If you discover a security issue, please report it responsibly.
Please do NOT create a public GitHub issue for security vulnerabilities.
To report a vulnerability, please privately report it via the Security tab on GitHub (see their documentation for guidance).
If that is impossible, feel free to contact the maintainer directly.
All security vulnerabilities will be verified and addressed as soon as possible.
This library includes utilities for sanitizing user input:
sanitizeHtml- Sanitizes HTML to prevent XSS attackssanitizeJson- Safely parses JSON with error handlingsanitizeUrl- Validates URLs against an allowlist
When using these utilities, always review the options and ensure they meet your security requirements.
We keep dependencies up-to-date and monitor for vulnerabilities:
- Dependabot alerts are enabled