[Snyk] Upgrade magnific-popup from 1.1.0 to 1.2.0 #4
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Snyk has created this PR to upgrade magnific-popup from 1.1.0 to 1.2.0. See this package in npm: magnific-popup See this project in Snyk: https://app.snyk.io/org/dywan.2018/project/de566ee4-f3f9-44f3-ba0e-d3cba3df46c5?utm_source=github&utm_medium=referral&page=upgrade-pr
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
This PR was automatically created by Snyk using the credentials of a real user.
Snyk has created this PR to upgrade magnific-popup from 1.1.0 to 1.2.0.
ℹ️ Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.
The recommended version is 1 version ahead of your current version.
The recommended version was released on 23 days ago.
Release notes
Package name: magnific-popup
-
1.2.0 - 2024-06-08
- Updated functions that are deprecated by jQuery 3.7.1+
- Added options
-
1.1.0 - 2016-02-20
- Dropped built-in fast-click support in favor of modern touch-action property. If you still need it in browsers that have 300ms delay, use FastClick by FT Labs.
- Dropped basic IE7 support (if you still need to support old IE, keep using the previous version).
- Sanitized attributes with jQuery when replacing img element (#770 via @ makkaq).
- Added 'style' property to package.json (#816 via @ jonscottclark).
- Removed vendor prefixes for box-sizing and box-shadow (via @ chicagoing).
from magnific-popup GitHub release notesThis update fixes jQuery deprecated functions and potential security vulnerabilities if you aren't fully sanitizing user input (for example, if your users can create HTML elements with attributes that contain non-sanitized HTML).
allowHTMLInStatusIndicator,allowHTMLInTemplatethat disable HTML within the loading indicator and fields like image title. Options are disabled by default (by default HTML is not allowed). If you want to make it work as before enable these:You can grab the latest version from
dist/directory https://github.com/dimsemenov/Magnific-Popup/tree/master/distImportant
Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.
For more information: