
t.test('bracket notation always combines regardless of duplicates', function (st) {
st.deepEqual(
qs.parse('a=1&a=2&b[]=1&b[]=2', { duplicates: 'last' }),
{ a: '2', b: ['1', '2'] },
'duplicates last: unbracketed takes last, bracketed combines'
);
st.deepEqual(
qs.parse('b[]=1&b[]=2', { duplicates: 'last' }),
{ b: ['1', '2'] },
'duplicates last: bracketed always combines'
);
st.deepEqual(
qs.parse('b[]=1&b[]=2', { duplicates: 'first' }),
{ b: ['1', '2'] },
'duplicates first: bracketed always combines'
);
st.deepEqual(
qs.parse('a=1&a=2&b[]=1&b[]=2', { duplicates: 'first' }),
{ a: '1', b: ['1', '2'] },
'duplicates first: unbracketed takes first, bracketed combines'
);
st.end();
});
t.end();
});
@@ -1304,24 +1403,72 @@ test('DOS', function (t) {
});
test('arrayLimit boundary conditions', function (t) {
// arrayLimit is the max number of elements allowed in an array
t.test('exactly at the limit stays as array', function (st) {
// 3 elements = limit of 3
var result = qs.parse('a[]=1&a[]=2&a[]=3', { arrayLimit: 3 });
st.ok(Array.isArray(result.a), 'result is an array when exactly at limit');
st.ok(Array.isArray(result.a), 'result is an array when count equals limit');
st.deepEqual(result.a, ['1', '2', '3'], 'all values present');
st.end();
});
t.test('one over the limit converts to object', function (st) {
// 4 elements exceeds limit of 3
var result = qs.parse('a[]=1&a[]=2&a[]=3&a[]=4', { arrayLimit: 3 });
st.notOk(Array.isArray(result.a), 'result is not an array when over limit');
st.deepEqual(result.a, { 0: '1', 1: '2', 2: '3', 3: '4' }, 'all values preserved as object');
st.end();
});
t.test('arrayLimit 1 with two values', function (st) {
t.test('arrayLimit 1 with one value', function (st) {
// 1 element = limit of 1
var result = qs.parse('a[]=1', { arrayLimit: 1 });
st.ok(Array.isArray(result.a), 'result is an array when count equals limit');
st.deepEqual(result.a, ['1'], 'value preserved as array');
st.end();
});
t.test('arrayLimit 1 with two values converts to object', function (st) {
// 2 elements exceeds limit of 1
var result = qs.parse('a[]=1&a[]=2', { arrayLimit: 1 });
st.notOk(Array.isArray(result.a), 'result is not an array');
st.deepEqual(result.a, { 0: '1', 1: '2' }, 'both values preserved');
st.deepEqual(result.a, { 0: '1', 1: '2' }, 'all values preserved as object');
st.end();
});
t.end();
});
test('comma + arrayLimit', function (t) {
t.test('comma-separated values within arrayLimit stay as array', function (st) {
var result = qs.parse('a=1,2,3', { comma: true, arrayLimit: 5 });
st.ok(Array.isArray(result.a), 'result is an array');
st.deepEqual(result.a, ['1', '2', '3'], 'all values present');
st.end();
});
t.test('comma-separated values exceeding arrayLimit convert to object', function (st) {
var result = qs.parse('a=1,2,3,4', { comma: true, arrayLimit: 3 });
st.notOk(Array.isArray(result.a), 'result is not an array when over limit');
st.deepEqual(result.a, { 0: '1', 1: '2', 2: '3', 3: '4' }, 'all values preserved as object');
st.end();
});
t.test('comma-separated values exceeding arrayLimit with throwOnLimitExceeded throws', function (st) {
st['throws'](
function () {
qs.parse('a=1,2,3,4', { comma: true, arrayLimit: 3, throwOnLimitExceeded: true });
},
new RangeError('Array limit exceeded. Only 3 elements allowed in an array.'),
'throws error when comma-split exceeds array limit'
);
st.end();
});
t.test('comma-separated values at exactly arrayLimit stay as array', function (st) {
var result = qs.parse('a=1,2,3', { comma: true, arrayLimit: 3 });
st.ok(Array.isArray(result.a), 'result is an array when exactly at limit');
st.deepEqual(result.a, ['1', '2', '3'], 'all values present');
st.end();
});
@@ -1384,13 +1531,38 @@ test('mixed array and object notation', function (t) {
});
t.test('multiple plain values exceeding limit', function (st) {
// 3 elements (indices 0-2), max index 2 > limit 1
st.deepEqual(
qs.parse('a=b&a=c&a=d', { arrayLimit: 2 }),
qs.parse('a=b&a=c&a=d', { arrayLimit: 1 }),
{ a: { 0: 'b', 1: 'c', 2: 'd' } },
'duplicate plain keys convert to object when exceeding limit'
);
st.end();
});
t.test('mixed notation produces consistent results when arrayLimit is exceeded', function (st) {
var expected = { a: { 0: 'b', 1: 'c', 2: 'd' } };
st.deepEqual(
qs.parse('a[]=b&a[1]=c&a=d', { arrayLimit: -1 }),
expected,
'arrayLimit -1'
);
st.deepEqual(
qs.parse('a[]=b&a[1]=c&a=d', { arrayLimit: 0 }),
expected,
'arrayLimit 0'
);
st.deepEqual(
qs.parse('a[]=b&a[1]=c&a=d', { arrayLimit: 1 }),
expected,
'arrayLimit 1'
);
st.end();
});
t.end();
});

63
node_modules/qs/test/utils.js generated vendored
View File

@@ -69,12 +69,14 @@ test('merge()', function (t) {
);
t.test('with overflow objects (from arrayLimit)', function (st) {
// arrayLimit is max index, so with limit 0, max index 0 is allowed (1 element)
// To create overflow, need 2+ elements with limit 0, or 3+ with limit 1, etc.
st.test('merges primitive into overflow object at next index', function (s2t) {
// Create an overflow object via combine
var overflow = utils.combine(['a'], 'b', 1, false);
// Create an overflow object via combine: 3 elements (indices 0-2) with limit 0
var overflow = utils.combine(['a', 'b'], 'c', 0, false);
s2t.ok(utils.isOverflow(overflow), 'overflow object is marked');
var merged = utils.merge(overflow, 'c');
s2t.deepEqual(merged, { 0: 'a', 1: 'b', 2: 'c' }, 'adds primitive at next numeric index');
var merged = utils.merge(overflow, 'd');
s2t.deepEqual(merged, { 0: 'a', 1: 'b', 2: 'c', 3: 'd' }, 'adds primitive at next numeric index');
s2t.end();
});
@@ -93,22 +95,29 @@ test('merge()', function (t) {
s2t.end();
});
st.test('with strictMerge, wraps object and primitive in array', function (s2t) {
var obj = { foo: 'bar' };
var merged = utils.merge(obj, 'baz', { strictMerge: true });
s2t.deepEqual(merged, [{ foo: 'bar' }, 'baz'], 'wraps in array with strictMerge');
s2t.end();
});
st.test('merges overflow object into primitive', function (s2t) {
// Create an overflow object via combine
var overflow = utils.combine([], 'b', 0, false);
// Create an overflow object via combine: 2 elements (indices 0-1) with limit 0
var overflow = utils.combine(['a'], 'b', 0, false);
s2t.ok(utils.isOverflow(overflow), 'overflow object is marked');
var merged = utils.merge('a', overflow);
var merged = utils.merge('c', overflow);
s2t.ok(utils.isOverflow(merged), 'result is also marked as overflow');
s2t.deepEqual(merged, { 0: 'a', 1: 'b' }, 'creates object with primitive at 0, source values shifted');
s2t.deepEqual(merged, { 0: 'c', 1: 'a', 2: 'b' }, 'creates object with primitive at 0, source values shifted');
s2t.end();
});
st.test('merges overflow object with multiple values into primitive', function (s2t) {
// Create an overflow object via combine
var overflow = utils.combine(['b'], 'c', 1, false);
// Create an overflow object via combine: 3 elements (indices 0-2) with limit 0
var overflow = utils.combine(['b', 'c'], 'd', 0, false);
s2t.ok(utils.isOverflow(overflow), 'overflow object is marked');
var merged = utils.merge('a', overflow);
s2t.deepEqual(merged, { 0: 'a', 1: 'b', 2: 'c' }, 'shifts all source indices by 1');
s2t.deepEqual(merged, { 0: 'a', 1: 'b', 2: 'c', 3: 'd' }, 'shifts all source indices by 1');
s2t.end();
});
@@ -196,7 +205,7 @@ test('combine()', function (t) {
st.test('exactly at the limit stays as array', function (s2t) {
var combined = utils.combine(['a', 'b'], 'c', 3, false);
s2t.deepEqual(combined, ['a', 'b', 'c'], 'stays as array when exactly at limit');
s2t.deepEqual(combined, ['a', 'b', 'c'], 'stays as array when count equals limit');
s2t.ok(Array.isArray(combined), 'result is an array');
s2t.end();
});
@@ -208,16 +217,30 @@ test('combine()', function (t) {
s2t.end();
});
st.test('with arrayLimit 0', function (s2t) {
st.test('with arrayLimit 1', function (s2t) {
var combined = utils.combine([], 'a', 1, false);
s2t.deepEqual(combined, ['a'], 'stays as array when count equals limit');
s2t.ok(Array.isArray(combined), 'result is an array');
s2t.end();
});
st.test('with arrayLimit 0 converts single element to object', function (s2t) {
var combined = utils.combine([], 'a', 0, false);
s2t.deepEqual(combined, { 0: 'a' }, 'converts single element to object with arrayLimit 0');
s2t.deepEqual(combined, { 0: 'a' }, 'converts to object when count exceeds limit');
s2t.notOk(Array.isArray(combined), 'result is not an array');
s2t.end();
});
st.test('with arrayLimit 0 and two elements converts to object', function (s2t) {
var combined = utils.combine(['a'], 'b', 0, false);
s2t.deepEqual(combined, { 0: 'a', 1: 'b' }, 'converts to object when count exceeds limit');
s2t.notOk(Array.isArray(combined), 'result is not an array');
s2t.end();
});
st.test('with plainObjects option', function (s2t) {
var combined = utils.combine(['a'], 'b', 1, true);
var expected = { __proto__: null, 0: 'a', 1: 'b' };
var combined = utils.combine(['a', 'b'], 'c', 1, true);
var expected = { __proto__: null, 0: 'a', 1: 'b', 2: 'c' };
s2t.deepEqual(combined, expected, 'converts to object with null prototype');
s2t.equal(Object.getPrototypeOf(combined), null, 'result has null prototype when plainObjects is true');
s2t.end();
@@ -228,13 +251,13 @@ test('combine()', function (t) {
t.test('with existing overflow object', function (st) {
st.test('adds to existing overflow object at next index', function (s2t) {
// Create overflow object first via combine
var overflow = utils.combine(['a'], 'b', 1, false);
// Create overflow object first via combine: 3 elements (indices 0-2) with limit 0
var overflow = utils.combine(['a', 'b'], 'c', 0, false);
s2t.ok(utils.isOverflow(overflow), 'initial object is marked as overflow');
var combined = utils.combine(overflow, 'c', 10, false);
var combined = utils.combine(overflow, 'd', 10, false);
s2t.equal(combined, overflow, 'returns the same object (mutated)');
s2t.deepEqual(combined, { 0: 'a', 1: 'b', 2: 'c' }, 'adds value at next numeric index');
s2t.deepEqual(combined, { 0: 'a', 1: 'b', 2: 'c', 3: 'd' }, 'adds value at next numeric index');
s2t.end();
});