From c9e07d4360b9d31dc113c0f9bb55104ddef68968 Mon Sep 17 00:00:00 2001 From: Tobias Bocanegra Date: Fri, 13 Nov 2020 14:37:52 +0900 Subject: [PATCH] fix(deps): remove lodash (#257) --- package-lock.json | 3 ++- package.json | 1 - src/runtime/xss_api.js | 9 ++++----- 3 files changed, 6 insertions(+), 7 deletions(-) diff --git a/package-lock.json b/package-lock.json index af9aa1c..a9fcbd0 100644 --- a/package-lock.json +++ b/package-lock.json @@ -4059,7 +4059,8 @@ "lodash": { "version": "4.17.19", "resolved": "https://registry.npmjs.org/lodash/-/lodash-4.17.19.tgz", - "integrity": "sha512-JNvd8XER9GQX0v2qJgsaN/mzFCNA5BRe/j8JN9d+tWyGLSodKQHKFicdwNYzWwI3wjRnaKPsGj1XkBjx/F96DQ==" + "integrity": "sha512-JNvd8XER9GQX0v2qJgsaN/mzFCNA5BRe/j8JN9d+tWyGLSodKQHKFicdwNYzWwI3wjRnaKPsGj1XkBjx/F96DQ==", + "dev": true }, "lodash._baseclone": { "version": "4.5.7", diff --git a/package.json b/package.json index ae31752..46a52cc 100644 --- a/package.json +++ b/package.json @@ -23,7 +23,6 @@ "antlr4": "^4.7.2", "fs-extra": "^9.0.0", "he": "^1.2.0", - "lodash": "^4.17.15", "moment": "^2.24.0", "node-esapi": "0.0.1", "numeral": "^2.0.6", diff --git a/src/runtime/xss_api.js b/src/runtime/xss_api.js index f5470ff..6346aeb 100644 --- a/src/runtime/xss_api.js +++ b/src/runtime/xss_api.js @@ -12,7 +12,6 @@ 'use strict'; -const _ = require('lodash'); const sanitizer = require('sanitizer'); const esapiEncoder = require('node-esapi').encoder(); const XRegExp = require('xregexp'); @@ -282,11 +281,11 @@ module.exports = { * @returns {String} */ getValidJSToken(input, defaultValue) { - if (!_.isString(input)) { + if (typeof input !== 'string') { return defaultValue; } const encoded = escapeJSToken(input); - if (_.isUndefined(encoded)) { + if (encoded === undefined) { return defaultValue; } return encoded; @@ -298,7 +297,7 @@ module.exports = { * @returns {String} a sanitized URL (possibly empty) */ getValidHref(url) { - if (!_.isString(url)) { + if (typeof url !== 'string') { return ''; } return sanitizeURL(url.trim()); @@ -312,7 +311,7 @@ module.exports = { * @return {String} a string containing sanitized style token */ getValidStyleToken(input, defaultValue) { - if (_.isString(input) && input.length > 0 && CSS_TOKEN.test(input)) { + if (typeof input === 'string' && input.length > 0 && CSS_TOKEN.test(input)) { return input; } return defaultValue;