fa7b97acdc
Adds a CWE-79 regression test: a sidecar entry whose displayName contains an <img onerror=alert(1)> payload must round-trip through deserialize and the Tiptap renderHTML without producing a real <img> element in the editor DOM. Locks down the "renderHTML's third tuple entry is a text node, never parsed as HTML" invariant so a future "use innerHTML for performance" refactor cannot silently regress. Nora #5618 detection-gap concern. Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
sv
Everything you need to build a Svelte project, powered by sv.
Creating a project
If you're seeing this, you've probably already done this step. Congrats!
# create a new project in the current directory
npx sv create
# create a new project in my-app
npx sv create my-app
Developing
Once you've created a project and installed dependencies with npm install (or pnpm install or yarn), start a development server:
npm run dev
# or start the server and open the app in a new browser tab
npm run dev -- --open
Building
To create a production version of your app:
npm run build
You can preview the production build with npm run preview.
To deploy your app, you may need to install an adapter for your target environment.