archive-gh-me/mathjs
1
0
Fork 0
mirror of https://github.com/josdejong/mathjs.git synced 2026-01-18 14:59:29 +00:00
Code Issues Projects Releases Wiki Activity
2,912 Commits 19 Branches 303 Tags
Commit Graph

299 Commits

Author SHA1 Message Date
jos
967e65cceb Refactored usage of properties .isNode, .isSymbolNode, etc. into using functions like type.isNode(x) for security 2017-08-12 14:38:03 +02:00
jos
12918725f1 Merge branch 'develop' into moreStrictTypeChecks 2017-08-12 11:15:11 +02:00
jos
a18f2068f3 Fixed toString of a parsed expression tree containing an immediately invoked function assignment not being wrapped in parenthesis 2017-08-12 11:03:19 +02:00
jos
5092e982f9 Merge branch 'develop' into moreStrictTypeChecks 2017-08-06 14:13:11 +02:00
jos
601f1942c2 Replace ES6 functionality with ES5 2017-08-06 11:54:59 +02:00
jos
3e9f0d24f8 Implemented more strict type checks in typed-functions 2017-08-04 11:15:46 +02:00
jos
9666c16378 Fixed #846: Issues in the functions map, forEach, and filter when used in the expression parser 2017-07-29 14:05:27 +02:00
Thomas Brierley
e1749d2a0e Revert expression security test to original error 2017-07-14 13:10:18 +01:00
Thomas Brierley
fe0b993e72 Fix security test, fails on length first 2017-07-12 16:33:31 +01:00
jos
469e6bf3cf Fixed #895: added support for the dollar character $ in symbol names 2017-07-10 20:29:30 +02:00
Jos de Jong
69f3e882d7 Merge pull request #888 from ThomasBrierley/prototyped-scopes 
Prototyped Scopes
 2017-07-05 22:01:29 +02:00
jos
485cb88866 Use getSafeProperty in help 2017-06-30 14:27:28 +02:00
Thomas Brierley
badc6efc1a Update tests for isSafe changes 
+ Fix "calling Function via Object.assign" test. Now fails on accesing
"bind" first because new implementation is a bit more restrictive.

+ Fix "extend the class instance". Custom methods on instances are now
allowed and ghosting (overridding) is explicitly not.

+ Add ghosting tests for class instances and plain objects.
 2017-06-29 15:53:49 +01:00
jos
4e1142a126 Released v3.13.3 2017-05-27 20:56:16 +02:00
jos
ed5f2cebaf Security fixes in isSafeMethod and some others 2017-05-27 19:51:12 +02:00
jos
e80ab2d36c Fixed unit tests 2017-05-26 17:14:08 +02:00
jos
627bb2a79d Disabled function chain 2017-05-26 17:11:52 +02:00
jos
959b010242 Simplified isSafeMethod 2017-05-26 16:43:03 +02:00
jos
64498eddd6 Fixed #861: physical constants not available in the expression parser 2017-05-25 16:13:42 +02:00
jos
f61bb6cf94 Fixed #856: function subset not returning non-primitive scalars from Arrays correctly 2017-05-16 21:41:03 +02:00
jos
04ceed6c75 Merge branch 'security' into develop 2017-05-12 20:47:54 +02:00
jos
5991c24620 Fixed broken unit tests 2017-05-12 13:36:03 +02:00
jos
29d632f1d9 Fixed creating units with an alias not working within the expression parser 2017-05-12 13:28:13 +02:00
jos
11eda850da Fixed security vulnerabilities 2017-05-12 09:01:31 +02:00
jos
27660d8c00 Some more security measures 2017-05-05 21:08:23 +02:00
jos
85ac1a0aa4 Some more security measures 2017-05-05 20:53:20 +02:00
jos
aef6203049 Use safe function arguments internally 2017-05-05 17:25:21 +02:00
jos
73b774a51b Use safe map, forEach, join 2017-05-05 12:32:21 +02:00
jos
9dfbac5565 Fixed a broken unit test on node 0.1, 0.12 2017-04-24 21:57:06 +02:00
jos
19faeac16c Escape function names and properties 2017-04-24 21:36:00 +02:00
jos
8e8e02bec9 Don't clone config itself, only it's childs 2017-04-22 20:14:52 +02:00
jos
c259c936ec Refactored compile into a factory function 2017-04-22 17:12:38 +02:00
jos
a7bd4cd833 Register _compile as separate functions 2017-04-22 16:49:22 +02:00
jos
bddf93cf57 Added some more unit tests 2017-04-22 16:48:45 +02:00
jos
c2c1888012 Fixed security vulnerabilities in math.subset 2017-04-22 13:58:26 +02:00
jos
4be0c66534 Added another (failing) security test 2017-04-15 20:26:47 +02:00
jos
d34194be2c Added some (failing) security tests 2017-04-10 20:30:09 +02:00
jos
ee6efa3768 Only allow accessing/assigning properties on plain objects. Only allow calling known methods. 2017-04-08 15:32:10 +02:00
jos
42012688cb Released v3.11.4 2017-04-03 21:09:05 +02:00
jos
25db18caec Fixed a security vulnerability 2017-04-03 20:43:52 +02:00
jos
5c4b105c7e Fixed a security vulnerability in the expression parser 2017-04-03 01:29:13 +02:00
jos
2a1cca3442 Released v3.11.1 2017-04-02 20:13:38 +02:00
jos
fbe6e62faf Fixed more security vulnerabilities 2017-04-02 19:51:11 +02:00
jos
ebb3c9bd0e Fixed #821, #822: security vulnerabilities in the expression parser 2017-04-02 14:57:21 +02:00
jos
37613aca0c Moved security related tests into a separate file 2017-04-02 13:18:55 +02:00
jos
3c3517daa6 More security fixes + unit tests 2017-03-31 13:41:37 +02:00
jos
43c4fe9c46 Added a few more unit tests 2017-03-31 10:51:11 +02:00
jos
b7a065b538 Removed a redundant console.log in the tests 2017-03-31 10:47:04 +02:00
jos
2f45600905 Fixed a security vulnerability in the expression parser allowing execution of arbitrary JavaScript 2017-03-31 10:18:14 +02:00
jos
bd52740e61 Fixed #795: Parse error in case of a multi-line expression with just comments 2017-02-15 22:05:38 +01:00