sanitize-html
Advanced tools
sanitize-html - npm Package Compare versions
Comparing version 2.5.2 to 2.5.3
| # Changelog | ||
| ## 2.5.3 (2021-11-02): | ||
| - Fixed bug introduced by klona 2.0.5, by removing klona entirely. | ||
| ## 2.5.2 (2021-10-13): | ||
@@ -4,0 +8,0 @@ |
| const htmlparser = require('htmlparser2'); | ||
| const escapeStringRegexp = require('escape-string-regexp'); | ||
| const { klona } = require('klona'); | ||
| const { isPlainObject } = require('is-plain-object'); | ||
@@ -653,2 +652,3 @@ const deepmerge = require('deepmerge'); | ||
| * Filters user input css properties by allowlisted regex attributes. | ||
| * Modifies the abstractSyntaxTree object. | ||
| * | ||
@@ -658,3 +658,3 @@ * @param {object} abstractSyntaxTree - Object representation of CSS attributes. | ||
| * @param {object} allowedStyles - Keys are properties (i.e color), value is list of permitted regex rules (i.e /green/i). | ||
| * @return {object} - Abstract Syntax Tree with filtered style attributes. | ||
| * @return {object} - The modified tree. | ||
| */ | ||
@@ -666,3 +666,2 @@ function filterCss(abstractSyntaxTree, allowedStyles) { | ||
| const filteredAST = klona(abstractSyntaxTree); | ||
| const astRules = abstractSyntaxTree.nodes[0]; | ||
@@ -682,6 +681,6 @@ let selectedRule; | ||
| if (selectedRule) { | ||
| filteredAST.nodes[0].nodes = astRules.nodes.reduce(filterDeclarations(selectedRule), []); | ||
| abstractSyntaxTree.nodes[0].nodes = astRules.nodes.reduce(filterDeclarations(selectedRule), []); | ||
| } | ||
| return filteredAST; | ||
| return abstractSyntaxTree; | ||
| } | ||
@@ -688,0 +687,0 @@ |
| { | ||
| "name": "sanitize-html", | ||
| "version": "2.5.2", | ||
| "version": "2.5.3", | ||
| "description": "Clean up user-submitted HTML, preserving allowlisted elements and allowlisted attributes on a per-element basis", | ||
@@ -30,5 +30,4 @@ "sideEffects": false, | ||
| "is-plain-object": "^5.0.0", | ||
| "klona": "^2.0.3", | ||
| "parse-srcset": "^1.0.2", | ||
| "postcss": "^8.0.2" | ||
| "postcss": "^8.3.11" | ||
| }, | ||
@@ -39,3 +38,3 @@ "devDependencies": { | ||
| "eslint-config-standard": "^14.1.1", | ||
| "eslint-plugin-import": "^2.21.2", | ||
| "eslint-plugin-import": "^2.25.2", | ||
| "eslint-plugin-node": "^11.1.0", | ||
@@ -42,0 +41,0 @@ "eslint-plugin-promise": "^4.2.1", |
New alerts
License Policy Violation
LicenseThis package is not allowed per your license policy. Review the package's license to ensure compliance.
Found 1 instance in 1 package
Fixed alerts
License Policy Violation
LicenseThis package is not allowed per your license policy. Review the package's license to ensure compliance.
Found 1 instance in 1 package
Improved metrics
- Total package byte prevSize
- increased by0.01%
74335
- Dependency count
- decreased by-14.29%
6
Worsened metrics
- Lines of code
- decreased by-0.14%
739
Dependency changes
- Removedklona@^2.0.3
- Removedklona@2.0.6(transitive)
Updatedpostcss@^8.3.11