0.7.5

0.7.5

Commits

Fixes:

• Preserve default namespace when serializing #319 / #321
  Thank you @lupestro

0.7.4

Commits

Fixes:

• Restore ability to parse __prototype__ attributes #315
  Thank you @dsimpsonOMF

0.7.3

0.7.3

Commits

Fixes:

• Add doctype when parsing from string #277 / #301
• Correct typo in error message #294
  Thank you @rrthomas

Refactor:

• Improve exports & require statements, new main package entry #233

Docs:

• Fix Stryker badge #298
• Fix link to help-wanted issues #299

Chore:

• Execute stryker:dry-run on branches #302
• Fix stryker config #300
• Split test and lint scripts #297
• Switch to stryker dashboard owned by org #292

0.7.2

0.7.2

Commits

Fixes:

• Types: Add index.d.ts to packaged files #288
  Thank you @forty

0.7.1

Commits

Fixes:

• Types: Copy types from DefinitelyTyped #283
  Thank you @kachkaev

Chore:

• package.json: remove author, maintainers, etc. #279

0.7.0+scoped

Commits

Due to #271 this version was published as

• unscoped xmldom package to github only (git tags 0.7.0 and 0.7.0+unscoped)
• scoped @xmldom/xmldom package to npm (github release/tag 0.7.0+scoped)
  For more details look at #278

Discussions

Fixes:

• Security: Misinterpretation of malicious XML input CVE-2021-32796
• Implement Document.getElementsByClassName as specified #213, thank you @ChALkeR
• Inherit namespace prefix from parent when required #268
• Handle whitespace in closing tags #267
• Update DOMImplementation according to recent specs #210
  BREAKING CHANGE: Only if you "passed features to be marked as available as a constructor arguments" and expected it to "magically work".
• No longer serializes any namespaces with an empty URI #244
  (related to #168 released in 0.6.0)
  BREAKING CHANGE: Only if you rely on "unsetting" a namespace prefix by setting it to an empty string
• Set localName as part of Document.createElement #229, thank you @rrthomas

CI

• We are now additionally running tests against node v16
• Stryker tests on the master branch now run against node v14

Docs

• Describe relations with and between specs: #211, #247

0.7.0

Commits

This is the release of the unscoped xmldom package that was only ever published to github, not to npm due to #271.

For the release of the scoped @xmldom/xmldom package see 0.7.0-scoped.

Discussions

Fixes:

• Security: Misinterpretation of malicious XML input CVE-2021-32796
• Implement Document.getElementsByClassName as specified #213, thank you @ChALkeR
• Inherit namespace prefix from parent when required #268
• Handle whitespace in closing tags #267
• Update DOMImplementation according to recent specs #210
  BREAKING CHANGE: Only if you "passed features to be marked as available as a constructor arguments" and expected it to "magically work".
• No longer serializes any namespaces with an empty URI #244
  (related to #168 released in 0.6.0)
  BREAKING CHANGE: Only if you rely on "unsetting" a namespace prefix by setting it to an empty string
• Set localName as part of Document.createElement #229, thank you @rrthomas

CI

• We are now additionally running tests against node v16
• Stryker tests on the master branch now run against node v14

Docs

• Describe relations with and between specs: #211, #247

0.6.0

0.6.0

Fixes

• Stop serializing empty namespace values like xmlns:ds="" #168
  BREAKING CHANGE: If your code expected empty namespaces attributes to be serialized.
  Thank you @pdecat and @FranckDepoortere
• Escape < to < when serializing attribute values #198 / #199

0.5.0

Fixes

• Avoid misinterpretation of malicious XML input - GHSA-h6q6-9hqw-rwfv (CVE-2021-21366)

  • Improve error reporting; throw on duplicate attribute
    BREAKING CHANGE: It is currently not clear how to consistently deal with duplicate attributes, so it's also safer for our users to fail when detecting them.
    It's possible to configure the DOMParser.errorHandler before parsing, to handle those errors differently.

    To accomplish this and also be able to verify it in tests I needed to

    • create a new Error type ParseError and export it
    • Throw ParseError from errorHandler.fatalError and prevent those from being caught in XMLReader.
    • export DOMHandler constructor as __DOMHandler

  • Preserve quotes in DOCTYPE declaration
    Since the only purpose of parsing the DOCTYPE is to be able to restore it when serializing, we decided that it would be best to leave the parsed publicId and systemId as is, including any quotes.
    BREAKING CHANGE: If somebody relies on the actual unquoted values of those ids, they will need to take care of either single or double quotes and the right escaping.
    (Without this change this would not have been possible because the SAX parser already dropped the information about the quotes that have been used in the source.)

    https://www.w3.org/TR/2006/REC-xml11-20060816/#dtd
    https://www.w3.org/TR/2006/REC-xml11-20060816/#IDAX1KS (External Entity Declaration)

• Fix breaking preprocessors' directives when parsing attributes #171
• fix(dom): Escape ]]> when serializing CharData #181
• Switch to (only) MIT license (drop problematic LGPL license option) #178
• Export DOMException; remove custom assertions; etc. #174

Docs

• Update MDN links in readme.md #188

0.4.0

Fixes

• BREAKING Restore   behavior from v0.1.27 #67
• BREAKING Typecheck source param before parsing #113
• Include documents in package files list #156
• Preserve doctype with sysid #144
• Remove ES6 syntax from getElementsByClassName #91
• Revert "Add lowercase of åäö in entityMap" due to duplicate entries #84
• fix: Convert all line separators to LF #66

Docs

• Update CHANGELOG.md through version 0.3.0 #63
• Update badges #78
• Add .editorconfig file #104
• Add note about import #79
• Modernize & improve the example in readme.md #81

CI

• Add Stryker Mutator #70
• Add Stryker action to update dashboard #77
• Add Node GitHub action workflow #64
• add & enable eslint #106
• Use eslint-plugin-es5 to enforce ES5 syntax #107
• Recover vows tests, drop proof tests #59
• Add jest tessuite and first tests #114
• Add jest testsuite with xmltest cases #112
• Configure Renovate #108
• Test European HTML entities #86
• Updated devDependencies

Other

• Remove files that are not of any use #131, #65, #33