From 2c60b35543dbf00e92001cad8a229f95b44cf9e1 Mon Sep 17 00:00:00 2001 From: Alexander Date: Wed, 11 Feb 2026 22:52:28 +0100 Subject: [PATCH 1/2] fix: remove html comments from package description and deprecation notices --- app/composables/useMarkdown.ts | 3 +++ test/nuxt/composables/use-markdown.spec.ts | 27 ++++++++++++++++++++++ 2 files changed, 30 insertions(+) diff --git a/app/composables/useMarkdown.ts b/app/composables/useMarkdown.ts index c0ab0e6aa..05887b2e6 100644 --- a/app/composables/useMarkdown.ts +++ b/app/composables/useMarkdown.ts @@ -37,6 +37,9 @@ function stripAndEscapeHtml(text: string, packageName?: string): string { // Only match tags that start with a letter or / (to avoid matching things like "a < b > c") stripped = stripped.replace(/<\/?[a-z][^>]*>/gi, '') + // Strip HTML comments: + stripped = stripped.replace(//g, '') + if (packageName) { // Trim first to handle leading/trailing whitespace from stripped HTML stripped = stripped.trim() diff --git a/test/nuxt/composables/use-markdown.spec.ts b/test/nuxt/composables/use-markdown.spec.ts index 77a805552..aa902ea32 100644 --- a/test/nuxt/composables/use-markdown.spec.ts +++ b/test/nuxt/composables/use-markdown.spec.ts @@ -318,4 +318,31 @@ describe('useMarkdown', () => { expect(processed.value).toBe('bold and also bold') }) }) + + describe('HTML comment stripping', () => { + it('strips HTML comments', () => { + const processed = useMarkdown({ text: 'A library' }) + expect(processed.value).toBe('A library') + }) + + it('strips HTML comments from the middle of text', () => { + const processed = useMarkdown({ text: 'Before after' }) + expect(processed.value).toBe('Before after') + }) + + it('strips multiple HTML comments', () => { + const processed = useMarkdown({ text: 'Text here' }) + expect(processed.value).toBe('Text here') + }) + + it('strips multiline HTML comments', () => { + const processed = useMarkdown({ text: 'Text' }) + expect(processed.value).toBe('Text') + }) + + it('returns empty string when description is only a comment', () => { + const processed = useMarkdown({ text: '' }) + expect(processed.value).toBe('') + }) + }) }) From a8a8e5584dcdbbd8a1c412d856e334ecabf80dba Mon Sep 17 00:00:00 2001 From: Alexander Date: Thu, 12 Feb 2026 00:45:10 +0100 Subject: [PATCH 2/2] refactor: also consider unclosed comments --- app/composables/useMarkdown.ts | 4 ++-- test/nuxt/composables/use-markdown.spec.ts | 5 +++++ 2 files changed, 7 insertions(+), 2 deletions(-) diff --git a/app/composables/useMarkdown.ts b/app/composables/useMarkdown.ts index 05887b2e6..4f3cfe730 100644 --- a/app/composables/useMarkdown.ts +++ b/app/composables/useMarkdown.ts @@ -37,8 +37,8 @@ function stripAndEscapeHtml(text: string, packageName?: string): string { // Only match tags that start with a letter or / (to avoid matching things like "a < b > c") stripped = stripped.replace(/<\/?[a-z][^>]*>/gi, '') - // Strip HTML comments: - stripped = stripped.replace(//g, '') + // Strip HTML comments: (including unclosed comments from truncation) + stripped = stripped.replace(/|$)/g, '') if (packageName) { // Trim first to handle leading/trailing whitespace from stripped HTML diff --git a/test/nuxt/composables/use-markdown.spec.ts b/test/nuxt/composables/use-markdown.spec.ts index aa902ea32..b8ac88f3b 100644 --- a/test/nuxt/composables/use-markdown.spec.ts +++ b/test/nuxt/composables/use-markdown.spec.ts @@ -344,5 +344,10 @@ describe('useMarkdown', () => { const processed = useMarkdown({ text: '' }) expect(processed.value).toBe('') }) + + it('strips unclosed HTML comments (truncated)', () => { + const processed = useMarkdown({ text: 'A library