html-parse-stringify
Advanced tools
Comparing version 2.0.2 to 2.0.3
{ | ||
"name": "html-parse-stringify", | ||
"description": "Parses well-formed HTML (meaning all tags closed) into an AST and back. quickly.", | ||
"version": "2.0.2", | ||
"version": "2.0.3", | ||
"author": "Henrik Joreteg <henrik@joreteg.com>", | ||
@@ -47,4 +47,5 @@ "bugs": { | ||
"prebuild": "rm -rf dist", | ||
"prepublish": "npm run build", | ||
"test": "tape -r esm test/* | tap-spec" | ||
} | ||
} |
@@ -138,2 +138,3 @@ # html-parse-stringify | ||
- `2.0.3` Fixed failed publish. Accidentally published an empty package :sweat_smile: | ||
- `2.0.2` Fixed incorrect attribution for vulnerability disclosure. The vulnerability was discovered by Yeting Li. Sam Sanoop was the one who reached out to me about it. | ||
@@ -140,0 +141,0 @@ - `2.0.1` Addressing a reported regular expression denial of service issue found by [Yeting Li](https://github.com/yetingli) and reported to me by [Sam Sanoop](https://twitter.com/snoopysecurity) of [Snyk](https://snyk.io/) THANK YOU!. The issue was that sending certain input would cause one of the regular expressions we used to lock up and not finish, freezing the process. See the test that was added for details. To be clear, this lib wasn't meant for parsing non-well formed HTML. But, better safe than sorry! So we're fixing it. |
License Policy Violation
LicenseThis package is not allowed per your license policy. Review the package's license to ensure compliance.
Found 1 instance in 1 package
Minified code
QualityThis package contains minified code. This may be harmless in some cases where minified code is included in packaged libraries, however packages on npm should not minify code.
Found 1 instance in 1 package
License Policy Violation
LicenseThis package is not allowed per your license policy. Review the package's license to ensure compliance.
Found 1 instance in 1 package
Empty package
Supply chain riskPackage does not contain any code. It may be removed, is name squatting, or the result of a faulty package publish.
Found 1 instance in 1 package
51702
10
37
151
0
2