Coralite v0.14.2
Coralite v0.14.2 is a targeted update focused on stability, correctness, and safety. This release addresses critical parsing edge cases and strengthens validation across template and custom element handling. It follows the v0.14.0 release, which introduced foundational improvements to the parser and runtime.
Bug Fixes #
getTokensFromStringnow enforces a maximum token length to prevent memory exhaustion during parsing of overly long or malformed strings.- The parser no longer attempts to process tokens inside
<script>or<template>tags, avoiding incorrect interpretation of embedded code. - Custom element tag names are now validated using
isValidCustomElementName, aligning with the HTML specification and rejecting invalid names early. - Template
idattributes and custom element tag names are capped at 1000 characters to prevent abuse and ensure compatibility with underlying DOM APIs.
Impact and Value #
These fixes reduce the risk of crashes, improve security by rejecting malformed input, and ensure compliance with web standards. They make Coralite more resilient in production environments and easier to debug when issues arise.
Developers using Coralite in templates with complex or dynamic content will benefit from more predictable parsing behavior, especially when handling user-generated or external HTML.
How to Upgrade #
To upgrade to Coralite v0.14.2, run the following command:
npm install coralite@0.14.2For a complete list of changes, view the full changelog.