@linkiez/dxf-renew 7.4.2 → 7.4.4

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (9) hide show
  1. package/.yarn/install-state.gz +0 -0
  2. package/CHANGELOG.md +16 -0
  3. package/eslint.config.js +99 -0
  4. package/examples/text-dimension-viewer.html +38 -12
  5. package/package.json +16 -14
  6. package/tools/browser_test_server.cjs +3 -0
  7. package/types/index.d.ts +1 -1
  8. package/.eslintignore +0 -17
  9. package/.eslintrc.json +0 -46
package/.yarn/install-state.gz CHANGED
Binary file
package/CHANGELOG.md CHANGED
@@ -5,6 +5,22 @@ All notable changes to this project will be documented in this file.
5
5
  The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/),
6
6
  and this project adheres to [Semantic Versioning](https://semver.org/).
7
7
 
8
+ ## <small>7.4.4 (2026-02-07)</small>
9
+
10
+ * fix(eslint): resolve linting errors for CJS files and type definitions ([236b9eb](https://github.com/linkiez/DXF-Renewed/commit/236b9eb))
11
+ * chore: update code structure with multiple empty code change sections ([bd2a232](https://github.com/linkiez/DXF-Renewed/commit/bd2a232))
12
+ * chore(eslint): migrate to ESLint v10 flat config ([846ba4a](https://github.com/linkiez/DXF-Renewed/commit/846ba4a))
13
+
14
+ ## <small>7.4.3 (2026-02-07)</small>
15
+
16
+ * fix(security): resolve XSS vulnerabilities and HTTP security warnings ([e6f01f3](https://github.com/linkiez/DXF-Renewed/commit/e6f01f3))
17
+ * chore(deps)(deps): bump commander in the production-dependencies group ([0b68bf7](https://github.com/linkiez/DXF-Renewed/commit/0b68bf7))
18
+ * chore(deps)(deps): bump npm from 11.6.2 to 11.9.0 ([59fa205](https://github.com/linkiez/DXF-Renewed/commit/59fa205))
19
+ * chore(deps)(deps): bump tar from 7.5.6 to 7.5.7 ([5df767a](https://github.com/linkiez/DXF-Renewed/commit/5df767a))
20
+ * Merge pull request #20 from linkiez/dependabot/npm_and_yarn/tar-7.5.7 ([077ec69](https://github.com/linkiez/DXF-Renewed/commit/077ec69)), closes [#20](https://github.com/linkiez/DXF-Renewed/issues/20)
21
+ * Merge pull request #21 from linkiez/dependabot/npm_and_yarn/production-dependencies-62484dca60 ([b123800](https://github.com/linkiez/DXF-Renewed/commit/b123800)), closes [#21](https://github.com/linkiez/DXF-Renewed/issues/21)
22
+ * Merge pull request #23 from linkiez/dependabot/npm_and_yarn/npm-11.9.0 ([4535639](https://github.com/linkiez/DXF-Renewed/commit/4535639)), closes [#23](https://github.com/linkiez/DXF-Renewed/issues/23)
23
+
8
24
  ## <small>7.4.2 (2026-01-21)</small>
9
25
 
10
26
  * fix: update ESLint workflow config file reference ([4a35e59](https://github.com/linkiez/DXF-Renewed/commit/4a35e59))
package/eslint.config.js ADDED
@@ -0,0 +1,99 @@
1
+ import js from '@eslint/js'
2
+ import eslintConfigPrettier from 'eslint-config-prettier'
3
+ import tseslint from 'typescript-eslint'
4
+
5
+ export default [
6
+ // Ignore patterns (replaces .eslintignore)
7
+ {
8
+ ignores: [
9
+ 'test/**/*',
10
+ 'lib/**/*',
11
+ 'dist/**/*',
12
+ 'node_modules/**/*',
13
+ '*.config.js',
14
+ '*.config.cjs',
15
+ 'build.mjs',
16
+ 'examples/**/*'
17
+ ]
18
+ },
19
+
20
+ // Base JavaScript configuration
21
+ js.configs.recommended,
22
+
23
+ // TypeScript configuration
24
+ ...tseslint.configs.recommended,
25
+
26
+ // CommonJS files configuration
27
+ {
28
+ files: ['**/*.cjs'],
29
+ languageOptions: {
30
+ ecmaVersion: 2020,
31
+ sourceType: 'commonjs',
32
+ globals: {
33
+ // Node.js globals
34
+ console: 'readonly',
35
+ process: 'readonly',
36
+ Buffer: 'readonly',
37
+ __dirname: 'readonly',
38
+ __filename: 'readonly',
39
+ module: 'readonly',
40
+ require: 'readonly',
41
+ exports: 'readonly',
42
+ global: 'readonly',
43
+ globalThis: 'readonly',
44
+ URL: 'readonly',
45
+ }
46
+ },
47
+ rules: {
48
+ '@typescript-eslint/no-require-imports': 'off'
49
+ }
50
+ },
51
+
52
+ // Custom rules for JS/TS modules
53
+ {
54
+ files: ['**/*.js', '**/*.mjs', '**/*.ts', '**/*.tsx'],
55
+ languageOptions: {
56
+ ecmaVersion: 2020,
57
+ sourceType: 'module',
58
+ globals: {
59
+ // Node.js globals
60
+ console: 'readonly',
61
+ process: 'readonly',
62
+ Buffer: 'readonly',
63
+ __dirname: 'readonly',
64
+ __filename: 'readonly',
65
+ module: 'readonly',
66
+ require: 'readonly',
67
+ exports: 'readonly',
68
+ global: 'readonly',
69
+ globalThis: 'readonly',
70
+ URL: 'readonly',
71
+
72
+ // Browser globals
73
+ window: 'readonly',
74
+ document: 'readonly',
75
+ navigator: 'readonly',
76
+
77
+ // ES6+ globals
78
+ Atomics: 'readonly',
79
+ SharedArrayBuffer: 'readonly',
80
+
81
+ // Test globals
82
+ describe: 'readonly',
83
+ it: 'readonly',
84
+ before: 'readonly',
85
+ after: 'readonly',
86
+ beforeEach: 'readonly',
87
+ afterEach: 'readonly'
88
+ }
89
+ },
90
+ rules: {
91
+ 'no-lone-blocks': 'off',
92
+ '@typescript-eslint/no-explicit-any': 'off',
93
+ '@typescript-eslint/explicit-module-boundary-types': 'off'
94
+ }
95
+ },
96
+
97
+ // Prettier config (must be last to override other configs)
98
+ eslintConfigPrettier
99
+ ]
package/examples/text-dimension-viewer.html CHANGED
@@ -4,6 +4,7 @@
4
4
  <meta charset="UTF-8" />
5
5
  <title>DXF Text and Dimension Example</title>
6
6
  <script src="https://cdnjs.cloudflare.com/ajax/libs/require.js/2.3.2/require.min.js"></script>
7
+ <script src="https://cdnjs.cloudflare.com/ajax/libs/dompurify/3.0.6/purify.min.js"></script>
7
8
  <style>
8
9
  body {
9
10
  font-family: Arial, sans-serif;
@@ -83,23 +84,44 @@
83
84
  }
84
85
 
85
86
  function renderDXF(dxfContents) {
86
- window.requirejs(['../dist/dxf'], function (dxf) {
87
+ globalThis.requirejs(['../dist/dxf'], function (dxf) {
87
88
  dxf.config.verbose = true
88
89
  try {
89
- numberOfEntities.innerHTML = 'processing...'
90
+ numberOfEntities.textContent = 'processing...'
90
91
  const helper = new dxf.Helper(dxfContents)
91
- numberOfEntities.innerHTML = helper.denormalised.length
92
+ // Convert to string explicitly to ensure safe output
93
+ numberOfEntities.textContent = String(helper.denormalised.length)
92
94
 
93
95
  const counts = countEntitiesByType(helper.denormalised)
94
- textCount.innerHTML = counts.TEXT
95
- mtextCount.innerHTML = counts.MTEXT
96
- dimensionCount.innerHTML = counts.DIMENSION
96
+ textCount.textContent = counts.TEXT
97
+ mtextCount.textContent = counts.MTEXT
98
+ dimensionCount.textContent = counts.DIMENSION
97
99
 
98
100
  const svg = helper.toSVG()
99
- svgContainer.innerHTML = svg
101
+ // Sanitize SVG content to prevent XSS attacks
102
+ if (globalThis.DOMPurify) {
103
+ // NOSONAR: DOMPurify.sanitize is specifically designed to handle untrusted input
104
+ // and provides comprehensive XSS protection for SVG content
105
+ const sanitizedSVG = globalThis.DOMPurify.sanitize(svg, {
106
+ USE_PROFILES: { svg: true, svgFilters: true },
107
+ ADD_ATTR: ['xmlns', 'viewBox', 'width', 'height']
108
+ })
109
+ svgContainer.innerHTML = sanitizedSVG
110
+ } else {
111
+ // Fallback: create a safe error message
112
+ const warningParagraph = document.createElement('p')
113
+ warningParagraph.style.color = 'orange'
114
+ warningParagraph.textContent = 'DOMPurify not loaded. Cannot safely display SVG.'
115
+ svgContainer.innerHTML = ''
116
+ svgContainer.appendChild(warningParagraph)
117
+ }
100
118
  } catch (error) {
101
119
  console.error('Error rendering DXF:', error)
102
- svgContainer.innerHTML = '<p style="color: red;">Error: ' + error.message + '</p>'
120
+ const errorParagraph = document.createElement('p')
121
+ errorParagraph.style.color = 'red'
122
+ errorParagraph.textContent = 'Error: ' + (error?.message || 'Unknown error')
123
+ svgContainer.innerHTML = ''
124
+ svgContainer.appendChild(errorParagraph)
103
125
  }
104
126
  })
105
127
  }
@@ -107,7 +129,7 @@
107
129
  fileInput.addEventListener('change', function (event) {
108
130
  var file = event.target.files[0]
109
131
  var reader = new FileReader()
110
- numberOfEntities.innerHTML = 'reading...'
132
+ numberOfEntities.textContent = 'reading...'
111
133
  reader.onload = function (e) {
112
134
  if (e.target.readyState === 2) {
113
135
  renderDXF(e.target.result)
@@ -116,8 +138,8 @@
116
138
  reader.readAsBinaryString(file)
117
139
  })
118
140
 
119
- window.loadTestFile = function(filename) {
120
- numberOfEntities.innerHTML = 'loading...'
141
+ globalThis.loadTestFile = function(filename) {
142
+ numberOfEntities.textContent = 'loading...'
121
143
  fetch('../test/resources/' + filename)
122
144
  .then(response => response.text())
123
145
  .then(dxfContents => {
@@ -125,7 +147,11 @@
125
147
  })
126
148
  .catch(error => {
127
149
  console.error('Error loading file:', error)
128
- svgContainer.innerHTML = '<p style="color: red;">Error loading file: ' + error.message + '</p>'
150
+ const errorParagraph = document.createElement('p')
151
+ errorParagraph.style.color = 'red'
152
+ errorParagraph.textContent = 'Error loading file: ' + (error?.message || 'Unknown error')
153
+ svgContainer.innerHTML = ''
154
+ svgContainer.appendChild(errorParagraph)
129
155
  })
130
156
  }
131
157
  </script>
package/package.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "@linkiez/dxf-renew",
3
- "version": "7.4.2",
3
+ "version": "7.4.4",
4
4
  "description": "DXF parser for node/browser",
5
5
  "type": "module",
6
6
  "main": "lib/index.js",
@@ -63,42 +63,44 @@
63
63
  },
64
64
  "homepage": "https://github.com/linkiez/DXF-Renewed",
65
65
  "devDependencies": {
66
- "@commitlint/cli": "^20.3.1",
67
- "@commitlint/config-conventional": "^20.3.1",
68
- "@playwright/test": "^1.57.0",
66
+ "@commitlint/cli": "^20.4.1",
67
+ "@commitlint/config-conventional": "^20.4.1",
68
+ "@eslint/js": "^10.0.1",
69
+ "@playwright/test": "^1.58.2",
69
70
  "@semantic-release/changelog": "^6.0.3",
70
71
  "@semantic-release/git": "^10.0.1",
71
- "@semantic-release/github": "^12.0.2",
72
+ "@semantic-release/github": "^12.0.5",
72
73
  "@types/lodash": "^4.17.23",
73
74
  "@types/mocha": "^10.0.10",
74
- "@types/node": "^25.0.9",
75
- "@typescript-eslint/eslint-plugin": "^8.53.1",
76
- "@typescript-eslint/parser": "^8.53.1",
75
+ "@types/node": "^25.2.1",
76
+ "@typescript-eslint/eslint-plugin": "^8.54.0",
77
+ "@typescript-eslint/parser": "^8.54.0",
77
78
  "browserify": "^17.0.1",
78
79
  "commitizen": "^4.3.1",
79
80
  "cz-conventional-changelog": "^3.3.0",
80
- "esbuild": "^0.27.2",
81
- "eslint": "^8.57.0",
81
+ "esbuild": "^0.27.3",
82
+ "eslint": "^10.0.0",
82
83
  "eslint-config-prettier": "^10.1.8",
83
84
  "eslint-config-standard": "^17.1.0",
84
85
  "eslint-plugin-import": "^2.32.0",
85
- "eslint-plugin-n": "^16.6.2",
86
- "eslint-plugin-promise": "^6.6.0",
86
+ "eslint-plugin-n": "^17.23.2",
87
+ "eslint-plugin-promise": "^7.2.1",
87
88
  "expect": "^30.2.0",
88
89
  "husky": "^9.1.7",
89
90
  "mocha": "^11.7.5",
90
91
  "prettier": "^3.8.1",
91
92
  "rimraf": "^6.1.2",
92
- "semantic-release": "^25.0.2",
93
+ "semantic-release": "^25.0.3",
93
94
  "standard-version": "^9.5.0",
94
95
  "ts-node": "^10.9.2",
95
96
  "tsx": "^4.21.0",
96
97
  "typescript": "^5.9.3",
98
+ "typescript-eslint": "^8.54.0",
97
99
  "vite": "^7.3.1",
98
100
  "xml2js": "^0.6.2"
99
101
  },
100
102
  "dependencies": {
101
- "commander": "^14.0.2",
103
+ "commander": "^14.0.3",
102
104
  "lodash": "^4.17.23",
103
105
  "vecks": "^3.9.2"
104
106
  },
package/tools/browser_test_server.cjs CHANGED
@@ -41,6 +41,9 @@ function safeJoin(baseDir, requestedPath) {
41
41
  return resolvedTarget
42
42
  }
43
43
 
44
+ // NOSONAR: This is a local development test server for browser tests only.
45
+ // HTTP is appropriate and safe for localhost testing. HTTPS would require
46
+ // certificate management without providing security benefits for local testing.
44
47
  const server = http.createServer((req, res) => {
45
48
  const url = new URL(req.url || '/', `http://${req.headers.host || 'localhost'}`)
46
49
  const pathname = url.pathname
package/types/index.d.ts CHANGED
@@ -1,3 +1,3 @@
1
- /// <reference path="./shims/vecks.d.ts" />
1
+ import './shims/vecks'
2
2
 
3
3
  export * from '../lib/index'
package/.eslintignore DELETED
@@ -1,17 +0,0 @@
1
- # Test files
2
- test/**/*
3
-
4
- # Build output
5
- lib/**/*
6
- dist/**/*
7
-
8
- # Dependencies
9
- node_modules/**/*
10
-
11
- # Configuration files
12
- *.config.js
13
- *.config.cjs
14
- build.mjs
15
-
16
- # Examples
17
- examples/**/*
package/.eslintrc.json DELETED
@@ -1,46 +0,0 @@
1
- {
2
- "env": {
3
- "browser": true,
4
- "es6": true,
5
- "node": true
6
- },
7
- "extends": [
8
- "standard",
9
- "prettier"
10
- ],
11
- "globals": {
12
- "Atomics": "readonly",
13
- "SharedArrayBuffer": "readonly",
14
- "describe": "readonly",
15
- "it": "readonly",
16
- "before": "readonly",
17
- "after": "readonly",
18
- "beforeEach": "readonly",
19
- "afterEach": "readonly"
20
- },
21
- "parserOptions": {
22
- "ecmaVersion": 2020,
23
- "sourceType": "module"
24
- },
25
- "rules": {
26
- "no-lone-blocks": "off"
27
- },
28
- "overrides": [
29
- {
30
- "files": ["*.ts", "*.tsx"],
31
- "parser": "@typescript-eslint/parser",
32
- "parserOptions": {
33
- "ecmaVersion": 2020,
34
- "sourceType": "module"
35
- },
36
- "plugins": ["@typescript-eslint"],
37
- "extends": [
38
- "plugin:@typescript-eslint/recommended"
39
- ],
40
- "rules": {
41
- "@typescript-eslint/no-explicit-any": "off",
42
- "@typescript-eslint/explicit-module-boundary-types": "off"
43
- }
44
- }
45
- ]
46
- }