Mini-racer

Latest version: v0.12.4

Safety actively analyzes 687881 Python packages for vulnerabilities to keep your Python projects secure.

Scan your dependencies

Page 1 of 7

0.12.4

- Upgrade to V8 12.6 from 12.4.

0.12.3

- Fix potential hang if JavaScript calls a function produced by `wrap_py_function` while
we're tearing it down.

0.12.2

- Add optional context manager and `.close()` semantics to Python `MiniRacer` class.

- Fixed a potential hang on MiniRacer teardown if MiniRacer is executing a microtask
which loops infinitely.

- Switch C++ side of MiniRacer to a more straightforward object lifecycle management
model.

0.12.1

- Update to V8 12.4. This includes fixes for CVE-2024-3159, CVE-2024-3156, and
CVE-2024-2625. These vulnerabilities in V8 would impact PyMiniRacer users who are
running untrusted and adversarial JavaScript code.

0.12.0

Not secure
- Added support for installing callbacks from JS back into Python, using
MiniRacer.wrap_py_function.

- Refactored the Python implementation into many internal files. This should mostly not
present a breaking change, except for code which reaches into internal
(`_`-prefixed) variables.

0.11.1

Not secure
- Fixed Python crash on long-running microtasks, introduced in v0.8.1 (before which
long-running microtasks would probably not run at all).

- Fixed memory leak on the exception object reported when an `eval` times out.

- Hardened the memory management of JS value interchange, context tracking, and
asynchronous task tracking between C++ and Python.

- Added exhaustive typing (now with a MyPy pre-commit to verify!)

- Added a test asserting that [the v8 sandbox](https://v8.dev/blog/sandbox) is enabled
on all platforms we build wheels for.

Page 1 of 7

© 2024 Safety CLI Cybersecurity Inc. All Rights Reserved.