Convert only first SVG element from input

If the input to be converted contains multiple SVG elements, only the first SVG element should be converted. Currently, and undesirably, all SVG elements were being inserted into the page within Puppeteer, resulting in them all being stacked prior to the screenshot being taken.

Another symptom of this was that all recent safety measures implemented for remote code injection vulnerabilities can be easily circumvented by inserting a simple empty SVG element at the start of the input as it was the only one being sanitized.

packages/convert-svg-core/src/Converter.js

@@ -261,7 +261,7 @@ class Converter {
     input = Buffer.isBuffer(input) ? input.toString('utf8') : input;
 
     const { provider } = this;
-    const svg = cheerio.default.html(this[_sanitize](cheerio.load(input, null, false)('svg'), options));
+    const svg = cheerio.default.html(this[_sanitize](cheerio.load(input, null, false)('svg:first'), options));
 
     if (!svg) {
       throw new Error('SVG element not found in input. Check the SVG input');

packages/convert-svg-test-helper/src/tests.json

@@ -168,6 +168,12 @@
     "file": "issue-81.svg",
     "message": "should strip onload attribute"
   },
+  {
+    "name": "when SVG has multiple SVG elements",
+    "file": "issue-86.svg",
+    "options": { "width": 1000, "height": 1000 },
+    "message": "should only read first SVG element"
+  },
   {
     "name": "when setting both baseFile and baseUrl options",
     "file": "external-file.svg",