@safeaccess/inline 0.1.1 → 0.1.2

package/src/security/security-parser.ts

@@ -7,6 +7,8 @@ import { SecurityException } from '../exceptions/security-exception.js';
  * Validates payload size, maximum key count, recursion depth, and
  * structural depth limits.
  *
+ * @api
+ *
  * @example
  * const parser = new SecurityParser({ maxDepth: 10, maxKeys: 100 });
  * parser.assertPayloadSize('{"key":"value"}');
@@ -27,7 +29,7 @@ export class SecurityParser implements SecurityParserInterface {
      * @param options.maxKeys - Maximum total number of keys across the entire structure. Default: 10000.
      *   This value is also passed to `XmlParser` as the element-count cap for the Node.js manual XML
      *   parser path. Setting it below a document's element count will cause `fromXml()` to throw
-     *   `SecurityException`. Non-positive or non-finite values disable that guard — prefer the default.
+     *   `SecurityException`. Non-positive or non-finite values disable that guard - prefer the default.
      * @param options.maxCountRecursiveDepth - Maximum recursion depth when counting keys. Default: 100.
      * @param options.maxResolveDepth - Maximum recursion depth for path resolution. Default: 100.
      */
@@ -41,9 +43,15 @@ export class SecurityParser implements SecurityParserInterface {
         } = {},
     ) {
         this.maxDepth = SecurityParser.clampOption(options.maxDepth, 512);
-        this.maxPayloadBytes = SecurityParser.clampOption(options.maxPayloadBytes, 10 * 1024 * 1024);
+        this.maxPayloadBytes = SecurityParser.clampOption(
+            options.maxPayloadBytes,
+            10 * 1024 * 1024,
+        );
         this.maxKeys = SecurityParser.clampOption(options.maxKeys, 10_000);
-        this.maxCountRecursiveDepth = SecurityParser.clampOption(options.maxCountRecursiveDepth, 100);
+        this.maxCountRecursiveDepth = SecurityParser.clampOption(
+            options.maxCountRecursiveDepth,
+            100,
+        );
         this.maxResolveDepth = SecurityParser.clampOption(options.maxResolveDepth, 100);
     }
 
@@ -226,6 +234,13 @@ export class SecurityParser implements SecurityParserInterface {
         return max;
     }
 
+    /**
+     * Clamp an optional numeric option to its default when not finite.
+     *
+     * @param value - User-provided option value.
+     * @param defaultValue - Fallback when value is undefined or non-finite.
+     * @returns Clamped numeric value.
+     */
     private static clampOption(value: number | undefined, defaultValue: number): number {
         /* Stryker disable next-line ConditionalExpression -- equivalent: Number.isFinite covers undefined (isFinite(undefined)===false); simplest safe form */
         return Number.isFinite(value) ? (value as number) : defaultValue;

package/src/type-format.ts

@@ -3,6 +3,8 @@
  *
  * Used by {@link Inline.from} to select the appropriate accessor.
  *
+ * @api
+ *
  * @example
  * const accessor = Inline.from(TypeFormat.Json, '{"key":"value"}');
  */

package/stryker.config.json

@@ -6,19 +6,17 @@
         "!src/index.ts",
         "!src/contracts/**/*.ts",
         "!src/exceptions/**/*.ts",
-        "!src/security/forbidden-keys.ts",
-        "!src/parser/yaml-parser.ts",
-        "!src/parser/xml-parser.ts"
+        "!src/security/forbidden-keys.ts"
     ],
     "thresholds": {
         "high": 100,
-        "low": 100,
-        "break": 100
+        "low": 90,
+        "break": 93
     },
-    "timeoutMS": 60000,
-    "concurrency": 4,
-    "reporters": ["html", "clear-text", "progress"],
-    "htmlReporter": {
-        "fileName": "reports/stryker/mutation.html"
+    "timeoutMS": 30000,
+    "coverageAnalysis": "perTest",
+    "reporters": ["json", "clear-text", "progress"],
+    "jsonReporter": {
+        "fileName": "reports/mutation/mutation.json"
     }
 }

package/tests/accessors/abstract-accessor.test.ts

@@ -0,0 +1,217 @@
+import { describe, expect, it } from 'vitest';
+import { AbstractAccessor } from '../../src/accessors/abstract-accessor.js';
+import { JsonAccessor } from '../../src/accessors/formats/json-accessor.js';
+import { DotNotationParser } from '../../src/core/dot-notation-parser.js';
+import { SecurityGuard } from '../../src/security/security-guard.js';
+import { SecurityParser } from '../../src/security/security-parser.js';
+import { SecurityException } from '../../src/exceptions/security-exception.js';
+import { ReadonlyViolationException } from '../../src/exceptions/readonly-violation-exception.js';
+import { PathNotFoundException } from '../../src/exceptions/path-not-found-exception.js';
+
+function makeParser(secParser?: SecurityParser): DotNotationParser {
+    return new DotNotationParser(new SecurityGuard(), secParser ?? new SecurityParser());
+}
+
+describe(AbstractAccessor.name, () => {
+    it('strict mode default is enabled - validates on ingest', () => {
+        expect(() => new JsonAccessor(makeParser()).from('{"__proto__": "bad"}')).toThrow(
+            SecurityException,
+        );
+    });
+
+    it('strict(false) disables validation', () => {
+        const a = new JsonAccessor(makeParser()).strict(false).from('{"__proto__": "ok"}');
+        expect(a.get('__proto__')).toBe('ok');
+    });
+
+    it('strict(true) re-enables validation', () => {
+        const accessor = new JsonAccessor(makeParser()).strict(false);
+        const strictAgain = accessor.strict(true);
+        expect(() => strictAgain.from('{"__proto__": "bad"}')).toThrow(SecurityException);
+    });
+
+    it('readonly(true) blocks set()', () => {
+        const a = new JsonAccessor(makeParser()).from('{"x":1}').readonly(true);
+        expect(() => a.set('x', 2)).toThrow(ReadonlyViolationException);
+    });
+
+    it('readonly(true) blocks remove()', () => {
+        const a = new JsonAccessor(makeParser()).from('{"x":1}').readonly(true);
+        expect(() => a.remove('x')).toThrow(ReadonlyViolationException);
+    });
+
+    it('readonly(false) allows mutation after readonly(true)', () => {
+        const a = new JsonAccessor(makeParser()).from('{"x":1}').readonly(true).readonly(false);
+        expect(() => a.set('x', 2)).not.toThrow();
+    });
+
+    it('merge() combines two objects at root level', () => {
+        const a = new JsonAccessor(makeParser()).from('{"a":1}');
+        const merged = a.merge('', { b: 2 });
+        expect(merged.get('a')).toBe(1);
+        expect(merged.get('b')).toBe(2);
+    });
+
+    it('merge() at a nested path', () => {
+        const a = new JsonAccessor(makeParser()).from('{"user":{"name":"Alice"}}');
+        const merged = a.merge('user', { role: 'admin' });
+        expect(merged.get('user.name')).toBe('Alice');
+        expect(merged.get('user.role')).toBe('admin');
+    });
+
+    it('all() returns all parsed data', () => {
+        const a = new JsonAccessor(makeParser()).from('{"a":1,"b":2}');
+        expect(a.all()).toEqual({ a: 1, b: 2 });
+    });
+
+    it('keys() returns root-level keys', () => {
+        const a = new JsonAccessor(makeParser()).from('{"a":1,"b":2}');
+        expect(a.keys()).toEqual(['a', 'b']);
+    });
+
+    it('count() returns number of root keys', () => {
+        const a = new JsonAccessor(makeParser()).from('{"a":1,"b":2,"c":3}');
+        expect(a.count()).toBe(3);
+    });
+
+    it('getRaw() returns original input', () => {
+        const json = '{"name":"Alice"}';
+        expect(new JsonAccessor(makeParser()).from(json).getRaw()).toBe(json);
+    });
+
+    it('getOrFail() throws PathNotFoundException for missing path', () => {
+        const a = new JsonAccessor(makeParser()).from('{}');
+        expect(() => a.getOrFail('missing')).toThrow(PathNotFoundException);
+    });
+
+    it('readonly() with no argument defaults to true (blocks mutations)', () => {
+        const a = new JsonAccessor(makeParser()).from('{"x":1}').readonly();
+        expect(() => a.set('x', 2)).toThrow(ReadonlyViolationException);
+    });
+
+    it('strict() with no argument defaults to true (enables validation)', () => {
+        const accessor = new JsonAccessor(makeParser()).strict(false);
+        const strictAgain = accessor.strict();
+        expect(() => strictAgain.from('{"__proto__": "bad"}')).toThrow(SecurityException);
+    });
+
+    it('getAt() returns null when path does not exist (default is null)', () => {
+        const a = new JsonAccessor(makeParser()).from('{"a":1}');
+        expect(a.getAt(['missing'])).toBeNull();
+    });
+
+    it('getAt() resolves a value using pre-parsed segments', () => {
+        const a = new JsonAccessor(makeParser()).from('{"user":{"name":"Alice"}}');
+        expect(a.getAt(['user', 'name'])).toBe('Alice');
+    });
+
+    it('hasAt() returns true when segments resolve to a value', () => {
+        const a = new JsonAccessor(makeParser()).from('{"a":{"b":1}}');
+        expect(a.hasAt(['a', 'b'])).toBe(true);
+    });
+
+    it('hasAt() returns false when segments do not resolve', () => {
+        const a = new JsonAccessor(makeParser()).from('{"a":1}');
+        expect(a.hasAt(['missing'])).toBe(false);
+    });
+
+    it('setAt() sets a value using pre-parsed segments', () => {
+        const a = new JsonAccessor(makeParser()).from('{}');
+        const updated = a.setAt(['user', 'name'], 'Alice');
+        expect(updated.get('user.name')).toBe('Alice');
+    });
+
+    it('setAt() throws ReadonlyViolationException when readonly', () => {
+        const a = new JsonAccessor(makeParser()).from('{"x":1}').readonly(true);
+        expect(() => a.setAt(['x'], 2)).toThrow(ReadonlyViolationException);
+    });
+
+    it('removeAt() removes a value using pre-parsed segments', () => {
+        const a = new JsonAccessor(makeParser()).from('{"a":1,"b":2}');
+        const updated = a.removeAt(['a']);
+        expect(updated.has('a')).toBe(false);
+        expect(updated.has('b')).toBe(true);
+    });
+
+    it('removeAt() throws ReadonlyViolationException when readonly', () => {
+        const a = new JsonAccessor(makeParser()).from('{"x":1}').readonly(true);
+        expect(() => a.removeAt(['x'])).toThrow(ReadonlyViolationException);
+    });
+
+    it('getMany() returns map of paths to their values', () => {
+        const a = new JsonAccessor(makeParser()).from('{"a":1,"b":2}');
+        expect(a.getMany({ a: 0, b: 0, missing: 'fallback' })).toEqual({
+            a: 1,
+            b: 2,
+            missing: 'fallback',
+        });
+    });
+
+    it('count(path) returns number of keys at a nested path', () => {
+        const a = new JsonAccessor(makeParser()).from('{"user":{"name":"Alice","age":30}}');
+        expect(a.count('user')).toBe(2);
+    });
+
+    it('count(path) returns 0 when path resolves to a non-object', () => {
+        const a = new JsonAccessor(makeParser()).from('{"a":"string"}');
+        expect(a.count('a')).toBe(0);
+    });
+
+    it('keys(path) returns keys at a nested path', () => {
+        const a = new JsonAccessor(makeParser()).from('{"user":{"name":"Alice","role":"admin"}}');
+        expect(a.keys('user')).toEqual(['name', 'role']);
+    });
+
+    it('keys(path) returns empty array when path resolves to a non-object', () => {
+        const a = new JsonAccessor(makeParser()).from('{"a":42}');
+        expect(a.keys('a')).toEqual([]);
+    });
+
+    it('mergeAll() deep-merges into root', () => {
+        const a = new JsonAccessor(makeParser()).from('{"a":1}');
+        const merged = a.mergeAll({ b: 2, c: 3 });
+        expect(merged.get('a')).toBe(1);
+        expect(merged.get('b')).toBe(2);
+        expect(merged.get('c')).toBe(3);
+    });
+
+    it('mergeAll() throws ReadonlyViolationException when readonly', () => {
+        const a = new JsonAccessor(makeParser()).from('{"a":1}').readonly(true);
+        expect(() => a.mergeAll({ b: 2 })).toThrow(ReadonlyViolationException);
+    });
+
+    it('set() clone preserves readonly state', () => {
+        const a = new JsonAccessor(makeParser()).from('{"x":1}').readonly(true);
+        const b = a.readonly(false).set('x', 2);
+        expect(b.get('x')).toBe(2);
+    });
+
+    it('set() clone inherits strict mode - security validation still enforced', () => {
+        const a = new JsonAccessor(makeParser()).from('{"x":1}');
+        const b = a.set('x', 2);
+        expect(() => b.from('{"__proto__":"bad"}')).toThrow(SecurityException);
+    });
+
+    it('keys() returns [] when path resolves to null (typeof null is object in JS)', () => {
+        const a = new JsonAccessor(makeParser()).from('{"a":null}');
+        expect(a.keys('a')).toEqual([]);
+    });
+
+    it('count() returns 0 when path resolves to null (typeof null is object in JS)', () => {
+        const a = new JsonAccessor(makeParser()).from('{"a":null}');
+        expect(a.count('a')).toBe(0);
+    });
+
+    it('strict(false) bypasses payload size validation', () => {
+        const tinyParser = new SecurityParser({ maxPayloadBytes: 5 });
+        const parser = new DotNotationParser(new SecurityGuard(), tinyParser);
+        const a = new JsonAccessor(parser).strict(false).from('{"name":"Alice"}');
+        expect(a.get('name')).toBe('Alice');
+    });
+
+    it('strict(true) enforces payload size validation', () => {
+        const tinyParser = new SecurityParser({ maxPayloadBytes: 5 });
+        const parser = new DotNotationParser(new SecurityGuard(), tinyParser);
+        expect(() => new JsonAccessor(parser).from('{"name":"Alice"}')).toThrow(SecurityException);
+    });
+});

package/tests/accessors/abstract-integration-accessor.test.ts

@@ -0,0 +1,37 @@
+import { describe, expect, it } from 'vitest';
+import { AbstractIntegrationAccessor } from '../../src/accessors/abstract-integration-accessor.js';
+import type { ParseIntegrationInterface } from '../../src/contracts/parse-integration-interface.js';
+import type { ValidatableParserInterface } from '../../src/contracts/validatable-parser-interface.js';
+import { DotNotationParser } from '../../src/core/dot-notation-parser.js';
+import { SecurityGuard } from '../../src/security/security-guard.js';
+import { SecurityParser } from '../../src/security/security-parser.js';
+import { FakeParseIntegration } from '../mocks/fake-parse-integration.js';
+
+class ConcreteIntegrationAccessor extends AbstractIntegrationAccessor {
+    protected parse(raw: unknown): Record<string, unknown> {
+        return raw as Record<string, unknown>;
+    }
+}
+
+function makeParser(): ValidatableParserInterface {
+    return new DotNotationParser(new SecurityGuard(), new SecurityParser());
+}
+
+describe(AbstractIntegrationAccessor.name, () => {
+    it('accepts a ValidatableParserInterface and ParseIntegrationInterface', () => {
+        const parser = makeParser();
+        const integration = new FakeParseIntegration();
+        const accessor = new ConcreteIntegrationAccessor(parser, integration);
+
+        expect(accessor).toBeInstanceOf(AbstractIntegrationAccessor);
+    });
+
+    it('exposes the integration property to subclasses', () => {
+        const integration = new FakeParseIntegration(true, { key: 'value' });
+        const accessor = new ConcreteIntegrationAccessor(makeParser(), integration);
+
+        expect(
+            (accessor as unknown as { integration: ParseIntegrationInterface }).integration,
+        ).toBe(integration);
+    });
+});

package/tests/accessors/formats/any-accessor.test.ts

@@ -0,0 +1,57 @@
+import { describe, expect, it } from 'vitest';
+import { AnyAccessor } from '../../../src/accessors/formats/any-accessor.js';
+import { DotNotationParser } from '../../../src/core/dot-notation-parser.js';
+import { SecurityGuard } from '../../../src/security/security-guard.js';
+import { SecurityParser } from '../../../src/security/security-parser.js';
+import { InvalidFormatException } from '../../../src/exceptions/invalid-format-exception.js';
+import { SecurityException } from '../../../src/exceptions/security-exception.js';
+import { FakeParseIntegration } from '../../mocks/fake-parse-integration.js';
+
+function makeParser(secParser?: SecurityParser): DotNotationParser {
+    return new DotNotationParser(new SecurityGuard(), secParser ?? new SecurityParser());
+}
+
+describe(AnyAccessor.name, () => {
+    it('accepts data when integration assertFormat returns true', () => {
+        const integration = new FakeParseIntegration(true, { key: 'value' });
+        const a = new AnyAccessor(makeParser(), integration).from('some data');
+        expect(a.get('key')).toBe('value');
+    });
+
+    it('throws InvalidFormatException when integration rejects format', () => {
+        const integration = new FakeParseIntegration(false, {});
+        expect(() => new AnyAccessor(makeParser(), integration).from('data')).toThrow(
+            InvalidFormatException,
+        );
+    });
+
+    it('validates string payloads through assertPayload', () => {
+        const secParser = new SecurityParser({ maxPayloadBytes: 3 });
+        const parser = makeParser(secParser);
+        const integration = new FakeParseIntegration(true, {});
+        expect(() => new AnyAccessor(parser, integration).from('1234')).toThrow(SecurityException);
+    });
+
+    it('does not call assertPayload for non-string data', () => {
+        const secParser = new SecurityParser({ maxPayloadBytes: 1 });
+        const parser = makeParser(secParser);
+        const integration = new FakeParseIntegration(true, { a: 1 });
+        expect(() => new AnyAccessor(parser, integration).from({ x: 1 })).not.toThrow();
+    });
+
+    it('resolves nested path from parsed data', () => {
+        const integration = new FakeParseIntegration(true, { user: { name: 'Alice' } });
+        const a = new AnyAccessor(makeParser(), integration).from('anything');
+        expect(a.get('user.name')).toBe('Alice');
+    });
+
+    it('error message mentions typeof when format is rejected', () => {
+        const integration = new FakeParseIntegration(false, {});
+        expect(() => new AnyAccessor(makeParser(), integration).from(42)).toThrow(/number/);
+    });
+
+    it('FakeParseIntegration default constructor accepts any input', () => {
+        const integration = new FakeParseIntegration();
+        expect(integration.assertFormat('test')).toBe(true);
+    });
+});

package/tests/accessors/formats/array-accessor.test.ts

@@ -0,0 +1,42 @@
+import { describe, expect, it } from 'vitest';
+import { ArrayAccessor } from '../../../src/accessors/formats/array-accessor.js';
+import { DotNotationParser } from '../../../src/core/dot-notation-parser.js';
+import { SecurityGuard } from '../../../src/security/security-guard.js';
+import { SecurityParser } from '../../../src/security/security-parser.js';
+import { InvalidFormatException } from '../../../src/exceptions/invalid-format-exception.js';
+
+function makeParser(secParser?: SecurityParser): DotNotationParser {
+    return new DotNotationParser(new SecurityGuard(), secParser ?? new SecurityParser());
+}
+
+describe(ArrayAccessor.name, () => {
+    it('accepts a plain object', () => {
+        const a = new ArrayAccessor(makeParser()).from({ key: 'value' });
+        expect(a.get('key')).toBe('value');
+    });
+
+    it('accepts an array, indexing by position', () => {
+        const a = new ArrayAccessor(makeParser()).from(['a', 'b', 'c']);
+        expect(a.get('0')).toBe('a');
+        expect(a.get('2')).toBe('c');
+    });
+
+    it('throws InvalidFormatException for string input', () => {
+        expect(() => new ArrayAccessor(makeParser()).from('string')).toThrow(
+            InvalidFormatException,
+        );
+    });
+
+    it('throws InvalidFormatException for null input', () => {
+        expect(() => new ArrayAccessor(makeParser()).from(null)).toThrow(InvalidFormatException);
+    });
+
+    it('throws InvalidFormatException for number input', () => {
+        expect(() => new ArrayAccessor(makeParser()).from(42)).toThrow(InvalidFormatException);
+    });
+
+    it('resolves a nested path in an array-ingested object', () => {
+        const a = new ArrayAccessor(makeParser()).from({ user: { name: 'Alice' } });
+        expect(a.get('user.name')).toBe('Alice');
+    });
+});

package/tests/accessors/formats/env-accessor.test.ts

@@ -0,0 +1,103 @@
+import { describe, expect, it } from 'vitest';
+import { EnvAccessor } from '../../../src/accessors/formats/env-accessor.js';
+import { DotNotationParser } from '../../../src/core/dot-notation-parser.js';
+import { SecurityGuard } from '../../../src/security/security-guard.js';
+import { SecurityParser } from '../../../src/security/security-parser.js';
+import { InvalidFormatException } from '../../../src/exceptions/invalid-format-exception.js';
+
+function makeParser(secParser?: SecurityParser): DotNotationParser {
+    return new DotNotationParser(new SecurityGuard(), secParser ?? new SecurityParser());
+}
+
+describe(EnvAccessor.name, () => {
+    it('parses KEY=VALUE pairs', () => {
+        const a = new EnvAccessor(makeParser()).from('DB_HOST=localhost\nPORT=5432');
+        expect(a.get('DB_HOST')).toBe('localhost');
+        expect(a.get('PORT')).toBe('5432');
+    });
+
+    it('skips comment lines', () => {
+        const a = new EnvAccessor(makeParser()).from('# comment\nKEY=value');
+        expect(a.has('# comment')).toBe(false);
+        expect(a.get('KEY')).toBe('value');
+    });
+
+    it('skips blank lines', () => {
+        const a = new EnvAccessor(makeParser()).from('\nKEY=value\n');
+        expect(a.get('KEY')).toBe('value');
+    });
+
+    it('strips double quotes from values', () => {
+        const a = new EnvAccessor(makeParser()).from('MSG="hello world"');
+        expect(a.get('MSG')).toBe('hello world');
+    });
+
+    it('strips single quotes from values', () => {
+        const a = new EnvAccessor(makeParser()).from("MSG='hello world'");
+        expect(a.get('MSG')).toBe('hello world');
+    });
+
+    it('skips lines without = sign', () => {
+        const a = new EnvAccessor(makeParser()).from('INVALID_LINE\nKEY=value');
+        expect(a.has('INVALID_LINE')).toBe(false);
+        expect(a.get('KEY')).toBe('value');
+    });
+
+    it('throws InvalidFormatException for non-string input', () => {
+        expect(() => new EnvAccessor(makeParser()).from(123)).toThrow(InvalidFormatException);
+    });
+
+    it('throws InvalidFormatException for null input', () => {
+        expect(() => new EnvAccessor(makeParser()).from(null)).toThrow(InvalidFormatException);
+    });
+
+    it('handles KEY= with no value (empty string)', () => {
+        const a = new EnvAccessor(makeParser()).from('EMPTY=');
+        expect(a.get('EMPTY')).toBe('');
+    });
+
+    it('handles value with multiple = signs', () => {
+        const a = new EnvAccessor(makeParser()).from('JWT=a=b=c');
+        expect(a.get('JWT')).toBe('a=b=c');
+    });
+
+    it('trims whitespace from key names', () => {
+        const a = new EnvAccessor(makeParser()).from('  KEY  =value');
+        expect(a.get('KEY')).toBe('value');
+    });
+
+    it('trims whitespace from values', () => {
+        const a = new EnvAccessor(makeParser()).from('KEY=  trimmed  ');
+        expect(a.get('KEY')).toBe('trimmed');
+    });
+
+    it('does not strip double quotes when only one side is present', () => {
+        const a = new EnvAccessor(makeParser()).from('KEY=hello"');
+        expect(a.get('KEY')).toBe('hello"');
+    });
+
+    it('does not strip double quotes when value starts without quote', () => {
+        const a = new EnvAccessor(makeParser()).from('KEY="hello');
+        expect(a.get('KEY')).toBe('"hello');
+    });
+
+    it('does not strip single quotes when only one side is present', () => {
+        const a = new EnvAccessor(makeParser()).from("KEY=hello'");
+        expect(a.get('KEY')).toBe("hello'");
+    });
+
+    it('does not strip single quotes when value starts without quote', () => {
+        const a = new EnvAccessor(makeParser()).from("KEY='hello");
+        expect(a.get('KEY')).toBe("'hello");
+    });
+
+    it('skips lines starting with # even if they contain =', () => {
+        const a = new EnvAccessor(makeParser()).from('# KEY=value\nREAL=ok');
+        expect(a.has('# KEY')).toBe(false);
+        expect(a.get('REAL')).toBe('ok');
+    });
+
+    it('error message from from() includes the actual typeof data', () => {
+        expect(() => new EnvAccessor(makeParser()).from(42)).toThrow(/number/);
+    });
+});