Snyk has created this PR to upgrade xss from 1.0.6 to 1.0.9.
:information_source: Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.
The recommended version is 3 versions ahead of your current version.
The recommended version was released 22 days ago, on 2021-05-06.
Snyk has created this PR to upgrade xss from 1.0.6 to 1.0.9.
Release notes
Package name: xss
-
1.0.9 - 2021-05-06No content.
-
1.0.8 - 2020-07-27
-
1.0.7 - 2020-06-08No content.
-
1.0.6 - 2019-03-21No content.
from xss GitHub release notesv1.0.8
Commit messages
Package name: xss
- 3be6a07 chore: update devDependencies to latest version
- 948dfb1 docs: update CI badge
- 831a6a2 chore: github action nodejs.yml run test-cov instead of test
- 0ba3cdb chore: remove .travis.yml
- cdee88e chore: fix github action nodejs.yml
- 624aba9 chore: add github action nodejs.yml
- 901b771 style: reformat all source code by prettier
- 0b15109 docs: update changelog
- 3e153f5 fix: typings `onTag` options
- 82cb63f docs: update changelog
- a1d9b44 fix: typings IWhiteList allow any tag name
- 005098b feat: Add `<strike>` to default whitelist
- dcf1486 feat: Add `<audio crossorigin muted>`, `<video crossorigin muted playsinline poster>` to default whitelist
- f4c0b29 Merge pull request #220 from daraz999/patch-1
- 2f5dd55 fix: recover `<summary>` on the default whitelist
- d94ac2a publish: v1.0.9
- 4452638 chore: add package-lock.json to .ignore
- cff16d9 chore: build dist
- 730a0b5 Merge pull request #218 from TomAnthony/fix-whitespace-bypass
- 6586f49 Merge pull request #216 from spacegaier/patch-1
- 20869be Merge pull request #222 from aprilandjan/master
- 3860fe7 docs: correct empty whiteList typing in examples
- 0024eef Add <figure> and <figcaption> to default whitelist
- 51de741 Update handling of quoteStart to prevent sanitization bypass using non-space whitespace.
CompareNote: You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.
For more information:
🧐 View latest project report
🛠 Adjust upgrade PR settings
🔕 Ignore this dependency or unsubscribe from future upgrade PRs