dompurify/package.json

DOMPurify is a DOM-only, super-fast, uber-tolerant XSS sanitizer for HTML, MathML and SVG. It's written in JavaScript and works in all modern browsers (Safari, Opera (15+), Internet Explorer (10+), Firefox and Chrome - as well as almost anything else usin

{
  "scripts": {
    "prepare": "husky",
    "lint": "xo src/*.ts",
    "format": "npm run format:js && npm run format:md",
    "format:md": "prettier --write --parser markdown '**/*.md'",
    "format:js": "prettier --write '{src,demos,scripts,test,website}/*.{js,ts}'",
    "commit-amend-build": "scripts/commit-amend-build.sh",
    "prebuild": "rimraf dist",
    "dev": "cross-env NODE_ENV=development BABEL_ENV=rollup rollup -w -c -o dist/purify.js",
    "build": "npm run build:types && npm run build:rollup && npm run build:fix-types && npm run build:cleanup",
    "build:types": "tsc --outDir dist/types --declaration --emitDeclarationOnly",
    "build:rollup": "rollup -c",
    "build:fix-types": "node ./scripts/fix-types.js",
    "build:umd": "rollup -c -f umd -o dist/purify.js",
    "build:umd:min": "rollup -c -f umd -o dist/purify.min.js -p terser",
    "build:es": "rollup -c -f es -o dist/purify.es.mjs",
    "build:cjs": "rollup -c -f cjs -o dist/purify.cjs.js",
    "build:cleanup": "rimraf dist/types",
    "test": "cross-env NODE_ENV=test BABEL_ENV=rollup npm run lint && npm run test:jsdom && npm run test:browser -- --project=chromium",
    "test:jsdom": "cross-env NODE_ENV=test BABEL_ENV=rollup node test/jsdom-node-runner --dot",
    "test:browser": "playwright test",
    "test:browser:install": "playwright install",
    "test:ci": "cross-env NODE_ENV=test BABEL_ENV=rollup npm run test:jsdom && npm run test:browser",
    "test:fuzz": "cross-env NODE_ENV=test BABEL_ENV=rollup node test/fuzz/sanitize.fast-check.js",
    "verify-typescript": "node ./typescript/verify.js"
  },
  "main": "./dist/purify.cjs.js",
  "module": "./dist/purify.es.mjs",
  "browser": "./dist/purify.js",
  "production": "./dist/purify.min.js",
  "types": "./dist/purify.cjs.d.ts",
  "exports": {
    ".": {
      "import": {
        "types": "./dist/purify.es.d.mts",
        "default": "./dist/purify.es.mjs"
      },
      "default": {
        "types": "./dist/purify.cjs.d.ts",
        "default": "./dist/purify.cjs.js"
      }
    },
    "./purify.min.js": "./dist/purify.min.js",
    "./purify.js": "./dist/purify.js",
    "./dist/purify.min.js": "./dist/purify.min.js",
    "./dist/purify.js": "./dist/purify.js"
  },
  "files": [
    "dist",
    "src"
  ],
  "xo": {
    "semicolon": true,
    "space": 2,
    "extends": [
      "prettier"
    ],
    "plugins": [
      "prettier"
    ],
    "rules": {
      "import/no-useless-path-segments": 0,
      "unicorn/prefer-optional-catch-binding": 0,
      "unicorn/prefer-node-remove": 0,
      "prettier/prettier": [
        "error",
        {
          "trailingComma": "es5",
          "singleQuote": true
        }
      ],
      "camelcase": [
        "error",
        {
          "properties": "never"
        }
      ],
      "@typescript-eslint/ban-types": 0,
      "@typescript-eslint/consistent-type-definitions": 0,
      "@typescript-eslint/indent": 0,
      "@typescript-eslint/naming-convention": 0,
      "@typescript-eslint/no-throw-literal": 0,
      "@typescript-eslint/no-unnecessary-boolean-literal-compare": 0,
      "@typescript-eslint/no-unsafe-argument": 0,
      "@typescript-eslint/no-unsafe-assignment": 0,
      "@typescript-eslint/no-unsafe-call": 0,
      "@typescript-eslint/no-unsafe-return": 0,
      "@typescript-eslint/prefer-includes": 0,
      "@typescript-eslint/prefer-optional-chain": 0,
      "@typescript-eslint/prefer-nullish-coalescing": 0,
      "@typescript-eslint/restrict-plus-operands": 0
    },
    "globals": [
      "window",
      "VERSION"
    ]
  },
  "devEngines": {
    "runtime": {
      "name": "node",
      "version": ">=20",
      "onFail": "warn"
    }
  },
  "optionalDependencies": {
    "@types/trusted-types": "^2.0.7"
  },
  "devDependencies": {
    "@babel/core": "^7.17.8",
    "@babel/preset-env": "^7.29.5",
    "@playwright/test": "^1.60.0",
    "@rollup/plugin-babel": "^7.0.0",
    "@rollup/plugin-node-resolve": "^16.0.3",
    "@rollup/plugin-replace": "^6.0.1",
    "@rollup/plugin-terser": "^1.0.0",
    "@rollup/plugin-typescript": "^12.3.0",
    "@types/estree": "^1.0.9",
    "@types/node": "^25.8.0",
    "cross-env": "^10.1.0",
    "eslint-config-prettier": "^10.1.8",
    "eslint-plugin-prettier": "^5.2.1",
    "fast-check": "^4.8.0",
    "husky": "^9.1.0",
    "jquery": "^3.6.0",
    "jsdom": "^29.1.1",
    "prettier": "^3.3.3",
    "qunit": "^2.4.1",
    "qunit-tap": "^1.5.0",
    "rimraf": "^6.0.1",
    "rollup": "^4.60.4",
    "rollup-plugin-dts": "^6.4.1",
    "tslib": "^2.7.0",
    "typescript": "^5.6.3",
    "xo": "^0.54.1"
  },
  "resolutions": {
    "natives": "1.1.6"
  },
  "name": "dompurify",
  "description": "DOMPurify is a DOM-only, super-fast, uber-tolerant XSS sanitizer for HTML, MathML and SVG. It's written in JavaScript and works in all modern browsers (Safari, Opera (15+), Internet Explorer (10+), Firefox and Chrome - as well as almost anything else using Blink or WebKit). DOMPurify is written by security people who have vast background in web attacks and XSS. Fear not.",
  "version": "3.4.4",
  "directories": {
    "test": "test"
  },
  "repository": {
    "type": "git",
    "url": "git://github.com/cure53/DOMPurify.git"
  },
  "keywords": [
    "dom",
    "xss",
    "html",
    "svg",
    "mathml",
    "security",
    "secure",
    "sanitizer",
    "sanitize",
    "filter",
    "purify"
  ],
  "author": "Dr.-Ing. Mario Heiderich, Cure53 <mario@cure53.de> (https://cure53.de/)",
  "license": "(MPL-2.0 OR Apache-2.0)",
  "bugs": {
    "url": "https://github.com/cure53/DOMPurify/issues"
  },
  "homepage": "https://github.com/cure53/DOMPurify"
}