Skip to content

Commit f705edf

Browse files
OnestarLeeOnestarLee
authored
fix: Upgrade DOMPurify to 3.3.2 for security vulnerability fix
- Upgrade DOMPurify from v3.2.4 to v3.3.2 to fix security vulnerability
1 parent f201f01 commit f705edf

3 files changed

Lines changed: 18 additions & 8 deletions

File tree

package.json

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -75,7 +75,7 @@
7575
"@sendbird/uikit-tools": "^0.1.0",
7676
"css-vars-ponyfill": "^2.3.2",
7777
"date-fns": "^2.16.1",
78-
"dompurify": "^3.2.4"
78+
"dompurify": "^3.3.2"
7979
},
8080
"bugs": {
8181
"url": "https://community.sendbird.com"

src/ui/MentionUserLabel/__tests__/renderToString.spec.js

Lines changed: 12 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -4,8 +4,18 @@ describe("ui/MentionUserLabel/renderToString", () => {
44
it("should render userId and nickname as expected", () => {
55
const userId = "me";
66
const nickname = "nickname";
7-
const expected = `<span contenteditable=\"false\" class=\"sendbird-mention-user-label\" data-sb-mention=\"true\" data-userid=\"me\">${nickname}</span>`;
87
const result = renderToString({ userId, nickname });
9-
expect(result).toEqual(expected);
8+
9+
const container = document.createElement("div");
10+
container.innerHTML = result;
11+
const span = container.firstElementChild;
12+
13+
expect(span).not.toBeNull();
14+
expect(span.tagName).toBe("SPAN");
15+
expect(span.textContent).toBe(nickname);
16+
expect(span.getAttribute("contenteditable")).toBe("false");
17+
expect(span.getAttribute("data-userid")).toBe(userId);
18+
expect(span.getAttribute("data-sb-mention")).toBe("true");
19+
expect(span.getAttribute("class")).toBe("sendbird-mention-user-label");
1020
});
1121
});

yarn.lock

Lines changed: 5 additions & 5 deletions
Original file line numberDiff line numberDiff line change
@@ -2832,7 +2832,7 @@ __metadata:
28322832
caniuse-lite: ^1.0.30001148
28332833
css-vars-ponyfill: ^2.3.2
28342834
date-fns: ^2.16.1
2835-
dompurify: ^3.2.4
2835+
dompurify: ^3.3.2
28362836
eslint: ^8.40.0
28372837
eslint-config-airbnb: ^19.0.4
28382838
eslint-config-airbnb-base: ^15.0.0
@@ -6170,15 +6170,15 @@ __metadata:
61706170
languageName: node
61716171
linkType: hard
61726172

6173-
"dompurify@npm:^3.2.4":
6174-
version: 3.2.4
6175-
resolution: "dompurify@npm:3.2.4"
6173+
"dompurify@npm:^3.3.2":
6174+
version: 3.3.2
6175+
resolution: "dompurify@npm:3.3.2"
61766176
dependencies:
61776177
"@types/trusted-types": ^2.0.7
61786178
dependenciesMeta:
61796179
"@types/trusted-types":
61806180
optional: true
6181-
checksum: 7a299cbbfe3b3d189e5fc77ab94ad312807e37fda1e24a927548b76a58a9c98137e612ce8d94a2f6cd3d3db59844f14fca477676b5eae6103568a82142771df6
6181+
checksum: 27856958c4088de2e2279b9514fcf3427c925e3cedf9d176957d9469a5199c39b572931a441cbb2025d1910c2890644280d0db8d5180b1366164cac309da08e5
61826182
languageName: node
61836183
linkType: hard
61846184

0 commit comments

Comments
 (0)