npm.io
0.6.1 • Published 1 month ago

sgh-receipt-lib

Licence
Version
0.6.1
Deps
1
Size
94 kB
Vulns
0
Weekly
76

SghReceiptLib

This library was generated with Angular CLI version 15.1.0.

Code scaffolding

Run ng generate component component-name --project sgh-receipt-lib to generate a new component. You can also use ng generate directive|pipe|service|class|guard|interface|enum|module --project sgh-receipt-lib.

Note: Don't forget to add --project sgh-receipt-lib or else it will be added to the default project in your angular.json file.

Build

Run ng build sgh-receipt-lib to build the project. The build artifacts will be stored in the dist/ directory.

Publishing

After building your library with ng build sgh-receipt-lib, go to the dist folder cd dist/sgh-receipt-lib and run npm publish.

Running unit tests

Run ng test sgh-receipt-lib to execute the unit tests via Karma.

Further help

To get more help on the Angular CLI use ng help or go check out the Angular CLI Overview and Command Reference page.

Version details

Angular Version Library Version Description

15                 0.4.9
16                 0.5.0
17                 0.5.1
18                 0.5.2
19                 0.5.3
19                 0.5.4              SHP-5971 Case number as label for accession based client(s)
19                 0.5.5              SHP-5971 Visit ID -> Case number,  accessionEnabled set as boolean
19                 0.5.7              SHP-5767 ach-payment related bank details showing for logged in portal transaction receipt
19                 0.5.8              SHP-7342 verbiage change for htrx
19                 0.6.0              Security hardening release
19-20              0.6.1              Angular 19 and 20 compatibility support

Security Changes (v0.6.0)

The following security improvements were made:

  1. Input Validation - Added comprehensive validation for dialog data with isValidReceiptData() type guard
  2. Safe Numeric Parsing - Replaced parseFloat/parseInt with safeParseFloat()/safeParseInt() that handle invalid inputs
  3. Image URL Validation - Added isValidImageUrl() to prevent unsafe image sources (blocks javascript:, script tags)
  4. Card/Bank Number Sanitization - Added sanitizeCardNumber() and sanitizeBankAccountNumber() to ensure only last 4 digits shown
  5. Currency Symbol Validation - Added validation to prevent injection via currency symbols
  6. TypeScript Interfaces - Converted classes to interfaces with proper type definitions
  7. Development Logging - Console statements only execute in development mode via ngDevMode
  8. Strict Equality - Changed == to === for all comparisons
  9. Error Boundary - Component gracefully handles invalid/missing data

Exported Utilities

The following helper functions are now exported for use in consuming applications:

  • isValidReceiptData(data) - Type guard for PaymentReceiptData
  • isValidStripeErrorNote(data) - Type guard for StripeErrorNote
  • safeParseFloat(value, default) - Safe float parsing
  • safeParseInt(value, default) - Safe integer parsing
  • isValidImageUrl(url) - URL validation
  • sanitizeCardNumber(cardNumber) - Card masking
  • sanitizeBankAccountNumber(accountNumber) - Bank account masking
  • createSafeReceiptData(data) - Creates sanitized copy of receipt data