From f606be28bca34099e86b2065c9321a84d4c0e80a Mon Sep 17 00:00:00 2001 From: Frazer Smith Date: Wed, 15 Jan 2025 15:25:52 +0000 Subject: [PATCH 1/6] build(dependabot): reduce npm updates to monthly (#130) --- .github/dependabot.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/dependabot.yml b/.github/dependabot.yml index dfa7fa6..35d66ca 100644 --- a/.github/dependabot.yml +++ b/.github/dependabot.yml @@ -9,5 +9,5 @@ updates: - package-ecosystem: "npm" directory: "/" schedule: - interval: "weekly" + interval: "monthly" open-pull-requests-limit: 10 From 5aea300c57dede43265617664ff25598dbda3606 Mon Sep 17 00:00:00 2001 From: Frazer Smith Date: Mon, 3 Feb 2025 09:28:52 +0000 Subject: [PATCH 2/6] chore: rename master to main (#131) --- .github/workflows/ci.yml | 1 - README.md | 2 +- 2 files changed, 1 insertion(+), 2 deletions(-) diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 179607d..0a160bc 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -4,7 +4,6 @@ on: push: branches: - main - - master - next - 'v*' paths-ignore: diff --git a/README.md b/README.md index 898c8ea..91d3d5a 100644 --- a/README.md +++ b/README.md @@ -1,6 +1,6 @@ # secure-json-parse -[![CI](https://github.com/fastify/secure-json-parse/actions/workflows/ci.yml/badge.svg?branch=master)](https://github.com/fastify/secure-json-parse/actions/workflows/ci.yml) +[![CI](https://github.com/fastify/secure-json-parse/actions/workflows/ci.yml/badge.svg?branch=main)](https://github.com/fastify/secure-json-parse/actions/workflows/ci.yml) [![NPM version](https://img.shields.io/npm/v/secure-json-parse.svg?style=flat)](https://www.npmjs.com/package/secure-json-parse) [![neostandard javascript style](https://img.shields.io/badge/code_style-neostandard-brightgreen?style=flat)](https://github.com/neostandard/neostandard) From 14f7766e2da0ddf55d85a82f8dd52c19a3e2994c Mon Sep 17 00:00:00 2001 From: Frazer Smith Date: Sun, 9 Mar 2025 17:01:43 +0000 Subject: [PATCH 3/6] ci(ci): drop node < 20; add node 22 (#134) Signed-off-by: Frazer Smith --- .github/workflows/ci.yml | 6 +----- 1 file changed, 1 insertion(+), 5 deletions(-) diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 0a160bc..4af73be 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -84,7 +84,7 @@ jobs: contents: read strategy: matrix: - node-version: [6, 8, 10, 11, 12, 13, 14, 15, 16, 18, 20] + node-version: [20, 22] steps: - name: Check out repo uses: actions/checkout@v4 @@ -96,10 +96,6 @@ jobs: with: node-version: ${{ matrix.node-version }} - - name: Upgrade npm - if: ${{ success() && matrix.node-version == '6' }} - run: npm i npm@6.13.4 -g - - name: Install dependencies run: npm i --ignore-scripts From adcf3eb8de9f6ab1e5a474e34833588e08c67a0d Mon Sep 17 00:00:00 2001 From: Frazer Smith Date: Sun, 9 Mar 2025 17:03:31 +0000 Subject: [PATCH 4/6] fix(index): return `undefined` on error instead of `null` (#133) --- index.js | 2 +- test/index.test.js | 4 ++-- types/index.d.ts | 2 +- 3 files changed, 4 insertions(+), 4 deletions(-) diff --git a/index.js b/index.js index ebe9ba1..3938c00 100755 --- a/index.js +++ b/index.js @@ -113,7 +113,7 @@ function safeParse (text, reviver) { try { return _parse(text, reviver, { safe: true }) } catch (_e) { - return null + return undefined } finally { Error.stackTraceLimit = stackTraceLimit } diff --git a/test/index.test.js b/test/index.test.js index 4ff4a41..7c8b809 100644 --- a/test/index.test.js +++ b/test/index.test.js @@ -432,10 +432,10 @@ test('safeParse', t => { t.end() }) - t.test('returns null on invalid object string', t => { + t.test('returns undefined on invalid object string', t => { t.strictEqual( j.safeParse('{"a": 5, "b": 6'), - null + undefined ) t.end() }) diff --git a/types/index.d.ts b/types/index.d.ts index 5d22d4b..fe38cc3 100644 --- a/types/index.d.ts +++ b/types/index.d.ts @@ -37,7 +37,7 @@ declare namespace parse { * * @param text The JSON text string. * @param reviver The `JSON.parse()` optional `reviver` argument. - * @returns The parsed object, or `null` if there was an error or if the JSON contained possibly insecure properties. + * @returns The parsed object, or `undefined` if there was an error or if the JSON contained possibly insecure properties. */ export function safeParse (text: string | Buffer, reviver?: Reviver | null): any From 87cb6c40b0bc8b9e7efa00da6c6e02a6abf1d49b Mon Sep 17 00:00:00 2001 From: Frazer Smith Date: Sun, 9 Mar 2025 17:07:13 +0000 Subject: [PATCH 5/6] refactor(index): remove unused catch binding (#135) Signed-off-by: Frazer Smith --- index.js | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/index.js b/index.js index 3938c00..f37ab56 100755 --- a/index.js +++ b/index.js @@ -112,7 +112,7 @@ function safeParse (text, reviver) { Error.stackTraceLimit = 0 try { return _parse(text, reviver, { safe: true }) - } catch (_e) { + } catch { return undefined } finally { Error.stackTraceLimit = stackTraceLimit From 3f24016677aae9c37513eeee30e346bf70ff1575 Mon Sep 17 00:00:00 2001 From: Frazer Smith Date: Sun, 9 Mar 2025 17:09:09 +0000 Subject: [PATCH 6/6] 4.0.0 --- package.json | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/package.json b/package.json index b44fad1..840922e 100644 --- a/package.json +++ b/package.json @@ -1,6 +1,6 @@ { "name": "secure-json-parse", - "version": "3.0.2", + "version": "4.0.0", "description": "JSON parse with prototype poisoning protection", "main": "index.js", "type": "commonjs",