TAMULib / weaver-components

Custom Web Components for the Weaver UI
MIT License
0 stars 1 forks source link

Bump tinymce from 6.2.0 to 6.7.1 #524

Closed dependabot[bot] closed 1 year ago

dependabot[bot] commented 1 year ago

Bumps tinymce from 6.2.0 to 6.7.1.

Changelog

Sourced from tinymce's changelog.

6.7.1 - 2023-10-19

Fixed

  • Specific HTML content caused mXSS when using undo/redo. #TINY-10180
  • Specific HTML content caused mXSS when using the getContent and setContent APIs with the format: 'raw' option, which also affected the resetContent API and the draft restoration feature of the Autosave plugin. #TINY-10236
  • Notification messages containing HTML were not properly XSS sanitized before being displayed. #TINY-10286

6.7.0 - 2023-08-30

Added

  • New help_accessibility option displays the keyboard shortcut to open the in-application help in the status bar. #TINY-9379
  • Added a new InsertNewBlockBefore command which inserts an empty block before the block containing the current selection. #TINY-10022
  • Added a new InsertNewBlockAfter command which inserts an empty block after the block containing the current selection. #TINY-10022

Improved

  • Adding a newline after a table would, in some specific cases, not work. #TINY-9863
  • Menus now have a slight margin at the top and bottom to more clearly separate them from the frame edge. #TINY-9978
  • Updated More toolbar button tooltip text from More... to Reveal or hide additional toolbar items. #TINY-9629
  • Where multiple case sensitive variants of a translation key are provided, they will now all be preserved in the translation object instead of just the lowercase variant. #TINY-10115
  • Improved screen reader announcements of the column and row selection in the grid presented by the Table menu and toolbar item. #TINY-10140
  • Improved the keyboard focus visibility for links inside dialogs. #TINY-10124

Changed

  • Change UndoLevelType from enum to union type so that it is easier to use. #TINY-9764
  • The pattern replacement removed spaces if they were contained within a tag that only contained a space and the text to replace. #TINY-9744
  • If loading content CSS takes more than 500ms, the editor will be set to an in progress state until the CSS is ready. #TINY-10008

Fixed

  • Applying an ordered or unordered list to a selected checklist incorrectly turned the list into paragraphs. #TINY-9975
  • Returning an empty string in a custom context menu update function resulted in a small white line appearing on right-click and the browser-native context menu would not present. #TINY-9842
  • For sufficiently long URLs and sufficiently wide windows, URL autocompletion hid middle portions of the URL from view. #TINY-10017
  • Numeric input in toolbar items did not disable when a switching from edit to read-only mode. #TINY-10129
  • The Quick Toolbars plugin showed text alignment buttons on pagebreaks. #TINY-10054
  • Creating lists in empty blocks sometimes, and incorrectly, converted adjacent block elements into list items. #TINY-10136
  • Creating a list from multiple <div> elements only created a partial list. #TINY-9872
  • Tab navigation incorrectly stopped around iframe dialog components. #TINY-9815
  • It was possible to delete the sole empty block immediately before a <details> element if it was nested within another <details> element. #TINY-9965
  • Deleting <li> elements that only contained <br> tags sometimes caused a crash. #TINY-6888
  • It was possible to remove the <summary> element from a <details> element by dragging and dropping. #TINY-9960
  • It was possible to break <summary> elements if content containing block elements was dragged-and-dropped inside them. #TINY-9960
  • Contents were not removed from the drag start source if dragging and dropping internally into a transparent block element. #TINY-9960
  • Using the Media plugin unexpectedly changed <script> tags in the editor body to <image> tags. #TINY-10007
  • In some circumstances, pressing the Enter key scrolled the entire page. #TINY-9828
  • The border styles of a table were incorrectly split into a longhand form after table dialog updates. #TINY-9843
  • Links in Help → Help → Plugins and Help → Help → Version were not navigable by keyboard. #TINY-10071
  • Fixed the inability to insert content next to the <details> element when it is the first or last content element. Pressing the Up or Down arrow key now inserts a block element before or after the <details> element. #TINY-9827
  • An empty element with a contenteditable="true" attribute within a noneditable root was deleted when the Backspace key was pressed. #TINY-10011
  • The color_cols option was not respected when set to the value 5 with a custom color_map specified. #TINY-10126
  • In Safari on macOS, deleting backwards within a <summary> element removed the entire <details> element if it had no other content. #TINY-10123

... (truncated)

Commits
  • cb4d48d TINY-10164: Update changelog heading and package.json version for 6.7.1 relea...
  • 1365f04 TINY-10164: Prepare for 6.7.1 Community Release (#9089)
  • 632e7a6 TINY-9879: Updated changelog and security.md
  • 88a8707 DOC-2169: edits, copy-edits, and markup changes to changelog.md (#9012)
  • b4c8981 TINY-9998: Applying bullist to a custom unordered list would turn list into p...
  • 1968450 TINY-10124: Improved the keyboard focus visibility for links inside dialogs (...
  • 5cf3328 TINY-10115: Add support for case sensitive translations (#8995)
  • 45bffbe TINY-9977: Cleanup api/html/Schema (#8992)
  • 427c3de TINY-10136: Prevent list generation to go outside of expected child nodes. (#...
  • 0e7ef69 TINY-10123: fix deleting in summary on Safari (#8993)
  • Additional commits viewable in compare view


Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) You can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/TAMULib/weaver-components/network/alerts).
jmicah commented 1 year ago

Removing Dependabot.

dependabot[bot] commented 1 year ago

OK, I won't notify you again about this release, but will get in touch when a new version is available. If you'd rather skip all updates until the next major or minor version, let me know by commenting @dependabot ignore this major version or @dependabot ignore this minor version.

If you change your mind, just re-open this PR and I'll resolve any conflicts on it.