style: Format all files with Prettier by gautammanak1 · Pull Request #16 · gautammanak1/package-download-stat

gautammanak1 · 2025-11-18T23:35:35Z

Run prettier --write on all files
Fix formatting issues in 42 files
Ensure consistent code style across project

Description

Type of Change

🐛 Bug fix (non-breaking change which fixes an issue)
✨ New feature (non-breaking change which adds functionality)
💥 Breaking change (fix or feature that would cause existing functionality to not work as expected)
📝 Documentation update
🎨 Style/formatting changes (no code change)
♻️ Code refactoring (no functional changes)
⚡ Performance improvements
✅ Tests (adding or updating tests)

Related Issues

Closes #

Changes Made

Screenshots (if applicable)

Before	After

Testing

I have tested this locally
I have added/updated tests
All existing tests pass
I have tested in multiple browsers
I have tested in both light and dark modes
I have tested responsive design on mobile devices

Checklist

My code follows the project's style guidelines
I have performed a self-review of my code
I have commented my code, particularly in hard-to-understand areas
I have updated the documentation accordingly
My changes generate no new warnings
I have added tests that prove my fix is effective or that my feature works
New and existing unit tests pass locally with my changes
Any dependent changes have been merged and published

Additional Notes

- Run prettier --write on all files - Fix formatting issues in 42 files - Ensure consistent code style across project

vercel · 2025-11-18T23:35:39Z

The latest updates on your projects. Learn more about Vercel for GitHub.

Project	Deployment	Preview	Comments	Updated (UTC)
npm-package-download-stat	Ready	Preview	Comment	Nov 18, 2025 11:39pm

app/page.tsx

+                            <p className="text-sm text-muted-foreground mt-2">
+                              <strong>Alternative:</strong> Check{" "}
+                              <a
+                                href={`https://pypistats.org/packages/${packageInfo?.info?.name || packageName}`}


To fix the problem, sanitize and validate any user-supplied data before interpolating it into the anchor tag’s href attribute. Since the external service only expects package names that match a well-defined format (typically, a valid package name for npm or PyPI), we should ensure packageName and packageInfo?.info?.name are valid package names before constructing URLs with them. A simple way is to define a function that strips or restricts disallowed characters (i.e., only allow valid package name characters: alphanumerics, dashes, underscores, periods), and use it to sanitize the names before constructing the href URL. As the code only shows the anchor interpolation region, the best fix is to wrap the interpolated value with a sanitizer. Implement the function in the same file (since only app/page.tsx is shown), and use it at the link construction site.

style: Format all files with Prettier

a20bdfe

- Run prettier --write on all files - Fix formatting issues in 42 files - Ensure consistent code style across project

github-advanced-security bot found potential problems Nov 18, 2025

View reviewed changes

vercel bot deployed to Preview November 18, 2025 23:39 View deployment

gautammanak1 merged commit a20bdfe into main Nov 19, 2025
9 of 11 checks passed

@@ -27,6 +27,12 @@
             type PackageManager = "npm" | "pypi";
+            // Sanitize package names by stripping unsafe characters
+            function sanitizePackageName(pkgName: string): string {
+              // Accept alphanumeric, underscore, dash, dot; remove everything else
+              return (pkgName || "").replace(/[^a-zA-Z0-9._-]/g, "");
+            }
             export default function Home() {
               const [packageManager, setPackageManager] = useState<PackageManager>("npm");
               const [packageName, setPackageName] = useState("");
@@ -699,7 +705,7 @@
                                         <p className="text-sm text-muted-foreground mt-2">
                                           <strong>Alternative:</strong> Check{" "}
                                           <a
-                                            href={`https://pypistats.org/packages/${packageInfo?.info?.name || packageName}`}
+                                            href={`https://pypistats.org/packages/${sanitizePackageName(packageInfo?.info?.name || packageName)}`}
                                             target="_blank"
                                             rel="noopener noreferrer"
                                             className="text-primary hover:underline"

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

style: Format all files with Prettier#16

style: Format all files with Prettier#16
gautammanak1 merged 1 commit intomainfrom
fix/prettier-formatting

gautammanak1 commented Nov 18, 2025

Uh oh!

vercel bot commented Nov 18, 2025 •

edited

Loading

Uh oh!

Check warning

Copilot Autofix

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

1 participant

Conversation

gautammanak1 commented Nov 18, 2025

Description

Type of Change

Related Issues

Changes Made

Screenshots (if applicable)

Testing

Checklist

Additional Notes

Uh oh!

vercel bot commented Nov 18, 2025 • edited Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

Uh oh!

Check warning

Uh oh!

Copilot Autofix

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

1 participant

vercel bot commented Nov 18, 2025 •

edited

Loading