mashlib 2.1.3-e1941a63 → 2.1.3-e43a61b8

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (7) hide show
  1. package/dist/mash.css +9 -0
  2. package/dist/mash.css.map +1 -1
  3. package/dist/mashlib.js +28 -17
  4. package/dist/mashlib.js.map +1 -1
  5. package/dist/mashlib.min.js +2 -2
  6. package/dist/mashlib.min.js.map +1 -1
  7. package/package.json +2 -2
package/dist/mashlib.js CHANGED
@@ -18207,7 +18207,7 @@ if (true) {
18207
18207
  (module) {
18208
18208
 
18209
18209
  "use strict";
18210
- /*! @license DOMPurify 3.3.1 | (c) Cure53 and other contributors | Released under the Apache license 2.0 and Mozilla Public License 2.0 | github.com/cure53/DOMPurify/blob/3.3.1/LICENSE */
18210
+ /*! @license DOMPurify 3.3.3 | (c) Cure53 and other contributors | Released under the Apache license 2.0 and Mozilla Public License 2.0 | github.com/cure53/DOMPurify/blob/3.3.3/LICENSE */
18211
18211
 
18212
18212
 
18213
18213
 
@@ -18516,7 +18516,7 @@ const _createHooksMap = function _createHooksMap() {
18516
18516
  function createDOMPurify() {
18517
18517
  let window = arguments.length > 0 && arguments[0] !== undefined ? arguments[0] : getGlobal();
18518
18518
  const DOMPurify = root => createDOMPurify(root);
18519
- DOMPurify.version = '3.3.1';
18519
+ DOMPurify.version = '3.3.3';
18520
18520
  DOMPurify.removed = [];
18521
18521
  if (!window || !window.document || window.document.nodeType !== NODE_TYPE.document || !window.Element) {
18522
18522
  // Not running in a browser, provide a factory function
@@ -18811,7 +18811,7 @@ function createDOMPurify() {
18811
18811
  /* Parse profile info */
18812
18812
  if (USE_PROFILES) {
18813
18813
  ALLOWED_TAGS = addToSet({}, text);
18814
- ALLOWED_ATTR = [];
18814
+ ALLOWED_ATTR = create(null);
18815
18815
  if (USE_PROFILES.html === true) {
18816
18816
  addToSet(ALLOWED_TAGS, html$1);
18817
18817
  addToSet(ALLOWED_ATTR, html);
@@ -18832,6 +18832,13 @@ function createDOMPurify() {
18832
18832
  addToSet(ALLOWED_ATTR, xml);
18833
18833
  }
18834
18834
  }
18835
+ /* Prevent function-based ADD_ATTR / ADD_TAGS from leaking across calls */
18836
+ if (!objectHasOwnProperty(cfg, 'ADD_TAGS')) {
18837
+ EXTRA_ELEMENT_HANDLING.tagCheck = null;
18838
+ }
18839
+ if (!objectHasOwnProperty(cfg, 'ADD_ATTR')) {
18840
+ EXTRA_ELEMENT_HANDLING.attributeCheck = null;
18841
+ }
18835
18842
  /* Merge configuration parameters */
18836
18843
  if (cfg.ADD_TAGS) {
18837
18844
  if (typeof cfg.ADD_TAGS === 'function') {
@@ -19229,6 +19236,10 @@ function createDOMPurify() {
19229
19236
  */
19230
19237
  // eslint-disable-next-line complexity
19231
19238
  const _isValidAttribute = function _isValidAttribute(lcTag, lcName, value) {
19239
+ /* FORBID_ATTR must always win, even if ADD_ATTR predicate would allow it */
19240
+ if (FORBID_ATTR[lcName]) {
19241
+ return false;
19242
+ }
19232
19243
  /* Make sure attribute cannot clobber */
19233
19244
  if (SANITIZE_DOM && (lcName === 'id' || lcName === 'name') && (value in document || value in formElement)) {
19234
19245
  return false;
@@ -19321,7 +19332,7 @@ function createDOMPurify() {
19321
19332
  value = SANITIZE_NAMED_PROPS_PREFIX + value;
19322
19333
  }
19323
19334
  /* Work around a security issue with comments inside attributes */
19324
- if (SAFE_FOR_XML && regExpTest(/((--!?|])>)|<\/(style|title|textarea)/i, value)) {
19335
+ if (SAFE_FOR_XML && regExpTest(/((--!?|])>)|<\/(style|script|title|xmp|textarea|noscript|iframe|noembed|noframes)/i, value)) {
19325
19336
  _removeAttribute(name, currentNode);
19326
19337
  continue;
19327
19338
  }
@@ -114365,32 +114376,32 @@ var dist = __webpack_require__(7523);
114365
114376
  var solid_logic_esm = __webpack_require__(9332);
114366
114377
  ;// ./src/versionInfo.ts
114367
114378
  /* harmony default export */ const versionInfo = ({
114368
- buildTime: '2026-02-23T18:38:59Z',
114369
- commit: 'e1941a6329a0d2666cfebf1fca9a73fdd04fd20e',
114379
+ buildTime: '2026-03-16T05:24:35Z',
114380
+ commit: 'e43a61b88f8e7053829c9665ac0c6d2fd5103352',
114370
114381
  npmInfo: {
114371
114382
  'mashlib': '2.1.3',
114372
114383
  'npm': '10.8.2',
114373
- 'node': '20.20.0',
114374
- 'acorn': '8.15.0',
114384
+ 'node': '20.20.1',
114385
+ 'acorn': '8.16.0',
114375
114386
  'ada': '2.9.2',
114376
114387
  'ares': '1.34.6',
114377
114388
  'brotli': '1.1.0',
114378
- 'cjs_module_lexer': '2.1.0',
114379
- 'cldr': '47.0',
114380
- 'icu': '77.1',
114381
- 'llhttp': '9.3.0',
114389
+ 'cjs_module_lexer': '2.2.0',
114390
+ 'cldr': '48.0',
114391
+ 'icu': '78.2',
114392
+ 'llhttp': '9.3.1',
114382
114393
  'modules': '115',
114383
114394
  'napi': '9',
114384
114395
  'nghttp2': '1.61.0',
114385
- 'openssl': '3.0.17',
114396
+ 'openssl': '3.0.19',
114386
114397
  'simdutf': '6.4.2',
114387
- 'tz': '2025b',
114398
+ 'tz': '2025c',
114388
114399
  'undici': '6.23.0',
114389
- 'unicode': '16.0',
114400
+ 'unicode': '17.0',
114390
114401
  'uv': '1.46.0',
114391
114402
  'uvwasi': '0.0.23',
114392
- 'v8': '11.3.244.8-node.33',
114393
- 'zlib': '1.3.1-470d3a2'
114403
+ 'v8': '11.3.244.8-node.34',
114404
+ 'zlib': '1.3.1-e00f703'
114394
114405
  }
114395
114406
  });
114396
114407
  ;// ./src/styles/mash.css