npm - js-cookie - Versions diffs - 3.0.5 → 3.0.6 - Mend

js-cookie 3.0.5 → 3.0.6

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (6) hide show

package/README.md CHANGED Viewed

@@ -2,16 +2,15 @@
   <img src="https://cloud.githubusercontent.com/assets/835857/14581711/ba623018-0436-11e6-8fce-d2ccd4d379c9.gif">
 </p>
-# JavaScript Cookie [![CI](https://github.com/js-cookie/js-cookie/actions/workflows/ci.yml/badge.svg)](https://github.com/js-cookie/js-cookie/actions/workflows/ci.yml) [![BrowserStack](https://github.com/js-cookie/js-cookie/actions/workflows/browserstack.yml/badge.svg)](https://github.com/js-cookie/js-cookie/actions/workflows/browserstack.yml) [![JavaScript Style Guide](https://img.shields.io/badge/code_style-standard-brightgreen.svg)](https://standardjs.com) [![Code Climate](https://codeclimate.com/github/js-cookie/js-cookie.svg)](https://codeclimate.com/github/js-cookie/js-cookie) [![npm](https://img.shields.io/github/package-json/v/js-cookie/js-cookie)](https://www.npmjs.com/package/js-cookie) [![size](https://img.shields.io/bundlephobia/minzip/js-cookie/3)](https://www.npmjs.com/package/js-cookie) [![jsDelivr Hits](https://data.jsdelivr.com/v1/package/npm/js-cookie/badge?style=rounded)](https://www.jsdelivr.com/package/npm/js-cookie)
+# JavaScript Cookie [![CI](https://github.com/js-cookie/js-cookie/actions/workflows/ci.yml/badge.svg)](https://github.com/js-cookie/js-cookie/actions/workflows/ci.yml) [![npm](https://img.shields.io/github/package-json/v/js-cookie/js-cookie)](https://www.npmjs.com/package/js-cookie) [![size](https://img.shields.io/bundlephobia/minzip/js-cookie/3)](https://www.npmjs.com/package/js-cookie) [![jsDelivr Hits](https://data.jsdelivr.com/v1/package/npm/js-cookie/badge?style=rounded)](https://www.jsdelivr.com/package/npm/js-cookie)
-A simple, lightweight JavaScript API for handling cookies
+A simple, lightweight JavaScript API for handling cookies, client-side.
-- Works in [all](https://www.browserstack.com/automate/public-build/b3VDaHAxVDg0NDdCRmtUOWg0SlQzK2NsRVhWTjlDQS9qdGJoak1GMzJiVT0tLVhwZHNvdGRoY284YVRrRnI3eU1JTnc9PQ==--5e88ffb3ca116001d7ef2cfb97a4128ac31174c2) browsers
+- Extensive browser support
 - Accepts [any](#encoding) character
 - [Heavily](test) tested
 - No dependency
-- Supports ES modules
-- Supports AMD/CommonJS
+- Supports both ES and AMD/CommonJS modules
 - [RFC 6265](https://tools.ietf.org/html/rfc6265) compliant
 - Useful [Wiki](https://github.com/js-cookie/js-cookie/wiki)
 - Enable [custom encoding/decoding](#converters)
@@ -24,8 +23,6 @@ A simple, lightweight JavaScript API for handling cookies
 ### NPM
-JavaScript Cookie supports [npm](https://www.npmjs.com/package/js-cookie) under the name `js-cookie`.
 ```bash
 npm i js-cookie
 ```
@@ -40,6 +37,14 @@ Alternatively, include js-cookie via [jsDelivr CDN](https://www.jsdelivr.com/pac
 ## Basic Usage
+Import the library:
+```javascript
+import Cookies from 'js-cookie'
+// or
+const Cookies = require('js-cookie')
+```
 Create a cookie, valid across the entire site:
 ```javascript
@@ -95,10 +100,10 @@ Cookies.remove('name') // fail!
 Cookies.remove('name', { path: '' }) // removed!
 ```
-_IMPORTANT! When deleting a cookie and you're not relying on the [default attributes](#cookie-attributes), you must pass the exact same path and domain attributes that were used to set the cookie:_
+_IMPORTANT! When deleting a cookie and you're not relying on the [default attributes](#cookie-attributes), you must pass the exact same `path`, `domain`, `secure` and `sameSite` attributes that were used to set the cookie:_
 ```javascript
-Cookies.remove('name', { path: '', domain: '.yourdomain.com' })
+Cookies.remove('name', { path: '', domain: '.yourdomain.com', secure: true })
 ```
 _Note: Removing a nonexistent cookie neither raises any exception nor returns any value._
@@ -117,8 +122,8 @@ _Note: The `.noConflict` method is not necessary when using AMD or CommonJS, thu
 ## Encoding
-This project is [RFC 6265](http://tools.ietf.org/html/rfc6265#section-4.1.1) compliant. All special characters that are not allowed in the cookie-name or cookie-value are encoded with each one's UTF-8 Hex equivalent using [percent-encoding](http://en.wikipedia.org/wiki/Percent-encoding).
-The only character in cookie-name or cookie-value that is allowed and still encoded is the percent `%` character, it is escaped in order to interpret percent input as literal.
+This project is [RFC 6265](http://tools.ietf.org/html/rfc6265#section-4.1.1) compliant. All special characters that are not allowed in the cookie-name or cookie-value are encoded with each one's UTF-8 Hex equivalent using [percent-encoding](http://en.wikipedia.org/wiki/Percent-encoding).
+The only character in cookie-name or cookie-value that is allowed and still encoded is the percent `%` character, it is escaped in order to interpret percent input as literal.
 Please note that the default encoding/decoding strategy is meant to be interoperable [only between cookies that are read/written by js-cookie](https://github.com/js-cookie/js-cookie/pull/200#discussion_r63270778). To override the default encoding/decoding strategy you need to use a [converter](#converters).
 _Note: According to [RFC 6265](https://tools.ietf.org/html/rfc6265#section-6.1), your cookies may get deleted if they are too big or there are too many cookies in the same domain, [more details here](https://github.com/js-cookie/js-cookie/wiki/Frequently-Asked-Questions#why-are-my-cookies-being-deleted)._
@@ -184,8 +189,8 @@ Cookies.get('name') // => undefined (need to read at 'subdomain.site.com')
 **Note regarding Internet Explorer default behavior:**
-> Q3: If I don’t specify a DOMAIN attribute (for) a cookie, IE sends it to all nested subdomains anyway?
-> A: Yes, a cookie set on example.com will be sent to sub2.sub1.example.com.
+> Q3: If I don’t specify a DOMAIN attribute (for) a cookie, IE sends it to all nested subdomains anyway?
+> A: Yes, a cookie set on example.com will be sent to sub2.sub1.example.com.
 > Internet Explorer differs from other browsers in this regard.
 (From [Internet Explorer Cookie Internals (FAQ)](http://blogs.msdn.com/b/ieinternals/archive/2009/08/20/wininet-ie-cookie-internals-faq.aspx))
@@ -206,13 +211,27 @@ Cookies.get('name') // => 'value'
 Cookies.remove('name')
 ```
+### partitioned
+Either `true` or `false`, indicating if the cookie opts into partitioned storage. Must also set `secure: true`.
+**Default:** No partitioned storage.
+**Examples:**
+```javascript
+Cookies.set('name', 'value', { partitioned: true })
+Cookies.get('name') // => 'value'
+Cookies.remove('name')
+```
 ### sameSite
 A [`String`](https://developer.mozilla.org/en-US/docs/Web/JavaScript/Reference/Global_Objects/String), allowing to control whether the browser is sending a cookie along with cross-site requests.
 Default: not set.
-**Note that more recent browsers are making "Lax" the default value even without specifiying anything here.**
+**Note that more recent browsers are making "Lax" the default value even without specifying anything here.**
 **Examples:**
@@ -279,10 +298,6 @@ Check out the [Servers Docs](SERVER_SIDE.md)
 Check out the [Contributing Guidelines](CONTRIBUTING.md)
-## Security
-For vulnerability reports, send an e-mail to `js-cookie at googlegroups dot com`
 ## Releasing
 Releasing should be done via the `Release` GitHub Actions workflow, so that published packages on npmjs.com have package provenance.

package/dist/js.cookie.js CHANGED Viewed

@@ -1,4 +1,4 @@
-/*! js-cookie v3.0.5 | MIT */
+/*! js-cookie v3.0.6 | MIT */
 ;
 (function (global, factory) {
   typeof exports === 'object' && typeof module !== 'undefined' ? module.exports = factory() :
@@ -10,19 +10,17 @@
   })());
 })(this, (function () { 'use strict';
-  /* eslint-disable no-var */
   function assign (target) {
     for (var i = 1; i < arguments.length; i++) {
       var source = arguments[i];
       for (var key in source) {
+        if (key === '__proto__') continue
         target[key] = source[key];
       }
     }
     return target
   }
-  /* eslint-enable no-var */
-  /* eslint-disable no-var */
   var defaultConverter = {
     read: function (value) {
       if (value[0] === '"') {
@@ -37,12 +35,9 @@
       )
     }
   };
-  /* eslint-enable no-var */
-  /* eslint-disable no-var */
-  function init (converter, defaultAttributes) {
-    function set (name, value, attributes) {
+  function init(converter, defaultAttributes) {
+    function set(name, value, attributes) {
       if (typeof document === 'undefined') {
         return
       }
@@ -86,7 +81,7 @@
         name + '=' + converter.write(value, name) + stringifiedAttributes)
     }
-    function get (name) {
+    function get(name) {
       if (typeof document === 'undefined' || (arguments.length && !name)) {
         return
       }
@@ -101,12 +96,13 @@
         try {
           var found = decodeURIComponent(parts[0]);
-          jar[found] = converter.read(value, found);
+          if (!(found in jar)) jar[found] = converter.read(value, found);
           if (name === found) {
             break
           }
-        } catch (e) {}
+        } catch {
+          // Do nothing...
+        }
       }
       return name ? jar[name] : jar
@@ -140,7 +136,6 @@
   }
   var api = init(defaultConverter, { path: '/' });
-  /* eslint-enable no-var */
   return api;

package/dist/js.cookie.min.js CHANGED Viewed

@@ -1,2 +1,2 @@
-/*! js-cookie v3.0.5 | MIT */
-!function(e,t){"object"==typeof exports&&"undefined"!=typeof module?module.exports=t():"function"==typeof define&&define.amd?define(t):(e="undefined"!=typeof globalThis?globalThis:e||self,function(){var n=e.Cookies,o=e.Cookies=t();o.noConflict=function(){return e.Cookies=n,o}}())}(this,(function(){"use strict";function e(e){for(var t=1;t<arguments.length;t++){var n=arguments[t];for(var o in n)e[o]=n[o]}return e}var t=function t(n,o){function r(t,r,i){if("undefined"!=typeof document){"number"==typeof(i=e({},o,i)).expires&&(i.expires=new Date(Date.now()+864e5*i.expires)),i.expires&&(i.expires=i.expires.toUTCString()),t=encodeURIComponent(t).replace(/%(2[346B]|5E|60|7C)/g,decodeURIComponent).replace(/[()]/g,escape);var c="";for(var u in i)i[u]&&(c+="; "+u,!0!==i[u]&&(c+="="+i[u].split(";")[0]));return document.cookie=t+"="+n.write(r,t)+c}}return Object.create({set:r,get:function(e){if("undefined"!=typeof document&&(!arguments.length||e)){for(var t=document.cookie?document.cookie.split("; "):[],o={},r=0;r<t.length;r++){var i=t[r].split("="),c=i.slice(1).join("=");try{var u=decodeURIComponent(i[0]);if(o[u]=n.read(c,u),e===u)break}catch(e){}}return e?o[e]:o}},remove:function(t,n){r(t,"",e({},n,{expires:-1}))},withAttributes:function(n){return t(this.converter,e({},this.attributes,n))},withConverter:function(n){return t(e({},this.converter,n),this.attributes)}},{attributes:{value:Object.freeze(o)},converter:{value:Object.freeze(n)}})}({read:function(e){return'"'===e[0]&&(e=e.slice(1,-1)),e.replace(/(%[\dA-F]{2})+/gi,decodeURIComponent)},write:function(e){return encodeURIComponent(e).replace(/%(2[346BF]|3[AC-F]|40|5[BDE]|60|7[BCD])/g,decodeURIComponent)}},{path:"/"});return t}));
+/*! js-cookie v3.0.6 | MIT */
+!function(e,t){"object"==typeof exports&&"undefined"!=typeof module?module.exports=t():"function"==typeof define&&define.amd?define(t):(e="undefined"!=typeof globalThis?globalThis:e||self,function(){var n=e.Cookies,o=e.Cookies=t();o.noConflict=function(){return e.Cookies=n,o}}())}(this,(function(){"use strict";function e(e){for(var t=1;t<arguments.length;t++){var n=arguments[t];for(var o in n)"__proto__"!==o&&(e[o]=n[o])}return e}var t=function t(n,o){function r(t,r,i){if("undefined"!=typeof document){"number"==typeof(i=e({},o,i)).expires&&(i.expires=new Date(Date.now()+864e5*i.expires)),i.expires&&(i.expires=i.expires.toUTCString()),t=encodeURIComponent(t).replace(/%(2[346B]|5E|60|7C)/g,decodeURIComponent).replace(/[()]/g,escape);var c="";for(var u in i)i[u]&&(c+="; "+u,!0!==i[u]&&(c+="="+i[u].split(";")[0]));return document.cookie=t+"="+n.write(r,t)+c}}return Object.create({set:r,get:function(e){if("undefined"!=typeof document&&(!arguments.length||e)){for(var t=document.cookie?document.cookie.split("; "):[],o={},r=0;r<t.length;r++){var i=t[r].split("="),c=i.slice(1).join("=");try{var u=decodeURIComponent(i[0]);if(u in o||(o[u]=n.read(c,u)),e===u)break}catch{}}return e?o[e]:o}},remove:function(t,n){r(t,"",e({},n,{expires:-1}))},withAttributes:function(n){return t(this.converter,e({},this.attributes,n))},withConverter:function(n){return t(e({},this.converter,n),this.attributes)}},{attributes:{value:Object.freeze(o)},converter:{value:Object.freeze(n)}})}({read:function(e){return'"'===e[0]&&(e=e.slice(1,-1)),e.replace(/(%[\dA-F]{2})+/gi,decodeURIComponent)},write:function(e){return encodeURIComponent(e).replace(/%(2[346BF]|3[AC-F]|40|5[BDE]|60|7[BCD])/g,decodeURIComponent)}},{path:"/"});return t}));

package/dist/js.cookie.min.mjs CHANGED Viewed

@@ -1,2 +1,2 @@
-/*! js-cookie v3.0.5 | MIT */
-function e(e){for(var t=1;t<arguments.length;t++){var r=arguments[t];for(var n in r)e[n]=r[n]}return e}var t=function t(r,n){function o(t,o,i){if("undefined"!=typeof document){"number"==typeof(i=e({},n,i)).expires&&(i.expires=new Date(Date.now()+864e5*i.expires)),i.expires&&(i.expires=i.expires.toUTCString()),t=encodeURIComponent(t).replace(/%(2[346B]|5E|60|7C)/g,decodeURIComponent).replace(/[()]/g,escape);var c="";for(var u in i)i[u]&&(c+="; "+u,!0!==i[u]&&(c+="="+i[u].split(";")[0]));return document.cookie=t+"="+r.write(o,t)+c}}return Object.create({set:o,get:function(e){if("undefined"!=typeof document&&(!arguments.length||e)){for(var t=document.cookie?document.cookie.split("; "):[],n={},o=0;o<t.length;o++){var i=t[o].split("="),c=i.slice(1).join("=");try{var u=decodeURIComponent(i[0]);if(n[u]=r.read(c,u),e===u)break}catch(e){}}return e?n[e]:n}},remove:function(t,r){o(t,"",e({},r,{expires:-1}))},withAttributes:function(r){return t(this.converter,e({},this.attributes,r))},withConverter:function(r){return t(e({},this.converter,r),this.attributes)}},{attributes:{value:Object.freeze(n)},converter:{value:Object.freeze(r)}})}({read:function(e){return'"'===e[0]&&(e=e.slice(1,-1)),e.replace(/(%[\dA-F]{2})+/gi,decodeURIComponent)},write:function(e){return encodeURIComponent(e).replace(/%(2[346BF]|3[AC-F]|40|5[BDE]|60|7[BCD])/g,decodeURIComponent)}},{path:"/"});export{t as default};
+/*! js-cookie v3.0.6 | MIT */
+function e(e){for(var t=1;t<arguments.length;t++){var r=arguments[t];for(var n in r)"__proto__"!==n&&(e[n]=r[n])}return e}var t=function t(r,n){function o(t,o,i){if("undefined"!=typeof document){"number"==typeof(i=e({},n,i)).expires&&(i.expires=new Date(Date.now()+864e5*i.expires)),i.expires&&(i.expires=i.expires.toUTCString()),t=encodeURIComponent(t).replace(/%(2[346B]|5E|60|7C)/g,decodeURIComponent).replace(/[()]/g,escape);var c="";for(var u in i)i[u]&&(c+="; "+u,!0!==i[u]&&(c+="="+i[u].split(";")[0]));return document.cookie=t+"="+r.write(o,t)+c}}return Object.create({set:o,get:function(e){if("undefined"!=typeof document&&(!arguments.length||e)){for(var t=document.cookie?document.cookie.split("; "):[],n={},o=0;o<t.length;o++){var i=t[o].split("="),c=i.slice(1).join("=");try{var u=decodeURIComponent(i[0]);if(u in n||(n[u]=r.read(c,u)),e===u)break}catch{}}return e?n[e]:n}},remove:function(t,r){o(t,"",e({},r,{expires:-1}))},withAttributes:function(r){return t(this.converter,e({},this.attributes,r))},withConverter:function(r){return t(e({},this.converter,r),this.attributes)}},{attributes:{value:Object.freeze(n)},converter:{value:Object.freeze(r)}})}({read:function(e){return'"'===e[0]&&(e=e.slice(1,-1)),e.replace(/(%[\dA-F]{2})+/gi,decodeURIComponent)},write:function(e){return encodeURIComponent(e).replace(/%(2[346BF]|3[AC-F]|40|5[BDE]|60|7[BCD])/g,decodeURIComponent)}},{path:"/"});export{t as default};

package/dist/js.cookie.mjs CHANGED Viewed

@@ -1,17 +1,15 @@
-/*! js-cookie v3.0.5 | MIT */
-/* eslint-disable no-var */
+/*! js-cookie v3.0.6 | MIT */
 function assign (target) {
   for (var i = 1; i < arguments.length; i++) {
     var source = arguments[i];
     for (var key in source) {
+      if (key === '__proto__') continue
       target[key] = source[key];
     }
   }
   return target
 }
-/* eslint-enable no-var */
-/* eslint-disable no-var */
 var defaultConverter = {
   read: function (value) {
     if (value[0] === '"') {
@@ -26,12 +24,9 @@ var defaultConverter = {
     )
   }
 };
-/* eslint-enable no-var */
-/* eslint-disable no-var */
-function init (converter, defaultAttributes) {
-  function set (name, value, attributes) {
+function init(converter, defaultAttributes) {
+  function set(name, value, attributes) {
     if (typeof document === 'undefined') {
       return
     }
@@ -75,7 +70,7 @@ function init (converter, defaultAttributes) {
       name + '=' + converter.write(value, name) + stringifiedAttributes)
   }
-  function get (name) {
+  function get(name) {
     if (typeof document === 'undefined' || (arguments.length && !name)) {
       return
     }
@@ -90,12 +85,13 @@ function init (converter, defaultAttributes) {
       try {
         var found = decodeURIComponent(parts[0]);
-        jar[found] = converter.read(value, found);
+        if (!(found in jar)) jar[found] = converter.read(value, found);
         if (name === found) {
           break
         }
-      } catch (e) {}
+      } catch {
+        // Do nothing...
+      }
     }
     return name ? jar[name] : jar
@@ -129,6 +125,5 @@ function init (converter, defaultAttributes) {
 }
 var api = init(defaultConverter, { path: '/' });
-/* eslint-enable no-var */
 export { api as default };

package/package.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
   "name": "js-cookie",
-  "version": "3.0.5",
+  "version": "3.0.6",
   "description": "A simple, lightweight JavaScript API for handling cookies",
   "browser": "dist/js.cookie.js",
   "module": "dist/js.cookie.mjs",
@@ -23,12 +23,15 @@
     "amd",
     "commonjs",
     "client",
-    "js-cookie",
-    "browserify"
+    "js-cookie"
   ],
   "scripts": {
     "test": "grunt test",
-    "format": "grunt exec:format",
+    "test:browserstack": "grunt browserstack",
+    "format": "prettier --write .",
+    "format:check": "prettier --check .",
+    "lint": "eslint --fix .",
+    "lint:check": "eslint .",
     "dist": "rm -rf dist/* && rollup -c",
     "release": "release-it"
   },
@@ -43,29 +46,33 @@
   "author": "Klaus Hartl",
   "license": "MIT",
   "devDependencies": {
-    "@rollup/plugin-terser": "^0.4.0",
-    "browserstack-runner": "github:browserstack/browserstack-runner#1e85e559951bdf97ffe2a7c744ee67ca83589fde",
-    "eslint": "^7.31.0",
-    "eslint-config-standard": "^16.0.3",
-    "eslint-plugin-html": "^7.0.0",
-    "eslint-plugin-markdown": "^3.0.0",
+    "@eslint/js": "^10.0.1",
+    "@rollup/plugin-terser": "^1.0.0",
+    "browserstack-node-sdk": "^1.52.2",
+    "eslint": "^10.0.1",
+    "eslint-config-prettier": "^10.0.1",
+    "eslint-plugin-html": "^8.0.0",
+    "eslint-plugin-markdown": "^5.0.0",
+    "globals": "^17.3.0",
     "grunt": "^1.0.4",
     "grunt-compare-size": "^0.4.2",
-    "grunt-contrib-connect": "^3.0.0",
-    "grunt-contrib-nodeunit": "^5.0.0",
-    "grunt-contrib-qunit": "^7.0.0",
+    "grunt-contrib-connect": "^5.0.0",
+    "grunt-contrib-qunit": "^10.0.0",
     "grunt-contrib-watch": "^1.1.0",
     "grunt-exec": "^3.0.0",
     "gzip-js": "^0.3.2",
-    "prettier": "^2.3.2",
-    "qunit": "^2.9.3",
-    "release-it": "^15.0.0",
-    "rollup": "^3.17.2",
+    "js-reporters": "^2.1.0",
+    "nano-staged": "^1.0.2",
+    "prettier": "^3.0.0",
+    "qunit": "^2.19.4",
+    "release-it": "^20.0.0",
+    "rollup": "^4.53.3",
     "rollup-plugin-filesize": "^10.0.0",
-    "rollup-plugin-license": "^3.0.0",
-    "standard": "^17.0.0"
+    "rollup-plugin-license": "^3.2.0",
+    "selenium-webdriver": "^4.43.0",
+    "simple-git-hooks": "^2.8.1"
   },
   "engines": {
-    "node": ">=14"
+    "node": ">=20"
   }
 }