Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

fix(deps): update dependency dompurify to v3 #240

Open
wants to merge 1 commit into
base: master
Choose a base branch
from
Open

fix(deps): update dependency dompurify to v3 #240

wants to merge 1 commit into from

Conversation

renovate[bot]
Copy link
Contributor

@renovate renovate bot commented Jul 16, 2023
edited

Mend Renovate

This PR contains the following updates:

Package Change Age Adoption Passing Confidence
dompurify ^2.3.1 -> ^3.0.0 age adoption passing confidence

Release Notes

cure53/DOMPurify (dompurify)

v3.0.11: DOMPurify 3.0.11

Compare Source

  • Fixed another conditional bypass caused by Processing Instructions, thanks @​Ry0taK
  • Fixed the regex for HTML Custom Element detection, thanks @​AlekseySolovey3T

v3.0.10: DOMPurify 3.0.10

Compare Source

  • Fixed two possible bypasses when sanitizing an XML document and later using it in HTML, thanks @​Slonser
  • Bumped up some build and test dependencies

v3.0.9: DOMPurify 3.0.9

Compare Source

  • Fixed a problem with proper detection of Custom Elements, thanks @​kevin-mizu
  • Refactored the hasOwnProperty logic, thanks @​ssi02014
  • Removed a superfluous console.warn making HappyDom happier, thanks @​HugoPoi
  • Modernized some of the demo hooks for better looks, thanks @​Steb95

v3.0.8: DOMPurify 3.0.8

Compare Source

  • Fixed errors caused by conditional exports, thanks @​ssi02014
  • Fixed a type error when working with custom element config, thanks @​cpmotion

v3.0.7: DOMPurify 3.0.7

Compare Source

  • Added better protection against CSPP attacks, thanks @​kevin-mizu
  • Updated browser versions for automated tests
  • Updated Node versions for automated tests

v3.0.6: DOMPurify 3.0.6

Compare Source

  • Refactored the core code-base and several utilities, thanks @​ssi02014
  • Updated and fixed several sections of the README, thanks @​ssi02014
  • Updated several outdated build and test dependencies

v3.0.5: DOMPurify 3.0.5

Compare Source

  • Fixed a licensing issue spotted and reported by @​george-thomas-hill
  • Updated several build and test dependencies

v3.0.4: DOMPurify 3.0.4

Compare Source

  • Fixed a bypass in jsdom 22 in case the noframes element is permitted, thanks @​leeN
  • Fixed a typo with shadowrootmod which should be shadowrootmode, thanks @​masatokinugawa

v3.0.3: DOMPurify 3.0.3

Compare Source

  • Added new TRUSTED_TYPES_POLICY configuration option, thanks @​dejang
  • Added feDropShadow to the SVG filter allow-list, thanks @​SelfMadeSystem

v3.0.2: DOMPurify 3.0.2

Compare Source

  • Fixed an issue with ALLOWED_URI_REGEXP not being reset, thanks @​mukilane
  • Added mprescripts tag to allowed MathML elements, thanks @​duyhai94
  • Added SMS URI scheme to allowed URI schemes, tanks @​Kiwka
  • Updated supported browser versions for nicer code and smaller size, thanks @​buzinas

v3.0.1: DOMPurify 3.0.1

Compare Source

  • Fixed a problem with improper reset of custom HTML options, thanks @​ammaraskar

v3.0.0: DOMPurify 3.0.0

Compare Source

  • Removed all code that is for MSIE-only
  • Removed all tests that are for MSIE-only
  • Modified documentation to reflect new state of MSIE support
  • Added support for ALLOW_SELF_CLOSE_IN_ATTR flag, thanks @​edg2s @​AndreVirtimo
  • Added better support for shadowrootmode, thanks @​mfreed7

NOTE Please use the 2.4.4 release if you still need MSIE support, 3.0.0 comes without the MSIE overhead

v2.4.9: DOMPurify 2.4.9

Compare Source

  • Fixed another conditional bypass caused by Processing Instructions, thanks @​Ry0taK
  • Fixed the regex for HTML Custom Element detection, thanks @​AlekseySolovey3T

v2.4.8: DOMPurify 2.4.8

Compare Source

  • Fixed two possible bypasses when sanitizing an XML document and later using it in HTML, thanks @​Slonser

Configuration

📅 Schedule: Branch creation - "before 11pm" in timezone America/New_York, Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

Rebasing: Whenever PR is behind base branch, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.

  • If you want to rebase/retry this PR, check this box

This PR has been generated by Mend Renovate. View repository job log here.

@renovate renovate bot force-pushed the renovate/dompurify-3.x branch 5 times, most recently from 8ad1f12 to 1161f2d Compare July 17, 2023 15:20
@codecov
Copy link

codecov bot commented Sep 4, 2023
edited

Codecov Report

All modified and coverable lines are covered by tests ✅

Project coverage is 100.00%. Comparing base (9cfab58) to head (e324c51).
Report is 4 commits behind head on master.

Current head e324c51 differs from pull request most recent head cbaccfb

Please upload reports for the commit cbaccfb to get more accurate results.

Additional details and impacted files 
@@            Coverage Diff            @@
##            master      #240   +/-   ##
=========================================
  Coverage   100.00%   100.00%           
=========================================
  Files          109       109           
  Lines         1079      1079           
  Branches       160       160           
=========================================
  Hits          1079      1079

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

@renovate renovate bot force-pushed the renovate/dompurify-3.x branch 10 times, most recently from acdf520 to a3cdca9 Compare September 11, 2023 13:18
@renovate renovate bot force-pushed the renovate/dompurify-3.x branch 2 times, most recently from d4e491b to 83a105c Compare October 10, 2023 15:32
@renovate renovate bot force-pushed the renovate/dompurify-3.x branch 7 times, most recently from 35c06c9 to 31c92aa Compare October 18, 2023 15:38
@renovate renovate bot force-pushed the renovate/dompurify-3.x branch 3 times, most recently from 84f5db0 to acde1d3 Compare October 29, 2023 22:47
@renovate renovate bot force-pushed the renovate/dompurify-3.x branch 12 times, most recently from 77ac0b0 to 7b0a497 Compare January 26, 2024 18:02
@renovate renovate bot force-pushed the renovate/dompurify-3.x branch 5 times, most recently from b1d6f20 to 3871301 Compare February 8, 2024 20:00
@renovate renovate bot force-pushed the renovate/dompurify-3.x branch 2 times, most recently from 1e0a99a to e11858d Compare February 28, 2024 16:06
@renovate renovate bot force-pushed the renovate/dompurify-3.x branch 2 times, most recently from 20837f8 to 54021b0 Compare March 18, 2024 19:04
@renovate renovate bot force-pushed the renovate/dompurify-3.x branch from 82eaf9d to cbaccfb Compare May 23, 2024 14:31
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
0 participants