We’re happy to announce the release of sanitize-html 2.0.0 ! This utility is a work horse in ApostropheCMS, but many people have found it useful in totally unrelated projects as well.
With the new major version, we are no longer including a front end build for direct use in browsers. This enables developers to integrate it into their custom client-side builds more easily, makes it less opinionated regarding client-side use, and avoids a second stream of maintenance. There are a number of backwards compatibility concerns to keep in mind while upgrading, so be sure to read through the release notes for details. We will continue to support the 1.x version of sanitize-html as far as bug fixes and security issues for the foreseeable future.
Standard bi-weekly release notes below.
is-plain-objectpackage with named export. Thanks to Bogdan Chadkin for the contribution.
Backwards compatibility breaks:
- Node.js 10 or higher is required.
- The default
allowedTagsarray has been updated significantly. This mostly added HTML tags to be more comprehensive by default. You should review your projects and consider the
allowedTagsdefaults if you are not already overriding them.
- Fixes an IE11 regression by replacing
- The “View File” button now functions as intended by accessing the original version of an image, not a scaled version. Thanks to Quentin Mouraret for this contribution.=
- LESS compilation errors during
apostrophe:generationare now reported properly, resulting in a clean process exit.
- Changes LESS import to a link in order to fix a LESS compile error when assets are minified.
- Removes ES6 features that Uglify was breaking on.
- Sets a base font-size for the guide so avoid project-level style conflicts.
- Removes the package-lock file. Updates package metadata.