feat: added new rule “attr-space-between” #1459

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Draft

actengage wants to merge 1 commit into htmlhint:main from ActiveEngagement:master

Draft

feat: added new rule “attr-space-between” #1459

feat: added new rule “attr-space-between”

GitHub Advanced Security / CodeQL failed Aug 12, 2024 in 5s

4 new alerts including 4 high severity security vulnerabilities

New alerts in code changed by this pull request

Security Alerts:

4 high

See annotations below for details.

View all branch alerts.

Annotations

Check failure on line 20 in dist/core/htmlparser.js

Code scanning / CodeQL

Bad HTML filtering regexp High

Comments ending with --> are matched differently from comments ending with --!>. The first is matched with capture group 2 and comments ending with --!> are matched with capture group 3.

Check failure on line 20 in dist/core/htmlparser.js

Code scanning / CodeQL

Inefficient regular expression High

This part of the regular expression may cause exponential backtracking on strings starting with '<-' and containing many repetitions of '!'.

Check failure on line 64 in dist/core/htmlparser.js

Code scanning / CodeQL

Polynomial regular expression used on uncontrolled data High

This

that depends on

may run slow on strings starting with '</' and with many repetitions of '</!'.
This

that depends on

may run slow on strings starting with '<!--' and with many repetitions of '<!--a'.
This

that depends on

may run slow on strings starting with '<!' and with many repetitions of '<!='.
This

that depends on

may run slow on strings starting with '<-' and with many repetitions of ' '.
This

that depends on

may run slow on strings starting with '<-' and with many repetitions of ' '.
This

that depends on

may run slow on strings starting with '<- ' and with many repetitions of '<- '.
This

that depends on

may run slow on strings starting with '<- !' and with many repetitions of '=<- ! '.
This

that depends on

may run slow on strings starting with '<- !="' and with many repetitions of '" <- !="'.
This

that depends on

may run slow on strings starting with '<- !='' and with many repetitions of '' <- !=''.
This

that depends on library input may run slow on strings starting with '</' and with many repetitions of '</!'.
This

that depends on library input may run slow on strings starting with '<!--' and with many repetitions of '<!--a'.
This

that depends on library input may run slow on strings starting with '<!' and with many repetitions of '<!='.
This

that depends on library input may run slow on strings starting with '<-' and with many repetitions of ' '.
This

that depends on library input may run slow on strings starting with '<- ' and with many repetitions of '<- '.
This

that depends on library input may run slow on strings starting with '<- !' and with many repetitions of '=<- ! '.
This

that depends on library input may run slow on strings starting with '<- !="' and with many repetitions of '" <- !="'.
This

that depends on library input may run slow on strings starting with '<- !='' and with many repetitions of '' <- !=''.

Check failure on line 33 in dist/htmlhint.js

Code scanning / CodeQL

Bad HTML filtering regexp High

Comments ending with --> are matched differently from comments ending with --!>. The first is matched with capture group 2 and comments ending with --!> are matched with capture group 3.

Check failure on line 33 in dist/htmlhint.js

Code scanning / CodeQL

Inefficient regular expression High

This part of the regular expression may cause exponential backtracking on strings starting with '<-' and containing many repetitions of '!'.

Check failure on line 77 in dist/htmlhint.js

Code scanning / CodeQL

Polynomial regular expression used on uncontrolled data High

This

that depends on

may run slow on strings starting with '</' and with many repetitions of '</!'.
This

that depends on

may run slow on strings starting with '<!--' and with many repetitions of '<!--a'.
This

that depends on

may run slow on strings starting with '<!' and with many repetitions of '<!='.
This

that depends on

may run slow on strings starting with '<-' and with many repetitions of ' '.
This

that depends on

may run slow on strings starting with '<-' and with many repetitions of ' '.
This

that depends on

may run slow on strings starting with '<- ' and with many repetitions of '<- '.
This

that depends on

may run slow on strings starting with '<- !' and with many repetitions of '=<- ! '.
This

that depends on

may run slow on strings starting with '<- !="' and with many repetitions of '" <- !="'.
This regular expression that depends on

may run slow on strings starting with '<- !='' and with many repetitions of '' <- !=''.

Check failure on line 57 in src/core/htmlparser.ts

Code scanning / CodeQL

Bad HTML filtering regexp High

Comments ending with --> are matched differently from comments ending with --!>. The first is matched with capture group 2 and comments ending with --!> are matched with capture group 3.

Check failure on line 57 in src/core/htmlparser.ts

Code scanning / CodeQL

Inefficient regular expression High

This part of the regular expression may cause exponential backtracking on strings starting with '<-' and containing many repetitions of '!'.

Check failure on line 119 in src/core/htmlparser.ts