feature: drop dependencies to improve runtime performance #230

jantimon · 2020-07-29T12:35:34Z

lodash is used for very trivial checks:

Line 285 in 56f6733

if (!_.isString(input)) {

Line 289 in 56f6733

if (_.isUndefined(encoded)) {

Line 301 in 56f6733

if (!_.isString(url)) {

Line 315 in 56f6733

if (_.isString(input) && input.length > 0 && CSS_TOKEN.test(input)) {

maybe we can remove lodash to reduce the amount of security warnings poping up for lodash

The text was updated successfully, but these errors were encountered:

jantimon · 2020-07-31T07:57:21Z

I did some further research and saw that we could probably also remove the xss code with the https://www.npmjs.com/package/dompurify npm package

This would remove also the following sub dependencies:

In sum that would save 50% of the runtime code (highlighted with blue):

jantimon changed the title ~~feature: drop lodash~~ feature: drop dependencies to improve runtime performance Jul 31, 2020

tripodsan mentioned this issue Nov 13, 2020

fix(deps): remove lodash #257

Merged

Provide feedback