version bump 0.16.0

closes #1904 h/t
- @atcazzual : Adam Cazzolla of the Sonatype Security Research team
- @davisjam  : James (Jamie) Davis of Virginia Tech
This commit is contained in:
SheetJS 2020-04-19 21:17:44 -04:00
parent 3468395494
commit 257d4e6db2
21 changed files with 880 additions and 841 deletions

@ -4,6 +4,11 @@ This log is intended to keep track of backwards-incompatible changes, including
but not limited to API changes and file location changes. Minor behavioral
changes may not be included if they are not expected to break existing code.
## v0.16.0
* Date handling changed
* XLML certain tag tests are now case insensitive
* Fixed potentially vulnerable regular expressions
## v0.15.6
* CFB prevent infinite loop

@ -1 +1 @@
XLSX.version = '0.15.6';
XLSX.version = '0.16.0';

@ -172,7 +172,7 @@ function xlml_normalize(d)/*:string*/ {
/* TODO: Everything */
/* UOS uses CJK in tags */
var xlmlregex = /<(\/?)([^\s?>!\/:]*:|)([^\s?>:\/]+)[^>]*>/mg;
var xlmlregex = /<(\/?)([^\s?><!\/:]*:|)([^\s?<>:\/]+)(?:[\s?:\/][^>]*)?>/mg;
//var xlmlregex = /<(\/?)([a-z0-9]*:|)(\w+)[^>]*>/mg;
function parse_xlml_xml(d, _opts)/*:Workbook*/ {
var opts = _opts || {};

@ -196,7 +196,7 @@ function sheet_add_json(_ws/*:?Worksheet*/, js/*:Array<any>*/, opts)/*:Worksheet
var _range = safe_decode_range(ws['!ref']);
range.e.c = Math.max(range.e.c, _range.e.c);
range.e.r = Math.max(range.e.r, _range.e.r);
if(_R == -1) { _R = range.e.r + 1; range.e.r = _R + js.length - 1 + offset; }
if(_R == -1) { _R = _range.e.r + 1; range.e.r = _R + js.length - 1 + offset; }
}
var hdr/*:Array<string>*/ = o.header || [], C = 0;

30
dist/xlsx.core.min.js generated vendored

File diff suppressed because one or more lines are too long

2
dist/xlsx.core.min.map generated vendored

File diff suppressed because one or more lines are too long

786
dist/xlsx.extendscript.js generated vendored

File diff suppressed because it is too large Load Diff

34
dist/xlsx.full.min.js generated vendored

File diff suppressed because one or more lines are too long

2
dist/xlsx.full.min.map generated vendored

File diff suppressed because one or more lines are too long

786
dist/xlsx.js generated vendored

File diff suppressed because it is too large Load Diff

26
dist/xlsx.min.js generated vendored

File diff suppressed because one or more lines are too long

2
dist/xlsx.min.map generated vendored

File diff suppressed because one or more lines are too long

12
dist/xlsx.mini.min.js generated vendored

File diff suppressed because one or more lines are too long

2
dist/xlsx.mini.min.map generated vendored

File diff suppressed because one or more lines are too long

@ -1,6 +1,6 @@
{
"name": "xlsx",
"version": "0.15.6",
"version": "0.16.0",
"author": "sheetjs",
"description": "SheetJS Spreadsheet data parser and writer",
"keywords": [

@ -1429,6 +1429,7 @@ function datenum(v/*:Date*/, date1904/*:?boolean*/)/*:number*/ {
return (epoch - dnthresh) / (24 * 60 * 60 * 1000);
}
var good_pd_date = new Date('2017-02-19T19:06:09.000Z');
if(isNaN(good_pd_date.getFullYear())) good_pd_date = new Date('2017-02-19T19:06:09');
if(isNaN(good_pd_date.getFullYear())) good_pd_date = new Date('2/19/17');
var good_pd = good_pd_date.getFullYear() == 2017;
function parseDate(str/*:string|Date*/)/*:Date*/ {

5
tests/core.js generated

@ -1422,13 +1422,14 @@ function seq(end/*:number*/, start/*:?number*/)/*:Array<number>*/ {
}
var basedate = new Date(1899, 11, 30, 0, 0, 0); // 2209161600000
var dnthresh = basedate.getTime() + (new Date().getTimezoneOffset() - basedate.getTimezoneOffset()) * 60000;
function datenum(v/*:Date*/, date1904/*:?boolean*/)/*:number*/ {
var epoch = v.getTime();
if(date1904) epoch += 1462*24*60*60*1000;
if(date1904) epoch -= 1462*24*60*60*1000;
var dnthresh = basedate.getTime() + (v.getTimezoneOffset() - basedate.getTimezoneOffset()) * 60000;
return (epoch - dnthresh) / (24 * 60 * 60 * 1000);
}
var good_pd_date = new Date('2017-02-19T19:06:09.000Z');
if(isNaN(good_pd_date.getFullYear())) good_pd_date = new Date('2017-02-19T19:06:09');
if(isNaN(good_pd_date.getFullYear())) good_pd_date = new Date('2/19/17');
var good_pd = good_pd_date.getFullYear() == 2017;
function parseDate(str/*:string|Date*/)/*:Date*/ {

@ -4,7 +4,7 @@
/*global global, exports, module, require:false, process:false, Buffer:false, ArrayBuffer:false */
var XLSX = {};
function make_xlsx_lib(XLSX){
XLSX.version = '0.15.6';
XLSX.version = '0.16.0';
var current_codepage = 1200, current_ansi = 1252;
/*:: declare var cptable:any; */
/*global cptable:true, window */
@ -15724,7 +15724,7 @@ function xlml_normalize(d)/*:string*/ {
/* TODO: Everything */
/* UOS uses CJK in tags */
var xlmlregex = /<(\/?)([^\s?>!\/:]*:|)([^\s?>:\/]+)[^>]*>/mg;
var xlmlregex = /<(\/?)([^\s?><!\/:]*:|)([^\s?<>:\/]+)(?:[\s?:\/][^>]*)?>/mg;
//var xlmlregex = /<(\/?)([a-z0-9]*:|)(\w+)[^>]*>/mg;
function parse_xlml_xml(d, _opts)/*:Workbook*/ {
var opts = _opts || {};
@ -21276,7 +21276,7 @@ function sheet_add_json(_ws/*:?Worksheet*/, js/*:Array<any>*/, opts)/*:Worksheet
var _range = safe_decode_range(ws['!ref']);
range.e.c = Math.max(range.e.c, _range.e.c);
range.e.r = Math.max(range.e.r, _range.e.r);
if(_R == -1) { _R = range.e.r + 1; range.e.r = _R + js.length - 1 + offset; }
if(_R == -1) { _R = _range.e.r + 1; range.e.r = _R + js.length - 1 + offset; }
}
var hdr/*:Array<string>*/ = o.header || [], C = 0;

6
xlsx.js generated

@ -4,7 +4,7 @@
/*global global, exports, module, require:false, process:false, Buffer:false, ArrayBuffer:false */
var XLSX = {};
function make_xlsx_lib(XLSX){
XLSX.version = '0.15.6';
XLSX.version = '0.16.0';
var current_codepage = 1200, current_ansi = 1252;
/*global cptable:true, window */
if(typeof module !== "undefined" && typeof require !== 'undefined') {
@ -15617,7 +15617,7 @@ function xlml_normalize(d) {
/* TODO: Everything */
/* UOS uses CJK in tags */
var xlmlregex = /<(\/?)([^\s?>!\/:]*:|)([^\s?>:\/]+)[^>]*>/mg;
var xlmlregex = /<(\/?)([^\s?><!\/:]*:|)([^\s?<>:\/]+)(?:[\s?:\/][^>]*)?>/mg;
//var xlmlregex = /<(\/?)([a-z0-9]*:|)(\w+)[^>]*>/mg;
function parse_xlml_xml(d, _opts) {
var opts = _opts || {};
@ -21145,7 +21145,7 @@ function sheet_add_json(_ws, js, opts) {
var _range = safe_decode_range(ws['!ref']);
range.e.c = Math.max(range.e.c, _range.e.c);
range.e.r = Math.max(range.e.r, _range.e.r);
if(_R == -1) { _R = range.e.r + 1; range.e.r = _R + js.length - 1 + offset; }
if(_R == -1) { _R = _range.e.r + 1; range.e.r = _R + js.length - 1 + offset; }
}
var hdr = o.header || [], C = 0;

@ -4,7 +4,7 @@
/*global global, exports, module, require:false, process:false, Buffer:false, ArrayBuffer:false */
var XLSX = {};
function make_xlsx_lib(XLSX){
XLSX.version = '0.15.6';
XLSX.version = '0.16.0';
var current_codepage = 1200, current_ansi = 1252;
var VALID_ANSI = [ 874, 932, 936, 949, 950 ];
@ -8472,7 +8472,7 @@ function sheet_add_json(_ws/*:?Worksheet*/, js/*:Array<any>*/, opts)/*:Worksheet
var _range = safe_decode_range(ws['!ref']);
range.e.c = Math.max(range.e.c, _range.e.c);
range.e.r = Math.max(range.e.r, _range.e.r);
if(_R == -1) { _R = range.e.r + 1; range.e.r = _R + js.length - 1 + offset; }
if(_R == -1) { _R = _range.e.r + 1; range.e.r = _R + js.length - 1 + offset; }
}
var hdr/*:Array<string>*/ = o.header || [], C = 0;

@ -4,7 +4,7 @@
/*global global, exports, module, require:false, process:false, Buffer:false, ArrayBuffer:false */
var XLSX = {};
function make_xlsx_lib(XLSX){
XLSX.version = '0.15.6';
XLSX.version = '0.16.0';
var current_codepage = 1200, current_ansi = 1252;
var VALID_ANSI = [ 874, 932, 936, 949, 950 ];
@ -8368,7 +8368,7 @@ function sheet_add_json(_ws, js, opts) {
var _range = safe_decode_range(ws['!ref']);
range.e.c = Math.max(range.e.c, _range.e.c);
range.e.r = Math.max(range.e.r, _range.e.r);
if(_R == -1) { _R = range.e.r + 1; range.e.r = _R + js.length - 1 + offset; }
if(_R == -1) { _R = _range.e.r + 1; range.e.r = _R + js.length - 1 + offset; }
}
var hdr = o.header || [], C = 0;