admin/Moltbot
1
0
Fork 0
Code Issues Pull Requests Actions 1 Packages Projects Releases Wiki Activity
Files
265367d99bc8c2dd477ef39ed4cd0ced2eb82471
Moltbot/src/config/legacy.shared.test.ts

24 lines
850 B
TypeScript
Raw Blame History

import { afterEach, describe, expect, it } from "vitest";
import { mergeMissing } from "./legacy.shared.js";
describe("mergeMissing prototype pollution guard", () => {
afterEach(() => {
delete (Object.prototype as Record<string, unknown>).polluted;
});
it("ignores __proto__ keys without polluting Object.prototype", () => {
const target = { safe: { keep: true } } as Record<string, unknown>;
const source = JSON.parse('{"safe":{"next":1},"__proto__":{"polluted":true}}') as Record<
string,
unknown
>;
mergeMissing(target, source);
expect((target.safe as Record<string, unknown>).keep).toBe(true);
expect((target.safe as Record<string, unknown>).next).toBe(1);
expect(target.polluted).toBeUndefined();
expect((Object.prototype as Record<string, unknown>).polluted).toBeUndefined();
});
});
Reference in New Issue View Git Blame Copy Permalink