ipx 2.0.0 → 2.0.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (5) hide show
  1. package/dist/chunks/svgo-xss.cjs +31 -18
  2. package/dist/chunks/svgo-xss.mjs +31 -18
  3. package/dist/cli.cjs +1 -1
  4. package/dist/cli.mjs +1 -1
  5. package/package.json +8 -8
package/dist/chunks/svgo-xss.cjs CHANGED
@@ -13,9 +13,27 @@ const xss = {
13
13
  return;
14
14
  }
15
15
  for (const event of ALL_EVENTS) {
16
- for (const [name] of Object.entries(node.attributes)) {
17
- if (name === event) {
18
- delete node.attributes[name];
16
+ if (node.attributes[event] != null) {
17
+ delete node.attributes[event];
18
+ }
19
+ }
20
+ },
21
+ exit: (node, parentNode) => {
22
+ if (node.name !== "a") {
23
+ return;
24
+ }
25
+ for (const attr of Object.keys(node.attributes)) {
26
+ if (attr === "href" || attr.endsWith(":href")) {
27
+ if (node.attributes[attr] == null || !node.attributes[attr].trimStart().startsWith("javascript:")) {
28
+ continue;
29
+ }
30
+ const index = parentNode.children.indexOf(node);
31
+ parentNode.children.splice(index, 1, ...node.children);
32
+ for (const child of node.children) {
33
+ Object.defineProperty(child, "parentNode", {
34
+ writable: true,
35
+ value: parentNode
36
+ });
19
37
  }
20
38
  }
21
39
  }
@@ -25,24 +43,18 @@ const xss = {
25
43
  }
26
44
  };
27
45
  const ALL_EVENTS = [
28
- "onbegin",
29
- "onend",
30
- "onrepeat",
31
46
  "onabort",
32
- "onerror",
33
- "onresize",
34
- "onscroll",
35
- "onunload",
47
+ "onactivate",
36
48
  "onbegin",
37
- "onend",
38
- "onrepeat",
39
49
  "oncancel",
40
50
  "oncanplay",
41
51
  "oncanplaythrough",
42
52
  "onchange",
43
53
  "onclick",
44
54
  "onclose",
55
+ "oncopy",
45
56
  "oncuechange",
57
+ "oncut",
46
58
  "ondblclick",
47
59
  "ondrag",
48
60
  "ondragend",
@@ -53,9 +65,12 @@ const ALL_EVENTS = [
53
65
  "ondrop",
54
66
  "ondurationchange",
55
67
  "onemptied",
68
+ "onend",
56
69
  "onended",
57
70
  "onerror",
58
71
  "onfocus",
72
+ "onfocusin",
73
+ "onfocusout",
59
74
  "oninput",
60
75
  "oninvalid",
61
76
  "onkeydown",
@@ -73,11 +88,13 @@ const ALL_EVENTS = [
73
88
  "onmouseover",
74
89
  "onmouseup",
75
90
  "onmousewheel",
91
+ "onpaste",
76
92
  "onpause",
77
93
  "onplay",
78
94
  "onplaying",
79
95
  "onprogress",
80
96
  "onratechange",
97
+ "onrepeat",
81
98
  "onreset",
82
99
  "onresize",
83
100
  "onscroll",
@@ -90,14 +107,10 @@ const ALL_EVENTS = [
90
107
  "onsuspend",
91
108
  "ontimeupdate",
92
109
  "ontoggle",
110
+ "onunload",
93
111
  "onvolumechange",
94
112
  "onwaiting",
95
- "oncopy",
96
- "oncut",
97
- "onpaste",
98
- "onactivate",
99
- "onfocusin",
100
- "onfocusout"
113
+ "onzoom"
101
114
  ];
102
115
 
103
116
  exports.xss = xss;
package/dist/chunks/svgo-xss.mjs CHANGED
@@ -11,9 +11,27 @@ const xss = {
11
11
  return;
12
12
  }
13
13
  for (const event of ALL_EVENTS) {
14
- for (const [name] of Object.entries(node.attributes)) {
15
- if (name === event) {
16
- delete node.attributes[name];
14
+ if (node.attributes[event] != null) {
15
+ delete node.attributes[event];
16
+ }
17
+ }
18
+ },
19
+ exit: (node, parentNode) => {
20
+ if (node.name !== "a") {
21
+ return;
22
+ }
23
+ for (const attr of Object.keys(node.attributes)) {
24
+ if (attr === "href" || attr.endsWith(":href")) {
25
+ if (node.attributes[attr] == null || !node.attributes[attr].trimStart().startsWith("javascript:")) {
26
+ continue;
27
+ }
28
+ const index = parentNode.children.indexOf(node);
29
+ parentNode.children.splice(index, 1, ...node.children);
30
+ for (const child of node.children) {
31
+ Object.defineProperty(child, "parentNode", {
32
+ writable: true,
33
+ value: parentNode
34
+ });
17
35
  }
18
36
  }
19
37
  }
@@ -23,24 +41,18 @@ const xss = {
23
41
  }
24
42
  };
25
43
  const ALL_EVENTS = [
26
- "onbegin",
27
- "onend",
28
- "onrepeat",
29
44
  "onabort",
30
- "onerror",
31
- "onresize",
32
- "onscroll",
33
- "onunload",
45
+ "onactivate",
34
46
  "onbegin",
35
- "onend",
36
- "onrepeat",
37
47
  "oncancel",
38
48
  "oncanplay",
39
49
  "oncanplaythrough",
40
50
  "onchange",
41
51
  "onclick",
42
52
  "onclose",
53
+ "oncopy",
43
54
  "oncuechange",
55
+ "oncut",
44
56
  "ondblclick",
45
57
  "ondrag",
46
58
  "ondragend",
@@ -51,9 +63,12 @@ const ALL_EVENTS = [
51
63
  "ondrop",
52
64
  "ondurationchange",
53
65
  "onemptied",
66
+ "onend",
54
67
  "onended",
55
68
  "onerror",
56
69
  "onfocus",
70
+ "onfocusin",
71
+ "onfocusout",
57
72
  "oninput",
58
73
  "oninvalid",
59
74
  "onkeydown",
@@ -71,11 +86,13 @@ const ALL_EVENTS = [
71
86
  "onmouseover",
72
87
  "onmouseup",
73
88
  "onmousewheel",
89
+ "onpaste",
74
90
  "onpause",
75
91
  "onplay",
76
92
  "onplaying",
77
93
  "onprogress",
78
94
  "onratechange",
95
+ "onrepeat",
79
96
  "onreset",
80
97
  "onresize",
81
98
  "onscroll",
@@ -88,14 +105,10 @@ const ALL_EVENTS = [
88
105
  "onsuspend",
89
106
  "ontimeupdate",
90
107
  "ontoggle",
108
+ "onunload",
91
109
  "onvolumechange",
92
110
  "onwaiting",
93
- "oncopy",
94
- "oncut",
95
- "onpaste",
96
- "onactivate",
97
- "onfocusin",
98
- "onfocusout"
111
+ "onzoom"
99
112
  ];
100
113
 
101
114
  export { xss };
package/dist/cli.cjs CHANGED
@@ -15,7 +15,7 @@ require('ofetch');
15
15
  require('pathe');
16
16
 
17
17
  const name = "ipx";
18
- const version = "2.0.0";
18
+ const version = "2.0.1";
19
19
  const description = "High performance, secure and easy-to-use image optimizer.";
20
20
 
21
21
  const serve = citty.defineCommand({
package/dist/cli.mjs CHANGED
@@ -13,7 +13,7 @@ import 'ofetch';
13
13
  import 'pathe';
14
14
 
15
15
  const name = "ipx";
16
- const version = "2.0.0";
16
+ const version = "2.0.1";
17
17
  const description = "High performance, secure and easy-to-use image optimizer.";
18
18
 
19
19
  const serve = defineCommand({
package/package.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "ipx",
3
- "version": "2.0.0",
3
+ "version": "2.0.1",
4
4
  "repository": "unjs/ipx",
5
5
  "description": "High performance, secure and easy-to-use image optimizer.",
6
6
  "license": "MIT",
@@ -40,8 +40,8 @@
40
40
  "@fastify/accept-negotiator": "^1.1.0",
41
41
  "citty": "^0.1.4",
42
42
  "consola": "^3.2.3",
43
- "defu": "^6.1.2",
44
- "destr": "^2.0.1",
43
+ "defu": "^6.1.3",
44
+ "destr": "^2.0.2",
45
45
  "etag": "^1.8.1",
46
46
  "h3": "^1.8.2",
47
47
  "image-meta": "^0.2.0",
@@ -55,18 +55,18 @@
55
55
  "xss": "^1.0.14"
56
56
  },
57
57
  "devDependencies": {
58
- "@types/etag": "^1.8.1",
59
- "@types/is-valid-path": "^0.1.0",
58
+ "@types/etag": "^1.8.2",
59
+ "@types/is-valid-path": "^0.1.1",
60
60
  "@vitest/coverage-v8": "^0.34.6",
61
61
  "changelogen": "^0.5.5",
62
- "eslint": "^8.51.0",
62
+ "eslint": "^8.53.0",
63
63
  "eslint-config-unjs": "^0.2.1",
64
- "jiti": "^1.20.0",
64
+ "jiti": "^1.21.0",
65
65
  "prettier": "^3.0.3",
66
66
  "serve-handler": "^6.1.5",
67
67
  "typescript": "^5.2.2",
68
68
  "unbuild": "^2.0.0",
69
69
  "vitest": "^0.34.6"
70
70
  },
71
- "packageManager": "pnpm@8.8.0"
71
+ "packageManager": "pnpm@8.10.2"
72
72
  }