Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[Snyk] Upgrade @vinejs/vine from 2.0.0 to 2.1.0 #6

Merged
merged 1 commit into from
Jul 13, 2024
Merged

[Snyk] Upgrade @vinejs/vine from 2.0.0 to 2.1.0 #6

merged 1 commit into from
Jul 13, 2024

Conversation

jlenon7
Copy link
Member

@jlenon7 jlenon7 commented Jul 10, 2024

This PR was automatically created by Snyk using the credentials of a real user.


![snyk-top-banner](https://github.com/andygongea/OWASP-Benchmark/assets/818805/c518c423-16fe-447e-b67f-ad5a49b5d123)

Snyk has created this PR to upgrade @vinejs/vine from 2.0.0 to 2.1.0.

ℹ️ Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.

  • The recommended version is 1 version ahead of your current version.

  • The recommended version was released on a month ago.

Release notes
Package name: @vinejs/vine
  • 2.1.0 - 2024-06-02

    tryValidate

    The tryValidate method can be used to perform validation without throwing a validation error. Instead, the errors are returned as the return value of the method, which is a tuple.

    const [error, result] = validator.tryValidate({ data: {} })

    The try prefix is inspired from the Java world.

    in

    The in validation rule has been added for the VineNumber schema type and can be used to ensure the value of field is part of the allowed values list.

    toJSON

    The validator.toJSON method can be used to get the validator and its refs as JSON.

    Commits

    • feat: add tryValidate method to Vine (a70ff38)
    • feat: add tryValidate method (cebb8e0)
    • fix: add "in" rule in default number rules (#54) (39204e4)
    • chore: migrate to release-it (0b5e212)
    • feat: add in rule for number (#53) (72912af)
    • feat: export modifiers (#48) (34e07fc)
    • chore: update dependencies (a7e18b7)
    • style: reformat codebase (62d450c)
    • feat: add validator.toJSON method to get compiled schema and refs (5259933)

    What's Changed

    New Contributors

    Full Changelog: v2.0.0...v2.1.0

  • 2.0.0 - 2024-03-29

    This release contains a couple of minor breaking changes. So let's first talk about them.

    Improved error reporting for fields inside arrays ( Breaking )

    In the previous versions of VineJS, the error reporting for fields inside arrays could have been better.

    Given the following schema and data

    const schema = vine.object({
    categories: vine.array(vine.number()),
    })

    const data = {
    categories: [1, 'foo', 'bar', 11],
    }

    The errors reported up until 2.0 were

    {
  field: 'categories.*',
  index: 1,
  message: 'The 1 field must be a number',
  rule: 'number',
},
{
  field: 'categories.*',
  index: 2,
  message: 'The 2 field must be a number',
  rule: 'number',
}

    If you notice, the field name inside arrays is defined as categories.* and not the actual index of the item inside the array. Now, you may think that I can replace the * with the index property value and get a nested path to the item index within the array.

    Well, the replacement of * might work in this situation. But it will not work when there are errors inside nested arrays or the field that failed the validation is a grandchild of an array. Because the index property only exists when the field is an immediate child of an array.

    But anyway, after this release, you do not have to perform any manual substitutions. The field names are nested paths with the correct index. The following is an example of errors with @ vinejs/vine@2.

    {
  field: 'categories.1',
  index: 1,
  message: 'The 1 field must be a number',
  rule: 'number',
},
{
  field: 'categories.2',
  index: 2,
  message: 'The 2 field must be a number',
  rule: 'number',
}

    Infer Schema Input value ( Breaking )

    After this release, you can infer the input values a Schema type accepts. Let's consider the following example.

    import { InferInput } from '@ vinejs/vine/types'

    const schema = vine.object({
    is_admin: vine.boolean()
    })

    InferInput<typeof Schema>
    {
    is_admin: boolean | string | number
    }

    If you notice, the is_admin property accepts a boolean | string | number. VineJS is built for parsing form inputs submitted over HTTP. Therefore, it receives all inputs as string values and performs normalization before performing any sort of validation.

    Because of this change, the BaseSchema classes accept another generic value for the InputTypes. So, if you use the BaseSchema anywhere in your apps, make sure to pass the Input type as the first generic argument.

    Also, please consult this commit for a better understanding of the change. df27df8

    Define error messages for specific array index or a wildcard ( New feature )

    Now, you will be able to define custom error messages for specific array indexes with a wildcard fallback for rest of the indexes. For example:

    {
  "contacts.0.email.required": "The primary email address is required",
  "contacts.*.email.required": "The email address is required",
}

    Commits

    • style: remove unused type 9dd733c
    • feat: add support for inferring schema input types df27df8
    • feat: improve error reporting for fields inside arrays 3d59dad
    • chore: update dependencies 8ff246f

    What's Changed

    New Contributors

    Full Changelog: v1.7.0...v2.0.0

from @vinejs/vine GitHub release notes

Important

  • Check the changes in this PR to ensure they won't cause issues with your project.
  • This PR was automatically created by Snyk using the credentials of a real user.

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.

For more information:

@snyk-bot
fix: upgrade @vinejs/vine from 2.0.0 to 2.1.0
c02d291 
Snyk has created this PR to upgrade @vinejs/vine from 2.0.0 to 2.1.0.

See this package in npm:
@vinejs/vine

See this project in Snyk:
https://app.snyk.io/org/jlenon7/project/9cdce8ce-ea78-4482-86ea-d54f8dafc5a1?utm_source=github&utm_medium=referral&page=upgrade-pr
@jlenon7 jlenon7 merged commit ff82cc9 into develop Jul 13, 2024
2 checks passed
@jlenon7 jlenon7 deleted the snyk-upgrade-c06102138e77bbeed12706978c511b49 branch July 13, 2024 11:38
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@jlenon7 @snyk-bot