npm - @capillarytech/creatives-library - Versions diffs - 8.0.249 → 8.0.250-alpha.0 - Mend

@capillarytech/creatives-library 8.0.249 → 8.0.250-alpha.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (136) hide show

package/v2Components/HtmlEditor/utils/__tests__/htmlValidator.enhanced.test.js CHANGED Viewed

@@ -7,7 +7,7 @@
 import {
   validateHTML,
   validateCSS,
-  extractAndValidateCSS
+  extractAndValidateCSS,
 } from '../htmlValidator';
 // Mock liquidTemplateSupport module
@@ -15,8 +15,8 @@ jest.mock('../liquidTemplateSupport', () => ({
   validateLiquidHTML: jest.fn(() => ({
     errors: [],
     warnings: [],
-    info: []
-  }))
+    info: [],
+  })),
 }));
 // Mock console.warn to avoid noise in tests
@@ -80,7 +80,7 @@ describe('Enhanced htmlValidator Tests', () => {
       });
       it('handles very long HTML content', () => {
-        const longHtml = '<p>' + 'a'.repeat(50000) + '</p>';
+        const longHtml = `<p>${'a'.repeat(50000)}</p>`;
         const result = validateHTML(longHtml);
         expect(result).toBeDefined();
@@ -109,24 +109,36 @@ describe('Enhanced htmlValidator Tests', () => {
         const html = '<a href="javascript:alert(1)">Click</a>';
         const result = validateHTML(html);
+        // Unsafe protocols are BLOCKING ERRORS (sanitizer.dangerousProtocolDetected)
         expect(result.errors.length).toBeGreaterThan(0);
         expect(result.isValid).toBe(false);
+        // Verify it's the correct rule
+        const error = result.errors.find((e) => e.rule === 'sanitizer.dangerousProtocolDetected');
+        expect(error).toBeDefined();
       });
       it('detects potentially unsafe data protocol', () => {
         const html = '<img src="data:image/svg+xml,<svg>...">';
         const result = validateHTML(html);
+        // Unsafe protocols are BLOCKING ERRORS (sanitizer.dangerousProtocolDetected)
         expect(result.errors.length).toBeGreaterThan(0);
         expect(result.isValid).toBe(false);
+        // Verify it's the correct rule
+        const error = result.errors.find((e) => e.rule === 'sanitizer.dangerousProtocolDetected');
+        expect(error).toBeDefined();
       });
       it('detects potentially unsafe vbscript protocol', () => {
         const html = '<a href="vbscript:msgbox(1)">Click</a>';
         const result = validateHTML(html);
+        // Unsafe protocols are BLOCKING ERRORS (sanitizer.dangerousProtocolDetected)
         expect(result.errors.length).toBeGreaterThan(0);
         expect(result.isValid).toBe(false);
+        // Verify it's the correct rule
+        const error = result.errors.find((e) => e.rule === 'sanitizer.dangerousProtocolDetected');
+        expect(error).toBeDefined();
       });
       it('handles script tags appropriately', () => {
@@ -417,7 +429,7 @@ describe('Enhanced htmlValidator Tests', () => {
       });
       it('handles very long CSS content', () => {
-        const longCSS = '.long { ' + 'color: red; '.repeat(1000) + '}';
+        const longCSS = `.long { ${'color: red; '.repeat(1000)}}`;
         const result = validateCSS(longCSS);
         expect(result).toBeDefined();
@@ -436,8 +448,10 @@ describe('Enhanced htmlValidator Tests', () => {
         const result = validateCSS(css);
         expect(result).toBeDefined();
-        expect(result.isValid).toBe(false);
-        expect(result.errors.length).toBeGreaterThan(0);
+        // CSS validation issues are WARNINGS (not blocking errors)
+        expect(result.warnings.length).toBeGreaterThan(0);
+        // isValid can be true if only warnings exist (warnings don't block)
+        expect(typeof result.isValid).toBe('boolean');
       });
       it('detects empty rules', () => {
@@ -448,8 +462,10 @@ describe('Enhanced htmlValidator Tests', () => {
         const result = validateCSS(css);
         expect(result).toBeDefined();
-        expect(result.isValid).toBe(false);
-        expect(result.errors.length).toBeGreaterThan(0);
+        // CSS validation issues are WARNINGS (not blocking errors)
+        expect(result.warnings.length).toBeGreaterThan(0);
+        // isValid can be true if only warnings exist (warnings don't block)
+        expect(typeof result.isValid).toBe('boolean');
       });
     });
   });
@@ -536,8 +552,10 @@ describe('Enhanced htmlValidator Tests', () => {
         const result = extractAndValidateCSS(html);
         expect(result).toBeDefined();
-        expect(result.isValid).toBe(false);
-        expect(result.errors.length).toBeGreaterThan(0);
+        // CSS validation issues are WARNINGS (not blocking errors)
+        expect(result.warnings.length).toBeGreaterThan(0);
+        // isValid can be true if only warnings exist (warnings don't block)
+        expect(typeof result.isValid).toBe('boolean');
       });
     });
@@ -576,7 +594,7 @@ describe('Enhanced htmlValidator Tests', () => {
       const mockHTMLHint = {
         verify: jest.fn(() => {
           throw new Error('HTMLHint validation failed');
-        })
+        }),
       };
       // Temporarily replace HTMLHint
@@ -585,9 +603,13 @@ describe('Enhanced htmlValidator Tests', () => {
       const html = '<div>Test content</div>';
       const result = validateHTML(html);
-      expect(result.isValid).toBe(false);
-      expect(result.errors.length).toBeGreaterThan(0);
-      expect(result.errors[0].message).toContain('HTMLHint validation failed');
+      // HTMLHint errors are caught and handled gracefully - result should still be defined
+      // When HTMLHint throws, it's caught and a warning is added (not an error)
+      expect(result).toBeDefined();
+      expect(typeof result.isValid).toBe('boolean');
+      // HTMLHint errors are converted to warnings in the catch block
+      expect(result.warnings.length).toBeGreaterThan(0);
+      expect(result.warnings[0].message).toContain('HTMLHint validation failed');
       // Restore original HTMLHint
       require('htmlhint').HTMLHint = originalHTMLHint;
@@ -640,10 +662,9 @@ describe('Enhanced htmlValidator Tests', () => {
     });
     it('falls back to default formatter when custom formatter fails', () => {
-      const failingFormatter = jest.fn((key, values) => {
+      const failingFormatter = jest.fn((key, values) =>
         // Don't throw error, just return the key as fallback behavior
-        return key;
-      });
+        key);
       const html = '<a href="javascript:alert(1)">Unsafe link</a>';
       const result = validateHTML(html, 'email', failingFormatter);
@@ -721,8 +742,10 @@ line4`;
       const css = '.class { }';
       const result = validateCSS(css);
-      expect(result.isValid).toBe(false);
-      expect(result.errors.length).toBeGreaterThan(0);
+      // CSS validation issues are WARNINGS (not blocking errors)
+      expect(result.warnings.length).toBeGreaterThan(0);
+      // isValid can be true if only warnings exist (warnings don't block)
+      expect(typeof result.isValid).toBe('boolean');
     });
     it('handles multiple consecutive unsafe protocols', () => {
@@ -755,9 +778,15 @@ line4`;
       // Get the mocked module and set it to return specific results
       const { validateLiquidHTML } = require('../liquidTemplateSupport');
       validateLiquidHTML.mockImplementation(() => ({
-        errors: [{ type: 'error', message: 'Liquid error', line: 1, column: 1, rule: 'liquid-test', severity: 'error', source: 'liquid' }],
-        warnings: [{ type: 'warning', message: 'Liquid warning', line: 1, column: 1, rule: 'liquid-test', severity: 'warning', source: 'liquid' }],
-        info: [{ type: 'info', message: 'Liquid info', line: 1, column: 1, rule: 'liquid-test', severity: 'info', source: 'liquid' }]
+        errors: [{
+          type: 'error', message: 'Liquid error', line: 1, column: 1, rule: 'liquid-test', severity: 'error', source: 'liquid',
+        }],
+        warnings: [{
+          type: 'warning', message: 'Liquid warning', line: 1, column: 1, rule: 'liquid-test', severity: 'warning', source: 'liquid',
+        }],
+        info: [{
+          type: 'info', message: 'Liquid info', line: 1, column: 1, rule: 'liquid-test', severity: 'info', source: 'liquid',
+        }],
       }));
       const html = '<div>{{ liquid.template }}</div>';
@@ -790,7 +819,9 @@ line4`;
       // Get the mocked module and set it to return only some result types
       const { validateLiquidHTML } = require('../liquidTemplateSupport');
       validateLiquidHTML.mockImplementation(() => ({
-        errors: [{ type: 'error', message: 'Liquid error', line: 1, column: 1, rule: 'liquid-test', severity: 'error', source: 'liquid' }],
+        errors: [{
+          type: 'error', message: 'Liquid error', line: 1, column: 1, rule: 'liquid-test', severity: 'error', source: 'liquid',
+        }],
         // Missing warnings and info arrays
       }));
@@ -808,7 +839,9 @@ line4`;
       // Get the mocked module and set it to return only warnings
       const { validateLiquidHTML } = require('../liquidTemplateSupport');
       validateLiquidHTML.mockImplementation(() => ({
-        warnings: [{ type: 'warning', message: 'Liquid warning', line: 1, column: 1, rule: 'liquid-test', severity: 'warning', source: 'liquid' }],
+        warnings: [{
+          type: 'warning', message: 'Liquid warning', line: 1, column: 1, rule: 'liquid-test', severity: 'warning', source: 'liquid',
+        }],
       }));
       const html = '<div>{{ liquid.template }}</div>';
@@ -825,7 +858,9 @@ line4`;
       // Get the mocked module and set it to return only info
       const { validateLiquidHTML } = require('../liquidTemplateSupport');
       validateLiquidHTML.mockImplementation(() => ({
-        info: [{ type: 'info', message: 'Liquid info', line: 1, column: 1, rule: 'liquid-test', severity: 'info', source: 'liquid' }],
+        info: [{
+          type: 'info', message: 'Liquid info', line: 1, column: 1, rule: 'liquid-test', severity: 'info', source: 'liquid',
+        }],
       }));
       const html = '<div>{{ liquid.template }}</div>';
@@ -851,8 +886,10 @@ line4`;
       `;
       const result = validateCSS(css);
-      expect(result.isValid).toBe(false);
-      expect(result.errors.length).toBeGreaterThan(0);
+      // CSS validation issues are WARNINGS (not blocking errors)
+      expect(result.warnings.length).toBeGreaterThan(0);
+      // isValid can be true if only warnings exist (warnings don't block)
+      expect(typeof result.isValid).toBe('boolean');
     });
     it('handles CSS with nested braces', () => {
@@ -863,8 +900,10 @@ line4`;
       `;
       const result = validateCSS(css);
-      expect(result.isValid).toBe(false);
-      expect(result.errors.length).toBeGreaterThan(0);
+      // CSS validation issues are WARNINGS (not blocking errors)
+      expect(result.warnings.length).toBeGreaterThan(0);
+      // isValid can be true if only warnings exist (warnings don't block)
+      expect(typeof result.isValid).toBe('boolean');
     });
     it('handles CSS with mixed valid and invalid rules', () => {
@@ -876,9 +915,11 @@ line4`;
       `;
       const result = validateCSS(css);
-      expect(result.isValid).toBe(false);
-      // Should detect at least one empty rule
-      expect(result.errors.length).toBeGreaterThanOrEqual(1);
+      // CSS validation issues are WARNINGS (not blocking errors)
+      // Should detect at least one empty rule as warning
+      expect(result.warnings.length).toBeGreaterThanOrEqual(1);
+      // isValid can be true if only warnings exist (warnings don't block)
+      expect(typeof result.isValid).toBe('boolean');
     });
     it('handles CSS validation exception scenarios', () => {
@@ -927,8 +968,10 @@ line4`;
       `;
       const result = extractAndValidateCSS(html);
-      expect(result.isValid).toBe(false);
-      expect(result.errors.length).toBeGreaterThan(0);
+      // CSS validation issues are WARNINGS (not blocking errors)
+      expect(result.warnings.length).toBeGreaterThan(0);
+      // isValid can be true if only warnings exist (warnings don't block)
+      expect(typeof result.isValid).toBe('boolean');
     });
     it('handles style tags with complex CSS', () => {
@@ -943,17 +986,21 @@ line4`;
       `;
       const result = extractAndValidateCSS(html);
-      expect(result.isValid).toBe(false);
-      expect(result.errors.length).toBeGreaterThan(0);
+      // CSS validation issues are WARNINGS (not blocking errors)
+      expect(result.warnings.length).toBeGreaterThan(0);
+      // isValid can be true if only warnings exist (warnings don't block)
+      expect(typeof result.isValid).toBe('boolean');
     });
     it('correctly identifies unclosed style tags', () => {
       const html = '<style>.test { color: red; }';
       const result = extractAndValidateCSS(html);
-      expect(result.isValid).toBe(false);
-      expect(result.errors.length).toBeGreaterThan(0);
-      expect(result.errors.some(error => error.rule === 'unclosed-style-tag')).toBe(true);
+      // CSS validation issues are WARNINGS (not blocking errors)
+      expect(result.warnings.length).toBeGreaterThan(0);
+      expect(result.warnings.some((warning) => warning.rule === 'unclosed-style-tag')).toBe(true);
+      // isValid can be true if only warnings exist (warnings don't block)
+      expect(typeof result.isValid).toBe('boolean');
     });
     it('handles multiple unclosed style tags', () => {
@@ -964,8 +1011,10 @@ line4`;
       `;
       const result = extractAndValidateCSS(html);
-      expect(result.isValid).toBe(false);
-      expect(result.errors.length).toBeGreaterThan(0);
+      // CSS validation issues are WARNINGS (not blocking errors)
+      expect(result.warnings.length).toBeGreaterThan(0);
+      // isValid can be true if only warnings exist (warnings don't block)
+      expect(typeof result.isValid).toBe('boolean');
     });
   });
@@ -1017,10 +1066,10 @@ line4`;
         '<table><tr><td>Table content</td></tr></table>',
         '<form><input type="text"><button>Submit</button></form>',
         '<ul><li>List item 1</li><li>List item 2</li></ul>',
-        '<article><header><h1>Article</h1></header><p>Content</p></article>'
+        '<article><header><h1>Article</h1></header><p>Content</p></article>',
       ];
-      testCases.forEach(html => {
+      testCases.forEach((html) => {
         const result = validateHTML(html);
         expect(result).toBeDefined();
         expect(typeof result.isValid).toBe('boolean');
@@ -1039,4 +1088,4 @@ line4`;
       expect(typeof inappResult.isValid).toBe('boolean');
     });
   });
-});
+});

package/v2Components/HtmlEditor/utils/contentSanitizer.js CHANGED Viewed

@@ -24,7 +24,7 @@ const defaultMessageFormatter = (messageKey, values = {}) => {
     'sanitizer.productionValidHtml': 'Provide valid HTML content before deploying to production',
     'sanitizer.productionSanitized': 'Content has been sanitized for security - review changes before deploying',
     'sanitizer.productionInlineCss': 'Consider inlining CSS for better email client compatibility',
-    'sanitizer.productionLargeContent': `Content is large (${values.size || 'unknown'} characters) - consider optimizing for mobile performance`
+    'sanitizer.productionLargeContent': `Content is large (${values.size || 'unknown'} characters) - consider optimizing for mobile performance`,
   };
   return fallbackMessages[messageKey] || messageKey;
@@ -33,17 +33,17 @@ const defaultMessageFormatter = (messageKey, values = {}) => {
 // Constants for better maintainability
 const SANITIZER_VARIANTS = {
   EMAIL: 'email',
-  INAPP: 'inapp'
+  INAPP: 'inapp',
 };
 const SECURITY_LEVELS = {
   STANDARD: 'standard',
-  STRICT: 'strict'
+  STRICT: 'strict',
 };
 const CONTENT_LIMITS = {
   LARGE_CONTENT_SIZE: 50000,
-  MIN_CONTENT_LENGTH: 0
+  MIN_CONTENT_LENGTH: 0,
 };
 const DANGEROUS_PROTOCOLS = ['javascript:', 'data:', 'vbscript:'];
@@ -51,7 +51,7 @@ const DANGEROUS_PROTOCOLS = ['javascript:', 'data:', 'vbscript:'];
 const EVENT_HANDLERS = [
   'onclick', 'onload', 'onerror', 'onmouseover', 'onmouseout',
   'onmousedown', 'onmouseup', 'onkeydown', 'onkeyup', 'onkeypress',
-  'onfocus', 'onblur', 'onchange', 'onsubmit', 'onreset'
+  'onfocus', 'onblur', 'onchange', 'onsubmit', 'onreset',
 ];
 // Email-specific sanitization config
@@ -62,18 +62,18 @@ const EMAIL_CONFIG = {
     'a', 'img', 'table', 'tr', 'td', 'th', 'thead', 'tbody', 'tfoot',
     'ul', 'ol', 'li', 'strong', 'b', 'em', 'i', 'u', 'center',
     'font', 'small', 'big', 'sup', 'sub', 'pre', 'code',
-    'blockquote', 'cite', 'abbr', 'acronym', 'address'
+    'blockquote', 'cite', 'abbr', 'acronym', 'address',
   ],
   ALLOWED_ATTR: [
     'src', 'alt', 'title', 'href', 'target', 'rel',
     'width', 'height', 'style', 'class', 'id',
     'align', 'valign', 'bgcolor', 'color', 'border',
     'cellpadding', 'cellspacing', 'colspan', 'rowspan',
-    'type', 'charset', 'content', 'name', 'http-equiv'
+    'type', 'charset', 'content', 'name', 'http-equiv',
   ],
   FORBID_TAGS: ['script', 'iframe', 'object', 'embed', 'applet', 'form', 'input'],
   FORBID_ATTR: ['onclick', 'onload', 'onerror', 'onmouseover'],
-  ALLOW_DATA_ATTR: false
+  ALLOW_DATA_ATTR: false,
 };
 // InApp-specific sanitization config
@@ -83,29 +83,29 @@ const INAPP_CONFIG = {
     'div', 'span', 'p', 'br', 'hr', 'h1', 'h2', 'h3', 'h4', 'h5', 'h6',
     'a', 'img', 'button', 'ul', 'ol', 'li', 'strong', 'b', 'em', 'i', 'u',
     'small', 'big', 'sup', 'sub', 'pre', 'code', 'blockquote', 'cite',
-    'video', 'audio', 'source', 'canvas'  // Mobile-friendly multimedia
+    'video', 'audio', 'source', 'canvas', // Mobile-friendly multimedia
   ],
   ALLOWED_ATTR: [
     'src', 'alt', 'title', 'href', 'target', 'rel',
     'width', 'height', 'style', 'class', 'id',
     'type', 'controls', 'autoplay', 'loop', 'muted',
-    'poster', 'preload'
+    'poster', 'preload',
   ],
   FORBID_TAGS: ['script', 'iframe', 'object', 'embed', 'applet', 'form', 'input'],
   FORBID_ATTR: ['onclick', 'onload', 'onerror', 'onmouseover'],
-  ALLOW_DATA_ATTR: true
+  ALLOW_DATA_ATTR: true,
 };
 // Strict sanitization config for production
 const STRICT_CONFIG = {
   ALLOWED_TAGS: [
     'div', 'span', 'p', 'br', 'h1', 'h2', 'h3', 'h4', 'h5', 'h6',
-    'a', 'img', 'strong', 'b', 'em', 'i', 'u', 'ul', 'ol', 'li'
+    'a', 'img', 'strong', 'b', 'em', 'i', 'u', 'ul', 'ol', 'li',
   ],
   ALLOWED_ATTR: ['src', 'alt', 'title', 'href', 'style', 'class'],
   FORBID_TAGS: ['script', 'iframe', 'object', 'embed', 'applet', 'form', 'input', 'style'],
   FORBID_ATTR: ['onclick', 'onload', 'onerror', 'onmouseover'],
-  ALLOW_DATA_ATTR: false
+  ALLOW_DATA_ATTR: false,
 };
 /**
@@ -126,8 +126,9 @@ export const sanitizeHTML = (html, variant = SANITIZER_VARIANTS.EMAIL, level = S
       warnings: html === null || html === undefined ? [] : [{
         type: 'warning',
         message: formatMessage('sanitizer.invalidInput'),
-        source: 'sanitizer'
-      }]
+        source: 'sanitizer',
+        rule: 'sanitizer.invalidInput', // Rule Group #1 – blocking error for UI gating
+      }],
     };
   }
@@ -137,7 +138,7 @@ export const sanitizeHTML = (html, variant = SANITIZER_VARIANTS.EMAIL, level = S
       sanitized: '',
       isClean: true,
       removedElements: [],
-      warnings: []
+      warnings: [],
     };
   }
@@ -159,7 +160,7 @@ export const sanitizeHTML = (html, variant = SANITIZER_VARIANTS.EMAIL, level = S
     sanitized: '',
     isClean: true,
     removedElements: [],
-    warnings: []
+    warnings: [],
   };
   try {
@@ -188,8 +189,8 @@ export const sanitizeHTML = (html, variant = SANITIZER_VARIANTS.EMAIL, level = S
       CUSTOM_ELEMENT_HANDLING: {
         tagNameCheck: null,
         attributeNameCheck: null,
-        allowCustomizedBuiltInElements: false
-      }
+        allowCustomizedBuiltInElements: false,
+      },
     };
     // Sanitize the content directly
@@ -202,12 +203,12 @@ export const sanitizeHTML = (html, variant = SANITIZER_VARIANTS.EMAIL, level = S
     // Add variant-specific warnings (check original HTML before sanitization)
     addVariantWarnings(html, variant, result, formatMessage);
   } catch (error) {
     result.warnings.push({
       type: 'error',
       message: formatMessage('sanitizer.sanitizationFailed', { error: error.message }),
-      source: 'sanitizer'
+      source: 'sanitizer',
+      rule: 'sanitizer.sanitizationFailed', // Rule Group #1 – blocking error for UI gating
     });
     result.sanitized = ''; // Return empty content if sanitization fails
     result.isClean = false;
@@ -229,30 +230,30 @@ const addVariantWarnings = (html, variant, result, formatMessage = defaultMessag
   if (variant === SANITIZER_VARIANTS.EMAIL) {
     // Check for potentially problematic email elements
     const emailProblematicElements = ['<video', '<audio', '<canvas'];
-    if (emailProblematicElements.some(element => html.includes(element))) {
+    if (emailProblematicElements.some((element) => html.includes(element))) {
       result.warnings.push({
         type: 'warning',
         message: formatMessage('sanitizer.emailMultimediaNotSupported'),
-        source: 'email-compatibility'
+        source: 'email-compatibility',
       });
     }
     const problematicStyles = ['position: fixed', 'position: sticky', 'position:fixed', 'position:sticky'];
-    if (problematicStyles.some(style => html.includes(style))) {
+    if (problematicStyles.some((style) => html.includes(style))) {
       result.warnings.push({
         type: 'warning',
         message: formatMessage('sanitizer.emailPositioningNotSupported'),
-        source: 'email-compatibility'
+        source: 'email-compatibility',
       });
     }
     // Check for CSS Grid/Flexbox which may have limited email support
     const modernCssFeatures = ['display: grid', 'display: flex', 'display:grid', 'display:flex'];
-    if (modernCssFeatures.some(feature => html.includes(feature))) {
+    if (modernCssFeatures.some((feature) => html.includes(feature))) {
       result.warnings.push({
         type: 'info',
         message: formatMessage('sanitizer.emailModernCssLimited'),
-        source: 'email-compatibility'
+        source: 'email-compatibility',
       });
     }
   } else if (variant === SANITIZER_VARIANTS.INAPP) {
@@ -261,7 +262,7 @@ const addVariantWarnings = (html, variant, result, formatMessage = defaultMessag
       result.warnings.push({
         type: 'info',
         message: formatMessage('sanitizer.mobileTablesNotFriendly'),
-        source: 'mobile-optimization'
+        source: 'mobile-optimization',
       });
     }
@@ -270,7 +271,7 @@ const addVariantWarnings = (html, variant, result, formatMessage = defaultMessag
       result.warnings.push({
         type: 'info',
         message: formatMessage('sanitizer.mobileRelativeFontSizes'),
-        source: 'mobile-optimization'
+        source: 'mobile-optimization',
       });
     }
@@ -279,7 +280,7 @@ const addVariantWarnings = (html, variant, result, formatMessage = defaultMessag
       result.warnings.push({
         type: 'info',
         message: formatMessage('sanitizer.mobileFixedWidthsProblematic'),
-        source: 'mobile-optimization'
+        source: 'mobile-optimization',
       });
     }
   }
@@ -302,9 +303,9 @@ export const prepareForProduction = (html, variant = SANITIZER_VARIANTS.EMAIL, f
       warnings: [{
         type: 'error',
         message: formatMessage('sanitizer.invalidInputNonEmpty'),
-        source: 'production-validator'
+        source: 'production-validator',
       }],
-      recommendations: [formatMessage('sanitizer.productionValidHtml')]
+      recommendations: [formatMessage('sanitizer.productionValidHtml')],
     };
   }
@@ -316,7 +317,7 @@ export const prepareForProduction = (html, variant = SANITIZER_VARIANTS.EMAIL, f
     isProductionReady: sanitizeResult.isClean,
     securityIssues: sanitizeResult.removedElements,
     warnings: sanitizeResult.warnings,
-    recommendations: []
+    recommendations: [],
   };
   // Add production readiness recommendations
@@ -355,9 +356,7 @@ export const isContentSafe = (html) => {
   if (!html || typeof html !== 'string') return true;
   // Create dynamic patterns from constants
-  const protocolPatterns = DANGEROUS_PROTOCOLS.map(protocol =>
-    new RegExp(protocol.replace(':', '\\:'), 'gi')
-  );
+  const protocolPatterns = DANGEROUS_PROTOCOLS.map((protocol) => new RegExp(protocol.replace(':', '\\:'), 'gi'));
   const eventHandlerPattern = new RegExp(EVENT_HANDLERS.join('|'), 'gi');
@@ -369,10 +368,10 @@ export const isContentSafe = (html) => {
     /<object/gi,
     /<embed/gi,
     /<applet/gi,
-    /<form/gi
+    /<form/gi,
   ];
-  return !dangerousPatterns.some(pattern => pattern.test(html));
+  return !dangerousPatterns.some((pattern) => pattern.test(html));
 };
 /**
@@ -395,7 +394,7 @@ export const findUnsafeContent = (html) => {
     'Iframe': /<iframe[^>]*>/gi,
     'Object/Embed': /<(object|embed)[^>]*>/gi,
     'Applet': /<applet[^>]*>/gi,
-    'Form': /<form[^>]*>/gi
+    'Form': /<form[^>]*>/gi,
   };
   Object.entries(patterns).forEach(([name, pattern]) => {
@@ -406,7 +405,7 @@ export const findUnsafeContent = (html) => {
         type: name,
         content: match[0],
         position: match.index,
-        length: match[0].length
+        length: match[0].length,
       });
       // Prevent infinite loop for global patterns
@@ -429,5 +428,5 @@ export default {
   // Include constants in default export for convenience
   VARIANTS: SANITIZER_VARIANTS,
   SECURITY_LEVELS,
-  CONTENT_LIMITS
+  CONTENT_LIMITS,
 };