[Snyk] Upgrade mjml from 4.6.3 to 4.14.1

[mrchrisadams]

This PR was automatically created by Snyk using the credentials of a real user.

Snyk has created this PR to upgrade mjml from 4.6.3 to 4.14.1.

:information_source: Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.

---

- The recommended version is **22 versions** ahead of your current version. - The recommended version was released **7 months ago**, on 2023-04-11. The recommended version fixes: Severity | Issue | PriorityScore (*) | Exploit Maturity | :-------------------------:|:-------------------------|-------------------------|:------------------------- | Prototype Pollution
[SNYK-JS-AJV-584908](https://snyk.io/vuln/SNYK-JS-AJV-584908) | **405/1000**
**Why?** CVSS 8.1 | No Known Exploit | Prototype Pollution
[SNYK-JS-ASYNC-2441827](https://snyk.io/vuln/SNYK-JS-ASYNC-2441827) | **405/1000**
**Why?** CVSS 8.1 | Proof of Concept | Prototype Poisoning
[SNYK-JS-QS-3153490](https://snyk.io/vuln/SNYK-JS-QS-3153490) | **405/1000**
**Why?** CVSS 8.1 | Proof of Concept | Prototype Pollution
[SNYK-JS-JSONSCHEMA-1920922](https://snyk.io/vuln/SNYK-JS-JSONSCHEMA-1920922) | **405/1000**
**Why?** CVSS 8.1 | No Known Exploit | Prototype Pollution
[SNYK-JS-TOUGHCOOKIE-5672873](https://snyk.io/vuln/SNYK-JS-TOUGHCOOKIE-5672873) | **405/1000**
**Why?** CVSS 8.1 | Proof of Concept | Server-side Request Forgery (SSRF)
[SNYK-JS-REQUEST-3361831](https://snyk.io/vuln/SNYK-JS-REQUEST-3361831) | **405/1000**
**Why?** CVSS 8.1 | Proof of Concept (*) Note that the real score may have changed since the PR was raised.

Release notes

Package name: mjml

• 4.14.1 - 2023-04-11
  

  What's Changed

  • Update cheerio and htmlparser2 by @ Semigradsky in #2669

  New Contributors

  • @ Semigradsky made their first contribution in #2669

  Full Changelog: v4.14.0...v4.14.1

• 4.14.0 - 2023-04-05
  Read more
• 4.13.0 - 2022-07-08
  

  What's Changed

  • Fix typo in documentation by @ pointmax in #2423
  • Typo fixed (paragraph 07) by @ kant in #2436
  • carousel-URLs by @ GarryFlemings in #2438
  • DOCS: spelling-cli by @ GarryFlemings in #2439
  • Add text-align="center" to doc example by @ cmacdonnacha in #2422
  • Add Parcel (https://parcel.io) to tooling docs by @ BrianBock in #2446
  • MJML3--time to remove reference to it? by @ GarryFlemings in #2454
  • Add protocol to parcel link by @ georgeblahblah in #2462
  • [#2475] Add lang and dir attribute to body's div by @ iRyusa in #2476

  New Contributors

  • @ pointmax made their first contribution in #2423
  • @ kant made their first contribution in #2436
  • @ cmacdonnacha made their first contribution in #2422
  • @ BrianBock made their first contribution in #2446
  • @ georgeblahblah made their first contribution in #2462

  Full Changelog: v4.12.0...v4.13.0

• 4.12.0 - 2022-01-25
  

  Features

  • allow to add text before doctype (#2146)
  • allow to use a .mjmlconfig.js, allow to provide preprocessors in mjmlconfig.js (#2249)
  • expose mjml file path in components props (#2344)

  Fixes

  • watch on non mjml includes (#2261)
  • better error message when malformed mjml (#2372)
• 4.11.0 - 2021-11-24
  

  What's Changed

  • Allow functions to be added as styles in head by @ vidhu in #2377

  New Contributors

  • @ vidhu made their first contribution in #2377

  Full Changelog: v4.10.4...v4.11.0

• 4.10.4 - 2021-10-08
  

  v4.10.4

    </li>
    <li>
      <b>4.10.3</b> - <a href="https://snyk.io/redirect/github/mjmlio/mjml/releases/tag/v4.10.3">2021-09-10</a></br><h2>Features</h2>

  • Update @ babel/runtime dependency on all packages (thanks @ doits)

  Fixes

  • Documentation fix (thanks @ GarryFlemings)
  • Docs and linter corrections for invalid / missing attributes (fixes #2352, thanks @ BenjaminNolan)
  • Add title missing attribute on mj-button

    </li>
    <li>
      <b>4.10.2</b> - <a href="https://snyk.io/redirect/github/mjmlio/mjml/releases/tag/v4.10.2">2021-07-21</a></br><h2>Features</h2>

  • Add cli flag to omit file header comment on stdout (fixes #2039, thanks @ timo-reymann)
  • Allow components that use the color validator on an attribute without a default value (fixes #1955, #2315, thanks @ chadfurman)
  • Support "inherit" color (thanks @ chadfurman)
  • Update dependencies

  Fixes

  • Documentation updates (thanks @ GarryFlemings, @ timo-reymann)

    </li>
    <li>
      <b>4.10.1</b> - <a href="https://snyk.io/redirect/github/mjmlio/mjml/releases/tag/v4.10.1">2021-06-24</a></br><h2>Features</h2>

  • Add role attribute to mj-table (fixes #2303, thanks @ mohamedsalem401)
  • Add role: 'presentation' on mj-section's table (thanks @ mohamedsalem401)

  Fixes

  • Require newer babel runtime (fixes #2299, thanks @ doits)
  • Documentation update (thanks @ GarryFlemings)

    </li>
    <li>
      <b>4.10.0</b> - <a href="https://snyk.io/redirect/github/mjmlio/mjml/releases/tag/v4.10.0">2021-06-17</a></br><h2>Features</h2>

  • Add documentation for community component msobutton, (thanks @ adrien Zinger)

  Fixes

  • Fix background image in mj-section for Yahoo and AOL. (fixes #2098, thanks @ Pharmasolin)
  • Added missing tags in mjml-hero, mjml-button, mjml-social (thanks @ Pharmasolin)
  • removed useless "tagOmission" property on some components (thanks @ GarryFlemings)
  • Update cheerio (thanks @ pfmnzone)
  • Documentation improvements (thanks @ GarryFlemings)

  Potential breaking changes

  • The missing tbody tags that were added on mjml-hero, mjml-button and mjml-social might require a change in the css selectors, i.e. if you used a mj-style with .css-class > table > tr you'll need to add the tbody in the selector.

    </li>
    <li>
      <b>4.9.3</b> - 2021-04-30
    </li>
    <li>
      <b>4.9.2</b> - 2021-04-30
    </li>
    <li>
      <b>4.9.1</b> - 2021-04-23
    </li>
    <li>
      <b>4.9.0</b> - 2021-03-03
    </li>
    <li>
      <b>4.8.2</b> - 2021-03-01
    </li>
    <li>
      <b>4.8.1</b> - 2020-12-30
    </li>
    <li>
      <b>4.8.0</b> - 2020-12-29
    </li>
    <li>
      <b>4.7.1</b> - 2020-09-30
    </li>
    <li>
      <b>4.7.0</b> - 2020-09-18
    </li>
    <li>
      <b>4.7.0-beta.2</b> - 2020-08-28
    </li>
    <li>
      <b>4.7.0-beta.1</b> - 2020-05-29
    </li>
    <li>
      <b>4.7.0-beta.0</b> - 2020-05-27
    </li>
    <li>
      <b>4.6.3</b> - 2020-05-05
    </li>
  </ul>
  from <a href="https://snyk.io/redirect/github/mjmlio/mjml/releases">mjml GitHub release notes</a>

Commit messages

Package name: mjml

• 988819d v4.14.1
• 46bb6b6 [UPDATE] yarn.lock monorepo
• d155945 Update cheerio and htmlparser2
• 9179302 v4.14.0 [browser]
• 9600817 v4.14.0
• a776e92 [ADD] padding-direction to social element (#2572)
• 33fed1d Bump json5 from 1.0.1 to 1.0.2
• 49af205 Fix % mobile width in mjml-column
• bde1a00 fix(mjml-hero): fixed-height hero no longer overlaps subsequent content in Outlook 365 120 DPI)
• a56ad67 fix(mjml-browser): typeerror when using inline styles and juicepreservetags
• 7c8ee3f [FIX] #2636 fix cellspacing/cellpadding attributes for accordion and carousel
• d97e579 Update mjml-react home
• 4a1837e fix juiceOptions option name in documentation
• 8b8089f Update description of useMjmlConfigOptions
• 9c255a7 style!: comment about removed atom hint plugin
• 85bc58e [FIX] #2578 remove height attribute if empty (#2598)
• 1146422 Bump decode-uri-component from 0.2.0 to 0.2.2 (#2592)
• c592f0b Handle extraneous whitespace in CSS values
• e0e5919 [DOC] make align option consistent (#2370)
• e03c580 Removed the 'crypto' dependency (#2478)
• 8ead682 Add Neos CMS in the tooling section
• 7555601 Fix border-radius datatype
• cbbb241 Removed point regarding mj-include as it's now supported.
• 1360b39 Mention HTML into mj-text documentation

Compare

---

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.

For more information:

🧐 View latest project report

🛠 Adjust upgrade PR settings

🔕 Ignore this dependency or unsubscribe from future upgrade PRs