search

DaftDoris / newsdesk

https://newsdesk.daftdoris.com
MIT License
2 stars 1 forks source link

Bump tinymce from 6.4.1 to 6.8.2 #770

Open dependabot[bot] opened 11 months ago

dependabot[bot] commented 11 months ago

Bumps tinymce from 6.4.1 to 6.8.2.

Changelog

Sourced from tinymce's changelog.

6.8.2 - 2023-12-11

Fixed

  • Bespoke select toolbar buttons including fontfamily, fontsize, blocks, and styles incorrectly used plural words in their accessible names. #TINY-10426
  • The align bespoke select toolbar button had an accessible name that was misleading and grammatically incorrect in certain cases. #TINY-10435
  • Accessible names of bespoke select toolbar buttons including align, fontfamily, fontsize, blocks, and styles were incorrectly translated. #TINY-10426 #TINY-10435
  • Clicking inside table cells with heavily nested content could cause the browser to hang. #TINY-10380
  • Toggling a list that contains an LI element having another list as its first child would remove the remaining content within that LI element. #TINY-10414

6.8.1 - 2023-11-29

Improved

  • Colorpicker now includes the Brightness/Saturation selector and hue slider in the keyboard navigable items. #TINY-9287

Fixed

  • Translation syntax for announcement text in the table grid was incorrectly formatted. #TINY-10141
  • The functions schema.isWrapper and schema.isInline did not exclude node names that started with # which should not be considered as elements. #TINY-10385

6.8.0 - 2023-11-22

Added

  • CSS files are now also generated as separate JS files to improve bundling of all resources. #TINY-10352
  • Added new StylesheetLoader.loadRawCss API that can be used to load CSS into a style element. #TINY-10352
  • Added new StylesheetLoader.unloadRawCss API that can be used to unload CSS that was loaded into a style element. #TINY-10352
  • Added force_hex_color editor option. Option 'always' converts all RGB & RGBA colours to hex, 'rgb_only' will only convert RGB and not RGBA colours to hex, 'off' won't convert any colours to hex. #TINY-9819
  • Added default_font_stack editor option that makes it possible to define what is considered a system font stack. #TINY-10290
  • New sandbox_iframes option that controls whether iframe elements will be added a sandbox="" attribute to mitigate malicious intent. #TINY-10348
  • New convert_unsafe_embeds option that controls whether <object> and <embed> elements will be converted to more restrictive alternatives, namely <img> for image MIME types, <video> for video MIME types, <audio> audio MIME types, or <iframe> for other or unspecified MIME types. #TINY-10349

Improved

  • Improved the tooltips of picker buttons for the urlinput components in the "Insert/Edit Image" and "Insert/Edit Link" dialogs. #TINY-10155
  • Inline dialog will now respect size: 'large' argument in the dialog spec. #TINY-10209
  • SVG elements and their children are now retained when configured as valid elements. #TINY-10237
  • Bespoke select toolbar buttons including align, fontfamily, fontsize, blocks, and styles did not include their visible text labels in their accessible names. #TINY-10147

Fixed

  • Editor would convert urls that are not http/s or relative resulting in broken links. #TINY-10153
  • Calling the setProgressState API would cause the window to be scrolled when the editor wasn't fully visible. #TINY-10172
  • Applying heading formatting to the content of the summary element extended its application to the content of the parent details element. #TINY-10154
  • Setting the content with an attribute that contains a self-closing HTML tag did not preserve the tag. #TINY-10088
  • Screen readers now announce the selected color of forecolor and backcolor buttons. #TINY-9796
  • Resize handles would not appear on editable images in a non-editable context. #TINY-10118
  • Corrections and copy-edits to the addIcon API documentation. #TINY-10230
  • The dialog size was not updated when the size argument was changed when redialling a dialog. #TINY-10209
  • Toggling a list that contains an LI element having another list as its first child would remove the remaining content within that LI element. #TINY-10213
  • Custom block element wasn't considered block element in some cases. #TINY-10139
  • The editor no longer forcefully takes focus when a notification closes while the focus is outside of the editor. #TINY-10282
  • An empty element with a contenteditable="true" attribute within a table cell would not be treated as content and get removed if backspace or delete was being pressed. #TINY-10010
  • Removing an LI element containing a details element would incorrectly merge its content. #TINY-10133
  • The function getModifierState did not work on events passed through the editor as expected. #TINY-10263

... (truncated)

Commits
  • cc69eff TINY-10419: Prepare for 6.8.2 release (#9220)
  • b0b6172 TINY-10435: Change align bespoke button tooltip to Alignment {0} (#9230)
  • 1db16b3 TINY-10435: Convert Align bespoke button tooltips to use concatenated literal...
  • a730021 TINY-10414: Fix for toggle of nested list with non-list siblings (#9209)
  • 64c3e7a TINY-10426: Singularize accessible labels of bespoke buttons that append the ...
  • d9c8f66 TINY-10380: Optimized the ClosestCaretCandidate (#9214) (#9217)
  • 376b40a TINY-10388: Prepare 6.8.1 release (#9206)
  • 9e7bb26 TINY-10383: Backporting accessability which was removed from 6.8.0 for 6.8.1 ...
  • 55195a2 TINY-10385: fix schema.isWrapper function (#9197)
  • 8eaa152 TINY-10141: Fix broken translation in table grid announcement (#9193)
  • Additional commits viewable in compare view


Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) You can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/DaftDoris/newsdesk/network/alerts).
cloudflare-workers-and-pages[bot] commented 11 months ago

Deploying with  Cloudflare Pages  Cloudflare Pages

Latest commit: f25dc89
Status: ✅  Deploy successful!
Preview URL: https://f80efb75.newsdesk.pages.dev
Branch Preview URL: https://dependabot-npm-and-yarn-tiny-4e8a.newsdesk.pages.dev

View logs

sonarcloud[bot] commented 11 months ago

Quality Gate Passed Quality Gate passed

Kudos, no new issues were introduced!

0 New issues
0 Security Hotspots
No data about Coverage
0.0% Duplication on New Code

See analysis details on SonarCloud