obsohtml 1.10.0 → 1.10.1

package/CHANGELOG.md

@@ -4,6 +4,12 @@ As of version 1.10.0, all notable changes to ObsoHTML are documented in this fil
 
 The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/), and the project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html).
 
+## [1.10.1] - 2026-05-11
+
+### Fixed
+
+- Fixed false positives where obsolete attribute names (e.g., `scrolling`, `background`, `border`) appeared as text inside quoted attribute values (e.g., `content="Infinite scrolling"`)
+
 ## [1.10.0] - 2026-04-11
 
 ### Added

package/README.md

@@ -1,6 +1,6 @@
 # ObsoHTML, the Obsolete HTML Checker
 
-[![npm version](https://img.shields.io/npm/v/obsohtml.svg)](https://www.npmjs.com/package/obsohtml) [![Build status](https://github.com/j9t/obsohtml/workflows/Tests/badge.svg)](https://github.com/j9t/obsohtml/actions) [![Socket](https://badge.socket.dev/npm/package/obsohtml)](https://socket.dev/npm/package/obsohtml)
+[![npm version](https://img.shields.io/npm/v/obsohtml.svg)](https://www.npmjs.com/package/obsohtml) [![Build status](https://github.com/j9t/obsohtml/workflows/Tests/badge.svg)](https://github.com/j9t/obsohtml/actions) [![Socket](https://badge.socket.dev/npm/package/obsohtml)](https://socket.dev/npm/package/obsohtml) [![GitHub Sponsors](https://badgen.net/static/Support/Open%20Source/cyan)](https://github.com/j9t/obsohtml?sponsor=1)
 
 ObsoHTML is a Node.js tool designed to scan HTML, PHP, Nunjucks, Twig, JavaScript, and TypeScript files for obsolete and proprietary HTML elements and attributes. It helps you identify and update deprecated HTML code to be sure to use web standards.
 
@@ -60,7 +60,7 @@ const { elements, attributes } = checkMarkup('<center>Hello</center>');
 
 #### `checkMarkup(html)`
 
-Checks an HTML string for obsolete or proprietary elements and attributes.
+Checks an HTML string for obsolete and proprietary elements and attributes.
 
 * **Parameter**: `html` (string)—the HTML content to check
 * **Returns**: `{ elements: string[], attributes: string[] }`—arrays of found obsolete element and attribute names
@@ -85,4 +85,12 @@ This started as an experiment, in which I used AI to produce this little HTML qu
 
 ## Acknowledgments
 
-Thanks to [@mattbrundage](https://github.com/mattbrundage), [@FabianBeiner](https://github.com/FabianBeiner), and [@AndrewMac](https://github.com/AndrewMac) for helping to make ObsoHTML better!
+Thanks to [@mattbrundage](https://github.com/mattbrundage), [@FabianBeiner](https://github.com/FabianBeiner), and [@AndrewMac](https://github.com/AndrewMac) for helping to make ObsoHTML better!
+
+***
+
+You might like some of my other work:
+
+* Optimization tools: [HTML Minifier Next](https://github.com/j9t/html-minifier-next) · ObsoHTML · [Image Guard](https://github.com/j9t/image-guard) · [Compressor.js Next](https://github.com/j9t/compressorjs-next) · [.htaccess Punk](https://github.com/j9t/htaccess-punk)
+* Defense tools: [IA Defensa](https://iadefensa.com/solutions/)
+* Resources for quality web development: [Articles](https://meiert.com/topics/development/) · [Books](https://meiert.com/topics/books/) (including [_On Web Development_](https://meiert.com/blog/on-web-development-2/)) · [News](https://frontenddogma.com/) · [Terminology](https://webglossary.info/)

package/SECURITY.md

@@ -6,4 +6,4 @@ Only the latest and therefore current version of ObsoHTML is supported. It’s a
 
 ## Reporting a Vulnerability
 
-To report a vulnerability, please [file an issue](https://github.com/j9t/obsohtml/issues/new) or email info@meiert.com.
+To report a vulnerability, please use [GitHub’s private security advisories](https://github.com/j9t/obsohtml/security/advisories/new) or email info@meiert.com directly. Do not report vulnerabilities via public issues.

package/bin/obsohtml.test.js

@@ -195,4 +195,19 @@ describe('`checkMarkup`', () => {
     const { elements } = checkMarkup('<centers>Hello</centers>');
     assert.deepEqual(elements, []);
   });
+
+  test('Do not flag an obsolete attribute name appearing inside a quoted attribute value', () => {
+    // “scrolling” inside `content="…"`, “background” inside `content="…"`, and
+    // “border” inside `alt="…"` are all text—not actual HTML attributes
+    const cases = [
+      '<meta property="og:title" content="Infinite scrolling on the web">',
+      '<meta content="Busyness and Background Noise on Websites">',
+      '<img alt="A graphic indicating a border between regions.">',
+      "<img alt='A graphic indicating a border between regions.'>",
+    ];
+    for (const html of cases) {
+      const { attributes } = checkMarkup(html);
+      assert.deepEqual(attributes, [], `Expected no attributes for: ${html}`);
+    }
+  });
 });

package/package.json

@@ -9,9 +9,9 @@
   "description": "HTML checker for obsolete and proprietary elements and attributes",
   "devDependencies": {
     "@eslint/js": "^10.0.0",
-    "eslint": "^10.1.0",
-    "globals": "^17.0.0",
-    "typescript": "^6.0.2"
+    "eslint": "^10.3.0",
+    "globals": "^17.6.0",
+    "typescript": "^6.0.3"
   },
   "exports": {
     ".": {
@@ -43,5 +43,5 @@
   },
   "type": "module",
   "types": "src/index.d.ts",
-  "version": "1.10.0"
+  "version": "1.10.1"
 }

package/src/index.js

@@ -17,13 +17,13 @@ const attributeRegexes = new Map(
   obsoleteAttributes.map(attribute => [
     attribute,
     // Matches the attribute preceded by whitespace anywhere in a tag, without
-    // requiring it to be the last attribute before the closing bracket.
-    new RegExp(`<[^>]*\\s${attribute}\\b(\\s*=\\s*(?:"[^"]*"|'[^']*'|[^"'\\s>]+))?`, 'i'),
+    // requiring it to be the last attribute before the closing bracket
+    new RegExp(`<(?:[^>"']|"[^"]*"|'[^']*')*\\s${attribute}\\b(\\s*=\\s*(?:"[^"]*"|'[^']*'|[^"'\\s>]+))?`, 'i'),
   ])
 );
 
 /**
- * Check an HTML string for obsolete or proprietary elements and attributes.
+ * Check an HTML string for obsolete and proprietary elements and attributes.
  *
  * @param {string} html
  * @returns {{ elements: string[], attributes: string[] }}