Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[Snyk] Upgrade dompurify from 3.0.11 to 3.1.0 #54

Open
wants to merge 1 commit into
base: main
Choose a base branch
from
Open

[Snyk] Upgrade dompurify from 3.0.11 to 3.1.0 #54

wants to merge 1 commit into from

Conversation

lkolapp
Copy link

@lkolapp lkolapp commented May 3, 2024

This PR was automatically created by Snyk using the credentials of a real user.


Snyk has created this PR to upgrade dompurify from 3.0.11 to 3.1.0.

ℹ️ Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.

  • The recommended version is 1 version ahead of your current version.
  • The recommended version was released 25 days ago, on 2024-04-07.
Release notes
Package name: dompurify
  • 3.1.0 - 2024-04-07
    • Added new setting SAFE_FOR_XML to enable better control over comment scrubbing
    • Updated README to warn about happy-dom not being safe for use with DOMPurify yet
    • Updated the LICENSE file to show the accurate year number
    • Updated several build and test dependencies
  • 3.0.11 - 2024-03-21
    • Fixed another conditional bypass caused by Processing Instructions, thanks @ Ry0taK
    • Fixed the regex for HTML Custom Element detection, thanks @ AlekseySolovey3T
from dompurify GitHub release notes
Commit messages
Package name: dompurify
  • db19269 Merge pull request #936 from cure53/main
  • 3375f4c docs: Updated the year in LICENSE file
  • 1c32a11 Merge pull request #934 from cure53/main
  • 0cf9d2d chore: Preparing 3.1.0 release
  • 933b9de See #931
  • bf1f5cf fix: Changed the SAFE_FOR_XML config assignment slightly
  • e2c857e docs: Modified the README slightly regarding the happy-dom warning
  • 3a00950 feature: Added new config option to control comment sanitization
  • 1ebcfd4 fix: Removed the unnecessary clobbering check for elm.data
  • fc3c781 fix: Rolling back changes from previous fixes, trying more aggressive comment handling
  • 8a0dcf8 fix: Enhanced the fix for comments inside XML
  • 0f473ef fix: Added an experimental fix to treat unwanted XML comment behavior
  • 93ef943 Merge pull request #926 from HaluanUskoa/fix/attrs
  • 5540df9 Update attrs.js
  • a9fd4ae Merge pull request #921 from cure53/main
  • f2b637f Merge pull request #917 from cure53/main
  • 699b1c9 Merge pull request #913 from cure53/main
  • ec1346a Merge pull request #899 from cure53/main
  • aa2c561 Merge pull request #893 from cure53/main
  • db73dd7 Merge pull request #885 from cure53/main
  • 1b864e7 Merge pull request #860 from cure53/main
  • c96c9df Merge pull request #835 from cure53/main

Compare

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.

For more information:

🧐 View latest project report

🛠 Adjust upgrade PR settings

🔕 Ignore this dependency or unsubscribe from future upgrade PRs

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@lkolapp @snyk-bot