Socket
Socket
Sign inDemoInstall

remark-images

Package Overview
Dependencies
Maintainers
2
Versions
26
Alerts
File Explorer

Advanced tools

License
Socket logo

Install Socket

Detect and block malicious and high-risk dependencies

Install

remark-images - npm Package Compare versions

Comparing version 1.0.0 to 2.0.0

9

index.js

@@ -5,6 +5,7 @@ const isUrl = require('is-url')

const isImgExt = str => /\.(svg|png|jpg|jpeg|gif)$/.test(str)
const isAbsolutePath = str => str.startsWith('/')
const isRelativePath = str => str.startsWith('./') || str.startsWith('../')
const isImgPath = str => isAbsolutePath(str) || isRelativePath(str)
const isImgExt = (value) => /\.(svg|png|jpg|jpeg|gif)$/.test(value)
const isAbsolutePath = (value) => value.startsWith('/')
const isRelativePath = (value) =>
value.startsWith('./') || value.startsWith('../')
const isImgPath = (value) => isAbsolutePath(value) || isRelativePath(value)
const isInteractive = convert(['link', 'linkReference'])

@@ -11,0 +12,0 @@

23

package.json
{
"name": "remark-images",
"version": "1.0.0",
"version": "2.0.0",
"description": "remark plugin to add an improved image syntax",

@@ -9,2 +9,3 @@ "license": "MIT",

"remark",
"remark-plugin",
"plugin",

@@ -21,2 +22,6 @@ "mdast",

"repository": "remarkjs/remark-images",
"funding": {
"type": "opencollective",
"url": "https://opencollective.com/unified"
},
"bugs": "https://github.com/remarkjs/remark-images/issues",

@@ -36,13 +41,13 @@ "author": "John Otander <johnotander@gmail.com> (http://johnotander.com)",

"is-url": "^1.2.2",
"unist-util-is": "^3.0.0",
"unist-util-visit-parents": "^2.1.0"
"unist-util-is": "^4.0.0",
"unist-util-visit-parents": "^3.0.0"
},
"devDependencies": {
"nyc": "^14.0.0",
"prettier": "^1.0.0",
"remark": "^10.0.0",
"remark-cli": "^6.0.0",
"remark-preset-wooorm": "^5.0.0",
"nyc": "^15.0.0",
"prettier": "^2.0.0",
"remark": "^11.0.0",
"remark-cli": "^7.0.0",
"remark-preset-wooorm": "^6.0.0",
"tape": "^4.0.0",
"xo": "^0.24.0"
"xo": "^0.28.0"
},

@@ -49,0 +54,0 @@ "scripts": {

22

readme.md

@@ -73,2 +73,12 @@ # remark-images

## Security
Although this plugin should be safe to use, always be careful with user input.
For example, it’s possible to hide JavaScript inside images (such as GIFs,
WebPs, and SVGs).
User provided images open you up to a [cross-site scripting (XSS)][xss] attack.
This may become a problem if the Markdown later transformed to
[**rehype**][rehype] ([**hast**][hast]) or opened in an unsafe Markdown viewer.
## Contribute

@@ -80,4 +90,4 @@

This project has a [Code of Conduct][coc].
By interacting with this repository, organisation, or community you agree to
This project has a [code of conduct][coc].
By interacting with this repository, organization, or community you agree to
abide by its terms.

@@ -113,3 +123,3 @@

[chat-badge]: https://img.shields.io/badge/join%20the%20community-on%20spectrum-7b16ff.svg
[chat-badge]: https://img.shields.io/badge/chat-spectrum-7b16ff.svg

@@ -133,1 +143,7 @@ [chat]: https://spectrum.chat/unified/remark

[remark]: https://github.com/remarkjs/remark
[xss]: https://en.wikipedia.org/wiki/Cross-site_scripting
[rehype]: https://github.com/rehypejs/rehype
[hast]: https://github.com/syntax-tree/hast
SocketSocket SOC 2 Logo

Product

  • Package Alerts
  • Integrations
  • Docs
  • Pricing
  • FAQ
  • Roadmap
  • Changelog

About

Packages

npm

Go

Maven

PyPI

Rubygems

Stay in touch

Get open source security insights delivered straight into your inbox.

  • Terms
  • Privacy
  • Security

Made with ⚡️ by Socket Inc