apostrophecms · Jul 3, 2020 · Jul 6, 2020 · Jul 7, 2020 · Jul 7, 2020 · Jul 7, 2020
Showing with 31 additions and 8 deletions.

+21 −0 .github/stale.yml

+5 −0 CHANGELOG.md

+3 −5 package.json

+2 −3 src/index.js
diff --git a/.github/stale.yml b/.github/stale.yml
@@ -0,0 +1,21 @@
+# Number of days of inactivity before an issue becomes stale
+daysUntilStale: 60
+# Number of days of inactivity before a stale issue is closed
+daysUntilClose: 14
+# Issues with these labels will never be considered stale
+exemptLabels:
+  - pinned
+  - security
+  - documentation
+  - bug
+  - "v2"
+# Label to use when marking an issue as stale
+staleLabel: stale
+# Comment to post when marking an issue as stale. Set to `false` to disable
+markComment: >
+  This issue has been automatically marked as stale because it has not had
+  recent activity. It will be closed if no further activity occurs. Thank you
+  for your contributions.
+# Comment to post when closing a stale issue. Set to `false` to disable
+closeComment: false
+
diff --git a/CHANGELOG.md b/CHANGELOG.md
@@ -1,5 +1,10 @@
 ## Changelog
 
+1.27.1 (2020-07-15):
+- Removes the unused chalk dependency.
+- Adds configuration for a Github stale bot.
+- Replace `xtend` package with native `Object.assign`.
+
 1.27.0:
 - Adds the `allowedIframeDomains` option. This works similar to `allowedIframeHostnames`, where you would set it to an array of web domains. It would then permit any hostname on those domains to be used in iframe `src` attributes. Thanks to [Stanislav Kravchenko](https://github.com/StanisLove) for the contribution.
 

diff --git a/package.json b/package.json
@@ -1,6 +1,6 @@
 {
   "name": "sanitize-html",
-  "version": "1.27.0",
+  "version": "1.27.1",
   "description": "Clean up user-submitted HTML, preserving whitelisted elements and whitelisted attributes on a per-element basis",
   "sideEffects": false,
   "main": "dist/sanitize-html.js",
@@ -26,12 +26,10 @@
   "author": "Apostrophe Technologies, Inc.",
   "license": "MIT",
   "dependencies": {
-    "chalk": "^2.4.1",
     "htmlparser2": "^4.1.0",
     "lodash": "^4.17.15",
     "postcss": "^7.0.27",
-    "srcset": "^2.0.1",
-    "xtend": "^4.0.1"
+    "srcset": "^2.0.1"
   },
   "devDependencies": {
     "@babel/cli": "^7.8.4",
@@ -50,4 +48,4 @@
     "sinon": "^9.0.2",
     "uglify-js": "^3.8.0"
   }
-}
+}
diff --git a/src/index.js b/src/index.js
@@ -1,6 +1,5 @@
 /* eslint-disable no-useless-escape */
 var htmlparser = require('htmlparser2');
-var extend = require('xtend');
 var quoteRegexp = require('lodash/escapeRegExp');
 var cloneDeep = require('lodash/cloneDeep');
 var mergeWith = require('lodash/mergeWith');
@@ -101,9 +100,9 @@ function sanitizeHtml(html, options, _recursing) {
     options = sanitizeHtml.defaults;
     options.parser = htmlParserDefaults;
   } else {
-    options = extend(sanitizeHtml.defaults, options);
+    options = Object.assign({}, sanitizeHtml.defaults, options);
     if (options.parser) {
-      options.parser = extend(htmlParserDefaults, options.parser);
+      options.parser = Object.assign({}, htmlParserDefaults, options.parser);
     } else {
       options.parser = htmlParserDefaults;
     }