OpenMined / opus

Apache License 2.0
22 stars 8 forks source link

[Snyk] Upgrade xss from 1.0.6 to 1.0.9 #52

Open snyk-bot opened 3 years ago

snyk-bot commented 3 years ago

Snyk has created this PR to upgrade xss from 1.0.6 to 1.0.9.

merge advice :information_source: Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.


Release notes
Package name: xss from xss GitHub release notes
Commit messages
Package name: xss
  • 3be6a07 chore: update devDependencies to latest version
  • 948dfb1 docs: update CI badge
  • 831a6a2 chore: github action nodejs.yml run test-cov instead of test
  • 0ba3cdb chore: remove .travis.yml
  • cdee88e chore: fix github action nodejs.yml
  • 624aba9 chore: add github action nodejs.yml
  • 901b771 style: reformat all source code by prettier
  • 0b15109 docs: update changelog
  • 3e153f5 fix: typings `onTag` options
  • 82cb63f docs: update changelog
  • a1d9b44 fix: typings IWhiteList allow any tag name
  • 005098b feat: Add `<strike>` to default whitelist
  • dcf1486 feat: Add `<audio crossorigin muted>`, `<video crossorigin muted playsinline poster>` to default whitelist
  • f4c0b29 Merge pull request #220 from daraz999/patch-1
  • 2f5dd55 fix: recover `<summary>` on the default whitelist
  • d94ac2a publish: v1.0.9
  • 4452638 chore: add package-lock.json to .ignore
  • cff16d9 chore: build dist
  • 730a0b5 Merge pull request #218 from TomAnthony/fix-whitespace-bypass
  • 6586f49 Merge pull request #216 from spacegaier/patch-1
  • 20869be Merge pull request #222 from aprilandjan/master
  • 3860fe7 docs: correct empty whiteList typing in examples
  • 0024eef Add <figure> and <figcaption> to default whitelist
  • 51de741 Update handling of quoteStart to prevent sanitization bypass using non-space whitespace.
Compare

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.

For more information:

🧐 View latest project report

🛠 Adjust upgrade PR settings

🔕 Ignore this dependency or unsubscribe from future upgrade PRs