jsdom - npm Package Compare versions
| "use strict"; | ||
| const cssom = require("@acemir/cssom"); | ||
| const cssstyle = require("cssstyle"); | ||
@@ -22,2 +21,3 @@ | ||
| // loaded, or only the primary sheet? | ||
| const cssom = require("@acemir/cssom").setup({ globalObject: core._globalObject }); | ||
@@ -24,0 +24,0 @@ core.StyleSheet = cssom.StyleSheet; |
@@ -31,9 +31,13 @@ "use strict"; | ||
| const createdSheet = exports.createStylesheet(css, elementImpl, urlString); | ||
| if (importRule) { | ||
| // According to the spec, we don't add the stylesheet to the document's | ||
| // stylesheet list when it's loaded via an @import rule. | ||
| importRule.styleSheet.cssRules = createdSheet.cssRules; | ||
| exports.createStylesheet(css, elementImpl, urlString, { | ||
| ownerRule: importRule, | ||
| styleSheet: importRule.styleSheet | ||
| }); | ||
| } else { | ||
| const createdSheet = exports.createStylesheet(css, elementImpl, urlString, { | ||
| ownerNode: elementImpl | ||
| }); | ||
| exports.addStylesheet(createdSheet, elementImpl); | ||
@@ -70,4 +74,7 @@ } | ||
| // - The import rules stuff seems out of place, and probably should affect the load event... | ||
| exports.createStylesheet = (sheetText, elementImpl, baseURLString) => { | ||
| const sheet = cssom.parse(sheetText, { globalObject: elementImpl._globalObject }, err => { | ||
| exports.createStylesheet = (sheetText, elementImpl, baseURLString, parserOptions) => { | ||
| const sheet = cssom.parse(sheetText, { | ||
| globalObject: elementImpl._globalObject, | ||
| ...parserOptions | ||
| }, err => { | ||
| if (elementImpl._ownerDocument._defaultView) { | ||
@@ -74,0 +81,0 @@ const error = new Error("Could not parse CSS stylesheet", { cause: err }); |
@@ -67,3 +67,5 @@ "use strict"; | ||
| // Not implemented: a bunch of other state, e.g. title/media attributes | ||
| const createdSheet = createStylesheet(content, this, this._ownerDocument.baseURLSerialized()); | ||
| const createdSheet = createStylesheet(content, this, this._ownerDocument.baseURLSerialized(), { | ||
| ownerNode: this | ||
| }); | ||
| addStylesheet(createdSheet, this); | ||
@@ -70,0 +72,0 @@ } |
+5
-5
| { | ||
| "name": "jsdom", | ||
| "version": "27.2.0", | ||
| "version": "27.3.0", | ||
| "description": "A JavaScript implementation of many web standards", | ||
@@ -26,5 +26,5 @@ "keywords": [ | ||
| "dependencies": { | ||
| "@acemir/cssom": "^0.9.23", | ||
| "@asamuzakjp/dom-selector": "^6.7.4", | ||
| "cssstyle": "^5.3.3", | ||
| "@acemir/cssom": "^0.9.28", | ||
| "@asamuzakjp/dom-selector": "^6.7.6", | ||
| "cssstyle": "^5.3.4", | ||
| "data-urls": "^6.0.0", | ||
@@ -62,3 +62,3 @@ "decimal.js": "^10.6.0", | ||
| "globals": "^16.5.0", | ||
| "js-yaml": "^4.1.0", | ||
| "js-yaml": "^4.1.1", | ||
| "minimatch": "^10.1.1", | ||
@@ -65,0 +65,0 @@ "mocha": "^11.7.5", |
New alerts
Network access
Supply chain riskThis module accesses the network.
Found 5 instances in 1 package
Shell access
Supply chain riskThis module accesses the system shell. Accessing the system shell increases the risk of executing arbitrary code.
Found 1 instance in 1 package
Uses eval
Supply chain riskPackage uses dynamic code execution (e.g., eval()), which is a dangerous practice. This can prevent the code from running in certain environments and increases the risk that the code may contain exploits or malicious behavior.
Found 2 instances in 1 package
Debug access
Supply chain riskUses debug, reflection and dynamic code execution features.
Found 1 instance in 1 package
Dynamic require
Supply chain riskDynamic require can indicate the package is performing dangerous or unsafe dynamic code execution.
Found 1 instance in 1 package
Filesystem access
Supply chain riskAccesses the file system, and could potentially read sensitive data.
Found 1 instance in 1 package
Long strings
Supply chain riskContains long string literals, which may be a sign of obfuscated or packed code.
Found 1 instance in 1 package
URL strings
Supply chain riskPackage contains fragments of external URLs or IP addresses, which the package may be accessing at runtime.
Found 1 instance in 1 package
Fixed alerts
Network access
Supply chain riskThis module accesses the network.
Found 5 instances in 1 package
Shell access
Supply chain riskThis module accesses the system shell. Accessing the system shell increases the risk of executing arbitrary code.
Found 1 instance in 1 package
Uses eval
Supply chain riskPackage uses dynamic code execution (e.g., eval()), which is a dangerous practice. This can prevent the code from running in certain environments and increases the risk that the code may contain exploits or malicious behavior.
Found 2 instances in 1 package
Debug access
Supply chain riskUses debug, reflection and dynamic code execution features.
Found 1 instance in 1 package
Dynamic require
Supply chain riskDynamic require can indicate the package is performing dangerous or unsafe dynamic code execution.
Found 1 instance in 1 package
Filesystem access
Supply chain riskAccesses the file system, and could potentially read sensitive data.
Found 1 instance in 1 package
Long strings
Supply chain riskContains long string literals, which may be a sign of obfuscated or packed code.
Found 1 instance in 1 package
URL strings
Supply chain riskPackage contains fragments of external URLs or IP addresses, which the package may be accessing at runtime.
Found 1 instance in 1 package
Improved metrics
- Total package byte prevSize
3288481
0.01%- Lines of code
87490
0.01%Dependency changes
Updated
@acemir/cssom@^0.9.28Updated
cssstyle@^5.3.4