mathjs 13.1.0 → 13.2.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (46) hide show
  1. package/HISTORY.md +30 -0
  2. package/bin/cli.js +24 -10
  3. package/lib/browser/math.js +1 -1
  4. package/lib/browser/math.js.LICENSE.txt +2 -2
  5. package/lib/browser/math.js.map +1 -1
  6. package/lib/cjs/core/function/typed.js +1 -0
  7. package/lib/cjs/expression/node/FunctionNode.js +9 -1
  8. package/lib/cjs/expression/parse.js +1 -1
  9. package/lib/cjs/expression/transform/filter.transform.js +28 -40
  10. package/lib/cjs/expression/transform/forEach.transform.js +29 -30
  11. package/lib/cjs/expression/transform/map.transform.js +8 -93
  12. package/lib/cjs/expression/transform/utils/transformCallback.js +101 -0
  13. package/lib/cjs/function/algebra/derivative.js +10 -11
  14. package/lib/cjs/function/matrix/filter.js +3 -2
  15. package/lib/cjs/function/matrix/forEach.js +3 -14
  16. package/lib/cjs/function/matrix/map.js +11 -33
  17. package/lib/cjs/header.js +2 -2
  18. package/lib/cjs/type/matrix/DenseMatrix.js +73 -29
  19. package/lib/cjs/type/matrix/SparseMatrix.js +7 -4
  20. package/lib/cjs/utils/array.js +22 -0
  21. package/lib/cjs/utils/customs.js +5 -12
  22. package/lib/cjs/utils/map.js +5 -3
  23. package/lib/cjs/utils/optimizeCallback.js +94 -0
  24. package/lib/cjs/version.js +1 -1
  25. package/lib/esm/core/function/typed.js +1 -0
  26. package/lib/esm/expression/node/FunctionNode.js +9 -1
  27. package/lib/esm/expression/parse.js +1 -1
  28. package/lib/esm/expression/transform/filter.transform.js +28 -40
  29. package/lib/esm/expression/transform/forEach.transform.js +29 -30
  30. package/lib/esm/expression/transform/map.transform.js +8 -93
  31. package/lib/esm/expression/transform/utils/transformCallback.js +95 -0
  32. package/lib/esm/function/algebra/derivative.js +10 -11
  33. package/lib/esm/function/matrix/filter.js +3 -2
  34. package/lib/esm/function/matrix/forEach.js +3 -14
  35. package/lib/esm/function/matrix/map.js +12 -34
  36. package/lib/esm/type/matrix/DenseMatrix.js +75 -32
  37. package/lib/esm/type/matrix/SparseMatrix.js +7 -4
  38. package/lib/esm/utils/array.js +21 -0
  39. package/lib/esm/utils/customs.js +5 -12
  40. package/lib/esm/utils/map.js +6 -4
  41. package/lib/esm/utils/optimizeCallback.js +88 -0
  42. package/lib/esm/version.js +1 -1
  43. package/package.json +7 -7
  44. package/types/index.d.ts +50 -12
  45. package/lib/cjs/utils/applyCallback.js +0 -73
  46. package/lib/esm/utils/applyCallback.js +0 -67
package/HISTORY.md CHANGED
@@ -1,5 +1,35 @@
1
1
  # History
2
2
 
3
+ # 2204-10-02 13.2.0
4
+
5
+ - Feat: improve performance of functions `map`, `filter` and `forEach` (#3256).
6
+ Thanks @dvd101x.
7
+ - Feat: improve performance of the methods `map()` and `forEach()`
8
+ of `DenseMatrix` (#3251). Thanks @Galm007.
9
+ - Fix: #3253 cannot use identifiers containing special characters in function
10
+ `derivative`.
11
+ - Fix: improve the type definitions of `ConstantNode` to support all data
12
+ types (#3257). Thanks @smith120bh.
13
+ - Fix: #3259 function `symbolicEqual` missing in the TypeScript definitions.
14
+ - Fix: #3246 function `leafCount` missing in the TypeScript definitions.
15
+ - Fix: #3267 implicit multiplication with a negative number and unit `in`.
16
+ - Docs: fix broken links on the Configuration page. Thanks @vassudanagunta.
17
+ - Docs: document the syntax of `map` and `forEach` in the expression parser
18
+ (#3272). Thanks @dvd101x.
19
+
20
+ # 2024-08-27, 13.1.1
21
+
22
+ - Fix security vulnerability in the CLI and web API allowing to call functions
23
+ `import`, `createUnit` and `reviver`, allowing to get access to the internal
24
+ math namespace and allowing arbitrary code execution. Thanks @StarlightPWN.
25
+ - Fix security vulnerability: when overwriting a `rawArgs` function with a
26
+ non-`rawArgs` function, it was still called with raw arguments. This was both
27
+ a functional issue and a security issue. Thanks @StarlightPWN.
28
+ - Fix security vulnerability: ensure that `ObjectWrappingMap` cannot delete
29
+ unsafe properties. Thanks @StarlightPWN.
30
+ - Fix: not being able to use methods and properties on arrays inside the
31
+ expression parser.
32
+
3
33
  # 2024-08-26, 13.1.0
4
34
 
5
35
  - Feat: support multiple inputs in function `map` (#3228, #3196).
package/bin/cli.js CHANGED
@@ -56,10 +56,23 @@ const PRECISION = 14 // decimals
56
56
  * "Lazy" load math.js: only require when we actually start using it.
57
57
  * This ensures the cli application looks like it loads instantly.
58
58
  * When requesting help or version number, math.js isn't even loaded.
59
- * @return {*}
59
+ * @return {{ evalute: function, parse: function, math: Object }}
60
60
  */
61
61
  function getMath () {
62
- return require('../lib/browser/math.js')
62
+ const { create, all } = require('../lib/browser/math.js')
63
+
64
+ const math = create(all)
65
+ const parse = math.parse
66
+ const evaluate = math.evaluate
67
+
68
+ // See https://mathjs.org/docs/expressions/security.html#less-vulnerable-expression-parser
69
+ math.import({
70
+ 'import': function () { throw new Error('Function import is disabled') },
71
+ 'createUnit': function () { throw new Error('Function createUnit is disabled') },
72
+ 'reviver': function () { throw new Error('Function reviver is disabled') }
73
+ }, { override: true })
74
+
75
+ return { math, parse, evaluate }
63
76
  }
64
77
 
65
78
  /**
@@ -68,7 +81,7 @@ function getMath () {
68
81
  * @param {*} value
69
82
  */
70
83
  function format (value) {
71
- const math = getMath()
84
+ const { math } = getMath()
72
85
 
73
86
  return math.format(value, {
74
87
  fn: function (value) {
@@ -88,7 +101,7 @@ function format (value) {
88
101
  * @return {[Array, String]} completions
89
102
  */
90
103
  function completer (text) {
91
- const math = getMath()
104
+ const { math } = getMath()
92
105
  let matches = []
93
106
  let keyword
94
107
  const m = /[a-zA-Z_0-9]+$/.exec(text)
@@ -183,7 +196,7 @@ function runStream (input, output, mode, parenthesis) {
183
196
  }
184
197
 
185
198
  // load math.js now, right *after* loading the prompt.
186
- const math = getMath()
199
+ const { math, parse } = getMath()
187
200
 
188
201
  // TODO: automatic insertion of 'ans' before operators like +, -, *, /
189
202
 
@@ -214,7 +227,7 @@ function runStream (input, output, mode, parenthesis) {
214
227
  case 'evaluate':
215
228
  // evaluate expression
216
229
  try {
217
- let node = math.parse(expr)
230
+ let node = parse(expr)
218
231
  let res = node.evaluate(scope)
219
232
 
220
233
  if (math.isResultSet(res)) {
@@ -288,7 +301,7 @@ function runStream (input, output, mode, parenthesis) {
288
301
  * @return {string | null} Returns the name when found, else returns null.
289
302
  */
290
303
  function findSymbolName (node) {
291
- const math = getMath()
304
+ const { math } = getMath()
292
305
  let n = node
293
306
 
294
307
  while (n) {
@@ -412,9 +425,10 @@ if (version) {
412
425
  // run a stream, can be user input or pipe input
413
426
  runStream(process.stdin, process.stdout, mode, parenthesis)
414
427
  } else {
415
- fs.stat(scripts[0], function (e, f) {
416
- if (e) {
417
- console.log(getMath().evaluate(scripts.join(' ')).toString())
428
+ fs.stat(scripts[0], function (err) {
429
+ if (err) {
430
+ const { evaluate } = getMath()
431
+ console.log(evaluate(scripts.join(' ')).toString())
418
432
  } else {
419
433
  // work through the queue of scripts
420
434
  scripts.forEach(function (arg) {