playwright-core - npm Package Compare versions

Comparing version 1.51.0-beta-1740773665000 to 1.52.0-alpha-1741100475000

browsers.json

@@ -18,15 +18,15 @@ {
       "name": "chromium-tip-of-tree",
-      "revision": "1304",
+      "revision": "1306",
       "installByDefault": false,
-      "browserVersion": "135.0.7021.0"
+      "browserVersion": "135.0.7035.0"
     },
     {
       "name": "chromium-tip-of-tree-headless-shell",
-      "revision": "1304",
+      "revision": "1306",
       "installByDefault": false,
-      "browserVersion": "135.0.7021.0"
+      "browserVersion": "135.0.7035.0"
     },
     {
       "name": "firefox",
-      "revision": "1475",
+      "revision": "1476",
       "installByDefault": true,
@@ -37,3 +37,3 @@ "browserVersion": "135.0"
       "name": "firefox-beta",
-      "revision": "1471",
+      "revision": "1472",
       "installByDefault": false,
@@ -44,3 +44,3 @@ "browserVersion": "136.0b4"
       "name": "webkit",
-      "revision": "2140",
+      "revision": "2141",
       "installByDefault": true,
@@ -56,2 +56,4 @@ "revisionOverrides": {
         "mac12-arm64": "2009",
+        "mac13": "2140",
+        "mac13-arm64": "2140",
         "ubuntu20.04-x64": "2092",
@@ -58,0 +60,0 @@ "ubuntu20.04-arm64": "2092"

lib/utils/isomorphic/urlMatch.js

@@ -57,11 +57,2 @@ "use strict";
     switch (c) {
-      case '?':
-        tokens.push('.');
-        break;
-      case '[':
-        tokens.push('[');
-        break;
-      case ']':
-        tokens.push(']');
-        break;
       case '{':
@@ -101,3 +92,26 @@ inGroup = true;
     if (baseURL && /^https?:\/\//.test(baseURL) && /^wss?:\/\//.test(urlString)) baseURL = baseURL.replace(/^http/, 'ws');
-    match = constructURLBasedOnBaseURL(baseURL, match);
+    const tokenMap = new Map();
+    function mapToken(original, replacement) {
+      if (original.length === 0) return '';
+      tokenMap.set(replacement, original);
+      return replacement;
+    }
+    // Escaped `\\?` behaves the same as `?` in our glob patterns.
+    match = match.replaceAll(/\\\\\?/g, '?');
+    // Glob symbols may be escaped in the URL and some of them such as ? affect resolution,
+    // so we replace them with safe components first.
+    const relativePath = match.split('/').map((token, index) => {
+      if (token === '.' || token === '..' || token === '') return token;
+      // Handle special case of http*://, note that the new schema has to be
+      // a web schema so that slashes are properly inserted after domain.
+      if (index === 0 && token.endsWith(':')) return mapToken(token, 'http:');
+      const questionIndex = token.indexOf('?');
+      if (questionIndex === -1) return mapToken(token, `$_${index}_$`);
+      const newPrefix = mapToken(token.substring(0, questionIndex), `$_${index}_$`);
+      const newSuffix = mapToken(token.substring(questionIndex), `?$_${index}_$`);
+      return newPrefix + newSuffix;
+    }).join('/');
+    let resolved = constructURLBasedOnBaseURL(baseURL, relativePath);
+    for (const [token, original] of tokenMap) resolved = resolved.replace(token, original);
+    match = resolved;
   }
@@ -104,0 +118,0 @@ if ((0, _stringUtils.isString)(match)) match = globToRegex(match);

package.json

 {
   "name": "playwright-core",
-  "version": "1.51.0-beta-1740773665000",
+  "version": "1.52.0-alpha-1741100475000",
   "description": "A high-level API to automate web browsers",
@@ -5,0 +5,0 @@ "repository": {

New alerts

Potential vulnerability

Supply chain risk

Initial human review suggests the presence of a vulnerability in this package. It is pending further analysis and confirmation.

Found 1 instance in 1 package

Improved metrics

Total package byte prevSize

7935666

increased by0.02%

Lines of code

110930

increased by0.01%

Worsened metrics

Number of medium supply chain risk alerts

59

increased by1.72%

No dependency changes