Closed kedarchandrayan closed 1 year ago
This would be a bc break as it is not unreasonable to rely on the current behavior. Thus we'd have to force a major version change for it and I don't think it's really justified for this strictness. I would say that developers who have this concern should use the community-maintained TypeScript bindings to achieve the desired certainty.
Hello @boutell, we discussed the same on the issue and after your go-ahead, the PR was created.
Actually, this strictness is needed as due to some bug in the user's code, undefined can come as a value passed to the allowedTags
parameter, as discussed in the issue.
Developers who are already using the community-maintained TypeScript bindings will have no effect. It will effect only those who have accidentally sent null
or undefined
or 0
in the value of allowedTags
. These usages were wrong, so avoiding those should not be a problem as suggested by you in the issue discussion.
IMO, a major version update is not needed as it is not breaking anything which was promised in the readme.
Please refer the issue #176 for the earlier discussion.
Thanks, Kedar Chandrayan
Good point, we did discuss, I will review more carefully.
Hello @boutell, please let me know your comments and changes if needed.
Thanks!
Summary
Closes #176
What are the specific steps to test this change?
Run the following example snippet.
Before this change, we used to get the following output, ie. all tags allowed:
'<div><wiggly worms="ewww">hello</wiggly></div>'
After this change, we will get the following output, ie. no tag allowed:
'hello'
I have added new test cases to check the behaviour needed.
What kind of change does this PR introduce?
(Check at least one)
Make sure the PR fulfills these requirements:
If adding a new feature without an already open issue, it's best to open a feature request issue first and wait for approval before working on it.
Other information: