@naturalcycles/js-lib 15.76.1 → 15.78.0

package/dist/string/escape.d.ts

@@ -1,2 +1,3 @@
-export declare function htmlEscape(strings: string | TemplateStringsArray, ...values: any[]): string;
+import type { SafeHtml } from '../types.js';
+export declare function htmlEscape(strings: string | TemplateStringsArray, ...values: any[]): SafeHtml;
 export declare function htmlUnescape(strings: string | TemplateStringsArray, ...values: any[]): string;

package/dist/string/escape.js

@@ -10,7 +10,6 @@ Reasons:
 2. ESM-only
 
  */
-// Multiple `.replace()` calls are actually faster than using replacer functions
 function _htmlEscape(s) {
     return s
         .replaceAll('&', '&') // Must happen first or else it will escape other just-escaped characters.

package/dist/types.d.ts

@@ -276,6 +276,10 @@ export type Base64UrlString = string;
 export type JWTString = string;
 export declare const JWT_REGEX: RegExp;
 export type SemVerString = string;
+/**
+ * HTML string that was safely escaped/sanitized.
+ */
+export type SafeHtml = Branded<string, 'SafeHtml'>;
 /**
  * Named type for JSON.parse / JSON.stringify second argument
  */

package/package.json

@@ -1,7 +1,7 @@
 {
   "name": "@naturalcycles/js-lib",
   "type": "module",
-  "version": "15.76.1",
+  "version": "15.78.0",
   "dependencies": {
     "tslib": "^2"
   },
@@ -20,7 +20,7 @@
     "@typescript/native-preview": "beta",
     "crypto-js": "^4",
     "dayjs": "^1",
-    "@naturalcycles/dev-lib": "18.4.2"
+    "@naturalcycles/dev-lib": "20.49.0"
   },
   "exports": {
     ".": "./dist/index.js",

package/src/object/keySortedMap.ts

@@ -151,7 +151,7 @@ export class KeySortedMap<K, V> {
   forEach(cb: (value: V, key: K, map: Map<K, V>) => void, thisArg?: any): void {
     const { map } = this
     for (const k of this.#sortedKeys) {
-      cb.call(thisArg, map.get(k)!, k, this as unknown as Map<K, V>)
+      cb.call(thisArg, map.get(k)!, k, this)
     }
   }
 

package/src/object/lazyKeySortedMap.ts

@@ -128,7 +128,7 @@ export class LazyKeySortedMap<K, V> {
   forEach(cb: (value: V, key: K, map: Map<K, V>) => void, thisArg?: any): void {
     const { map } = this
     for (const k of this.getSortedKeys()) {
-      cb.call(thisArg, map.get(k)!, k, this as unknown as Map<K, V>)
+      cb.call(thisArg, map.get(k)!, k, this)
     }
   }
 

package/src/string/escape.ts

@@ -12,13 +12,15 @@ Reasons:
  */
 
 // Multiple `.replace()` calls are actually faster than using replacer functions
-function _htmlEscape(s: string): string {
+import type { SafeHtml } from '../types.js'
+
+function _htmlEscape(s: string): SafeHtml {
   return s
     .replaceAll('&', '&') // Must happen first or else it will escape other just-escaped characters.
     .replaceAll('"', '"')
     .replaceAll("'", ''')
     .replaceAll('<', '&lt;')
-    .replaceAll('>', '&gt;')
+    .replaceAll('>', '&gt;') as SafeHtml
 }
 
 function _htmlUnescape(html: string): string {
@@ -30,7 +32,7 @@ function _htmlUnescape(html: string): string {
     .replaceAll('&amp;', '&') // Must happen last or else it will unescape other characters in the wrong order.
 }
 
-export function htmlEscape(strings: string | TemplateStringsArray, ...values: any[]): string {
+export function htmlEscape(strings: string | TemplateStringsArray, ...values: any[]): SafeHtml {
   if (typeof strings === 'string') {
     return _htmlEscape(strings)
   }
@@ -40,7 +42,7 @@ export function htmlEscape(strings: string | TemplateStringsArray, ...values: an
     output = output + _htmlEscape(String(value)) + strings[index + 1]
   }
 
-  return output
+  return output as SafeHtml
 }
 
 export function htmlUnescape(strings: string | TemplateStringsArray, ...values: any[]): string {

package/src/types.ts

@@ -347,6 +347,11 @@ export const JWT_REGEX = /^[\w-]+\.[\w-]+\.[\w-]+$/
 
 export type SemVerString = string
 
+/**
+ * HTML string that was safely escaped/sanitized.
+ */
+export type SafeHtml = Branded<string, 'SafeHtml'>
+
 /**
  * Named type for JSON.parse / JSON.stringify second argument
  */