v20.0.1

👷‍♂️ Patch fixes

• Adds warning for environment with unfrozen intrinsics (builtins) when JavaScript evaluation is enabled- By @capricorn86 in task #1932
  • A security advisory has been reported showing that the recommended preventive measure of running Node.js with --disallow-code-generation-from-strings wasn't enough to protect against attackers escaping the VM context and accessing process-level functions. Big thanks to @cristianstaicu for reporting this!
  • The documentation for how to run Happy DOM with JavaScript evaluation enabled in a safer way has been updated. Read more about it in the Wiki

v20.0.0

I avoid making breaking changes as much as possible in Happy DOM. When I have to make a breaking change, I try to keep it as minimal as possible. This could be a breaking change that impacts many projects, and I am truly sorry if you are negatively affected by this.

💣 Breaking Changes

• Due to security risks, JavaScript evaluation is now disabled by default - By @capricorn86 in task #1930
  • A security advisory (GHSA-37j7-fg3j-429f) has been reported that shows a security vulnerability where it's possible to escape the VM context and get access to process level functionality. Big thanks to @Mas0nShi for reporting this!
  • Due to this security risk, JavaScript evaluation is now disabled by default to prevent that consumers accidentally executes untrusted code without taking precautions
  • JavaScript evaluation can be enabled by setting enableJavaScriptEvaluation to "true". Read more about how to enable this in a safer way in the Wiki

v19.0.2

👷‍♂️ Patch fixes

• Fixes issue related to CSS pseudo selector :scope that didn't work correctly for direct descendants to root - By @capricorn86 in task #1620

v19.0.1

👷‍♂️ Patch fixes

• Fixes issue with sending in URLs as string in @happy-dom/server-renderer config using CLI - By @capricorn86 in task #1908

v19.0.0

💣 Breaking Changes

• Removes support for CommonJS - By @capricorn86 in task #1730
  • Support for CommonJS is no longer needed as Node.js v18 is deprecated and v20 and above supports loading ES modules from CommonJS using require()
• Updates Jest to v30 in the @happy-dom/jest-environment package - By @capricorn86 in task #1730
• Makes Jest packages peer dependencies to make it easier to align versions with the project using @happy-dom/jest-environment - By @capricorn86 in task #1730

🎨 Features

• Adds a new package called @happy-dom/server-renderer - By @capricorn86 in task #1730
  • This package provides a simple way to statically render (SSG) or server-side render (SSR) your client-side application
  • Read more in the Wiki under Server-Renderer
• Adds support for import.meta to the ESM compiler - By @capricorn86 in task #1730
• Adds support for the CSS pseudo selector :scope - By @capricorn86 in task #1620
• Improves support for MediaList - By @capricorn86 in task #1730
• Adds support for CSSKeywordValue, CSSStyleValue, StylePropertyMap, StylePropertyMap, StylePropertyMapReadOnly - By @capricorn86 in task #1730
• Improves debug information in the ESM compiler - By @capricorn86 in task #1730
• Adds validation of browser settings when creating a new Browser instance - By @capricorn86 in task #1730
• Adds support for the browser setting navigation.beforeContentCallback which makes it possible to inject event listeners or logic before content is loaded to the document when navigating a browser frame - By @capricorn86 in task #1730
• Adds support for the browser setting fetch.requestHeaders which provides with a declarative and simple way to add request headers - By @capricorn86 in task #1730
• Adds support for setting an object to timer.preventTimerLoops which makes it possible to define different settings for setTimeout() and requestAnimationFrame() - By @capricorn86 in task #1730
• Adds support for the browser setting viewport which makes it possible to define a default viewport size - By @capricorn86 in task #1730
• Adds support for the parameters beforeContentCallback and headers to BrowserFrame.goto(), BrowserFrame.goBack(), BrowserFrame.goForward(), BrowserFrame.goSteps() and BrowserFrame.reload() - By @capricorn86 in task #1730
• Adds support for PopStateEvent and trigger the event when navigating the page history using History.pushState() - By @capricorn86 in task #1730
• Use local file paths for virtual server files in stack traces - By @capricorn86 in task #1730
• Adds support for ResponseCache.fileSystem.load() and ResponseCache.fileSystem.save() for storing and loading cache from the file system - By @capricorn86 in task #1730

👷‍♂️ Patch fixes

• Fixes a bug in the ESM compiler that caused it to fail to parse certain code - By @capricorn86 in task #1730
• Disables the same origin policy when navigating a browser frame using BrowserFrame.goto() - By @capricorn86 in task #1730
• Fixes bug where CSS selectors with the pseudos "+" and ">" failed for selectors without arguments - By @capricorn86 in task #1730
• Adds try and catch to listeners for events dispatched from XMLHttpRequest to prevent it from being set to an invalid state if a listener throws an Error - By @capricorn86 in task #1730

v18.0.1

👷‍♂️ Patch fixes

• Addresses an issue where an error occurred if the Element ID was set to the same name as a Window property with a null value - By @capricorn86 in task #1841

v18.0.0

💣 Breaking Changes

• Makes the types for Happy DOM strict - By @capricorn86 in task #1154
  • This makes it possible to use the option skipLibCheck set to "false" in the typescript configuration for projects with a strict configuration
  • This change has resulted in that some types has changed and is therefore considered as a breaking change
• BrowserContext.close() now throws an error when trying to close the default context of a browser - By @capricorn86 in task #1154

🎨 Features

• Adds support for Browser.closed, BrowserContext.closed, BrowserPage.closed and BrowserFrame.closed - By @capricorn86 in task #1154
• Adds support for VirtualConsolePrinter.close() and VirtualConsolePrinter.closed - By @capricorn86 in task #1154
• Adds support for CookieContainer.clearCookies() - By @capricorn86 in task #1154

v17.6.3

👷‍♂️ Patch fixes

• Removes global typescript definition that was used for custom elements - By @capricorn86 in task #1154

v17.6.2

👷‍♂️ Patch fixes

• Updates Typescript to the latest version - By @capricorn86 in task #1154

v17.6.1

🎨 Features

• Adds support for disabling validation of certificates, to allow for self-signed certificates to be used - By @capricorn86 in task #1763
  • Read more about the new setting fetch.disableStrictSSL under IBrowserSettings in the Wiki