Added tests for multiple versions.

Author: patel-vansh

tests/fixtures/common/OneUnsafe.expected.json

@@ -0,0 +1,19 @@
+{
+    "filename": "OneUnsafe.svelte",
+    "parsed": true,
+    "error": null,
+    "warnings": [
+        {
+            "filename": "OneUnsafe.svelte",
+            "message": "Unsafe raw HTML insertion without sanitizer",
+            "start": {
+                "line": 1,
+                "column": 12
+            },
+            "end": {
+                "line": 1,
+                "column": 45
+            }
+        }
+    ]
+}

tests/fixtures/common/OneUnsafe.svelte

@@ -0,0 +1 @@
+<div>{@html '<p>this is some unsafe html</p>'}</div>

tests/fixtures/common/OneUnsafeWithIgnoreComment.expected.json

@@ -0,0 +1,6 @@
+{
+    "filename": "OneUnsafeWithIgnoreComment.svelte",
+    "parsed": true,
+    "error": null,
+    "warnings": []
+}

tests/fixtures/common/OneUnsafeWithIgnoreComment.svelte

@@ -0,0 +1,4 @@
+<div>
+    <!-- svelte-ignore unsafe_html -->
+    {@html '<p>this is some unsafe html</p>'}
+</div>

tests/fixtures/common/OneUnsafeWithScript.expected.json

@@ -0,0 +1,19 @@
+{
+    "filename": "OneUnsafeWithScript.svelte",
+    "parsed": true,
+    "error": null,
+    "warnings": [
+        {
+            "filename": "OneUnsafeWithScript.svelte",
+            "message": "Unsafe raw HTML insertion without sanitizer",
+            "start": {
+                "line": 5,
+                "column": 12
+            },
+            "end": {
+                "line": 5,
+                "column": 45
+            }
+        }
+    ]
+}

tests/fixtures/common/OneUnsafeWithScript.svelte

@@ -0,0 +1,5 @@
+<script>
+    let title = "One Unsafe With Script";
+</script>
+
+<div>{@html '<p>this is some unsafe html</p>'}</div>

tests/fixtures/common/TwoUnsafe.expected.json

@@ -0,0 +1,31 @@
+{
+    "filename": "TwoUnsafe.svelte",
+    "parsed": true,
+    "error": null,
+    "warnings": [
+        {
+            "filename": "TwoUnsafe.svelte",
+            "message": "Unsafe raw HTML insertion without sanitizer",
+            "start": {
+                "line": 1,
+                "column": 10
+            },
+            "end": {
+                "line": 1,
+                "column": 28
+            }
+        },
+        {
+            "filename": "TwoUnsafe.svelte",
+            "message": "Unsafe raw HTML insertion without sanitizer",
+            "start": {
+                "line": 4,
+                "column": 10
+            },
+            "end": {
+                "line": 4,
+                "column": 48
+            }
+        }
+    ]
+}

tests/fixtures/common/TwoUnsafe.svelte

@@ -0,0 +1,4 @@
+<p>{@html '<b>Bold Text</b>'}</p>
+
+
+<p>{@html '<script>alert("XSS Attack")</script>'}</p>

tests/run-all.js

@@ -0,0 +1,37 @@
+import { exec } from "child_process";
+import path from "path";
+import { promisify } from "util";
+
+const asyncExec = promisify(exec);
+
+const dirs = ["svelte3", "svelte4", "svelte5-legacy"];
+const cwd = process.cwd();
+
+
+async function testDir(dir) {
+    const testDir = path.join(cwd, "tests", dir);
+    console.log(`\n🧹 Testing ${dir}...`);
+
+    try {
+        // Cleanup
+        await asyncExec("rm -rf node_modules package-lock.json", { cwd: testDir });
+        // await asyncExec("npm cache clean --force");
+
+        // Install
+        await asyncExec("npm install", { cwd: testDir, stdio: "inherit" });
+
+        // Run tests
+        await asyncExec("npm test", { cwd: testDir, stdio: "inherit" });
+
+        console.log(`✅ ${dir} passed`);
+    } catch (err) {
+        console.error(`❌ ${dir} failed:\n`, err.stderr || err.message);
+        process.exitCode = 1;
+    }
+}
+
+(async () => {
+    console.log("🚀 Running tests in parallel...\n");
+    await Promise.all(dirs.map(testDir));
+    console.log("\n✅ All tests completed.");
+})();