Mirrors/lodash
1
0
Fork 0
mirror of https://github.com/whoisclebs/lodash.git synced 2026-01-29 14:37:49 +00:00
Code Issues Packages Projects Releases Wiki Activity
Files
amd
lodash/matchesProperty.js
John-David Dalton 87a677c811 Update lodash-amd to v4.17.21 + edadd45 (#6064) 
* Fix prototype pollution in _.set and related functions

Prevents setting dangerous properties (__proto__, constructor, prototype)
that could lead to prototype pollution vulnerabilities.

* Fix command injection vulnerability in _.template

- Add validation for the variable option to prevent injection attacks
- Improve sourceURL whitespace normalization to prevent code injection

* Fix cyclic value comparison in _.isEqual

Properly checks both directions when comparing cyclic values to ensure
correct equality comparisons for circular references.

* Improve _.sortBy and _.orderBy performance and array handling

- Add early return for empty arrays in sorted index operations
- Improve array iteratee handling to support nested property paths
- Add missing keysIn import in baseClone

* Refactor _.trim, _.trimEnd, and _.trimStart implementations

Extract shared trim logic into reusable utilities (_baseTrim, _trimmedEndIndex)
for better code organization and consistency. Update related functions
(toNumber, parseInt) to use new utilities. Improve comment accuracy.

* Add documentation for predicate composition with _.overEvery and _.overSome

Enhance documentation to show how _.matches and _.matchesProperty can be
combined using _.overEvery and _.overSome for more powerful filtering.
Add examples demonstrating shorthand predicate syntax.

* Bump to v4.17.21

* Fix prototype pollution in _.unset and _.omit

Prevent prototype pollution on baseUnset function by:
- Blocking "__proto__" if not an own property
- Blocking "constructor.prototype" chains (except when starting at primitive root)
- Skipping non-string keys

See: https://github.com/lodash/lodash/security/advisories/GHSA-xxjr-mmjv-4gpg

* Update JSDoc documentation to align with main branch

- Fix sortBy example ages (40 -> 30) for correct sort order demonstration
- Fix _setCacheHas return type (number -> boolean)
2025-12-10 17:03:07 -05:00

45 lines
1.5 KiB
JavaScript
Raw Permalink Blame History

define(['./_baseClone', './_baseMatchesProperty'], function(baseClone, baseMatchesProperty) {
/** Used to compose bitmasks for cloning. */
var CLONE_DEEP_FLAG = 1;
/**
* Creates a function that performs a partial deep comparison between the
* value at `path` of a given object to `srcValue`, returning `true` if the
* object value is equivalent, else `false`.
*
* **Note:** Partial comparisons will match empty array and empty object
* `srcValue` values against any array or object value, respectively. See
* `_.isEqual` for a list of supported value comparisons.
*
* **Note:** Multiple values can be checked by combining several matchers
* using `_.overSome`
*
* @static
* @memberOf _
* @since 3.2.0
* @category Util
* @param {Array|string} path The path of the property to get.
* @param {*} srcValue The value to match.
* @returns {Function} Returns the new spec function.
* @example
*
* var objects = [
* { 'a': 1, 'b': 2, 'c': 3 },
* { 'a': 4, 'b': 5, 'c': 6 }
* ];
*
* _.find(objects, _.matchesProperty('a', 4));
* // => { 'a': 4, 'b': 5, 'c': 6 }
*
* // Checking for several possible values
* _.filter(objects, _.overSome([_.matchesProperty('a', 1), _.matchesProperty('a', 4)]));
* // => [{ 'a': 1, 'b': 2, 'c': 3 }, { 'a': 4, 'b': 5, 'c': 6 }]
*/
function matchesProperty(path, srcValue) {
return baseMatchesProperty(path, baseClone(srcValue, CLONE_DEEP_FLAG));
}
return matchesProperty;
});
Reference in New Issue View Git Blame Copy Permalink