v5.0.0

Breaking

• Require Node.js 14 d29071c
• This package is now pure ESM. Please read this.
• It no longer accepts a Buffer.
  • To migrate, simply call .toString() on the buffer before passing it in here.
• It now strictly validates that the input is a string.

v4.4.0...v5.0.0

v4.4.0

• Update fast-xml-parser dependency (#35) 98725ee

v4.3.2...v4.4.0

v4.3.2

• Fix false-negative with linebreaks inside the SVG tag (#29) d46292d

v4.3.1...v4.3.2

v4.3.1

• Remove leftover console.log b8ebc78

v4.3.0...v4.3.1

v4.3.0

• Improve performance and accuracy 732fc72
• 4.2.2 did not 100% fix the ReDoS. This version does.
  • CVE-2021-29059

v4.2.2...v4.3.0

v4.2.2

• Partly fix ReDoS vulnerability 01f8a08
  • You are only affected if you use this package on a server that accepts SVG as user-input.
  • CVE-2021-28092

v4.2.1...v4.2.2

v4.2.1

• Fix false-positive when the <!Entity> tag contains markup (#24) f8e39a8

v4.2.0...v4.2.1

v4.2.0

• Allow self-closing SVG tag (#18) 23d6d27

v4.1.0...v4.2.0

v4.1.0

• Refactor TypeScript definition to CommonJS compatible export (#21) 96ab233

v4.0.0...v4.1.0

v4.0.0

Breaking:

• Require Node.js 6

Enhancements:

• Add TypeScript definition (#20) 7f4af70

v3.0.0...v4.0.0