npm - @yomologic/react-ui - Versions diffs - 0.6.3 → 0.6.4 - Mend

@yomologic/react-ui 0.6.3 → 0.6.4

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (7) hide show

package/dist/index.d.mts CHANGED Viewed

@@ -1150,8 +1150,9 @@ declare function cn(...inputs: ClassValue[]): string;
  * Validation constants and regex patterns
  */
 /**
- * RFC 5322 compliant email validation regex (simplified)
+ * Email validation regex
  * Matches standard email formats like: user@example.com
+ * Requires @ symbol, domain name, and TLD (like .com, .org, etc.)
  */
 declare const EMAIL_REGEX: RegExp;
 /**
@@ -1169,7 +1170,8 @@ declare const PHONE_REGEX: RegExp;
  */
 declare const isValidEmail: (email: string) => boolean;
 /**
- * Validate URL format
+ * Validate URL format and security
+ * Checks for valid http/https protocol and blocks dangerous protocols
  */
 declare const isValidUrl: (url: string) => boolean;
 /**

package/dist/index.d.ts CHANGED Viewed

@@ -1150,8 +1150,9 @@ declare function cn(...inputs: ClassValue[]): string;
  * Validation constants and regex patterns
  */
 /**
- * RFC 5322 compliant email validation regex (simplified)
+ * Email validation regex
  * Matches standard email formats like: user@example.com
+ * Requires @ symbol, domain name, and TLD (like .com, .org, etc.)
  */
 declare const EMAIL_REGEX: RegExp;
 /**
@@ -1169,7 +1170,8 @@ declare const PHONE_REGEX: RegExp;
  */
 declare const isValidEmail: (email: string) => boolean;
 /**
- * Validate URL format
+ * Validate URL format and security
+ * Checks for valid http/https protocol and blocks dangerous protocols
  */
 declare const isValidUrl: (url: string) => boolean;
 /**

package/dist/index.js CHANGED Viewed

@@ -47,13 +47,16 @@ var EMAIL_REGEX, URL_REGEX, PHONE_REGEX, isValidEmail, isValidUrl, DATE_REGEX, i
 var init_validation = __esm({
   "src/constants/validation.ts"() {
     "use strict";
-    EMAIL_REGEX = /^[a-zA-Z0-9.!#$%&'*+/=?^_`{|}~-]+@[a-zA-Z0-9](?:[a-zA-Z0-9-]{0,61}[a-zA-Z0-9])?(?:\.[a-zA-Z0-9](?:[a-zA-Z0-9-]{0,61}[a-zA-Z0-9])?)*$/;
+    EMAIL_REGEX = /^[a-zA-Z0-9.!#$%&'*+/=?^_`{|}~-]+@[a-zA-Z0-9-]+(\.[a-zA-Z0-9-]+)*\.[a-zA-Z]{2,}$/;
     URL_REGEX = /^https?:\/\/(www\.)?[-a-zA-Z0-9@:%._\+~#=]{1,256}\.[a-zA-Z0-9()]{1,6}\b([-a-zA-Z0-9()@:%_\+.~#?&//=]*)$/;
     PHONE_REGEX = /^[\+]?[(]?[0-9]{3}[)]?[-\s\.]?[0-9]{3}[-\s\.]?[0-9]{4,6}$/;
     isValidEmail = (email) => {
       return EMAIL_REGEX.test(email);
     };
     isValidUrl = (url) => {
+      if (/^(javascript|data|vbscript|file|about):/i.test(url)) {
+        return false;
+      }
       return URL_REGEX.test(url);
     };
     DATE_REGEX = /^(0[1-9]|1[0-2])\/(0[1-9]|[12][0-9]|3[01])\/\d{4}$/;
@@ -987,6 +990,9 @@ function useFormField2(options) {
         return errorMessages?.email || "Please enter a valid email address";
       }
       if (type === "url") {
+        if (/^(javascript|data|vbscript|file|about):/i.test(value)) {
+          return errorMessages?.url || "Invalid URL protocol";
+        }
         try {
           new URL(value);
         } catch {
@@ -1044,6 +1050,11 @@ function useFormField2(options) {
             return errorMessages?.email || "Please enter a valid email address";
           }
           if (type === "url") {
+            if (/^(javascript|data|vbscript|file|about):/i.test(
+              value
+            )) {
+              return errorMessages?.url || "Invalid URL protocol";
+            }
             try {
               new URL(value);
             } catch {