[Snyk] Upgrade draft-js from 0.10.5 to 0.11.7

[snyk-bot]

Snyk has created this PR to upgrade draft-js from 0.10.5 to 0.11.7.

ℹ️ Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.

---

• The recommended version is 12 versions ahead of your current version.
• The recommended version was released a year ago, on 2020-08-17.

The recommended version fixes:

Severity	Issue	PriorityScore (*)	Exploit Maturity
	Denial of Service SNYK-JS-NODEFETCH-674311	520/1000 Why? Has a fix available, CVSS 5.9	No Known Exploit

(*) Note that the real score may have changed since the PR was raised.

Release notes

Package name: draft-js

• 0.11.7 - 2020-08-17
  

  0.11.7 (Aug 13th, 2020)

  Added

  • Allow aria-describedby overriding (Jeff Dickey in 8b8b9c0)
  • Add support to create editor state using text string (Abhishek Pandya in fc9395f)

  Changed

  • Update readme to suggest building with yarn (#2527) (Kevin Chavez in 54213a1)
  • Update build, static analysis deps (+ upgrade to fbjs 2.0.0) (#2541) (Kevin Chavez in 5e92a32)
  • Tex example: Update babel to v7 + other deps (#2533) (Kevin Chavez in ce94ecf)
  • Update package.json (#2490) (Michaël De Boey in b79082f)
  • Update media.html (#2452) (fay in a8f44b1)
  • Upgrade dependencies in playground example (#2534) (Kevin Chavez in f6bf4ed)
  • feat(docs): Update README.md (#2523) (Darsh Shah in e0fc33e)
  • adds highlight in docs (#2469) (Tunde Thomas in cef6191)
  • Update QuickStart-API-Basics.md (#2491) (Michaël De Boey in 170fe23)
  • Update .travis.yml (#2495) (Michaël De Boey in 3eb391e)
  • Update link to Record in docs (#2418) (Rounak Agarwal in 6a55c38)
  • Update link to Immutable Map in docs (#2530) (Rounak Agarwal in 31dde91)
  • Upgrade browserify and babel deps in universal example (#2532) (Kevin Chavez in 1c8815a)
  • Upgrade eslint, flow, jest (#2531) (Kevin Chavez in ccd0470)
  • Fix the build by adding an argument to catch statement (Kevin Chavez in 5482c90)
  • Conditionally invokes URI.tryParseURI in OSS code (Claudio Procida in 36de6f1)
  • formatPastedText prop (Laura González in 9a9ccbd)
  • fix pasting invalid links (Frank Thompson in 862a5b2)
  • chore(dependabot): adds examples directories separately (#2505) (Claudio Procida in fb0eb34)
  • style(website): Removes desaturation (#2504) (Claudio Procida in 2b8edb1)
  • Fixes links accessibility by adding underlines (#2497) (R Nabors in 5e17cc2)
  • add codes to suppressions in www (Daniel Sainati in 8457ebb)
  • update comments in mobile to support error codes (Daniel Sainati in fb728fd)
  • Use object shorthand in DraftEditorCompositionHandler (Kevin Chavez in d949433)
  • Force the selection when composition is resolved (#2094) (Robbert Brak in 3be4d37)
  • fix(security): Upgrades Docusaurus to address CVE-2020-7662 (#2457) (Claudio Procida in a08a8fa)
• 0.11.6 - 2020-06-05
  Read more
• 0.11.5 - 2020-03-26
  Read more
• 0.11.4 - 2020-01-06
  Read more
• 0.11.3 - 2019-12-02
  Read more
• 0.11.2 - 2019-09-30
  Read more
• 0.11.1 - 2019-09-20
  Read more
• 0.11.0 - 2019-07-09
  Read more
• 0.11.0-beta3 - 2019-06-19
  No content.
• 0.11.0-beta2 - 2019-03-08
• 0.11.0-beta - 2019-02-27
• 0.11.0-alpha - 2017-07-28
• 0.10.5 - 2018-01-20
  

  Added

  • Add support for ariaDescribedBy prop, for better a11y. (Suraj Karnati in
    a6af3e15)
  • Add support for ariaLabelledBy prop, for better a11y. (@ jackyho112
    in #1519)

  Changed

  • Cause editor to break out of code block when user enters two blank lines. (Hanzhi Zhang
    in 548fd5d1)

  Fixed

  • Preserve list indentation when copying and pasting from one Draft.js editor
    into another. (@ GordyD in #1605)
  • Fix cannot read property 'update' of undefined error that was thrown when
    typing same character into selection that starts with that character. (@ existentialism in
    #1512)
  • Fix encodeRawBlocks to handle non-contiguous entities. Entities should
    always be contigious, and cover one sequential range of characters. However,
    in cases where entityState is corrupted to include non-contiguous entities,
    encodeRawBlocks would improperly process the entities in that case. (Frank
    Thompson in 0059dd46)
  • Updated CSS for DraftEditorPlaceholder to support multiline placeholder (Gaurav Vaish in
    c38b0285
  • Fix issue where typing at the end of a link caused the link to continue. (Ian
    Jones in
    d16833b3)
  • Fix regression of bug where clicking a link caused the focus to move but the
    selection state was not cleared, leading to a 'node not found' error.
    (@ flarnie
    in 55316176)
  • Loosen Flow type definition for DraftBlockType to allow user-defined custom
    block types. (@ mitermayer
    in #1480)

from draft-js GitHub release notes

Commit messages

Package name: draft-js

• f55fa0f Prepare release 0.11.7 (Recursive unpublish for descendant pages wagtail/wagtail#2562)
• 54213a1 Update readme to suggest building with yarn (When page URLs change, the previous URL should be automatically invalidated by the frontendcache module wagtail/wagtail#2527)
• 5e92a32 Update build, static analysis deps (Double-escaping bug when rendering blocks with Jinja2 wagtail/wagtail#2541)
• ce94ecf Tex example: Update babel to v7 + other deps (Cannot Edit A Redirect When Set To Just A Forward Slash wagtail/wagtail#2533)
• b79082f Update package.json (CSS for Streamfield Blocks wagtail/wagtail#2490)
• a8f44b1 Update media.html (Error during system checks since wagtail 1.4.2 wagtail/wagtail#2452)
• f6bf4ed Upgrade dependencies in playground example (Make migrations in project_template home app + wagtailadmin reversible wagtail/wagtail#2534)
• e0fc33e feat(docs): Update README.md (#2371 - Add ability to delete users wagtail/wagtail#2523)
• cef6191 adds highlight in docs (Provide page in the context of StreamField blocks wagtail/wagtail#2469)
• 170fe23 Update QuickStart-API-Basics.md (Set default values if not present wagtail/wagtail#2491)
• 3eb391e Update .travis.yml (#2281 fix issue when multiple redirects are returned for a path wagtail/wagtail#2495)
• 6a55c38 Update link to Record in docs (Import absolute_import, unicode_literals in all files wagtail/wagtail#2418)
• 31dde91 Update link to Immutable Map in docs (Much of the example code in the docs uses 2-space indentation, which is not PEP8. wagtail/wagtail#2530)
• 1c8815a Upgrade browserify and babel deps in universal example (Indentation fixes for example code in the docs wagtail/wagtail#2532)
• ccd0470 Upgrade eslint, flow, jest (Fixing #2519 wagtail/wagtail#2531)
• 5482c90 Fix the build by adding an argument to catch statement
• 36de6f1 Conditionally invokes URI.tryParseURI in OSS code
• 9a9ccbd formatPastedText prop
• 862a5b2 fix pasting invalid links
• fc9395f Add support to create editor state using text string
• fb0eb34 chore(dependabot): adds examples directories separately (Animated Gifs not really supported? wagtail/wagtail#2505)
• 2b8edb1 style(website): Removes desaturation (contrib.wagtailmedusa doesn't work anymore with Django 1.8.1+ wagtail/wagtail#2504)
• 744a419 S205607: update all file contents back to original values
• a69f63c S205607: force new contents to redacted files

Compare

---

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.

For more information:

🧐 View latest project report

🛠 Adjust upgrade PR settings

🔕 Ignore this dependency or unsubscribe from future upgrade PRs