From d654cf7b5b71b279123f3dfd162c47aab2454cc0 Mon Sep 17 00:00:00 2001
From: skjnldsv <skjnldsv@protonmail.com>
Date: Thu, 14 Nov 2024 10:32:12 +0100
Subject: [PATCH] chore(files): replace `@skjnldsv/sanitize-svg` with
 `DOMPurify`

Signed-off-by: skjnldsv <skjnldsv@protonmail.com>
---
 apps/files/src/models/Tab.js |  7 ++-----
 package-lock.json            | 29 -----------------------------
 package.json                 |  1 -
 3 files changed, 2 insertions(+), 35 deletions(-)

diff --git a/apps/files/src/models/Tab.js b/apps/files/src/models/Tab.js
index 7b5ec721f1c..b67d51f277f 100644
--- a/apps/files/src/models/Tab.js
+++ b/apps/files/src/models/Tab.js
@@ -2,7 +2,7 @@
  * SPDX-FileCopyrightText: 2019 Nextcloud GmbH and Nextcloud contributors
  * SPDX-License-Identifier: AGPL-3.0-or-later
  */
-import { sanitizeSVG } from '@skjnldsv/sanitize-svg'
+import DOMPurify from 'dompurify'
 
 export default class Tab {
 
@@ -80,10 +80,7 @@ export default class Tab {
 		this._scrollBottomReached = scrollBottomReached
 
 		if (typeof iconSvg === 'string') {
-			sanitizeSVG(iconSvg)
-				.then(sanitizedSvg => {
-					this._iconSvgSanitized = sanitizedSvg
-				})
+			this._iconSvgSanitized = DOMPurify.sanitize(iconSvg)
 		}
 
 	}
diff --git a/package-lock.json b/package-lock.json
index 3d1cdca9f34..4364f51d590 100644
--- a/package-lock.json
+++ b/package-lock.json
@@ -32,7 +32,6 @@
         "@nextcloud/upload": "^1.7.0",
         "@nextcloud/vue": "^8.17.1",
         "@simplewebauthn/browser": "^10.0.0",
-        "@skjnldsv/sanitize-svg": "^1.0.2",
         "@vueuse/components": "^11.1.0",
         "@vueuse/core": "^11.0.1",
         "@vueuse/integrations": "^11.1.0",
@@ -4991,34 +4990,6 @@
       "dev": true,
       "license": "(Unlicense OR Apache-2.0)"
     },
-    "node_modules/@skjnldsv/sanitize-svg": {
-      "version": "1.0.2",
-      "resolved": "https://registry.npmjs.org/@skjnldsv/sanitize-svg/-/sanitize-svg-1.0.2.tgz",
-      "integrity": "sha512-blfdQZ9jr4K9IOhifF0FVhKf9LCFH0L8wWR/vEgdA53q8DGNEbjUGMNo4VU1QugglaoQdFy65O2abODRFflsSg==",
-      "license": "MIT",
-      "dependencies": {
-        "is-svg": "^4.3.2"
-      },
-      "engines": {
-        "node": "^14.0.0",
-        "npm": "^7.0.0"
-      }
-    },
-    "node_modules/@skjnldsv/sanitize-svg/node_modules/is-svg": {
-      "version": "4.4.0",
-      "resolved": "https://registry.npmjs.org/is-svg/-/is-svg-4.4.0.tgz",
-      "integrity": "sha512-v+AgVwiK5DsGtT9ng+m4mClp6zDAmwrW8nZi6Gg15qzvBnRWWdfWA1TGaXyCDnWq5g5asofIgMVl3PjKxvk1ug==",
-      "license": "MIT",
-      "dependencies": {
-        "fast-xml-parser": "^4.1.3"
-      },
-      "engines": {
-        "node": ">=6"
-      },
-      "funding": {
-        "url": "https://github.com/sponsors/sindresorhus"
-      }
-    },
     "node_modules/@socket.io/component-emitter": {
       "version": "3.1.2",
       "resolved": "https://registry.npmjs.org/@socket.io/component-emitter/-/component-emitter-3.1.2.tgz",
diff --git a/package.json b/package.json
index 0678817e178..b5fdcad96ce 100644
--- a/package.json
+++ b/package.json
@@ -63,7 +63,6 @@
     "@nextcloud/upload": "^1.7.0",
     "@nextcloud/vue": "^8.17.1",
     "@simplewebauthn/browser": "^10.0.0",
-    "@skjnldsv/sanitize-svg": "^1.0.2",
     "@vueuse/components": "^11.1.0",
     "@vueuse/core": "^11.0.1",
     "@vueuse/integrations": "^11.1.0",
-- 
2.39.5