remark-embed-images
Advanced tools
remark-embed-images - npm Package Compare versions
Comparing version 1.0.2 to 2.0.0
| { | ||
| "name": "remark-embed-images", | ||
| "version": "1.0.2", | ||
| "version": "2.0.0", | ||
| "description": "remark plugin to embed images with data URIs, inlining base64-encoded sources", | ||
@@ -9,2 +9,3 @@ "license": "MIT", | ||
| "remark", | ||
| "remark-plugin", | ||
| "plugin", | ||
@@ -20,2 +21,6 @@ "mdast", | ||
| "bugs": "https://github.com/remarkjs/remark-embed-images/issues", | ||
| "funding": { | ||
| "type": "opencollective", | ||
| "url": "https://opencollective.com/unified" | ||
| }, | ||
| "author": "David Herges <david@spektrakel.de> (https://spektrakel.de)", | ||
@@ -31,16 +36,16 @@ "contributors": [ | ||
| "mime": "^2.3.1", | ||
| "unist-util-visit": "^1.0.0" | ||
| "unist-util-visit": "^2.0.0" | ||
| }, | ||
| "devDependencies": { | ||
| "browserify": "^16.0.0", | ||
| "nyc": "^14.0.0", | ||
| "prettier": "^1.0.0", | ||
| "remark": "^10.0.0", | ||
| "remark-cli": "^6.0.0", | ||
| "remark-html": "^9.0.0", | ||
| "remark-preset-wooorm": "^5.0.0", | ||
| "nyc": "^15.0.0", | ||
| "prettier": "^2.0.0", | ||
| "remark": "^11.0.0", | ||
| "remark-cli": "^7.0.0", | ||
| "remark-html": "^10.0.0", | ||
| "remark-preset-wooorm": "^6.0.0", | ||
| "tape": "^4.0.0", | ||
| "tinyify": "^2.0.0", | ||
| "to-vfile": "^6.0.0", | ||
| "xo": "^0.24.0" | ||
| "xo": "^0.28.0" | ||
| }, | ||
@@ -47,0 +52,0 @@ "scripts": { |
@@ -58,2 +58,9 @@ # remark-embed-images | ||
| ## Security | ||
| Although this plugin should be safe to use, always be careful with user input. | ||
| For example, it’s possible to hide JavaScript inside images (such as GIFs, | ||
| WebPs, and SVGs). | ||
| User provided images open you up to a [cross-site scripting (XSS)][xss] attack. | ||
| ## Contribute | ||
@@ -65,4 +72,4 @@ | ||
| This project has a [Code of Conduct][coc]. | ||
| By interacting with this repository, organisation, or community you agree to | ||
| This project has a [code of conduct][coc]. | ||
| By interacting with this repository, organization, or community you agree to | ||
| abide by its terms. | ||
@@ -98,3 +105,3 @@ | ||
| [chat-badge]: https://img.shields.io/badge/join%20the%20community-on%20spectrum-7b16ff.svg | ||
| [chat-badge]: https://img.shields.io/badge/chat-spectrum-7b16ff.svg | ||
@@ -120,1 +127,3 @@ [chat]: https://spectrum.chat/unified/remark | ||
| [foo.png]: test/fixtures/foo.png | ||
| [xss]: https://en.wikipedia.org/wiki/Cross-site_scripting |
New alerts
License Policy Violation
LicenseThis package is not allowed per your license policy. Review the package's license to ensure compliance.
Found 1 instance in 1 package
Fixed alerts
License Policy Violation
LicenseThis package is not allowed per your license policy. Review the package's license to ensure compliance.
Found 1 instance in 1 package
Improved metrics
- Total package byte prevSize
- increased by6.24%
7223
- Number of lines in readme file
- increased by7.69%
126
Dependency changes
+ Added@types/unist@2.0.11(transitive)
+ Addedunist-util-is@4.1.0(transitive)
+ Addedunist-util-visit@2.0.3(transitive)
+ Addedunist-util-visit-parents@3.1.1(transitive)
- Removedunist-util-is@3.0.0(transitive)
- Removedunist-util-visit@1.4.1(transitive)
- Removedunist-util-visit-parents@2.1.2(transitive)
Updatedunist-util-visit@^2.0.0