remark-rehype
Advanced tools
remark-rehype - npm Package Compare versions
Comparing version
| { | ||
| "name": "remark-rehype", | ||
| "version": "5.0.0", | ||
| "version": "6.0.0", | ||
| "description": "remark plugin to transform to rehype", | ||
@@ -10,2 +10,4 @@ "license": "MIT", | ||
| "rehype", | ||
| "remark-plugin", | ||
| "rehype-plugin", | ||
| "plugin", | ||
@@ -19,2 +21,6 @@ "html", | ||
| "bugs": "https://github.com/remarkjs/remark-rehype/issues", | ||
| "funding": { | ||
| "type": "opencollective", | ||
| "url": "https://opencollective.com/unified" | ||
| }, | ||
| "author": "Titus Wormer <tituswormer@gmail.com> (https://wooorm.com)", | ||
@@ -29,17 +35,17 @@ "contributors": [ | ||
| "dependencies": { | ||
| "mdast-util-to-hast": "^6.0.0" | ||
| "mdast-util-to-hast": "^8.0.0" | ||
| }, | ||
| "devDependencies": { | ||
| "browserify": "^16.0.0", | ||
| "nyc": "^14.0.0", | ||
| "prettier": "^1.0.0", | ||
| "nyc": "^15.0.0", | ||
| "prettier": "^2.0.0", | ||
| "rehype-stringify": "^6.0.0", | ||
| "remark-cli": "^6.0.0", | ||
| "remark-parse": "^6.0.0", | ||
| "remark-preset-wooorm": "^5.0.0", | ||
| "remark-stringify": "^6.0.0", | ||
| "remark-cli": "^7.0.0", | ||
| "remark-parse": "^7.0.0", | ||
| "remark-preset-wooorm": "^6.0.0", | ||
| "remark-stringify": "^7.0.0", | ||
| "tape": "^4.0.0", | ||
| "tinyify": "^2.0.0", | ||
| "unified": "^8.0.0", | ||
| "xo": "^0.24.0" | ||
| "xo": "^0.28.0" | ||
| }, | ||
@@ -46,0 +52,0 @@ "scripts": { |
@@ -99,2 +99,10 @@ # remark-rehype | ||
| ## Security | ||
| Use of `remark-react` can open you up to a [cross-site scripting (XSS)][xss] | ||
| attack. | ||
| Embedded [**hast**][hast] properties (`hName`, `hProperties`, `hChildren`), | ||
| custom handlers, and the `allowDangerousHTML` option all provide openings. | ||
| Use [`rehype-sanitize`][sanitize] to make the tree safe. | ||
| ## Related | ||
@@ -104,2 +112,4 @@ | ||
| — Properly deal with HTML in Markdown (used after `remark-rehype`) | ||
| * [`rehype-sanitize`][sanitize] | ||
| — Sanitize HTML | ||
| * [`rehype-remark`](https://github.com/rehypejs/rehype-remark) | ||
@@ -118,4 +128,4 @@ — Transform HTML ([hast][]) to Markdown ([mdast][]) | ||
| This project has a [Code of Conduct][coc]. | ||
| By interacting with this repository, organisation, or community you agree to | ||
| This project has a [code of conduct][coc]. | ||
| By interacting with this repository, organization, or community you agree to | ||
| abide by its terms. | ||
@@ -151,3 +161,3 @@ | ||
| [chat-badge]: https://img.shields.io/badge/join%20the%20community-on%20spectrum-7b16ff.svg | ||
| [chat-badge]: https://img.shields.io/badge/chat-spectrum-7b16ff.svg | ||
@@ -180,2 +190,4 @@ [chat]: https://spectrum.chat/unified/remark | ||
| [sanitize]: https://github.com/rehypejs/rehype-sanitize | ||
| [mdast]: https://github.com/syntax-tree/mdast | ||
@@ -188,1 +200,3 @@ | ||
| [to-hast]: https://github.com/syntax-tree/mdast-util-to-hast#tohastnode-options | ||
| [xss]: https://en.wikipedia.org/wiki/Cross-site_scripting |
Improved metrics
- Total package byte prevSize
9551
6.66%- Number of lines in readme file
197
7.65%Dependency changes
+ Added
@types/unist@2.0.11(transitive)+ Added
mdast-util-definitions@2.0.1(transitive)+ Added
mdast-util-to-hast@8.2.0(transitive)+ Added
unist-builder@2.0.3(transitive)+ Added
unist-util-is@4.1.0(transitive)+ Added
unist-util-visit@2.0.3(transitive)+ Added
unist-util-visit-parents@3.1.1(transitive)- Removed
mdast-util-definitions@1.2.5(transitive)- Removed
mdast-util-to-hast@6.0.2(transitive)- Removed
object-assign@4.1.1(transitive)- Removed
trim@0.0.1(transitive)- Removed
unist-builder@1.0.4(transitive)- Removed
unist-util-is@3.0.0(transitive)- Removed
unist-util-visit@1.4.1(transitive)- Removed
unist-util-visit-parents@2.1.2(transitive)- Removed
xtend@4.0.2(transitive)Updated
mdast-util-to-hast@^8.0.0