New Case Study:See how Anthropic automated 95% of dependency reviews with Socket.Learn More →
cssfilter - npm Package Compare versions
Comparing version 0.0.4 to 0.0.5
@@ -57,3 +57,3 @@ /** | ||
| else if (typeof check === 'function') isWhite = check(value); | ||
| else if (check instanceof RegExp) isWhite = check.test(val); | ||
| else if (check instanceof RegExp) isWhite = check.test(value); | ||
| if (isWhite !== true) isWhite = false; | ||
@@ -60,0 +60,0 @@ |
| { | ||
| "name": "cssfilter", | ||
| "version": "0.0.4", | ||
| "version": "0.0.5", | ||
| "description": "Sanitize untrusted CSS with a configuration specified by a Whitelist. 根据白名单过滤CSS", | ||
| "main": "index.js", | ||
| "main": "lib/index.js", | ||
| "scripts": { | ||
@@ -10,3 +10,3 @@ "blanket": { | ||
| }, | ||
| "test": "./node_modules/mocha/bin/mocha --require blanket -R html-cov > coverage.html -t 5000" | ||
| "test": "mocha --require blanket -R html-cov > coverage.html -t 5000 && mocha -t 5000 && testling -x open" | ||
| }, | ||
@@ -44,4 +44,18 @@ "repository": { | ||
| "should": "^6.0.1", | ||
| "testling": "^1.7.1", | ||
| "uglify-js": "^2.4.20" | ||
| }, | ||
| "testling": { | ||
| "preprocess": "./build", | ||
| "harness": "mocha-bdd", | ||
| "files": "test/*.js", | ||
| "browsers": [ | ||
| "ie/6..latest", | ||
| "firefox/latest", | ||
| "chrome/latest", | ||
| "safari/5..latest", | ||
| "opera/11", | ||
| "opera/next" | ||
| ] | ||
| } | ||
| } |
@@ -0,1 +1,6 @@ | ||
| [](http://badge.fury.io/js/xss) | ||
| [](http://travis-ci.org/leizongmin/js-css-filter) | ||
| [](https://david-dm.org/leizongmin/js-css-filter) | ||
| [](https://ci.testling.com/leizongmin/js-css-filter) | ||
| # cssfilter | ||
@@ -33,3 +38,3 @@ Sanitize untrusted CSS with a configuration specified by a Whitelist. 根据白名单过滤CSS | ||
| }, | ||
| d: false // 除以上三张外,所有值均表示不允许 | ||
| d: false // 除以上三个以外,所有值均表示不允许 | ||
| }, | ||
@@ -53,3 +58,4 @@ // 当匹配到一个在白名单中的属性时 | ||
| // then apply mycss.process() | ||
| html = mycss.process('position:fixed; width:100px; height:100px; background:#aaa;'); | ||
| css = mycss.process('position:fixed; width:100px; height:100px; background:#aaa;'); | ||
| console.log(css); | ||
| ``` | ||
@@ -56,0 +62,0 @@ |
Sorry, the diff of this file is not supported yet
New alerts
Dynamic require
Supply chain riskDynamic require can indicate the package is performing dangerous or unsafe dynamic code execution.
Found 1 instance in 1 package
Minified code
QualityThis package contains minified code. This may be harmless in some cases where minified code is included in packaged libraries, however packages on npm should not minify code.
Found 1 instance in 1 package
Improved metrics
- Total package byte prevSize
77271
117.63%- Number of package files
14
27.27%- Lines of code
1284
83.43%- Number of lines in readme file
87
7.41%Worsened metrics
- Dev dependency count
6
20%- Number of low quality alerts
2
100%- Number of low supply chain risk alerts
4
Infinity%No dependency changes