jsdom - npm Package Compare versions
@@ -27,5 +27,13 @@ "use strict"; | ||
| core.CSSRule = cssom.CSSRule; | ||
| core.CSSGroupingRule = cssom.CSSGroupingRule; | ||
| core.CSSNestedDeclarations = cssom.CSSNestedDeclarations; | ||
| core.CSSStyleRule = cssom.CSSStyleRule; | ||
| core.CSSMediaRule = cssom.CSSMediaRule; | ||
| core.CSSImportRule = cssom.CSSImportRule; | ||
| core.CSSConditionRule = cssom.CSSConditionRule; | ||
| core.CSSContainerRule = cssom.CSSContainerRule; | ||
| core.CSSScopeRule = cssom.CSSScopeRule; | ||
| core.CSSSupportsRule = cssom.CSSSupportsRule; | ||
| core.CSSLayerBlockRule = cssom.CSSLayerBlockRule; | ||
| core.CSSLayerStatementRule = cssom.CSSLayerStatementRule; | ||
| core.CSSStyleDeclaration = cssstyle.CSSStyleDeclaration; | ||
@@ -32,0 +40,0 @@ |
@@ -116,3 +116,15 @@ "use strict"; | ||
| if (rule.media) { | ||
| if (indexOf.call(rule.media, "screen") !== -1) { | ||
| if (rule.constructor.name === "CSSImportRule") { | ||
| // Handle @import rules if: | ||
| // - imported sheet loaded successfully | ||
| // - media is empty or matches "screen" | ||
| if (rule.styleSheet !== null && (rule.media.length === 0 || indexOf.call(rule.media, "screen") !== -1)) { | ||
| forEach.call(rule.styleSheet.cssRules, innerRule => { | ||
| if (matches(innerRule, elementImpl)) { | ||
| handleRule(innerRule); | ||
| } | ||
| }); | ||
| } | ||
| // Keep handling @media rules only if media matches "screen" | ||
| } else if (indexOf.call(rule.media, "screen") !== -1) { | ||
| forEach.call(rule.cssRules, innerRule => { | ||
@@ -119,0 +131,0 @@ if (matches(innerRule, elementImpl)) { |
@@ -9,3 +9,3 @@ "use strict"; | ||
| // It (and the things it calls) is nowhere close right now. | ||
| exports.fetchStylesheet = (elementImpl, urlString) => { | ||
| exports.fetchStylesheet = (elementImpl, urlString, importRule) => { | ||
| const document = elementImpl._ownerDocument; | ||
@@ -28,6 +28,15 @@ let defaultEncoding = document._encoding; | ||
| // TODO: MIME type checking? | ||
| if (elementImpl.sheet) { | ||
| if (!importRule && elementImpl.sheet) { | ||
| exports.removeStylesheet(elementImpl.sheet, elementImpl); | ||
| } | ||
| exports.createStylesheet(css, elementImpl, urlString); | ||
| const createdSheet = exports.createStylesheet(css, elementImpl, urlString); | ||
| if (importRule) { | ||
| // According to the spec, we don't add the stylesheet to the document's | ||
| // stylesheet list when it's loaded via an @import rule. | ||
| importRule.styleSheet.cssRules = createdSheet.cssRules; | ||
| } else { | ||
| exports.addStylesheet(createdSheet, elementImpl); | ||
| } | ||
| } | ||
@@ -75,7 +84,7 @@ | ||
| addStylesheet(sheet, elementImpl); | ||
| return sheet; | ||
| }; | ||
| // https://drafts.csswg.org/cssom/#add-a-css-style-sheet | ||
| function addStylesheet(sheet, elementImpl) { | ||
| exports.addStylesheet = (sheet, elementImpl) => { | ||
| elementImpl._ownerDocument.styleSheets._add(sheet); | ||
@@ -89,5 +98,4 @@ | ||
| // TODO: title and disabled stuff | ||
| } | ||
| }; | ||
| // TODO this is actually really messed up and overwrites the sheet on elementImpl | ||
| // Tracking in https://github.com/jsdom/jsdom/issues/2124 | ||
@@ -129,3 +137,3 @@ function scanForImportRules(elementImpl, cssRules, baseURLString) { | ||
| if (parsed) { | ||
| exports.fetchStylesheet(elementImpl, parsed.href); | ||
| exports.fetchStylesheet(elementImpl, parsed.href, cssRules[i]); | ||
| } | ||
@@ -132,0 +140,0 @@ } |
| "use strict"; | ||
| const HTMLElementImpl = require("./HTMLElement-impl").implementation; | ||
| const { removeStylesheet, createStylesheet } = require("../helpers/stylesheets"); | ||
| const { addStylesheet, removeStylesheet, createStylesheet } = require("../helpers/stylesheets"); | ||
| const { childTextContent } = require("../helpers/text"); | ||
@@ -67,3 +67,4 @@ const { asciiCaseInsensitiveMatch } = require("../helpers/strings"); | ||
| // Not implemented: a bunch of other state, e.g. title/media attributes | ||
| createStylesheet(content, this, this._ownerDocument.baseURLSerialized()); | ||
| const createdSheet = createStylesheet(content, this, this._ownerDocument.baseURLSerialized()); | ||
| addStylesheet(createdSheet, this); | ||
| } | ||
@@ -70,0 +71,0 @@ } |
+7
-7
| { | ||
| "name": "jsdom", | ||
| "version": "27.1.0", | ||
| "version": "27.2.0", | ||
| "description": "A JavaScript implementation of many web standards", | ||
@@ -26,5 +26,5 @@ "keywords": [ | ||
| "dependencies": { | ||
| "@acemir/cssom": "^0.9.19", | ||
| "@asamuzakjp/dom-selector": "^6.7.3", | ||
| "cssstyle": "^5.3.2", | ||
| "@acemir/cssom": "^0.9.23", | ||
| "@asamuzakjp/dom-selector": "^6.7.4", | ||
| "cssstyle": "^5.3.3", | ||
| "data-urls": "^6.0.0", | ||
@@ -59,8 +59,8 @@ "decimal.js": "^10.6.0", | ||
| "benchmark": "^2.1.4", | ||
| "eslint": "^9.37.0", | ||
| "eslint": "^9.39.1", | ||
| "eslint-plugin-html": "^8.1.3", | ||
| "globals": "^16.4.0", | ||
| "globals": "^16.5.0", | ||
| "js-yaml": "^4.1.0", | ||
| "minimatch": "^10.1.1", | ||
| "mocha": "^11.7.4", | ||
| "mocha": "^11.7.5", | ||
| "mocha-sugar-free": "^1.4.0", | ||
@@ -67,0 +67,0 @@ "npm-run-all2": "^8.0.4", |
New alerts
Network access
Supply chain riskThis module accesses the network.
Found 5 instances in 1 package
Shell access
Supply chain riskThis module accesses the system shell. Accessing the system shell increases the risk of executing arbitrary code.
Found 1 instance in 1 package
Uses eval
Supply chain riskPackage uses dynamic code execution (e.g., eval()), which is a dangerous practice. This can prevent the code from running in certain environments and increases the risk that the code may contain exploits or malicious behavior.
Found 2 instances in 1 package
Debug access
Supply chain riskUses debug, reflection and dynamic code execution features.
Found 1 instance in 1 package
Dynamic require
Supply chain riskDynamic require can indicate the package is performing dangerous or unsafe dynamic code execution.
Found 1 instance in 1 package
Filesystem access
Supply chain riskAccesses the file system, and could potentially read sensitive data.
Found 1 instance in 1 package
Long strings
Supply chain riskContains long string literals, which may be a sign of obfuscated or packed code.
Found 1 instance in 1 package
URL strings
Supply chain riskPackage contains fragments of external URLs or IP addresses, which the package may be accessing at runtime.
Found 1 instance in 1 package
Fixed alerts
Network access
Supply chain riskThis module accesses the network.
Found 5 instances in 1 package
Shell access
Supply chain riskThis module accesses the system shell. Accessing the system shell increases the risk of executing arbitrary code.
Found 1 instance in 1 package
Uses eval
Supply chain riskPackage uses dynamic code execution (e.g., eval()), which is a dangerous practice. This can prevent the code from running in certain environments and increases the risk that the code may contain exploits or malicious behavior.
Found 2 instances in 1 package
Debug access
Supply chain riskUses debug, reflection and dynamic code execution features.
Found 1 instance in 1 package
Dynamic require
Supply chain riskDynamic require can indicate the package is performing dangerous or unsafe dynamic code execution.
Found 1 instance in 1 package
Filesystem access
Supply chain riskAccesses the file system, and could potentially read sensitive data.
Found 1 instance in 1 package
Long strings
Supply chain riskContains long string literals, which may be a sign of obfuscated or packed code.
Found 1 instance in 1 package
URL strings
Supply chain riskPackage contains fragments of external URLs or IP addresses, which the package may be accessing at runtime.
Found 1 instance in 1 package
Improved metrics
- Total package byte prevSize
3288235
0.04%- Lines of code
87480
0.03%Dependency changes
Updated
@acemir/cssom@^0.9.23Updated
cssstyle@^5.3.3