@startsimpli/ui 0.4.8 → 0.4.9

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@startsimpli/ui",
-  "version": "0.4.8",
+  "version": "0.4.9",
   "description": "Shared UI components package for StartSimpli applications",
   "main": "./src/index.ts",
   "types": "./src/index.ts",
@@ -50,47 +50,45 @@
     "@radix-ui/react-accordion": "^1.2.12",
     "@radix-ui/react-checkbox": "^1.3.3",
     "@radix-ui/react-collapsible": "^1.1.12",
-    "@radix-ui/react-dialog": "^1.1.1",
+    "@radix-ui/react-dialog": "^1.1.15",
     "@radix-ui/react-dropdown-menu": "^2.1.16",
-    "@radix-ui/react-label": "^2.1.0",
+    "@radix-ui/react-label": "^2.1.8",
     "@radix-ui/react-popover": "^1.1.15",
-    "@radix-ui/react-progress": "^1.1.7",
+    "@radix-ui/react-progress": "^1.1.8",
     "@radix-ui/react-scroll-area": "^1.2.10",
     "@radix-ui/react-select": "^2.2.6",
-    "@radix-ui/react-separator": "^1.1.7",
+    "@radix-ui/react-separator": "^1.1.8",
     "@radix-ui/react-slot": "^1.2.4",
     "@radix-ui/react-tabs": "^1.1.13",
     "@radix-ui/react-tooltip": "^1.2.8",
-    "class-variance-authority": "^0.7.0",
+    "class-variance-authority": "^0.7.1",
     "clsx": "^2.1.1",
     "date-fns": "^3.6.0",
-    "dompurify": "^3.3.1",
-    "isomorphic-dompurify": "^2.36.0",
+    "dompurify": "^3.4.1",
     "lucide-react": "^0.408.0",
-    "react-day-picker": "^9.13.2",
-    "tailwind-merge": "^2.4.0",
+    "react-day-picker": "^9.14.0",
+    "tailwind-merge": "^2.6.1",
     "tailwindcss-animate": "^1.0.7",
     "xlsx": "^0.18.5"
   },
   "devDependencies": {
-    "@tanstack/react-query": "^5.0.0",
-    "@swc/core": "^1.15.13",
+    "@swc/core": "^1.15.30",
     "@swc/jest": "^0.2.39",
-    "@testing-library/jest-dom": "^6.8.0",
-    "@testing-library/react": "^16.3.0",
+    "@tanstack/react-query": "^5.99.2",
+    "@testing-library/jest-dom": "^6.9.1",
+    "@testing-library/react": "^16.3.2",
     "@testing-library/user-event": "^14.6.1",
-    "@types/dompurify": "^3.0.5",
     "@types/jest": "^30.0.0",
-    "@types/node": "^20.14.10",
-    "@types/react": "^19.0.0",
-    "@types/react-dom": "^19.0.0",
-    "eslint": "^8.57.0",
+    "@types/node": "^20.19.39",
+    "@types/react": "^19.2.14",
+    "@types/react-dom": "^19.2.3",
+    "eslint": "^8.57.1",
     "identity-obj-proxy": "^3.0.0",
-    "jest": "^30.1.3",
-    "jest-environment-jsdom": "^30.1.2",
-    "tailwindcss": "^3.4.6",
+    "jest": "^30.3.0",
+    "jest-environment-jsdom": "^30.3.0",
+    "tailwindcss": "^3.4.19",
     "tsup": "^8.5.1",
-    "typescript": "^5.5.3"
+    "typescript": "^6.0.3"
   },
   "keywords": [
     "ui",

package/src/components/safe-html.tsx

@@ -1,18 +1,19 @@
-import DOMPurify from 'isomorphic-dompurify';
-import { type ElementType, type HTMLAttributes } from 'react';
+'use client';
+
+import DOMPurify from 'dompurify';
+import { useEffect, useState, type ElementType, type HTMLAttributes } from 'react';
 
 interface SafeHtmlProps extends HTMLAttributes<HTMLElement> {
   html: string;
   as?: ElementType;
 }
 
-/**
- * Renders user-supplied or external HTML safely by running it through DOMPurify.
- * Strips script tags, event handlers, javascript: URLs, and other XSS vectors.
- * Use this instead of dangerouslySetInnerHTML anywhere app content is rendered.
- */
+// Client-only: dompurify needs a browser window, and the isomorphic variant pulls jsdom into SSR bundles.
 export function SafeHtml({ html, as: Tag = 'div', ...props }: SafeHtmlProps) {
-  const sanitized = DOMPurify.sanitize(html, { ALLOW_DATA_ATTR: false });
+  const [sanitized, setSanitized] = useState('');
+  useEffect(() => {
+    setSanitized(DOMPurify.sanitize(html, { ALLOW_DATA_ATTR: false }));
+  }, [html]);
   // eslint-disable-next-line react/no-danger
   return <Tag {...props} dangerouslySetInnerHTML={{ __html: sanitized }} />;
 }