Version 10.0.0
Changes
🚨 Breaking changes
- Upgrade to Fuse v6 @mtriff (#991)
- The
fuseOptions
have changed. See https://fusejs.io/api/options.html for details.
- The
- Introduce allowHTML option to allow people to disable injecting HTML into choices. @victiondev (#984)
- Previously all Choices elements were set using
innerHTML
. This had the potential to allow XSS attacks when loading items from external, untrusted sources. This behaviour has been deprecated. The new optionallowHTML
has been introduced, with the current default totrue
. The default will change tofalse
in a future release. It is recommended that you set it tofalse
unless you require HTML. - As a result of this change,
callbackOnCreateTemplates
now receives the full configuration object, instead of justclassNames
. The method signature to match previous versions is now({ classNames }, data)
. See the documentation for the updated example.
- Previously all Choices elements were set using
🐛 Bug Fixes
- Trigger search when clearing the input field with search floor of 0 @daicambruzzi (#992)
- Remove character sanitisation when searching @isaac-mercieca (#990)
- Prevent browser autocomplete suggestions on Choices elements @bobmaerten (#908)
- Fix Sanitization of > Characters @rjorel (#983)
🔧 Maintenance
Contributors
@bobmaerten, @mtriff, @rjorel, @victiondev, @isaac-mercieca, @daicambruzzi