Skip to content

Commit fb6276f

Browse files
dij-qhoekmantimacdonald
dij-qhoekman
and
timacdonald
authored
[0.5.x] Migrate to lodash-es (#62)
* fix(sec): updated lodash to 4.17 due to CWE-1321 in the old package lodash.set * formatting * Migrate to lodash-es * lint --------- Co-authored-by: Tim MacDonald <[email protected]>
1 parent 1e62b13 commit fb6276f

File tree

9 files changed

+15
-48
lines changed

9 files changed

+15
-48
lines changed

packages/alpine/package.json

Lines changed: 2 additions & 6 deletions
Original file line numberDiff line numberDiff line change
@@ -32,15 +32,11 @@
3232
},
3333
"dependencies": {
3434
"laravel-precognition": "0.5.3",
35-
"lodash.clonedeep": "^4.5.0",
36-
"lodash.get": "^4.4.2",
37-
"lodash.set": "^4.3.2"
35+
"lodash-es": "^4.17.21"
3836
},
3937
"devDependencies": {
4038
"@types/alpinejs": "^3.7.1",
41-
"@types/lodash.clonedeep": "^4.5.7",
42-
"@types/lodash.get": "^4.4.7",
43-
"@types/lodash.set": "^4.3.7",
39+
"@types/lodash-es": "^4.17.12",
4440
"typescript": "^5.0.0"
4541
}
4642
}

packages/alpine/src/index.ts

Lines changed: 1 addition & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -1,8 +1,6 @@
11
import { Alpine as TAlpine } from 'alpinejs'
22
import { client, Config, createValidator, RequestMethod, resolveName, toSimpleValidationErrors, ValidationConfig, resolveUrl, resolveMethod } from 'laravel-precognition'
3-
import cloneDeep from 'lodash.clonedeep'
4-
import get from 'lodash.get'
5-
import set from 'lodash.set'
3+
import { cloneDeep, get, set } from 'lodash-es'
64
import { Form } from './types.js'
75

86
export { client }

packages/core/package.json

Lines changed: 2 additions & 12 deletions
Original file line numberDiff line numberDiff line change
@@ -29,20 +29,10 @@
2929
},
3030
"dependencies": {
3131
"axios": "^1.4.0",
32-
"lodash.debounce": "^4.0.8",
33-
"lodash.get": "^4.4.2",
34-
"lodash.isequal": "^4.0.8",
35-
"lodash.merge": "^4.6.2",
36-
"lodash.omit": "^4.5.0",
37-
"lodash.set": "^4.3.2"
32+
"lodash-es": "^4.17.21"
3833
},
3934
"devDependencies": {
40-
"@types/lodash.debounce": "^4.0.7",
41-
"@types/lodash.get": "^4.4.7",
42-
"@types/lodash.isequal": "^4.0.7",
43-
"@types/lodash.merge": "^4.0.7",
44-
"@types/lodash.omit": "^4.5.7",
45-
"@types/lodash.set": "^4.3.7",
35+
"@types/lodash-es": "^4.17.12",
4636
"@types/node": "^20.1.0",
4737
"typescript": "^5.0.0",
4838
"vitest": "^0.31.3"

packages/core/src/client.ts

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -1,5 +1,5 @@
11
import { isAxiosError, isCancel, AxiosInstance, AxiosResponse, default as Axios } from 'axios'
2-
import merge from 'lodash.merge'
2+
import { merge } from 'lodash-es'
33
import { Config, Client, RequestFingerprintResolver, StatusHandler, SuccessResolver, RequestMethod } from './types.js'
44

55
/**

packages/core/src/validator.ts

Lines changed: 3 additions & 8 deletions
Original file line numberDiff line numberDiff line change
@@ -1,12 +1,7 @@
1-
import debounce from 'lodash.debounce'
2-
import isequal from 'lodash.isequal'
3-
import get from 'lodash.get'
4-
import set from 'lodash.set'
1+
import { debounce, isEqual, get, set, omit, merge } from 'lodash-es'
52
import { ValidationCallback, Config, NamedInputEvent, SimpleValidationErrors, ValidationErrors, Validator as TValidator, ValidatorListeners, ValidationConfig } from './types.js'
63
import { client, isFile } from './client.js'
74
import { isAxiosError } from 'axios'
8-
import omit from 'lodash.omit'
9-
import merge from 'lodash.merge'
105

116
export const createValidator = (callback: ValidationCallback, initialData: Record<string, unknown> = {}): TValidator => {
127
/**
@@ -110,7 +105,7 @@ export const createValidator = (callback: ValidationCallback, initialData: Recor
110105
const setErrors = (value: ValidationErrors|SimpleValidationErrors): (() => void)[] => {
111106
const prepared = toValidationErrors(value)
112107

113-
if (! isequal(errors, prepared)) {
108+
if (! isEqual(errors, prepared)) {
114109
errors = prepared
115110

116111
return listeners.errorsChanged
@@ -225,7 +220,7 @@ export const createValidator = (callback: ValidationCallback, initialData: Recor
225220
},
226221
onBefore: () => {
227222
const beforeValidationResult = (config.onBeforeValidation ?? ((previous, next) => {
228-
return ! isequal(previous, next)
223+
return ! isEqual(previous, next)
229224
}))({ data, touched }, { data: oldData, touched: oldTouched })
230225

231226
if (beforeValidationResult === false) {

packages/react/package.json

Lines changed: 2 additions & 6 deletions
Original file line numberDiff line numberDiff line change
@@ -32,14 +32,10 @@
3232
},
3333
"dependencies": {
3434
"laravel-precognition": "0.5.3",
35-
"lodash.clonedeep": "^4.5.0",
36-
"lodash.get": "^4.4.2",
37-
"lodash.set": "^4.3.2"
35+
"lodash-es": "^4.17.21"
3836
},
3937
"devDependencies": {
40-
"@types/lodash.clonedeep": "^4.5.7",
41-
"@types/lodash.get": "^4.4.7",
42-
"@types/lodash.set": "^4.3.7",
38+
"@types/lodash-es": "^4.17.12",
4339
"@types/react": "^18.2.6",
4440
"typescript": "^5.0.0"
4541
}

packages/react/src/index.ts

Lines changed: 1 addition & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -1,7 +1,5 @@
11
import { resolveName, client, createValidator, Config, RequestMethod, Validator, toSimpleValidationErrors, ValidationConfig, resolveUrl, resolveMethod } from 'laravel-precognition'
2-
import cloneDeep from 'lodash.clonedeep'
3-
import get from 'lodash.get'
4-
import set from 'lodash.set'
2+
import { cloneDeep, get, set } from 'lodash-es'
53
import { useRef, useState } from 'react'
64
import { Form } from './types.js'
75

packages/vue/package.json

Lines changed: 2 additions & 6 deletions
Original file line numberDiff line numberDiff line change
@@ -32,14 +32,10 @@
3232
},
3333
"dependencies": {
3434
"laravel-precognition": "0.5.3",
35-
"lodash.clonedeep": "^4.5.0",
36-
"lodash.get": "^4.4.2",
37-
"lodash.set": "^4.3.2"
35+
"lodash-es": "^4.17.21"
3836
},
3937
"devDependencies": {
40-
"@types/lodash.clonedeep": "^4.5.7",
41-
"@types/lodash.get": "^4.4.7",
42-
"@types/lodash.set": "^4.3.7",
38+
"@types/lodash-es": "^4.17.12",
4339
"typescript": "^5.0.0"
4440
}
4541
}

packages/vue/src/index.ts

Lines changed: 1 addition & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -1,9 +1,7 @@
11
import { Config, RequestMethod, client, createValidator, toSimpleValidationErrors, ValidationConfig, resolveUrl, resolveMethod , resolveName } from 'laravel-precognition'
22
import { Form } from './types.js'
33
import { reactive, ref, toRaw } from 'vue'
4-
import cloneDeep from 'lodash.clonedeep'
5-
import get from 'lodash.get'
6-
import set from 'lodash.set'
4+
import { cloneDeep, get, set } from 'lodash-es'
75

86
export { client }
97

0 commit comments

Comments
 (0)