Update dev dependencies, fix most of vulnerabilities (#7133)
* Update rollup-plugin-git-version to ^0.3.1
* Update uglify-js to ^3.9.2
* Update git-rev-sync to ^2.0.0
* Update ssri to ^8.0.0
* Update rollup to ^0.59.4
(latests version with support of IE 8)
Remove Object.freeze hack, use rollup's `output.freeze` option instead
* Update eslint to ^5.16.0
And fix a couple of warnings.
Ref:
https://eslint.org/docs/user-guide/migrating-to-5.0.0#eslint-recommended-changes
https://eslint.org/docs/user-guide/migrating-to-5.0.0#deprecated-globals
* Update eslint to ^6.8.0
Ref:
https://eslint.org/docs/user-guide/migrating-to-6.0.0#eslint-recommended-changes
johnd0e authored 4 years ago
GitHub committed 4 years ago
| 41 | 41 |
name: 'L',
|
| 42 | 42 |
banner: banner,
|
| 43 | 43 |
outro: outro,
|
| 44 | |
sourcemap: true
|
|
44 |
sourcemap: true,
|
|
45 |
legacy: true, // Needed to create files loadable by IE8
|
|
46 |
freeze: false
|
| 45 | 47 |
},
|
| 46 | 48 |
{
|
| 47 | 49 |
file: 'dist/leaflet-src.esm.js',
|
| 48 | 50 |
format: 'es',
|
| 49 | 51 |
banner: banner,
|
| 50 | |
sourcemap: true
|
|
52 |
sourcemap: true,
|
|
53 |
freeze: false
|
| 51 | 54 |
}
|
| 52 | 55 |
],
|
| 53 | |
legacy: true, // Needed to create files loadable by IE8
|
| 54 | 56 |
plugins: [
|
| 55 | 57 |
release ? json() : rollupGitVersion()
|
| 56 | 58 |
]
|
| 19 | 19 |
format: 'umd',
|
| 20 | 20 |
name: 'L',
|
| 21 | 21 |
banner: banner,
|
| 22 | |
sourcemap: true
|
|
22 |
sourcemap: true,
|
|
23 |
legacy: true, // Needed to create files loadable by IE8
|
|
24 |
freeze: false,
|
| 23 | 25 |
},
|
| 24 | |
legacy: true, // Needed to create files loadable by IE8
|
| 25 | 26 |
plugins: [
|
| 26 | 27 |
rollupGitVersion()
|
| 27 | 28 |
]
|
| 3 | 3 |
"homepage": "https://leafletjs.com/",
|
| 4 | 4 |
"description": "JavaScript library for mobile-friendly interactive maps",
|
| 5 | 5 |
"devDependencies": {
|
| 6 | |
"eslint": "^4.19.1",
|
|
6 |
"eslint": "^6.8.0",
|
| 7 | 7 |
"eslint-config-mourner": "^2.0.1",
|
| 8 | |
"git-rev-sync": "^1.12.0",
|
|
8 |
"git-rev-sync": "^2.0.0",
|
| 9 | 9 |
"happen": "~0.3.2",
|
| 10 | 10 |
"karma": "^5.0.3",
|
| 11 | 11 |
"karma-chrome-launcher": "^3.1.0",
|
|
| 22 | 22 |
"mocha": "^7.1.2",
|
| 23 | 23 |
"phantomjs-prebuilt": "^2.1.16",
|
| 24 | 24 |
"prosthetic-hand": "^1.3.1",
|
| 25 | |
"rollup": "0.51.8",
|
| 26 | |
"rollup-plugin-git-version": "0.2.1",
|
|
25 |
"rollup": "^0.59.4",
|
|
26 |
"rollup-plugin-git-version": "^0.3.1",
|
| 27 | 27 |
"rollup-plugin-json": "^4.0.0",
|
| 28 | 28 |
"sinon": "^7.5.0",
|
| 29 | |
"ssri": "^6.0.1",
|
| 30 | |
"uglify-js": "~3.5.10"
|
|
29 |
"ssri": "^8.0.0",
|
|
30 |
"uglify-js": "^3.9.2"
|
| 31 | 31 |
},
|
| 32 | 32 |
"main": "dist/leaflet-src.js",
|
| 33 | 33 |
"style": "dist/leaflet.css",
|
| 61 | 61 |
plugins: [
|
| 62 | 62 |
json()
|
| 63 | 63 |
],
|
| 64 | |
format: 'umd',
|
| 65 | |
name: 'L',
|
| 66 | |
outro: outro
|
|
64 |
output: {
|
|
65 |
format: 'umd',
|
|
66 |
name: 'L',
|
|
67 |
outro: outro,
|
|
68 |
legacy: true, // Needed to create files loadable by IE8
|
|
69 |
freeze: false,
|
|
70 |
},
|
| 67 | 71 |
},
|
| 68 | 72 |
|
| 69 | 73 |
// test results reporter to use
|
| 143 | 143 |
layerId = L.stamp(layer),
|
| 144 | 144 |
canvas = map.getRenderer(layer);
|
| 145 | 145 |
|
| 146 | |
expect(canvas._layers.hasOwnProperty(layerId)).to.be(true);
|
|
146 |
expect(canvas._layers).to.have.property(layerId);
|
| 147 | 147 |
|
| 148 | 148 |
map.removeLayer(layer);
|
| 149 | 149 |
// Defer check due to how Canvas renderer manages layer removal.
|
| 150 | 150 |
L.Util.requestAnimFrame(function () {
|
| 151 | |
expect(canvas._layers.hasOwnProperty(layerId)).to.be(false);
|
|
151 |
expect(canvas._layers).to.not.have.property(layerId);
|
| 152 | 152 |
done();
|
| 153 | 153 |
}, this);
|
| 154 | 154 |
});
|
|
| 158 | 158 |
layerId = L.stamp(layer),
|
| 159 | 159 |
canvas = map.getRenderer(layer);
|
| 160 | 160 |
|
| 161 | |
expect(canvas._layers.hasOwnProperty(layerId)).to.be(true);
|
|
161 |
expect(canvas._layers).to.have.property(layerId);
|
| 162 | 162 |
|
| 163 | 163 |
map.removeLayer(layer);
|
| 164 | 164 |
map.addLayer(layer);
|
| 165 | |
expect(canvas._layers.hasOwnProperty(layerId)).to.be(true);
|
|
165 |
expect(canvas._layers).to.have.property(layerId);
|
| 166 | 166 |
// Re-perform a deferred check due to how Canvas renderer manages layer removal.
|
| 167 | 167 |
L.Util.requestAnimFrame(function () {
|
| 168 | |
expect(canvas._layers.hasOwnProperty(layerId)).to.be(true);
|
|
168 |
expect(canvas._layers).to.have.property(layerId);
|
| 169 | 169 |
done();
|
| 170 | 170 |
}, this);
|
| 171 | 171 |
});
|
| 21 | 21 |
|
| 22 | 22 |
// map
|
| 23 | 23 |
export * from './map/index';
|
| 24 | |
|
| 25 | |
import {freeze} from './core/Util';
|
| 26 | |
Object.freeze = freeze;
|
| 119 | 119 |
var supportsPassiveOption = false;
|
| 120 | 120 |
try {
|
| 121 | 121 |
var opts = Object.defineProperty({}, 'passive', {
|
| 122 | |
get: function () {
|
|
122 |
get: function () { // eslint-disable-line getter-return
|
| 123 | 123 |
supportsPassiveOption = true;
|
| 124 | 124 |
}
|
| 125 | 125 |
});
|
| 34 | 34 |
|
| 35 | 35 |
// inherit parent's statics
|
| 36 | 36 |
for (var i in this) {
|
| 37 | |
if (this.hasOwnProperty(i) && i !== 'prototype' && i !== '__super__') {
|
|
37 |
if (Object.prototype.hasOwnProperty.call(this, i) && i !== 'prototype' && i !== '__super__') {
|
| 38 | 38 |
NewClass[i] = this[i];
|
| 39 | 39 |
}
|
| 40 | 40 |
}
|
| 2 | 2 |
*
|
| 3 | 3 |
* Various utility functions, used by Leaflet internally.
|
| 4 | 4 |
*/
|
| 5 | |
|
| 6 | |
export var freeze = Object.freeze;
|
| 7 | |
Object.freeze = function (obj) { return obj; };
|
| 8 | 5 |
|
| 9 | 6 |
// @function extend(dest: Object, src?: Object): Object
|
| 10 | 7 |
// Merges the properties of the `src` object (or multiple objects) into `dest` object and returns the latter. Has an `L.extend` shortcut.
|
|
| 132 | 129 |
// @function setOptions(obj: Object, options: Object): Object
|
| 133 | 130 |
// Merges the given properties to the `options` of the `obj` object, returning the resulting options. See `Class options`. Has an `L.setOptions` shortcut.
|
| 134 | 131 |
export function setOptions(obj, options) {
|
| 135 | |
if (!obj.hasOwnProperty('options')) {
|
|
132 |
if (!Object.prototype.hasOwnProperty.call(obj, 'options')) {
|
| 136 | 133 |
obj.options = obj.options ? create(obj.options) : {};
|
| 137 | 134 |
}
|
| 138 | 135 |
for (var i in options) {
|
| 163 | 163 |
this._lastTarget = e.target || e.srcElement;
|
| 164 | 164 |
// IE and Edge do not give the <use> element, so fetch it
|
| 165 | 165 |
// if necessary
|
| 166 | |
if ((window.SVGElementInstance) && (this._lastTarget instanceof SVGElementInstance)) {
|
|
166 |
if (window.SVGElementInstance && this._lastTarget instanceof window.SVGElementInstance) {
|
| 167 | 167 |
this._lastTarget = this._lastTarget.correspondingUseElement;
|
| 168 | 168 |
}
|
| 169 | 169 |
DomUtil.addClass(this._lastTarget, 'leaflet-drag-target');
|
| 71 | 71 |
|
| 72 | 72 |
if (!Util.isArray(this._url)) { this._url = [this._url]; }
|
| 73 | 73 |
|
| 74 | |
if (!this.options.keepAspectRatio && vid.style.hasOwnProperty('objectFit')) { vid.style['objectFit'] = 'fill'; }
|
|
74 |
if (!this.options.keepAspectRatio && Object.prototype.hasOwnProperty.call(vid.style, 'objectFit')) {
|
|
75 |
vid.style['objectFit'] = 'fill';
|
|
76 |
}
|
| 75 | 77 |
vid.autoplay = !!this.options.autoplay;
|
| 76 | 78 |
vid.loop = !!this.options.loop;
|
| 77 | 79 |
vid.muted = !!this.options.muted;
|
| 104 | 104 |
Util.setOptions(this, style);
|
| 105 | 105 |
if (this._renderer) {
|
| 106 | 106 |
this._renderer._updateStyle(this);
|
| 107 | |
if (this.options.stroke && style && style.hasOwnProperty('weight')) {
|
|
107 |
if (this.options.stroke && style && Object.prototype.hasOwnProperty.call(style, 'weight')) {
|
| 108 | 108 |
this._updateBounds();
|
| 109 | 109 |
}
|
| 110 | 110 |
}
|