archive-gh-me/mathjs
1
0
Fork 0
mirror of https://github.com/josdejong/mathjs.git synced 2026-01-18 14:59:29 +00:00
Code Issues Projects Releases Wiki Activity
2,791 Commits 19 Branches 303 Tags
Commit Graph

2791 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Thomas Brierley
1dd67cd591 Fix undefined isSafeProperty test + comment 2017-07-04 20:03:06 +01:00
Thomas Brierley
7d6c583629 Add isSafeProperty unit tests 2017-07-04 19:43:05 +01:00
Thomas Brierley
e8ace81449 Use 'in' on root prototype checks 
Because on NodeJS <= v0.10 hasOwnProperty returns false for __proto__ on
Object.prototype. Function.prototype and Object.prototype are roots so
it should be safe to use 'in' instead.
 2017-07-04 19:43:01 +01:00
Thomas Brierley
badc6efc1a Update tests for isSafe changes 
+ Fix "calling Function via Object.assign" test. Now fails on accesing
"bind" first because new implementation is a bit more restrictive.

+ Fix "extend the class instance". Custom methods on instances are now
allowed and ghosting (overridding) is explicitly not.

+ Add ghosting tests for class instances and plain objects.
 2017-06-29 15:53:49 +01:00
Thomas Brierley
cc8b7a2f6d Remove redundant conditions and comments 2017-06-29 15:07:38 +01:00
Thomas Brierley
7951ae221e Use isSafeProperty in set/getSafeProperty 2017-06-29 15:00:40 +01:00
Thomas Brierley
955c72bebf Update isSafeProperty interface 2017-06-29 14:56:47 +01:00
Thomas Brierley
c4951c2143 Refactor isSafe checks to restore inheritance 
To safely restore inherited properties and methods on plain objects e.g
with Object.create, some overly broad conditions need to be removed and
others added to more explicitly exclude unsafe properties.

isSafeMethod() has been modified as bellow, roughly the same conditions
are also now used in isSafeProperty() for get/setSafeProperty() which
previously restricted all inherited properties.

- Require __proto__ to have own-method
	Intended to prevent ghosting of class methods, but also prevents
	access to properties from further up the chain.

+ Require any own-method to not be in __proto__
	Explicitly prevents ghosting but not inheritance. Possible to
	defeat only if proto chaining through Object.create is allowed.

- Require object to not be function
	Intended to prevent unsafe function methods like 'bind', but
	also restricts function own-properties.

+ Require method not be in Function.prototype
	Explicitly prevents unsafe function methods like 'bind',
	without restricting function own properties.

Other conditions should be equivalent. The overall affect should be
that inherited properties and methods that are safe and not ghosted
should be allowed.
 2017-06-29 14:53:46 +01:00
jos
4e1142a126 Released v3.13.3 v3.13.3 2017-05-27 20:56:16 +02:00
jos
bc3febca89 Merge branch 'security' into develop 2017-05-27 20:52:24 +02:00
jos
a4f231b2bc Updated history 2017-05-27 20:16:22 +02:00
Jos de Jong
b1afd923b7 Merge pull request #862 from viclai/patch-1 
Fixed Bug in Equation For Intersection of Line and Plane
 2017-05-27 20:13:18 +02:00
jos
ed5f2cebaf Security fixes in isSafeMethod and some others 2017-05-27 19:51:12 +02:00
viclai
5baa2b8848 Added Unit Test for Intersect Bug 2017-05-27 07:58:32 -07:00
jos
5fbc8edce6 Released v3.13.2 v3.13.2 2017-05-26 20:28:59 +02:00
jos
e80ab2d36c Fixed unit tests 2017-05-26 17:14:08 +02:00
jos
627bb2a79d Disabled function chain 2017-05-26 17:11:52 +02:00
jos
959b010242 Simplified isSafeMethod 2017-05-26 16:43:03 +02:00
jos
64498eddd6 Fixed #861: physical constants not available in the expression parser 2017-05-25 16:13:42 +02:00
Victor
1313abe4ce Fixed Bug in Equation For Intersection of Line and Plane 
The equation to find the value of ’t' for the intersection of a line and a plane does not appear to be entirely correct.  Please double-check.
 2017-05-23 20:40:47 -07:00
jos
f61bb6cf94 Fixed #856: function subset not returning non-primitive scalars from Arrays correctly 2017-05-16 21:41:03 +02:00
jos
e105f60ab7 Released v3.13.1 v3.13.1 2017-05-12 20:52:02 +02:00
jos
04ceed6c75 Merge branch 'security' into develop 2017-05-12 20:47:54 +02:00
jos
5991c24620 Fixed broken unit tests 2017-05-12 13:36:03 +02:00
jos
29d632f1d9 Fixed creating units with an alias not working within the expression parser 2017-05-12 13:28:13 +02:00
jos
be913efa29 Added docs and example on making the expression parser less vulnerable 2017-05-12 12:15:46 +02:00
jos
51507e2f10 Released v3.13.0 v3.13.0 2017-05-12 09:18:46 +02:00
jos
11eda850da Fixed security vulnerabilities 2017-05-12 09:01:31 +02:00
jos
2a14757640 Merge remote-tracking branch 'origin/develop' into develop 2017-05-12 08:37:40 +02:00
jos
affad00f04 Updated history 2017-05-12 08:36:40 +02:00
Jos de Jong
b36d45af0b Merge pull request #850 from tetslee/absderivative 
Added derivative of abs
 2017-05-11 19:59:22 +02:00
Jos de Jong
3f890c9a1a Merge pull request #848 from tetslee/simplifyTerminate 
Fix terminate condition of simplify to avoid endless loops
 2017-05-11 19:56:28 +02:00
Timothy Lee
8c92deb1c3 Added derivative of abs 2017-05-10 17:24:15 +09:30
Timothy Lee
4762493861 Typo 2017-05-10 10:24:47 +09:30
jos
de10818546 Merge branch 'redundantwildcard' of https://github.com/tetslee/mathjs into tetslee-redundantwildcard 
# Conflicts:
#	lib/function/algebra/simplify.js
 2017-05-09 20:24:04 +02:00
jos
c92df8eb30 Updated history 2017-05-09 20:18:34 +02:00
Jos de Jong
71221b75df Merge pull request #840 from tetslee/fix838 
Fixed simplify to recognize named constants
 2017-05-09 20:12:28 +02:00
Jos de Jong
3ea3eb7273 Merge pull request #841 from tetslee/fix813 
Stop simplify converting numbers to inexact Fractions
 2017-05-09 20:07:57 +02:00
Timothy Lee
aaeb2ebc28 Fix terminate condition of simplify to avoid endless loops 2017-05-09 17:59:58 +09:30
Timothy Lee
89c32b84bf Remove redundant rule wildcard variable 'C' from simplify 2017-05-09 16:01:28 +09:30
Timothy Lee
02f01adf3c Added support for BigNumbers to simplify 2017-05-09 13:20:32 +09:30
Jos de Jong
dc37aa3c49 Merge pull request #845 from tetslee/docsimplify 
Added some more documentation for simplify rules
 2017-05-08 20:01:47 +02:00
jos
41b0f5138b Expose BASE_DIMENSIONS on Unit 2017-05-08 20:00:43 +02:00
jos
dd170891ec Updated history 2017-05-08 19:57:45 +02:00
Jos de Jong
0dfd667d0d Merge pull request #839 from slavaGanzin/master 
cli: inline evaluate
 2017-05-08 19:55:16 +02:00
slavaGanzin
fa3aa92156 add tests 2017-05-08 15:15:20 +03:00
Timothy Lee
6f2b5efaac Disallow implicitly converting a number to a fraction that is not an exact representation 2017-05-08 15:58:06 +09:30
Timothy Lee
82095ebc19 Revert "Changed multiply to only output Fractions when both arguments can be exactly represented as Fractions" 
This reverts commit f3cb41864582b2dc8b07c07d4c22d6c313bcc114.
 2017-05-08 15:57:19 +09:30
Timothy Lee
6792ab5974 Added some more documentation for simplify rules 2017-05-08 13:32:53 +09:30
Timothy Lee
158adc1861 Added support for more constants in simplify 2017-05-08 12:56:56 +09:30