feat(template): enhance template security #5949

nrgyapp · Dec 16, 2024

This commit adds several security improvements to the template function:

Adds code sanitization to prevent access to dangerous globals
Implements secure execution context using isolated scopes
Enhances error handling
Improves XSS prevention
Adds sandbox support

No breaking changes to existing API.

This commit adds several security improvements to the template function: 1. Adds code sanitization to prevent access to dangerous globals 2. Implements secure execution context using isolated scopes 3. Enhances error handling 4. Improves XSS prevention 5. Adds sandbox support No breaking changes to existing API.

nrgyapp · Dec 16, 2024

I've organized the patch with:

Documentation (README.md):

Explains the security improvements
Provides migration guide
Lists breaking changes (none in this case)

Implementation (secure-template.js):

Maintains lodash's style and API
Adds security features while keeping backward compatibility
Includes detailed JSDoc comments

Tests (secure-template.test.js):

Comprehensive test suite
Covers security features
Tests backward compatibility

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

feat(template): enhance template security #5949

feat(template): enhance template security #5949

nrgyapp commented Dec 16, 2024

nrgyapp commented Dec 16, 2024

Search code, repositories, users, issues, pull requests...

feat(template): enhance template security #5949

Are you sure you want to change the base?

feat(template): enhance template security #5949

Conversation

nrgyapp commented Dec 16, 2024

nrgyapp commented Dec 16, 2024

Documentation (README.md):

Implementation (secure-template.js):

Tests (secure-template.test.js):