@api-client/core 0.18.4 → 0.18.6

package/data/models/example-generator-api.json

@@ -42065,7 +42065,7 @@
 "@id": "#191"
 },
 {
-"@id": "#206"
+"@id": "#200"
 },
 {
 "@id": "#194"
@@ -42074,7 +42074,7 @@
 "@id": "#197"
 },
 {
-"@id": "#200"
+"@id": "#206"
 },
 {
 "@id": "#203"
@@ -42813,13 +42813,13 @@
 "@id": "#210"
 },
 {
-"@id": "#213"
+"@id": "#219"
 },
 {
-"@id": "#216"
+"@id": "#213"
 },
 {
-"@id": "#219"
+"@id": "#216"
 }
 ],
 "doc:root": false,
@@ -43499,7 +43499,7 @@
 "doc:ExternalDomainElement",
 "doc:DomainElement"
 ],
-"doc:raw": "code: 'J'\ndescription: 'Information and communication'\n",
+"doc:raw": "addressType: 'REGISTERED-OFFICE-ADDRESS'\nstreetName: 'UITBREIDINGSTRAAT'\nhouseNumber: '84'\nhouseNumberAddition: '/1'\npostalCode: '2600'\ncity: 'BERCHEM (ANTWERPEN)'\ncountry: 'Belgium'\ncountryCode: 'BE'\nfullFormatedAddress: \"UITBREIDINGSTRAAT 84 /1, 2600 BERCHEM (ANTWERPEN), BELIUM\"\n",
 "core:mediaType": "application/yaml",
 "sourcemaps:sources": [
 {
@@ -43541,7 +43541,7 @@
 "doc:ExternalDomainElement",
 "doc:DomainElement"
 ],
-"doc:raw": "addressType: 'REGISTERED-OFFICE-ADDRESS'\nstreetName: 'UITBREIDINGSTRAAT'\nhouseNumber: '84'\nhouseNumberAddition: '/1'\npostalCode: '2600'\ncity: 'BERCHEM (ANTWERPEN)'\ncountry: 'Belgium'\ncountryCode: 'BE'\nfullFormatedAddress: \"UITBREIDINGSTRAAT 84 /1, 2600 BERCHEM (ANTWERPEN), BELIUM\"\n",
+"doc:raw": "code: 'J'\ndescription: 'Information and communication'\n",
 "core:mediaType": "application/yaml",
 "sourcemaps:sources": [
 {
@@ -44253,7 +44253,7 @@
 "doc:ExternalDomainElement",
 "doc:DomainElement"
 ],
-"doc:raw": "type: 'GENERAL'\ncountryDialCode : '+32'\nareaCode : '21'\nsubscriberNumber: '12.87.00'\nformatted: '+32-(0)21 302099'\n",
+"doc:raw": "-\n  type: 'GENERAL'\n  value: 'info@company.be'\n-\n  type: 'IT_DEPT'\n  value: 'it-service@company.be'\n",
 "core:mediaType": "application/yaml",
 "sourcemaps:sources": [
 {
@@ -44274,7 +44274,7 @@
 "doc:ExternalDomainElement",
 "doc:DomainElement"
 ],
-"doc:raw": "-\n  type: 'GENERAL'\n  value: 'info@company.be'\n-\n  type: 'IT_DEPT'\n  value: 'it-service@company.be'\n",
+"doc:raw": "type: \"GENERAL\"\nvalue: \"www.company.be\"\n",
 "core:mediaType": "application/yaml",
 "sourcemaps:sources": [
 {
@@ -44295,7 +44295,7 @@
 "doc:ExternalDomainElement",
 "doc:DomainElement"
 ],
-"doc:raw": "type: \"GENERAL\"\nvalue: \"www.company.be\"\n",
+"doc:raw": "type: 'GENERAL'\ncountryDialCode : '+32'\nareaCode : '21'\nsubscriberNumber: '12.87.00'\nformatted: '+32-(0)21 302099'\n",
 "core:mediaType": "application/yaml",
 "sourcemaps:sources": [
 {
@@ -44771,7 +44771,7 @@
 {
 "@id": "#202/source-map/lexical/element_0",
 "sourcemaps:element": "amf://id#202",
-"sourcemaps:value": "[(1,0)-(3,0)]"
+"sourcemaps:value": "[(1,0)-(10,0)]"
 },
 {
 "@id": "#205/source-map/lexical/element_0",
@@ -44781,7 +44781,7 @@
 {
 "@id": "#208/source-map/lexical/element_0",
 "sourcemaps:element": "amf://id#208",
-"sourcemaps:value": "[(1,0)-(10,0)]"
+"sourcemaps:value": "[(1,0)-(3,0)]"
 },
 {
 "@id": "#223/source-map/lexical/element_0",
@@ -45121,17 +45121,17 @@
 {
 "@id": "#215/source-map/lexical/element_0",
 "sourcemaps:element": "amf://id#215",
-"sourcemaps:value": "[(1,0)-(6,0)]"
+"sourcemaps:value": "[(1,0)-(7,0)]"
 },
 {
 "@id": "#218/source-map/lexical/element_0",
 "sourcemaps:element": "amf://id#218",
-"sourcemaps:value": "[(1,0)-(7,0)]"
+"sourcemaps:value": "[(1,0)-(3,0)]"
 },
 {
 "@id": "#221/source-map/lexical/element_0",
 "sourcemaps:element": "amf://id#221",
-"sourcemaps:value": "[(1,0)-(3,0)]"
+"sourcemaps:value": "[(1,0)-(6,0)]"
 },
 {
 "@id": "#338/source-map/synthesized-field/element_1",

package/package.json

@@ -1,7 +1,7 @@
 {
   "name": "@api-client/core",
   "description": "The API Client's core client library. Works in NodeJS and in a ES enabled browser.",
-  "version": "0.18.4",
+  "version": "0.18.6",
   "license": "Apache-2.0",
   "exports": {
     "./browser.js": {
@@ -94,7 +94,8 @@
     "amf-json-ld-lib": "^0.0.15",
     "chalk": "^5.4.1",
     "console-table-printer": "^2.11.2",
-    "isomorphic-dompurify": "^2.26.0",
+    "dompurify": "^3.2.6",
+    "jsdom": "^26.1.0",
     "nanoid": "^5.1.5",
     "ws": "^8.12.0",
     "xpath": "^0.0.34"
@@ -154,6 +155,7 @@
     "prepare": "husky && npm run fixes && npm run build:ts && npm run build:api-models",
     "fixes": "node scripts/fix-rollup-plugin.js",
     "tsc": "wireit",
+    "tsc:tests": "wireit",
     "tsc:watch": "wireit",
     "test:browser": "node --import ts-node-maintained/register/esm --enable-source-maps bin/test-web.ts --playwright --browsers chromium",
     "test:browser:watch": "node --import ts-node-maintained/register/esm --enable-source-maps bin/test-web.ts --watch --playwright --browsers chromium",

package/src/lib/dom_purify.ts

@@ -0,0 +1,25 @@
+import DOMPurify from 'dompurify'
+
+let instance: typeof DOMPurify
+
+function isNodeJsEnvironment(): boolean {
+  return (
+    // eslint-disable-next-line no-restricted-globals
+    typeof process !== 'undefined' &&
+    // eslint-disable-next-line no-restricted-globals
+    typeof process.versions !== 'undefined' &&
+    // eslint-disable-next-line no-restricted-globals
+    typeof process.versions.node !== 'undefined'
+  )
+}
+if (isNodeJsEnvironment()) {
+  const { JSDOM } = await import('jsdom')
+  const { window } = new JSDOM('<!DOCTYPE html>')
+  // eslint-disable-next-line @typescript-eslint/ban-ts-comment
+  // @ts-ignore
+  instance = DOMPurify(window)
+} else {
+  instance = DOMPurify
+}
+
+export default instance

package/src/modeling/helpers/database.ts

@@ -1,8 +1,8 @@
-import DOMPurify from 'isomorphic-dompurify'
 import { snakeCase } from '@pawel-up/jexl/string.js'
+import DOMPurify from '../../lib/dom_purify.js'
 
 export function sanitizeInput(input: string): string {
-  return DOMPurify.isSupported ? DOMPurify.sanitize(input) : input
+  return DOMPurify.sanitize(input)
 }
 
 /**

package/src/modeling/importers/CsvImporter.ts

@@ -2,6 +2,8 @@ import { type CSVOptions, CSVParser, type ParseResult } from '@pawel-up/csv'
 import type { DataDomain } from '../DataDomain.js'
 import { sanitizeInput, toDatabaseColumnName, toDatabaseTableName } from '../helpers/database.js'
 import type { DomainPropertySchema } from '../DomainProperty.js'
+import type { DomainEntity } from '../DomainEntity.js'
+import type { DomainModel } from '../DomainModel.js'
 
 export type { CSVOptions, ParseResult }
 
@@ -43,7 +45,7 @@ export class CsvImporter {
    * @param modelName The name to be used for the created `DomainModel` and `DomainEntity`.
    * @returns A promise that resolves when the import is complete.
    */
-  public async import(data: ParseResult, modelName: string): Promise<void> {
+  public async import(data: ParseResult, modelName: string): Promise<{ entity: DomainEntity; model: DomainModel }> {
     const name = toDatabaseTableName(modelName, 'imported_cvs_data')
     const model = this.domain.addModel({ info: { name } })
     const entity = model.addEntity({ info: { name } })
@@ -84,5 +86,6 @@ export class CsvImporter {
         prop.info.displayName = sn
       }
     }
+    return { entity, model }
   }
 }

package/tests/unit/lib/dom_purify.spec.ts

@@ -0,0 +1,12 @@
+import { test } from '@japa/runner'
+import DOMPurify from '../../../src/lib/dom_purify.js'
+
+test('DOMPurify is initialized correctly', ({ assert }) => {
+  assert.isFunction(DOMPurify.sanitize, 'DOMPurify should have a sanitize function')
+})
+
+test('DOMPurify sanitizes input correctly', ({ assert }) => {
+  const unsafeInput = '<script>alert("XSS")</script>'
+  const safeOutput = DOMPurify.sanitize(unsafeInput)
+  assert.equal(safeOutput, '', 'Sanitized output should be empty for unsafe input')
+})