safevalues - npm Package Compare versions

dom/elements/base.d.ts

dom/elements/base.js

dom/elements/base.mjs

2

builders/html_builders.js

		@@ -71,3 +71,3 @@ "use strict";
		}
		stringTag += '>\x3c/script>';
		stringTag += '>\u003C/script>';
		return (0, html_impl_1.createHtml)(stringTag);
		@@ -74,0 +74,0 @@ }

8

builders/html_sanitizer/html_sanitizer_builder.d.ts

		@@ -47,3 +47,11 @@ /**
		allowIdAttributes(): HtmlSanitizerBuilder;
		/**
		* Preserves (some) attributes that reference existing ids. This carries a
		* moderate security risk, because sanitized content can create semantic
		* associations with existing elements in the page, regardless of the layout.
		* This could be used to override the label associated with a form input by a
		* screen reader, and facilitate phishing.
		*/
		allowIdReferenceAttributes(): HtmlSanitizerBuilder;
		build(): HtmlSanitizer;
		}

35

builders/html_sanitizer/html_sanitizer_builder.js

		@@ -179,3 +179,5 @@ "use strict";
		var globalAttributePolicies = new Map(this.sanitizerTable.globalAttributePolicies);
		globalAttributePolicies.set('style', { policyAction: sanitizer_table_1.AttributePolicyAction.KEEP_AND_SANITIZE_STYLE });
		globalAttributePolicies.set('style', {
		policyAction: sanitizer_table_1.AttributePolicyAction.KEEP_AND_SANITIZE_STYLE,
		});
		this.sanitizerTable = new sanitizer_table_1.SanitizerTable(this.sanitizerTable.allowedElements, this.sanitizerTable.elementPolicies, this.sanitizerTable.allowedGlobalAttributes, globalAttributePolicies);
		@@ -190,5 +192,5 @@ return this;
		HtmlSanitizerBuilder.prototype.allowClassAttributes = function () {
		var globalAttributePolicies = new Map(this.sanitizerTable.globalAttributePolicies);
		globalAttributePolicies.set('class', { policyAction: sanitizer_table_1.AttributePolicyAction.KEEP });
		this.sanitizerTable = new sanitizer_table_1.SanitizerTable(this.sanitizerTable.allowedElements, this.sanitizerTable.elementPolicies, this.sanitizerTable.allowedGlobalAttributes, globalAttributePolicies);
		var allowedGlobalAttributes = new Set(this.sanitizerTable.allowedGlobalAttributes);
		allowedGlobalAttributes.add('class');
		this.sanitizerTable = new sanitizer_table_1.SanitizerTable(this.sanitizerTable.allowedElements, this.sanitizerTable.elementPolicies, allowedGlobalAttributes, this.sanitizerTable.globalAttributePolicies);
		return this;
		@@ -201,7 +203,26 @@ };
		HtmlSanitizerBuilder.prototype.allowIdAttributes = function () {
		var globalAttributePolicies = new Map(this.sanitizerTable.globalAttributePolicies);
		globalAttributePolicies.set('id', { policyAction: sanitizer_table_1.AttributePolicyAction.KEEP });
		this.sanitizerTable = new sanitizer_table_1.SanitizerTable(this.sanitizerTable.allowedElements, this.sanitizerTable.elementPolicies, this.sanitizerTable.allowedGlobalAttributes, globalAttributePolicies);
		var allowedGlobalAttributes = new Set(this.sanitizerTable.allowedGlobalAttributes);
		allowedGlobalAttributes.add('id');
		this.sanitizerTable = new sanitizer_table_1.SanitizerTable(this.sanitizerTable.allowedElements, this.sanitizerTable.elementPolicies, allowedGlobalAttributes, this.sanitizerTable.globalAttributePolicies);
		return this;
		};
		/**
		* Preserves (some) attributes that reference existing ids. This carries a
		* moderate security risk, because sanitized content can create semantic
		* associations with existing elements in the page, regardless of the layout.
		* This could be used to override the label associated with a form input by a
		* screen reader, and facilitate phishing.
		*/
		HtmlSanitizerBuilder.prototype.allowIdReferenceAttributes = function () {
		var allowedGlobalAttributes = new Set(this.sanitizerTable.allowedGlobalAttributes);
		// TODO(b/190693339): Generate this subtable from the contract.
		allowedGlobalAttributes.add('aria-activedescendant')
		.add('aria-controls')
		.add('aria-labelledby')
		.add('aria-owns')
		.add('for')
		.add('list');
		this.sanitizerTable = new sanitizer_table_1.SanitizerTable(this.sanitizerTable.allowedElements, this.sanitizerTable.elementPolicies, allowedGlobalAttributes, this.sanitizerTable.globalAttributePolicies);
		return this;
		};
		HtmlSanitizerBuilder.prototype.build = function () {
		@@ -208,0 +229,0 @@ if (this.calledBuild) {

10

builders/html_sanitizer/html_sanitizer.js

		@@ -108,3 +108,7 @@ "use strict";
		else {
		throw new Error('Node is not of type text or element');
		var message = '';
		if (process.env.NODE_ENV !== 'production') {
		message = 'Node is not of type text or element';
		}
		throw new Error(message);
		}
		@@ -168,3 +172,5 @@ sanitizedParent.appendChild(sanitizedNode);
		default:
		checkExhaustive(policy.policyAction, 'Unhandled AttributePolicyAction case');
		if (process.env.NODE_ENV !== 'production') {
		checkExhaustive(policy.policyAction, 'Unhandled AttributePolicyAction case');
		}
		}
		@@ -171,0 +177,0 @@ }

6

builders/html_sanitizer/sanitizer_table/default_sanitizer_table.d.ts

		@@ -7,9 +7,5 @@ /**
		/**
		* GENERATED CODE, DO NOT MODIFY
		* This SanitizerTable was generated from the checked in html contract:
		* webutil/html/types/codegen/html5_contract.textpb
		* Sanitizer table for the default sanitizer configuration
		*
		* You can regenerate this file with:
		* webutil/html/types/codegen/update_generated_source_files.sh
		*/
		export declare const defaultSanitizerTable: SanitizerTable;

84

builders/html_sanitizer/sanitizer_table/default_sanitizer_table.js

		@@ -8,12 +8,6 @@ "use strict";
		exports.defaultSanitizerTable = void 0;
		/* GENERATED CODE, DO NOT MODIFY */
		/* g3_import_pure from '../../../internals/pure' */
		var sanitizer_table_1 = require("./sanitizer_table");
		/**
		* GENERATED CODE, DO NOT MODIFY
		* This SanitizerTable was generated from the checked in html contract:
		* webutil/html/types/codegen/html5_contract.textpb
		*
		* You can regenerate this file with:
		* webutil/html/types/codegen/update_generated_source_files.sh
		*/
		exports.defaultSanitizerTable = new sanitizer_table_1.SanitizerTable(new Set([
		var ALLOWED_ELEMENTS = [
		'ARTICLE', 'SECTION', 'NAV', 'ASIDE', 'H1', 'H2',
		@@ -35,3 +29,4 @@ 'H3', 'H4', 'H5', 'H6', 'HEADER', 'FOOTER',
		'CENTER',
		]), new Map([
		];
		var ELEMENT_POLICIES = [
		[
		@@ -97,3 +92,4 @@ 'A', new Map([
		],
		]), new Set([
		];
		var ALLOWED_GLOBAL_ATTRIBUTES = [
		'title',
		@@ -198,13 +194,16 @@ 'aria-atomic',
		'itemref',
		]), new Map([
		];
		var GLOBAL_ATTRIBUTE_POLICIES = [
		[
		'dir', {
		policyAction: sanitizer_table_1.AttributePolicyAction.KEEP_AND_NORMALIZE,
		conditions: new Map([[
		'dir', new Set([
		'auto',
		'ltr',
		'rtl',
		])
		]])
		conditions: /* #__PURE__ */ (function () {
		return new Map([[
		'dir', new Set([
		'auto',
		'ltr',
		'rtl',
		])
		]]);
		})()
		}
		@@ -215,7 +214,9 @@ ],
		policyAction: sanitizer_table_1.AttributePolicyAction.KEEP_AND_NORMALIZE,
		conditions: new Map([[
		'async', new Set([
		'async',
		])
		]])
		conditions: /* #__PURE__ */ (function () {
		return new Map([[
		'async', new Set([
		'async',
		])
		]]);
		})()
		}
		@@ -227,8 +228,10 @@ ],
		policyAction: sanitizer_table_1.AttributePolicyAction.KEEP_AND_NORMALIZE,
		conditions: new Map([[
		'loading', new Set([
		'eager',
		'lazy',
		])
		]])
		conditions: /* #__PURE__ */ (function () {
		return new Map([[
		'loading', new Set([
		'eager',
		'lazy',
		])
		]]);
		})()
		}
		@@ -240,10 +243,17 @@ ],
		policyAction: sanitizer_table_1.AttributePolicyAction.KEEP_AND_NORMALIZE,
		conditions: new Map([[
		'target', new Set([
		'_self',
		'_blank',
		])
		]])
		conditions: /* #__PURE__ */ (function () {
		return new Map([[
		'target', new Set([
		'_self',
		'_blank',
		])
		]]);
		})()
		}
		],
		]));
		];
		/**
		* Sanitizer table for the default sanitizer configuration
		*
		*/
		exports.defaultSanitizerTable = new sanitizer_table_1.SanitizerTable(new Set(ALLOWED_ELEMENTS), new Map(ELEMENT_POLICIES), new Set(ALLOWED_GLOBAL_ATTRIBUTES), new Map(GLOBAL_ATTRIBUTE_POLICIES));

3

builders/html_sanitizer/sanitizer_table/sanitizer_table.d.ts

		@@ -11,3 +11,4 @@ /**
		readonly globalAttributePolicies: ReadonlyMap<string, AttributePolicy>;
		constructor(allowedElements: ReadonlySet<string>, elementPolicies: ReadonlyMap<string, ElementPolicy>, allowedGlobalAttributes: ReadonlySet<string>, globalAttributePolicies: ReadonlyMap<string, AttributePolicy>);
		readonly globallyAllowedAttributePrefixes?: ReadonlySet<string> \| undefined;
		constructor(allowedElements: ReadonlySet<string>, elementPolicies: ReadonlyMap<string, ElementPolicy>, allowedGlobalAttributes: ReadonlySet<string>, globalAttributePolicies: ReadonlyMap<string, AttributePolicy>, globallyAllowedAttributePrefixes?: ReadonlySet<string> \| undefined);
		isAllowedElement(elementName: string): boolean;
		@@ -14,0 +15,0 @@ getAttributePolicy(attributeName: string, elementName: string): AttributePolicy;

37

builders/html_sanitizer/sanitizer_table/sanitizer_table.js

		@@ -6,2 +6,27 @@ "use strict";
		*/
		var __read = (this && this.__read) \|\| function (o, n) {
		var m = typeof Symbol === "function" && o[Symbol.iterator];
		if (!m) return o;
		var i = m.call(o), r, ar = [], e;
		try {
		while ((n === void 0 \|\| n-- > 0) && !(r = i.next()).done) ar.push(r.value);
		}
		catch (error) { e = { error: error }; }
		finally {
		try {
		if (r && !r.done && (m = i["return"])) m.call(i);
		}
		finally { if (e) throw e.error; }
		}
		return ar;
		};
		var __spreadArray = (this && this.__spreadArray) \|\| function (to, from, pack) {
		if (pack \|\| arguments.length === 2) for (var i = 0, l = from.length, ar; i < l; i++) {
		if (ar \|\| !(i in from)) {
		if (!ar) ar = Array.prototype.slice.call(from, 0, i);
		ar[i] = from[i];
		}
		}
		return to.concat(ar \|\| Array.prototype.slice.call(from));
		};
		Object.defineProperty(exports, "__esModule", { value: true });
		@@ -11,3 +36,3 @@ exports.AttributePolicyAction = exports.SanitizerTable = void 0;
		var SanitizerTable = /** @class */ (function () {
		function SanitizerTable(allowedElements, elementPolicies, allowedGlobalAttributes, globalAttributePolicies) {
		function SanitizerTable(allowedElements, elementPolicies, allowedGlobalAttributes, globalAttributePolicies, globallyAllowedAttributePrefixes) {
		this.allowedElements = allowedElements;
		@@ -17,2 +42,3 @@ this.elementPolicies = elementPolicies;
		this.globalAttributePolicies = globalAttributePolicies;
		this.globallyAllowedAttributePrefixes = globallyAllowedAttributePrefixes;
		}
		@@ -39,3 +65,10 @@ SanitizerTable.prototype.isAllowedElement = function (elementName) {
		var globalPolicy = this.globalAttributePolicies.get(attributeName);
		return globalPolicy \|\| { policyAction: AttributePolicyAction.DROP };
		if (globalPolicy) {
		return globalPolicy;
		}
		if (this.globallyAllowedAttributePrefixes &&
		__spreadArray([], __read(this.globallyAllowedAttributePrefixes), false).some(function (prefix) { return attributeName.indexOf(prefix) === 0; })) {
		return { policyAction: AttributePolicyAction.KEEP };
		}
		return { policyAction: AttributePolicyAction.DROP };
		};
		@@ -42,0 +75,0 @@ return SanitizerTable;

2

builders/script_builders.js

		@@ -42,3 +42,3 @@ "use strict";
		function valueAsScript(value) {
		return (0, script_impl_1.createScript)(JSON.stringify(value).replace(/</g, '\\x3c'));
		return (0, script_impl_1.createScript)(JSON.stringify(value).replace(/</g, '\\u003C'));
		}
		@@ -45,0 +45,0 @@ exports.valueAsScript = valueAsScript;

2

builders/sensitive_attributes.d.ts

		@@ -9,2 +9,2 @@ /**
		*/
		export declare const SECURITY_SENSITIVE_ATTRIBUTES: readonly ["href", "rel", "src", "srcdoc", "action", "formaction", "sandbox", "cite", "poster", "icon", "codebase", "data"];
		export declare const SECURITY_SENSITIVE_ATTRIBUTES: readonly ["src", "srcdoc", "codebase", "data", "href", "rel", "action", "formaction", "sandbox", "cite", "poster", "icon"];

8

builders/sensitive_attributes.js

		@@ -14,6 +14,8 @@ "use strict";
		exports.SECURITY_SENSITIVE_ATTRIBUTES = [
		'src',
		'srcdoc',
		'codebase',
		'data',
		'href',
		'rel',
		'src',
		'srcdoc',
		'action',
		@@ -25,4 +27,2 @@ 'formaction',
		'icon',
		'codebase',
		'data',
		];

1

dom/elements/element.d.ts

		@@ -10,2 +10,3 @@ /**
		*/
		import '../../environment/dev';
		import { SafeAttributePrefix } from '../../internals/attribute_impl';
		@@ -12,0 +13,0 @@ import { SafeHtml } from '../../internals/html_impl';

18

dom/elements/element.js

		@@ -38,2 +38,3 @@ "use strict";
		*/
		require("../../environment/dev");
		var attribute_impl_1 = require("../../internals/attribute_impl");
		@@ -114,3 +115,7 @@ var html_impl_1 = require("../../internals/html_impl");
		if (attrPrefixes.length === 0) {
		throw new Error('No prefixes are provided');
		var message = '';
		if (process.env.NODE_ENV !== 'production') {
		message = 'No prefixes are provided';
		}
		throw new Error(message);
		}
		@@ -126,7 +131,14 @@ var prefixes = attrPrefixes.map(function (s) { return (0, attribute_impl_1.unwrapAttributePrefix)(s); });
		function throwIfScriptOrStyle(element) {
		var message = '';
		if (element.tagName.toLowerCase() === 'script') {
		throw new Error('Use setTextContent with a SafeScript.');
		if (process.env.NODE_ENV !== 'production') {
		message = 'Use safeScriptEl.setTextContent with a SafeScript.';
		}
		throw new Error(message);
		}
		else if (element.tagName.toLowerCase() === 'style') {
		throw new Error('Use setTextContent with a SafeStyleSheet.');
		if (process.env.NODE_ENV !== 'production') {
		message = 'Use safeStyleEl.setTextContent with a SafeStyleSheet.';
		}
		throw new Error(message);
		}
		@@ -133,0 +145,0 @@ }

2

dom/elements/link.js

		@@ -30,3 +30,3 @@ "use strict";
		function setHrefAndRel(link, url, rel) {
		if (url instanceof resource_url_impl_1.TrustedResourceUrl) {
		if ((0, resource_url_impl_1.isResourceUrl)(url)) {
		link.href = (0, resource_url_impl_1.unwrapResourceUrl)(url).toString();
		@@ -33,0 +33,0 @@ }

4

dom/elements/svg_use.d.ts

		@@ -7,4 +7,6 @@ /**
		/**
		* Sets the Href attribute from the given TrustedResourceUrl.
		* Sets the Href attribute from the given URL.
		* javascript: and data: URL are blocked as they can lead to XSS and the <use>
		* element only loads resources same-origin.
		*/
		export declare function setHref(useEl: SVGUseElement, url: string): void;

4

dom/elements/svg_use.js

		@@ -11,3 +11,5 @@ "use strict";
		/**
		* Sets the Href attribute from the given TrustedResourceUrl.
		* Sets the Href attribute from the given URL.
		* javascript: and data: URL are blocked as they can lead to XSS and the <use>
		* element only loads resources same-origin.
		*/
		@@ -14,0 +16,0 @@ function setHref(useEl, url) {

1

dom/index.d.ts

		@@ -11,2 +11,3 @@ /**
		export * as safeAreaEl from './elements/area';
		export * as safeBaseEl from './elements/base';
		export * as safeButtonEl from './elements/button';
		@@ -13,0 +14,0 @@ export * as safeElement from './elements/element';

3

dom/index.js

		@@ -30,3 +30,3 @@ "use strict";
		Object.defineProperty(exports, "__esModule", { value: true });
		exports.safeWorker = exports.safeWindow = exports.safeUrl = exports.safeServiceWorkerContainer = exports.safeRange = exports.safeLocation = exports.safeGlobal = exports.safeDomParser = exports.safeDocument = exports.safeSvgUseEl = exports.safeStyleEl = exports.safeScriptEl = exports.safeObjectEl = exports.safeLinkEl = exports.safeInputEl = exports.safeIframeEl = exports.safeFormEl = exports.safeEmbedEl = exports.safeElement = exports.safeButtonEl = exports.safeAreaEl = exports.safeAnchorEl = void 0;
		exports.safeWorker = exports.safeWindow = exports.safeUrl = exports.safeServiceWorkerContainer = exports.safeRange = exports.safeLocation = exports.safeGlobal = exports.safeDomParser = exports.safeDocument = exports.safeSvgUseEl = exports.safeStyleEl = exports.safeScriptEl = exports.safeObjectEl = exports.safeLinkEl = exports.safeInputEl = exports.safeIframeEl = exports.safeFormEl = exports.safeEmbedEl = exports.safeElement = exports.safeButtonEl = exports.safeBaseEl = exports.safeAreaEl = exports.safeAnchorEl = void 0;
		/**
		@@ -38,2 +38,3 @@ * @fileoverview This file re-exports all of the wrappers to ensure that we have
		exports.safeAreaEl = __importStar(require("./elements/area"));
		exports.safeBaseEl = __importStar(require("./elements/base"));
		exports.safeButtonEl = __importStar(require("./elements/button"));
		@@ -40,0 +41,0 @@ exports.safeElement = __importStar(require("./elements/element"));

4

internals/attribute_impl.js

		@@ -37,5 +37,3 @@ "use strict";
		var _this = _super.call(this) \|\| this;
		if (process.env.NODE_ENV !== 'production') {
		(0, secrets_1.ensureTokenIsValid)(token);
		}
		(0, secrets_1.ensureTokenIsValid)(token);
		_this.privateDoNotAccessOrElseWrappedAttrPrefix = attrPrefix;
		@@ -42,0 +40,0 @@ return _this;

2

internals/html_impl.d.ts

		@@ -15,3 +15,3 @@ /**
		*/
		export declare const SafeHtml: typeof TrustedHTML;
		export declare const SafeHtml: TrustedHTML;
		/**
		@@ -18,0 +18,0 @@ * Builds a new `SafeHtml` from the given string, without enforcing safety

7

internals/html_impl.js

		@@ -17,5 +17,3 @@ "use strict";
		function HtmlImpl(html, token) {
		if (process.env.NODE_ENV !== 'production') {
		(0, secrets_1.ensureTokenIsValid)(token);
		}
		(0, secrets_1.ensureTokenIsValid)(token);
		this.privateDoNotAccessOrElseWrappedHtml = html;
		@@ -59,3 +57,4 @@ }
		function isHtml(value) {
		return value instanceof exports.SafeHtml;
		var _a;
		return ((_a = (0, trusted_types_1.getTrustedTypes)()) === null \|\| _a === void 0 ? void 0 : _a.isHTML(value)) \|\| value instanceof HtmlImpl;
		}
		@@ -62,0 +61,0 @@ exports.isHtml = isHtml;

2

internals/resource_url_impl.d.ts

		@@ -16,3 +16,3 @@ /**
		*/
		export declare const TrustedResourceUrl: typeof TrustedScriptURL;
		export declare const TrustedResourceUrl: TrustedScriptURL;
		/**
		@@ -19,0 +19,0 @@ * Builds a new `TrustedResourceUrl` from the given string, without

8

internals/resource_url_impl.js

		@@ -17,5 +17,3 @@ "use strict";
		function ResourceUrlImpl(url, token) {
		if (process.env.NODE_ENV !== 'production') {
		(0, secrets_1.ensureTokenIsValid)(token);
		}
		(0, secrets_1.ensureTokenIsValid)(token);
		this.privateDoNotAccessOrElseWrappedResourceUrl = url;
		@@ -51,3 +49,5 @@ }
		function isResourceUrl(value) {
		return value instanceof exports.TrustedResourceUrl;
		var _a;
		return ((_a = (0, trusted_types_1.getTrustedTypes)()) === null \|\| _a === void 0 ? void 0 : _a.isScriptURL(value)) \|\|
		value instanceof ResourceUrlImpl;
		}
		@@ -54,0 +54,0 @@ exports.isResourceUrl = isResourceUrl;

2

internals/script_impl.d.ts

		@@ -15,3 +15,3 @@ /**
		*/
		export declare const SafeScript: typeof TrustedScript;
		export declare const SafeScript: TrustedScript;
		/**
		@@ -18,0 +18,0 @@ * Builds a new `SafeScript` from the given string, without enforcing

7

internals/script_impl.js

		@@ -18,5 +18,3 @@ "use strict";
		function ScriptImpl(script, token) {
		if (process.env.NODE_ENV !== 'production') {
		(0, secrets_1.ensureTokenIsValid)(token);
		}
		(0, secrets_1.ensureTokenIsValid)(token);
		this.privateDoNotAccessOrElseWrappedScript = script;
		@@ -60,3 +58,4 @@ }
		function isScript(value) {
		return value instanceof exports.SafeScript;
		var _a;
		return ((_a = (0, trusted_types_1.getTrustedTypes)()) === null \|\| _a === void 0 ? void 0 : _a.isScript(value)) \|\| value instanceof ScriptImpl;
		}
		@@ -63,0 +62,0 @@ exports.isScript = isScript;

1

internals/secrets.d.ts

		@@ -5,2 +5,3 @@ /**
		*/
		import '../environment/dev';
		/**
		@@ -7,0 +8,0 @@ * A secret token that must be passed to safe type constructors. It is only

7

internals/secrets.js

		@@ -8,2 +8,3 @@ "use strict";
		exports.ensureTokenIsValid = exports.secretToken = void 0;
		require("../environment/dev");
		/**
		@@ -21,6 +22,8 @@ * A secret token that must be passed to safe type constructors. It is only
		function ensureTokenIsValid(token) {
		if (token !== exports.secretToken) {
		throw new Error('Bad secret');
		if (process.env.NODE_ENV !== 'production') {
		if (token !== exports.secretToken) {
		throw new Error('Bad secret');
		}
		}
		}
		exports.ensureTokenIsValid = ensureTokenIsValid;

4

internals/style_impl.js

		@@ -40,5 +40,3 @@ "use strict";
		var _this = _super.call(this) \|\| this;
		if (process.env.NODE_ENV !== 'production') {
		(0, secrets_1.ensureTokenIsValid)(token);
		}
		(0, secrets_1.ensureTokenIsValid)(token);
		_this.privateDoNotAccessOrElseWrappedStyle = style;
		@@ -45,0 +43,0 @@ return _this;

4

internals/style_sheet_impl.js

		@@ -40,5 +40,3 @@ "use strict";
		var _this = _super.call(this) \|\| this;
		if (process.env.NODE_ENV !== 'production') {
		(0, secrets_1.ensureTokenIsValid)(token);
		}
		(0, secrets_1.ensureTokenIsValid)(token);
		_this.privateDoNotAccessOrElseWrappedStyleSheet = styleSheet;
		@@ -45,0 +43,0 @@ return _this;

4

package.json

		{
		"name": "safevalues",
		"version": "0.4.2",
		"version": "0.4.3",
		"description": "Safe builders for Trusted Types values",
		@@ -62,2 +62,2 @@ "repository": "https://github.com/google/safevalues",
		}
		}
		}

builders/html_builders.mjs