jsdom - npm Package Compare versions
@@ -177,3 +177,3 @@ { | ||
| }, | ||
| "Float32Array": { | ||
| "BigUint64Array": { | ||
| "writable": true, | ||
@@ -183,3 +183,3 @@ "enumerable": false, | ||
| }, | ||
| "Float64Array": { | ||
| "BigInt64Array": { | ||
| "writable": true, | ||
@@ -194,3 +194,3 @@ "enumerable": false, | ||
| }, | ||
| "BigUint64Array": { | ||
| "Float32Array": { | ||
| "writable": true, | ||
@@ -200,3 +200,3 @@ "enumerable": false, | ||
| }, | ||
| "BigInt64Array": { | ||
| "Float64Array": { | ||
| "writable": true, | ||
@@ -226,2 +226,7 @@ "enumerable": false, | ||
| }, | ||
| "Iterator": { | ||
| "writable": true, | ||
| "enumerable": false, | ||
| "configurable": true | ||
| }, | ||
| "WeakMap": { | ||
@@ -302,3 +307,3 @@ "writable": true, | ||
| }, | ||
| "Iterator": { | ||
| "SuppressedError": { | ||
| "writable": true, | ||
@@ -308,2 +313,17 @@ "enumerable": false, | ||
| }, | ||
| "DisposableStack": { | ||
| "writable": true, | ||
| "enumerable": false, | ||
| "configurable": true | ||
| }, | ||
| "AsyncDisposableStack": { | ||
| "writable": true, | ||
| "enumerable": false, | ||
| "configurable": true | ||
| }, | ||
| "Float16Array": { | ||
| "writable": true, | ||
| "enumerable": false, | ||
| "configurable": true | ||
| }, | ||
| "SharedArrayBuffer": { | ||
@@ -310,0 +330,0 @@ "writable": true, |
| "use strict"; | ||
| const cssom = require("rrweb-cssom"); | ||
| const cssom = require("@acemir/cssom"); | ||
| const cssstyle = require("cssstyle"); | ||
@@ -4,0 +4,0 @@ |
| "use strict"; | ||
| const cssom = require("rrweb-cssom"); | ||
| const cssom = require("@acemir/cssom"); | ||
| const path = require("path"); | ||
@@ -4,0 +4,0 @@ const fs = require("fs"); |
| "use strict"; | ||
| const cssom = require("rrweb-cssom"); | ||
| const cssom = require("@acemir/cssom"); | ||
| const whatwgEncoding = require("whatwg-encoding"); | ||
@@ -54,11 +54,12 @@ const whatwgURL = require("whatwg-url"); | ||
| // https://drafts.csswg.org/cssom/#create-a-css-style-sheet kinda: | ||
| // - Parsing failures are not handled gracefully like they should be | ||
| // - Parsing failures are now handled gracefully | ||
| // - Like the browser's behaviour, when css.parse() passes trough some invalid CSS | ||
| // it will try it's best to ignore the invalid parts without blocking the parsing operations | ||
| // returning a stylesheet with the valid parts only. | ||
| // - css.parse() now receives a funcion that we can use to handle the error as it's second argument | ||
| // - The import rules stuff seems out of place, and probably should affect the load event... | ||
| exports.createStylesheet = (sheetText, elementImpl, baseURLString) => { | ||
| let sheet; | ||
| try { | ||
| sheet = cssom.parse(sheetText); | ||
| } catch (cause) { | ||
| const sheet = cssom.parse(sheetText, { globalObject: elementImpl._globalObject }, err => { | ||
| if (elementImpl._ownerDocument._defaultView) { | ||
| const error = new Error("Could not parse CSS stylesheet", { cause }); | ||
| const error = new Error("Could not parse CSS stylesheet", { cause: err }); | ||
| error.sheetText = sheetText; | ||
@@ -69,4 +70,3 @@ error.type = "css-parsing"; | ||
| } | ||
| return; | ||
| } | ||
| }); | ||
@@ -73,0 +73,0 @@ scanForImportRules(elementImpl, sheet.cssRules, baseURLString); |
@@ -124,6 +124,4 @@ "use strict"; | ||
| // clear domSelector cached results on class change | ||
| if (name === "class") { | ||
| this._ownerDocument._domSelector.clear(); | ||
| } | ||
| // clear domSelector cached results on attribute change | ||
| this._ownerDocument._domSelector.clear(); | ||
@@ -130,0 +128,0 @@ this._attrModifiedSlotableMixin(name, value, oldValue); |
+6
-6
| { | ||
| "name": "jsdom", | ||
| "version": "27.0.1", | ||
| "version": "27.1.0", | ||
| "description": "A JavaScript implementation of many web standards", | ||
@@ -26,4 +26,5 @@ "keywords": [ | ||
| "dependencies": { | ||
| "@asamuzakjp/dom-selector": "^6.7.2", | ||
| "cssstyle": "^5.3.1", | ||
| "@acemir/cssom": "^0.9.19", | ||
| "@asamuzakjp/dom-selector": "^6.7.3", | ||
| "cssstyle": "^5.3.2", | ||
| "data-urls": "^6.0.0", | ||
@@ -36,3 +37,2 @@ "decimal.js": "^10.6.0", | ||
| "parse5": "^8.0.0", | ||
| "rrweb-cssom": "^0.8.0", | ||
| "saxes": "^6.0.0", | ||
@@ -64,3 +64,3 @@ "symbol-tree": "^3.2.4", | ||
| "js-yaml": "^4.1.0", | ||
| "minimatch": "^10.0.3", | ||
| "minimatch": "^10.1.1", | ||
| "mocha": "^11.7.4", | ||
@@ -94,4 +94,4 @@ "mocha-sugar-free": "^1.4.0", | ||
| "engines": { | ||
| "node": ">=20" | ||
| "node": "^20.19.0 || ^22.12.0 || >=24.0.0" | ||
| } | ||
| } |
+1
-1
@@ -8,3 +8,3 @@ <h1 align="center"> | ||
| The latest versions of jsdom require Node.js v20 or newer. | ||
| The latest versions of jsdom require newer Node.js versions; see the `package.json` `"engines"` field for details. | ||
@@ -11,0 +11,0 @@ ## Basic usage |
New alerts
Network access
Supply chain riskThis module accesses the network.
Found 5 instances in 1 package
Shell access
Supply chain riskThis module accesses the system shell. Accessing the system shell increases the risk of executing arbitrary code.
Found 1 instance in 1 package
Uses eval
Supply chain riskPackage uses dynamic code execution (e.g., eval()), which is a dangerous practice. This can prevent the code from running in certain environments and increases the risk that the code may contain exploits or malicious behavior.
Found 2 instances in 1 package
Debug access
Supply chain riskUses debug, reflection and dynamic code execution features.
Found 1 instance in 1 package
Dynamic require
Supply chain riskDynamic require can indicate the package is performing dangerous or unsafe dynamic code execution.
Found 1 instance in 1 package
Filesystem access
Supply chain riskAccesses the file system, and could potentially read sensitive data.
Found 1 instance in 1 package
Long strings
Supply chain riskContains long string literals, which may be a sign of obfuscated or packed code.
Found 1 instance in 1 package
URL strings
Supply chain riskPackage contains fragments of external URLs or IP addresses, which the package may be accessing at runtime.
Found 1 instance in 1 package
Fixed alerts
Network access
Supply chain riskThis module accesses the network.
Found 5 instances in 1 package
Shell access
Supply chain riskThis module accesses the system shell. Accessing the system shell increases the risk of executing arbitrary code.
Found 1 instance in 1 package
Uses eval
Supply chain riskPackage uses dynamic code execution (e.g., eval()), which is a dangerous practice. This can prevent the code from running in certain environments and increases the risk that the code may contain exploits or malicious behavior.
Found 2 instances in 1 package
Debug access
Supply chain riskUses debug, reflection and dynamic code execution features.
Found 1 instance in 1 package
Dynamic require
Supply chain riskDynamic require can indicate the package is performing dangerous or unsafe dynamic code execution.
Found 1 instance in 1 package
Filesystem access
Supply chain riskAccesses the file system, and could potentially read sensitive data.
Found 1 instance in 1 package
Long strings
Supply chain riskContains long string literals, which may be a sign of obfuscated or packed code.
Found 1 instance in 1 package
URL strings
Supply chain riskPackage contains fragments of external URLs or IP addresses, which the package may be accessing at runtime.
Found 1 instance in 1 package
Improved metrics
- Total package byte prevSize
3286895
0.02%- Lines of code
87453
0.02%- Number of low supply chain risk alerts
39
-2.5%Dependency changes
+ Added
@acemir/cssom@^0.9.19+ Added
@acemir/cssom@0.9.31(transitive)- Removed
rrweb-cssom@^0.8.0- Removed
rrweb-cssom@0.8.0(transitive)Updated
cssstyle@^5.3.2