normalize-url 6.1.0 → 7.0.3

package/index.d.ts

@@ -1,249 +1,247 @@
-declare namespace normalizeUrl {
-	interface Options {
-		/**
-		@default 'http:'
-		*/
-		readonly defaultProtocol?: string;
+export interface Options {
+	/**
+	@default 'http:'
+	*/
+	readonly defaultProtocol?: string;
 
-		/**
-		Prepends `defaultProtocol` to the URL if it's protocol-relative.
+	/**
+	Prepends `defaultProtocol` to the URL if it's protocol-relative.
 
-		@default true
+	@default true
 
-		@example
-		```
-		normalizeUrl('//sindresorhus.com:80/');
-		//=> 'http://sindresorhus.com'
+	@example
+	```
+	normalizeUrl('//sindresorhus.com:80/');
+	//=> 'http://sindresorhus.com'
 
-		normalizeUrl('//sindresorhus.com:80/', {normalizeProtocol: false});
-		//=> '//sindresorhus.com'
-		```
-		*/
-		readonly normalizeProtocol?: boolean;
+	normalizeUrl('//sindresorhus.com:80/', {normalizeProtocol: false});
+	//=> '//sindresorhus.com'
+	```
+	*/
+	readonly normalizeProtocol?: boolean;
 
-		/**
-		Normalizes `https:` URLs to `http:`.
+	/**
+	Normalizes `https:` URLs to `http:`.
 
-		@default false
+	@default false
 
-		@example
-		```
-		normalizeUrl('https://sindresorhus.com:80/');
-		//=> 'https://sindresorhus.com'
+	@example
+	```
+	normalizeUrl('https://sindresorhus.com:80/');
+	//=> 'https://sindresorhus.com'
 
-		normalizeUrl('https://sindresorhus.com:80/', {forceHttp: true});
-		//=> 'http://sindresorhus.com'
-		```
-		*/
-		readonly forceHttp?: boolean;
+	normalizeUrl('https://sindresorhus.com:80/', {forceHttp: true});
+	//=> 'http://sindresorhus.com'
+	```
+	*/
+	readonly forceHttp?: boolean;
 
-		/**
-		Normalizes `http:` URLs to `https:`.
+	/**
+	Normalizes `http:` URLs to `https:`.
 
-		This option can't be used with the `forceHttp` option at the same time.
+	This option can't be used with the `forceHttp` option at the same time.
 
-		@default false
+	@default false
 
-		@example
-		```
-		normalizeUrl('https://sindresorhus.com:80/');
-		//=> 'https://sindresorhus.com'
+	@example
+	```
+	normalizeUrl('https://sindresorhus.com:80/');
+	//=> 'https://sindresorhus.com'
 
-		normalizeUrl('http://sindresorhus.com:80/', {forceHttps: true});
-		//=> 'https://sindresorhus.com'
-		```
-		*/
-		readonly forceHttps?: boolean;
+	normalizeUrl('http://sindresorhus.com:80/', {forceHttps: true});
+	//=> 'https://sindresorhus.com'
+	```
+	*/
+	readonly forceHttps?: boolean;
 
-		/**
-		Strip the [authentication](https://en.wikipedia.org/wiki/Basic_access_authentication) part of a URL.
+	/**
+	Strip the [authentication](https://en.wikipedia.org/wiki/Basic_access_authentication) part of a URL.
 
-		@default true
+	@default true
 
-		@example
-		```
-		normalizeUrl('user:password@sindresorhus.com');
-		//=> 'https://sindresorhus.com'
+	@example
+	```
+	normalizeUrl('user:password@sindresorhus.com');
+	//=> 'https://sindresorhus.com'
 
-		normalizeUrl('user:password@sindresorhus.com', {stripAuthentication: false});
-		//=> 'https://user:password@sindresorhus.com'
-		```
-		*/
-		readonly stripAuthentication?: boolean;
+	normalizeUrl('user:password@sindresorhus.com', {stripAuthentication: false});
+	//=> 'https://user:password@sindresorhus.com'
+	```
+	*/
+	readonly stripAuthentication?: boolean;
 
-		/**
-		Removes hash from the URL.
-
-		@default false
+	/**
+	Removes hash from the URL.
 
-		@example
-		```
-		normalizeUrl('sindresorhus.com/about.html#contact');
-		//=> 'http://sindresorhus.com/about.html#contact'
+	@default false
 
-		normalizeUrl('sindresorhus.com/about.html#contact', {stripHash: true});
-		//=> 'http://sindresorhus.com/about.html'
-		```
-		*/
-		readonly stripHash?: boolean;
+	@example
+	```
+	normalizeUrl('sindresorhus.com/about.html#contact');
+	//=> 'http://sindresorhus.com/about.html#contact'
 
-		/**
-		Removes HTTP(S) protocol from an URL `http://sindresorhus.com` → `sindresorhus.com`.
+	normalizeUrl('sindresorhus.com/about.html#contact', {stripHash: true});
+	//=> 'http://sindresorhus.com/about.html'
+	```
+	*/
+	readonly stripHash?: boolean;
 
-		@default false
+	/**
+	Removes HTTP(S) protocol from an URL `http://sindresorhus.com` → `sindresorhus.com`.
 
-		@example
-		```
-		normalizeUrl('https://sindresorhus.com');
-		//=> 'https://sindresorhus.com'
+	@default false
 
-		normalizeUrl('sindresorhus.com', {stripProtocol: true});
-		//=> 'sindresorhus.com'
-		```
-		*/
-		readonly stripProtocol?: boolean;
+	@example
+	```
+	normalizeUrl('https://sindresorhus.com');
+	//=> 'https://sindresorhus.com'
 
-		/**
-		Strip the [text fragment](https://web.dev/text-fragments/) part of the URL
+	normalizeUrl('sindresorhus.com', {stripProtocol: true});
+	//=> 'sindresorhus.com'
+	```
+	*/
+	readonly stripProtocol?: boolean;
 
-		__Note:__ The text fragment will always be removed if the `stripHash` option is set to `true`, as the hash contains the text fragment.
+	/**
+	Strip the [text fragment](https://web.dev/text-fragments/) part of the URL
 
-		@default true
+	__Note:__ The text fragment will always be removed if the `stripHash` option is set to `true`, as the hash contains the text fragment.
 
-		@example
-		```
-		normalizeUrl('http://sindresorhus.com/about.html#:~:text=hello');
-		//=> 'http://sindresorhus.com/about.html#'
+	@default true
 
-		normalizeUrl('http://sindresorhus.com/about.html#section:~:text=hello');
-		//=> 'http://sindresorhus.com/about.html#section'
+	@example
+	```
+	normalizeUrl('http://sindresorhus.com/about.html#:~:text=hello');
+	//=> 'http://sindresorhus.com/about.html#'
 
-		normalizeUrl('http://sindresorhus.com/about.html#:~:text=hello', {stripTextFragment: false});
-		//=> 'http://sindresorhus.com/about.html#:~:text=hello'
+	normalizeUrl('http://sindresorhus.com/about.html#section:~:text=hello');
+	//=> 'http://sindresorhus.com/about.html#section'
 
-		normalizeUrl('http://sindresorhus.com/about.html#section:~:text=hello', {stripTextFragment: false});
-		//=> 'http://sindresorhus.com/about.html#section:~:text=hello'
-		```
-		*/
-		readonly stripTextFragment?: boolean;
-
-		/**
-		Removes `www.` from the URL.
+	normalizeUrl('http://sindresorhus.com/about.html#:~:text=hello', {stripTextFragment: false});
+	//=> 'http://sindresorhus.com/about.html#:~:text=hello'
 
-		@default true
+	normalizeUrl('http://sindresorhus.com/about.html#section:~:text=hello', {stripTextFragment: false});
+	//=> 'http://sindresorhus.com/about.html#section:~:text=hello'
+	```
+	*/
+	readonly stripTextFragment?: boolean;
+
+	/**
+	Removes `www.` from the URL.
 
-		@example
-		```
-		normalizeUrl('http://www.sindresorhus.com');
-		//=> 'http://sindresorhus.com'
+	@default true
 
-		normalizeUrl('http://www.sindresorhus.com', {stripWWW: false});
-		//=> 'http://www.sindresorhus.com'
-		```
-		*/
-		readonly stripWWW?: boolean;
-
-		/**
-		Removes query parameters that matches any of the provided strings or regexes.
-
-		@default [/^utm_\w+/i]
-
-		@example
-		```
-		normalizeUrl('www.sindresorhus.com?foo=bar&ref=test_ref', {
-			removeQueryParameters: ['ref']
-		});
-		//=> 'http://sindresorhus.com/?foo=bar'
-		```
-
-		If a boolean is provided, `true` will remove all the query parameters.
-
-		```
-		normalizeUrl('www.sindresorhus.com?foo=bar', {
-			removeQueryParameters: true
-		});
-		//=> 'http://sindresorhus.com'
-		```
-
-		`false` will not remove any query parameter.
-
-		```
-		normalizeUrl('www.sindresorhus.com?foo=bar&utm_medium=test&ref=test_ref', {
-			removeQueryParameters: false
-		});
-		//=> 'http://www.sindresorhus.com/?foo=bar&ref=test_ref&utm_medium=test'
-		```
-		*/
-		readonly removeQueryParameters?: ReadonlyArray<RegExp | string> | boolean;
-
-		/**
-		Removes trailing slash.
-
-		__Note__: Trailing slash is always removed if the URL doesn't have a pathname unless the `removeSingleSlash` option is set to `false`.
-
-		@default true
-
-		@example
-		```
-		normalizeUrl('http://sindresorhus.com/redirect/');
-		//=> 'http://sindresorhus.com/redirect'
-
-		normalizeUrl('http://sindresorhus.com/redirect/', {removeTrailingSlash: false});
-		//=> 'http://sindresorhus.com/redirect/'
-
-		normalizeUrl('http://sindresorhus.com/', {removeTrailingSlash: false});
-		//=> 'http://sindresorhus.com'
-		```
-		*/
-		readonly removeTrailingSlash?: boolean;
-
-		/**
-		Remove a sole `/` pathname in the output. This option is independant of `removeTrailingSlash`.
-
-		@default true
-
-		@example
-		```
-		normalizeUrl('https://sindresorhus.com/');
-		//=> 'https://sindresorhus.com'
-
-		normalizeUrl('https://sindresorhus.com/', {removeSingleSlash: false});
-		//=> 'https://sindresorhus.com/'
-		```
-		*/
-		readonly removeSingleSlash?: boolean;
-
-		/**
-		Removes the default directory index file from path that matches any of the provided strings or regexes.
-		When `true`, the regex `/^index\.[a-z]+$/` is used.
-
-		@default false
-
-		@example
-		```
-		normalizeUrl('www.sindresorhus.com/foo/default.php', {
-			removeDirectoryIndex: [/^default\.[a-z]+$/]
-		});
-		//=> 'http://sindresorhus.com/foo'
-		```
-		*/
-		readonly removeDirectoryIndex?: ReadonlyArray<RegExp | string>;
-
-		/**
-		Sorts the query parameters alphabetically by key.
-
-		@default true
-
-		@example
-		```
-		normalizeUrl('www.sindresorhus.com?b=two&a=one&c=three', {
-			sortQueryParameters: false
-		});
-		//=> 'http://sindresorhus.com/?b=two&a=one&c=three'
-		```
-		*/
-		readonly sortQueryParameters?: boolean;
-	}
+	@example
+	```
+	normalizeUrl('http://www.sindresorhus.com');
+	//=> 'http://sindresorhus.com'
+
+	normalizeUrl('http://www.sindresorhus.com', {stripWWW: false});
+	//=> 'http://www.sindresorhus.com'
+	```
+	*/
+	readonly stripWWW?: boolean;
+
+	/**
+	Removes query parameters that matches any of the provided strings or regexes.
+
+	@default [/^utm_\w+/i]
+
+	@example
+	```
+	normalizeUrl('www.sindresorhus.com?foo=bar&ref=test_ref', {
+		removeQueryParameters: ['ref']
+	});
+	//=> 'http://sindresorhus.com/?foo=bar'
+	```
+
+	If a boolean is provided, `true` will remove all the query parameters.
+
+	```
+	normalizeUrl('www.sindresorhus.com?foo=bar', {
+		removeQueryParameters: true
+	});
+	//=> 'http://sindresorhus.com'
+	```
+
+	`false` will not remove any query parameter.
+
+	```
+	normalizeUrl('www.sindresorhus.com?foo=bar&utm_medium=test&ref=test_ref', {
+		removeQueryParameters: false
+	});
+	//=> 'http://www.sindresorhus.com/?foo=bar&ref=test_ref&utm_medium=test'
+	```
+	*/
+	readonly removeQueryParameters?: ReadonlyArray<RegExp | string> | boolean;
+
+	/**
+	Removes trailing slash.
+
+	__Note__: Trailing slash is always removed if the URL doesn't have a pathname unless the `removeSingleSlash` option is set to `false`.
+
+	@default true
+
+	@example
+	```
+	normalizeUrl('http://sindresorhus.com/redirect/');
+	//=> 'http://sindresorhus.com/redirect'
+
+	normalizeUrl('http://sindresorhus.com/redirect/', {removeTrailingSlash: false});
+	//=> 'http://sindresorhus.com/redirect/'
+
+	normalizeUrl('http://sindresorhus.com/', {removeTrailingSlash: false});
+	//=> 'http://sindresorhus.com'
+	```
+	*/
+	readonly removeTrailingSlash?: boolean;
+
+	/**
+	Remove a sole `/` pathname in the output. This option is independant of `removeTrailingSlash`.
+
+	@default true
+
+	@example
+	```
+	normalizeUrl('https://sindresorhus.com/');
+	//=> 'https://sindresorhus.com'
+
+	normalizeUrl('https://sindresorhus.com/', {removeSingleSlash: false});
+	//=> 'https://sindresorhus.com/'
+	```
+	*/
+	readonly removeSingleSlash?: boolean;
+
+	/**
+	Removes the default directory index file from path that matches any of the provided strings or regexes.
+	When `true`, the regex `/^index\.[a-z]+$/` is used.
+
+	@default false
+
+	@example
+	```
+	normalizeUrl('www.sindresorhus.com/foo/default.php', {
+		removeDirectoryIndex: [/^default\.[a-z]+$/]
+	});
+	//=> 'http://sindresorhus.com/foo'
+	```
+	*/
+	readonly removeDirectoryIndex?: boolean | ReadonlyArray<RegExp | string>;
+
+	/**
+	Sorts the query parameters alphabetically by key.
+
+	@default true
+
+	@example
+	```
+	normalizeUrl('www.sindresorhus.com?b=two&a=one&c=three', {
+		sortQueryParameters: false
+	});
+	//=> 'http://sindresorhus.com/?b=two&a=one&c=three'
+	```
+	*/
+	readonly sortQueryParameters?: boolean;
 }
 
 /**
@@ -253,7 +251,7 @@ declare namespace normalizeUrl {
 
 @example
 ```
-import normalizeUrl = require('normalize-url');
+import normalizeUrl from 'normalize-url';
 
 normalizeUrl('sindresorhus.com');
 //=> 'http://sindresorhus.com'
@@ -262,6 +260,4 @@ normalizeUrl('//www.sindresorhus.com:80/../baz?b=bar&a=foo');
 //=> 'http://sindresorhus.com/baz?a=foo&b=bar'
 ```
 */
-declare function normalizeUrl(url: string, options?: normalizeUrl.Options): string;
-
-export = normalizeUrl;
+export default function normalizeUrl(url: string, options?: Options): string;

package/index.js

@@ -1,12 +1,8 @@
-'use strict';
-
 // https://developer.mozilla.org/en-US/docs/Web/HTTP/Basics_of_HTTP/Data_URIs
 const DATA_URL_DEFAULT_MIME_TYPE = 'text/plain';
 const DATA_URL_DEFAULT_CHARSET = 'us-ascii';
 
-const testParameter = (name, filters) => {
-	return filters.some(filter => filter instanceof RegExp ? filter.test(name) : filter === name);
-};
+const testParameter = (name, filters) => filters.some(filter => filter instanceof RegExp ? filter.test(name) : filter === name);
 
 const normalizeDataURL = (urlString, {stripHash}) => {
 	const match = /^data:(?<type>[^,]*?),(?<data>[^#]*?)(?:#(?<hash>.*))?$/.exec(urlString);
@@ -45,21 +41,21 @@ const normalizeDataURL = (urlString, {stripHash}) => {
 		.filter(Boolean);
 
 	const normalizedMediaType = [
-		...attributes
+		...attributes,
 	];
 
 	if (isBase64) {
 		normalizedMediaType.push('base64');
 	}
 
-	if (normalizedMediaType.length !== 0 || (mimeType && mimeType !== DATA_URL_DEFAULT_MIME_TYPE)) {
+	if (normalizedMediaType.length > 0 || (mimeType && mimeType !== DATA_URL_DEFAULT_MIME_TYPE)) {
 		normalizedMediaType.unshift(mimeType);
 	}
 
 	return `data:${normalizedMediaType.join(';')},${isBase64 ? data.trim() : data}${hash ? `#${hash}` : ''}`;
 };
 
-const normalizeUrl = (urlString, options) => {
+export default function normalizeUrl(urlString, options) {
 	options = {
 		defaultProtocol: 'http:',
 		normalizeProtocol: true,
@@ -74,7 +70,7 @@ const normalizeUrl = (urlString, options) => {
 		removeSingleSlash: true,
 		removeDirectoryIndex: false,
 		sortQueryParameters: true,
-		...options
+		...options,
 	};
 
 	urlString = urlString.trim();
@@ -96,43 +92,73 @@ const normalizeUrl = (urlString, options) => {
 		urlString = urlString.replace(/^(?!(?:\w+:)?\/\/)|^\/\//, options.defaultProtocol);
 	}
 
-	const urlObj = new URL(urlString);
+	const urlObject = new URL(urlString);
 
 	if (options.forceHttp && options.forceHttps) {
 		throw new Error('The `forceHttp` and `forceHttps` options cannot be used together');
 	}
 
-	if (options.forceHttp && urlObj.protocol === 'https:') {
-		urlObj.protocol = 'http:';
+	if (options.forceHttp && urlObject.protocol === 'https:') {
+		urlObject.protocol = 'http:';
 	}
 
-	if (options.forceHttps && urlObj.protocol === 'http:') {
-		urlObj.protocol = 'https:';
+	if (options.forceHttps && urlObject.protocol === 'http:') {
+		urlObject.protocol = 'https:';
 	}
 
 	// Remove auth
 	if (options.stripAuthentication) {
-		urlObj.username = '';
-		urlObj.password = '';
+		urlObject.username = '';
+		urlObject.password = '';
 	}
 
 	// Remove hash
 	if (options.stripHash) {
-		urlObj.hash = '';
+		urlObject.hash = '';
 	} else if (options.stripTextFragment) {
-		urlObj.hash = urlObj.hash.replace(/#?:~:text.*?$/i, '');
+		urlObject.hash = urlObject.hash.replace(/#?:~:text.*?$/i, '');
 	}
 
 	// Remove duplicate slashes if not preceded by a protocol
-	if (urlObj.pathname) {
-		urlObj.pathname = urlObj.pathname.replace(/(?<!\b(?:[a-z][a-z\d+\-.]{1,50}:))\/{2,}/g, '/');
+	// NOTE: This could be implemented using a single negative lookbehind
+	// regex, but we avoid that to maintain compatibility with older js engines
+	// which do not have support for that feature.
+	if (urlObject.pathname) {
+		// TODO: Replace everything below with `urlObject.pathname = urlObject.pathname.replace(/(?<!\b[a-z][a-z\d+\-.]{1,50}:)\/{2,}/g, '/');` when Safari supports negative lookbehind.
+
+		// Split the string by occurrences of this protocol regex, and perform
+		// duplicate-slash replacement on the strings between those occurrences
+		// (if any).
+		const protocolRegex = /\b[a-z][a-z\d+\-.]{1,50}:\/\//g;
+
+		let lastIndex = 0;
+		let result = '';
+		for (;;) {
+			const match = protocolRegex.exec(urlObject.pathname);
+			if (!match) {
+				break;
+			}
+
+			const protocol = match[0];
+			const protocolAtIndex = match.index;
+			const intermediate = urlObject.pathname.slice(lastIndex, protocolAtIndex);
+
+			result += intermediate.replace(/\/{2,}/g, '/');
+			result += protocol;
+			lastIndex = protocolAtIndex + protocol.length;
+		}
+
+		const remnant = urlObject.pathname.slice(lastIndex, urlObject.pathname.length);
+		result += remnant.replace(/\/{2,}/g, '/');
+
+		urlObject.pathname = result;
 	}
 
 	// Decode URI octets
-	if (urlObj.pathname) {
+	if (urlObject.pathname) {
 		try {
-			urlObj.pathname = decodeURI(urlObj.pathname);
-		} catch (_) {}
+			urlObject.pathname = decodeURI(urlObject.pathname);
+		} catch {}
 	}
 
 	// Remove directory index
@@ -141,62 +167,68 @@ const normalizeUrl = (urlString, options) => {
 	}
 
 	if (Array.isArray(options.removeDirectoryIndex) && options.removeDirectoryIndex.length > 0) {
-		let pathComponents = urlObj.pathname.split('/');
+		let pathComponents = urlObject.pathname.split('/');
 		const lastComponent = pathComponents[pathComponents.length - 1];
 
 		if (testParameter(lastComponent, options.removeDirectoryIndex)) {
-			pathComponents = pathComponents.slice(0, pathComponents.length - 1);
-			urlObj.pathname = pathComponents.slice(1).join('/') + '/';
+			pathComponents = pathComponents.slice(0, -1);
+			urlObject.pathname = pathComponents.slice(1).join('/') + '/';
 		}
 	}
 
-	if (urlObj.hostname) {
+	if (urlObject.hostname) {
 		// Remove trailing dot
-		urlObj.hostname = urlObj.hostname.replace(/\.$/, '');
+		urlObject.hostname = urlObject.hostname.replace(/\.$/, '');
 
 		// Remove `www.`
-		if (options.stripWWW && /^www\.(?!www\.)(?:[a-z\-\d]{1,63})\.(?:[a-z.\-\d]{2,63})$/.test(urlObj.hostname)) {
+		if (options.stripWWW && /^www\.(?!www\.)[a-z\-\d]{1,63}\.[a-z.\-\d]{2,63}$/.test(urlObject.hostname)) {
 			// Each label should be max 63 at length (min: 1).
 			// Source: https://en.wikipedia.org/wiki/Hostname#Restrictions_on_valid_host_names
 			// Each TLD should be up to 63 characters long (min: 2).
 			// It is technically possible to have a single character TLD, but none currently exist.
-			urlObj.hostname = urlObj.hostname.replace(/^www\./, '');
+			urlObject.hostname = urlObject.hostname.replace(/^www\./, '');
 		}
 	}
 
 	// Remove query unwanted parameters
 	if (Array.isArray(options.removeQueryParameters)) {
-		for (const key of [...urlObj.searchParams.keys()]) {
+		// eslint-disable-next-line unicorn/no-useless-spread -- We are intentionally spreading to get a copy.
+		for (const key of [...urlObject.searchParams.keys()]) {
 			if (testParameter(key, options.removeQueryParameters)) {
-				urlObj.searchParams.delete(key);
+				urlObject.searchParams.delete(key);
 			}
 		}
 	}
 
 	if (options.removeQueryParameters === true) {
-		urlObj.search = '';
+		urlObject.search = '';
 	}
 
 	// Sort query parameters
 	if (options.sortQueryParameters) {
-		urlObj.searchParams.sort();
+		urlObject.searchParams.sort();
+
+		// Calling `.sort()` encodes the search parameters, so we need to decode them again.
+		try {
+			urlObject.search = decodeURIComponent(urlObject.search);
+		} catch {}
 	}
 
 	if (options.removeTrailingSlash) {
-		urlObj.pathname = urlObj.pathname.replace(/\/$/, '');
+		urlObject.pathname = urlObject.pathname.replace(/\/$/, '');
 	}
 
 	const oldUrlString = urlString;
 
 	// Take advantage of many of the Node `url` normalizations
-	urlString = urlObj.toString();
+	urlString = urlObject.toString();
 
-	if (!options.removeSingleSlash && urlObj.pathname === '/' && !oldUrlString.endsWith('/') && urlObj.hash === '') {
+	if (!options.removeSingleSlash && urlObject.pathname === '/' && !oldUrlString.endsWith('/') && urlObject.hash === '') {
 		urlString = urlString.replace(/\/$/, '');
 	}
 
 	// Remove ending `/` unless removeSingleSlash is false
-	if ((options.removeTrailingSlash || urlObj.pathname === '/') && urlObj.hash === '' && options.removeSingleSlash) {
+	if ((options.removeTrailingSlash || urlObject.pathname === '/') && urlObject.hash === '' && options.removeSingleSlash) {
 		urlString = urlString.replace(/\/$/, '');
 	}
 
@@ -211,6 +243,4 @@ const normalizeUrl = (urlString, options) => {
 	}
 
 	return urlString;
-};
-
-module.exports = normalizeUrl;
+}

package/license

@@ -1,6 +1,6 @@
 MIT License
 
-Copyright (c) Sindre Sorhus <sindresorhus@gmail.com> (sindresorhus.com)
+Copyright (c) Sindre Sorhus <sindresorhus@gmail.com> (https://sindresorhus.com)
 
 Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal in the Software without restriction, including without limitation the rights to use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the Software, and to permit persons to whom the Software is furnished to do so, subject to the following conditions:
 

package/package.json

@@ -1,6 +1,6 @@
 {
 	"name": "normalize-url",
-	"version": "6.1.0",
+	"version": "7.0.3",
 	"description": "Normalize a URL",
 	"license": "MIT",
 	"repository": "sindresorhus/normalize-url",
@@ -10,11 +10,13 @@
 		"email": "sindresorhus@gmail.com",
 		"url": "https://sindresorhus.com"
 	},
+	"type": "module",
+	"exports": "./index.js",
 	"engines": {
-		"node": ">=10"
+		"node": ">=12.20"
 	},
 	"scripts": {
-		"test": "xo && nyc ava && tsd"
+		"test": "ava && tsd"
 	},
 	"files": [
 		"index.js",
@@ -36,12 +38,12 @@
 		"canonical"
 	],
 	"devDependencies": {
-		"ava": "^2.4.0",
-		"nyc": "^15.0.0",
-		"tsd": "^0.11.0",
-		"xo": "^0.25.3"
+		"ava": "^4.0.1",
+		"c8": "^7.11.0",
+		"tsd": "^0.19.1",
+		"xo": "^0.47.0"
 	},
-	"nyc": {
+	"c8": {
 		"reporter": [
 			"text",
 			"lcov"

package/readme.md

@@ -4,10 +4,12 @@
 
 Useful when you need to display, store, deduplicate, sort, compare, etc, URLs.
 
+**Note:** This package does **not** do URL sanitization. [Garbage in, garbage out.](https://en.wikipedia.org/wiki/Garbage_in,_garbage_out) If you use this in a server context and accept URLs as user input, it's up to you to protect against invalid URLs, [path traversal attacks](https://owasp.org/www-community/attacks/Path_Traversal), etc.
+
 ## Install
 
-```
-$ npm install normalize-url
+```sh
+npm install normalize-url
 ```
 
 *If you need to use this in the browser, use version 4: `npm i normalize-url@4`*
@@ -15,7 +17,7 @@ $ npm install normalize-url
 ## Usage
 
 ```js
-const normalizeUrl = require('normalize-url');
+import normalizeUrl from 'normalize-url';
 
 normalizeUrl('sindresorhus.com');
 //=> 'http://sindresorhus.com'
@@ -240,7 +242,6 @@ normalizeUrl('https://sindresorhus.com/', {removeSingleSlash: false});
 //=> 'https://sindresorhus.com/'
 ```
 
-
 ##### removeDirectoryIndex
 
 Type: `boolean | Array<RegExp | string>`\