@mdx-js/mdx
Advanced tools
Comparing version 2.0.0-ci.4 to 2.0.0-ci.18
@@ -33,3 +33,12 @@ const astring = require('astring') | ||
state.write('=') | ||
this[node.value.type](node.value, state) | ||
// Encode double quotes in attribute values. | ||
if (node.value.type === 'Literal') { | ||
state.write( | ||
'"' + encodeJsx(String(node.value.value)).replace(/"/g, '"') + '"', | ||
node | ||
) | ||
} else { | ||
this[node.value.type](node.value, state) | ||
} | ||
} | ||
@@ -149,1 +158,17 @@ } | ||
} | ||
/** | ||
* Make sure that character references don’t pop up. | ||
* For example, the text `©` should stay that way, and not turn into `©`. | ||
* We could encode all `&` (easy but verbose) or look for actual valid | ||
* references (complex but cleanest output). | ||
* Looking for the 2nd character gives us a middle ground. | ||
* The `#` is for (decimal and hexadecimal) numeric references, the letters | ||
* are for the named references. | ||
* | ||
* @param {string} value | ||
* @returns {string} | ||
*/ | ||
function encodeJsx(value) { | ||
return value.replace(/&(?=[#a-z])/gi, '&') | ||
} |
{ | ||
"name": "@mdx-js/mdx", | ||
"version": "2.0.0-ci.4+09ba5d04", | ||
"version": "2.0.0-ci.18+3a965dbb", | ||
"description": "Parse MDX and transpile to JSX", | ||
@@ -54,3 +54,3 @@ "repository": "mdx-js/mdx", | ||
"rehype-minify-whitespace": "^4.0.0", | ||
"remark-mdx": "2.0.0-ci.4+09ba5d04", | ||
"remark-mdx": "2.0.0-ci.18+3a965dbb", | ||
"remark-parse": "^9.0.0", | ||
@@ -67,3 +67,3 @@ "remark-squeeze-paragraphs": "^4.0.0", | ||
}, | ||
"gitHead": "09ba5d0415abbfc85a0d01c194ad2ec095af80af" | ||
"gitHead": "3a965dbb51d4baa9fa4a5f9916886cfd4c4309e6" | ||
} |
License Policy Violation
LicenseThis package is not allowed per your license policy. Review the package's license to ensure compliance.
Found 1 instance in 1 package
Manifest confusion
Supply chain riskThis package has inconsistent metadata. This could be malicious or caused by an error when publishing the package.
Found 1 instance in 1 package
License Policy Violation
LicenseThis package is not allowed per your license policy. Review the package's license to ensure compliance.
Found 1 instance in 1 package
Manifest confusion
Supply chain riskThis package has inconsistent metadata. This could be malicious or caused by an error when publishing the package.
Found 1 instance in 1 package
25591
677