rehype-autolink-headings - npm Package Compare versions

Comparing version 2.0.5 to 3.0.0

package.json

 {
   "name": "rehype-autolink-headings",
-  "version": "2.0.5",
+  "version": "3.0.0",
   "description": "rehype plugin to add links to headings",
@@ -9,2 +9,3 @@ "license": "MIT",
     "rehype",
+    "rehype-plugin",
     "plugin",
@@ -17,2 +18,6 @@ "heading",
   "bugs": "https://github.com/rehypejs/rehype-autolink-headings/issues",
+  "funding": {
+    "type": "opencollective",
+    "url": "https://opencollective.com/unified"
+  },
   "author": "Titus Wormer <tituswormer@gmail.com> (https://wooorm.com)",
@@ -29,3 +34,3 @@ "contributors": [
     "hast-util-is-element": "^1.0.0",
-    "unist-util-visit": "^1.1.0"
+    "unist-util-visit": "^2.0.0"
   },
@@ -37,11 +42,11 @@ "devDependencies": {
     "negate": "^1.0.0",
-    "nyc": "^14.0.0",
+    "nyc": "^15.0.0",
     "prettier": "^1.0.0",
-    "rehype": "^7.0.0",
-    "remark-cli": "^6.0.0",
-    "remark-preset-wooorm": "^5.0.0",
+    "rehype": "^9.0.0",
+    "remark-cli": "^7.0.0",
+    "remark-preset-wooorm": "^6.0.0",
     "tape": "^4.0.0",
     "tinyify": "^2.0.0",
     "to-vfile": "^6.0.0",
-    "xo": "^0.24.0"
+    "xo": "^0.28.0"
   },
@@ -48,0 +53,0 @@ "scripts": {

readme.md

@@ -91,5 +91,18 @@ # rehype-autolink-headings
 
+## Security
+
+Use of `rehype-autolink-headings` can open you up to a
+[cross-site scripting (XSS)][xss] attack if you pass user provided content in
+`properties` or `content`.
+
+Always be wary of user input and use [`rehype-sanitize`][sanitize].
+
 ## Related
 
 *   [`rehype-slug`](https://github.com/rehypejs/rehype-slug)
+    — Add `id`s to headings
+*   [`rehype-highlight`](https://github.com/rehypejs/rehype-highlight)
+    — Syntax highlight code blocks
+*   [`rehype-toc`](https://github.com/JS-DevTools/rehype-toc)
+    — Add a table of contents (TOC)
 
@@ -102,4 +115,4 @@ ## Contribute
 
-This project has a [Code of Conduct][coc].
-By interacting with this repository, organisation, or community you agree to
+This project has a [code of conduct][coc].
+By interacting with this repository, organization, or community you agree to
 abide by its terms.
@@ -135,3 +148,3 @@
 
-[chat-badge]: https://img.shields.io/badge/join%20the%20community-on%20spectrum-7b16ff.svg
+[chat-badge]: https://img.shields.io/badge/chat-spectrum-7b16ff.svg
 
@@ -155,1 +168,5 @@ [chat]: https://spectrum.chat/unified/rehype
 [rehype]: https://github.com/rehypejs/rehype
+
+[xss]: https://en.wikipedia.org/wiki/Cross-site_scripting
+
+[sanitize]: https://github.com/rehypejs/rehype-sanitize

New alerts

License Policy Violation

License

This package is not allowed per your license policy. Review the package's license to ensure compliance.

Found 1 instance in 1 package

Fixed alerts

License Policy Violation

License

This package is not allowed per your license policy. Review the package's license to ensure compliance.

Found 1 instance in 1 package

Improved metrics

Total package byte prevSize

9558

increased by7.82%

Number of lines in readme file

169

increased by11.18%

Dependency changes

• + Added@types/unist@2.0.11(transitive)

• + Addedunist-util-is@4.1.0(transitive)

• + Addedunist-util-visit@2.0.3(transitive)

• + Addedunist-util-visit-parents@3.1.1(transitive)

• - Removedunist-util-is@3.0.0(transitive)

• - Removedunist-util-visit@1.4.1(transitive)

• - Removedunist-util-visit-parents@2.1.2(transitive)

• Updatedunist-util-visit@^2.0.0