[pull] main from Milkdown:main

.github/actions/setup/action.yml

@@ -4,12 +4,12 @@ description: Setup the environment
 runs:
   using: composite
   steps:
-    - uses: pnpm/action-setup@v6.0.7
+    - uses: pnpm/action-setup@739bfe42ca9233c5e6aca07c1a25a9d34aca49b0 # v6.0.7
       with:
         run_install: false
 
     - name: Setup node
-      uses: actions/setup-node@v6
+      uses: actions/setup-node@48b55a011bda9f5d6aeb4c2d9c7362e8dae4041e # v6
       with:
         node-version-file: '.nvmrc'
         cache: pnpm

.github/renovate.json

@@ -1,6 +1,11 @@
 {
   "$schema": "https://docs.renovatebot.com/renovate-schema.json",
-  "extends": ["config:recommended", ":preserveSemverRanges", "group:all"],
+  "extends": [
+    "config:recommended",
+    ":preserveSemverRanges",
+    "group:all",
+    "helpers:pinGitHubActionDigestsToSemver"
+  ],
   "postUpdateOptions": ["pnpmDedupe"],
   "packageRules": [
     {

.github/workflows/ci.yml

@@ -11,16 +11,13 @@ concurrency:
   group: ${{ github.workflow }}-${{ github.ref }}
   cancel-in-progress: true
 
-env:
-  CI: true
-
 jobs:
   install-deps:
     runs-on: ubuntu-latest
 
     steps:
       - name: Checkout code repository
-        uses: actions/checkout@v6
+        uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6
         with:
           fetch-depth: 0
 
@@ -31,7 +28,7 @@ jobs:
     needs: install-deps
     steps:
       - name: Checkout code repository
-        uses: actions/checkout@v6
+        uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6
         with:
           fetch-depth: 0
 
@@ -45,7 +42,7 @@ jobs:
     needs: install-deps
     steps:
       - name: Checkout code repository
-        uses: actions/checkout@v6
+        uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6
         with:
           fetch-depth: 0
 
@@ -59,7 +56,7 @@ jobs:
     needs: install-deps
     steps:
       - name: Checkout code repository
-        uses: actions/checkout@v6
+        uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6
         with:
           fetch-depth: 0
 
@@ -93,7 +90,7 @@ jobs:
         shard: [1, 2, 3, 4, 5]
     steps:
       - name: Checkout code repository
-        uses: actions/checkout@v6
+        uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6
         with:
           fetch-depth: 0
 
@@ -112,7 +109,7 @@ jobs:
 
       - name: Upload test results
         if: ${{ failure() }}
-        uses: actions/upload-artifact@v7
+        uses: actions/upload-artifact@043fb46d1a93c77aae656e7c1c64a875d1fc6a0a # v7
         with:
           name: test-results-e2e-${{ matrix.shard }}
           path: e2e/test-results/

.github/workflows/codeql.yml

@@ -20,14 +20,14 @@ jobs:
         language: ['javascript']
     steps:
       - name: Checkout repository
-        uses: actions/checkout@v6
+        uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6
       - name: Initialize CodeQL
-        uses: github/codeql-action/init@v4
+        uses: github/codeql-action/init@68bde559dea0fdcac2102bfdf6230c5f70eb485e # v4
         with:
           languages: ${{ matrix.language }}
       - name: Autobuild
-        uses: github/codeql-action/autobuild@v4
+        uses: github/codeql-action/autobuild@68bde559dea0fdcac2102bfdf6230c5f70eb485e # v4
       - name: Perform CodeQL analysis
-        uses: github/codeql-action/analyze@v4
+        uses: github/codeql-action/analyze@68bde559dea0fdcac2102bfdf6230c5f70eb485e # v4
         with:
           category: '/language:${{matrix.language}}'

.github/workflows/fix.yml

@@ -8,14 +8,11 @@ on:
 permissions:
   contents: read
 
-env:
-  CI: true
-
 jobs:
   fix:
     runs-on: ubuntu-latest
     steps:
-      - uses: actions/checkout@v6
+      - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6
 
       - uses: ./.github/actions/setup
 

.github/workflows/release.yml

@@ -6,14 +6,11 @@ on:
 
 concurrency: ${{ github.workflow }}-${{ github.ref }}
 
-env:
-  CI: true
-
 jobs:
   prepare:
     runs-on: ubuntu-latest
     steps:
-      - uses: actions/checkout@v6
+      - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6
         with:
           fetch-depth: 0
 
@@ -35,7 +32,7 @@ jobs:
       contents: write
       id-token: write
     steps:
-      - uses: actions/checkout@v6
+      - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6
         with:
           fetch-depth: 0
 
@@ -53,7 +50,7 @@ jobs:
           echo "MILKDOWN_RELEASE_TAG=v${MILKDOWN_VERSION}" >> "$GITHUB_ENV"
 
       - name: Create GitHub release
-        uses: ncipollo/release-action@v1
+        uses: ncipollo/release-action@339a81892b84b4eeb0f6e744e4574d79d0d9b8dd # v1
         with:
           commit: main
           tag: '${{ env.MILKDOWN_RELEASE_TAG }}'

packages/components/src/code-block/view/components/preview-panel.tsx

@@ -39,7 +39,13 @@ function createSvgAwareSanitizer() {
   return (dirty: string | Node) => purify.sanitize(dirty, config)
 }
 
-const sanitizeSvg = createSvgAwareSanitizer()
+// Lazily initialize the sanitizer so that importing this module under SSR
+// (where `DOMPurify()` returns a stub without `.addHook`) does not throw.
+let cachedSanitizer: ReturnType<typeof createSvgAwareSanitizer> | undefined
+function sanitizeSvg(dirty: string | Node) {
+  cachedSanitizer ??= createSvgAwareSanitizer()
+  return cachedSanitizer(dirty)
+}
 
 type PreviewPanelProps = Pick<
   CodeBlockProps,

packages/crepe/src/llm-providers/anthropic/index.ts

@@ -7,6 +7,7 @@ import {
   parseSSE,
   readErrorBody,
   resolveSystemPrompt,
+  stripTrailingSlashes,
 } from '../shared'
 
 const PROVIDER_NAME = 'milkdown/providers/anthropic'
@@ -75,7 +76,7 @@ export function createAnthropicProvider(
           ] satisfies AnthropicMessage[],
         }
 
-    const baseURL = (config.baseURL ?? DEFAULT_BASE_URL).replace(/\/+$/, '')
+    const baseURL = stripTrailingSlashes(config.baseURL ?? DEFAULT_BASE_URL)
     const url = `${baseURL}/v1/messages`
 
     const headers: Record<string, string> = {

packages/crepe/src/llm-providers/openai/index.ts

@@ -7,6 +7,7 @@ import {
   parseSSE,
   readErrorBody,
   resolveSystemPrompt,
+  stripTrailingSlashes,
 } from '../shared'
 
 const PROVIDER_NAME = 'milkdown/providers/openai'
@@ -54,7 +55,7 @@ export function createOpenAIProvider(config: OpenAIProviderConfig): AIProvider {
       ? config.buildMessages(context, { systemPrompt, userMessage })
       : defaultMessages(systemPrompt, userMessage)
 
-    const baseURL = (config.baseURL ?? DEFAULT_BASE_URL).replace(/\/+$/, '')
+    const baseURL = stripTrailingSlashes(config.baseURL ?? DEFAULT_BASE_URL)
     const url = `${baseURL}/v1/chat/completions`
 
     const headers: Record<string, string> = {

packages/crepe/src/llm-providers/shared.ts

@@ -98,6 +98,16 @@ export function resolveSystemPrompt(
   return systemPrompt ?? DEFAULT_SYSTEM_PROMPT
 }
 
+/// Strip trailing `/` characters from a URL. Uses a linear scan instead
+/// of a regex like `/\/+$/` because the latter backtracks quadratically
+/// on caller-supplied input ending in many slashes followed by a
+/// non-slash (CodeQL js/polynomial-redos).
+export function stripTrailingSlashes(url: string): string {
+  let end = url.length
+  while (end > 0 && url.charCodeAt(end - 1) === 47 /* '/' */) end--
+  return end === url.length ? url : url.slice(0, end)
+}
+
 /// Parse an SSE stream from `response.body`. Yields the payload after
 /// `data: ` for each event; ignores `event:`, `id:`, `retry:`, and
 /// comment lines. Stops cleanly when the signal aborts or the stream