-
Notifications
You must be signed in to change notification settings - Fork 347
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
fix: remove the marked.js warning about sanitize and add sanitizer #2591
Conversation
Codecov ReportPatch coverage:
Additional details and impacted files@@ Coverage Diff @@
## main #2591 +/- ##
=======================================
Coverage 57.62% 57.63%
=======================================
Files 1326 1326
Lines 83563 83578 +15
Branches 17403 17403
=======================================
+ Hits 48157 48169 +12
- Misses 32167 32170 +3
Partials 3239 3239
Flags with carried forward coverage won't be shown. Click here to find out more.
... and 1 file with indirect coverage changes Help us with your feedback. Take ten seconds to tell us how you rate us. Have a feature suggestion? Share it here. ☔ View full report in Codecov by Sentry. |
Types
Background or solution
🤖 Generated by Copilot at 80ad54f
comments-body.tsx
,markdown/index.tsx
, andutils/marked.ts
( link, link)components/package.json
(link, link)Close #2256
Following the offical suggestion, import dom purify for sanitizer. https://marked.js.org/#usage
Changelog
🤖 Generated by Copilot at 80ad54f
This pull request adds
dompurify
as a dependency to sanitize HTML output from markdown content in various packages. It also removes the insecuresanitize
option from themarked
library and replaces it withdompurify
in thecomments
andcore-browser
packages.