HTML in messages for the WindowManager.alert and WindowManager.confirm APIs were not properly sanitized. #TINY-3548
6.3.0 - 2022-11-23
Added
New expand function added to tinymce.selection which expands the selection around the nearest word. #TINY-9001
New expand function added to tinymce.dom.RangeUtils to return a new range expanded around the nearest word. #TINY-9001
New color_map_background and color_map_foreground options which set the base colors used in the backcolor and forecolor toolbar buttons and menu items. #TINY-9184
Added optional storageKey property to colorinput component and colorswatch fancy menu item. #TINY-9184
New addView function added to editor.ui.registry which makes it possible to register custom editor views. #TINY-9210
New ToggleView command which makes it possible to hide or show registered custom views. #TINY-9210
New color_default_foreground and color_default_background options to set the initial default color for the forecolor and backcolor toolbar buttons and menu items. #TINY-9183
New getTransparentElements function added to tinymce.html.Schema to return a map object of transparent HTML elements. #TINY-9172
Added ToggleToolbarDrawer event to subscribe to toolbar’s opening and closing. #TINY-9271
Changed
Transparent elements, like anchors, are now allowed in the root of the editor body if they contain blocks. #TINY-9172
Colorswatch keyboard navigation now starts on currently selected color if present in the colorswatch. #TINY-9283
setContent is now allowed to accept any custom keys and values as a second options argument. #TINY-9143
Improved
Transparent elements, like anchors, can now contain block elements. #TINY-9172
Colorswatch now displays a checkmark for selected color. #TINY-9283
Color picker dialog now starts on the appropriate color for the cursor position. #TINY-9213
Fixed
Parsing media content would cause a memory leak, which for example occurred when using the getContent API. #TINY-9186
Dragging a noneditable element toward the bottom edge would cause the page to scroll up. #TINY-9025
Range expanding capabilities would behave inconsistently depending on where the cursor was placed. #TINY-9029
Compilation errors were thrown when using TypeScript 4.8. #TINY-9161
Line separator scrolling in floating toolbars. #TINY-8948
A double bottom border appeared on inline mode editor for the tinymce-5 skin. #TINY-9108
The editor header showed up even with no menubar and toolbar configured. #TINY-8819
Inline text pattern no longer triggers if it matches only the end but not the start. #TINY-8947
Matches of inline text patterns that are similar are now managed correctly. #TINY-8949
Using editor.selection.getContent({ format: 'text' }) or editor.getContent({ format: 'text' }) would sometimes deselect selected radio buttons. #TINY-9213
The context toolbar prevented the user from placing the cursor at the edges of the editor. #TINY-8890
The Quick Insert context toolbar provided by the quickbars plugin showed when the cursor was in a fake block caret. #TINY-9190
The editor.selection.getRng() API was not returning a proper range on hidden editors in Firefox. #TINY-9259
The editor.selection.getBookmark() API was not returning a proper bookmark on hidden editors in Firefox. #TINY-9259
Dragging a noneditable element before or after another noneditable element now works correctly. #TINY-9253
The restored selection after a redo or undo action was not scrolled into view. #TINY-9222
A newline could not be inserted when the selection was restored from a bookmark after an inline element with a contenteditable="false" attribute. #TINY-9194
The global tinymce.dom.styleSheetLoader was not affected by the content_css_cors option. #TINY-6037
The caret was moved to the previous line when a text pattern executed a mceInsertContent command on Enter key when running on Firefox. #TINY-9193
The autoresize plugin used to cause infinite resize when content_css is set to document. #TINY-8872
... (truncated)
Commits
624eaa1 TINY-9404: Prepare for TinyMCE 6.3.1 release (#8327)
6923d85 Merge pull request from GHSA-gg8r-xjwq-4w92
157dc88 TINY-8984: Updated tinymce changelog and security md files
This version was pushed to npm by tinymce, a new releaser for tinymce since your current version.
Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.
Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
Bumps tinymce from 5.8.0 to 6.3.1.
Changelog
Sourced from tinymce's changelog.
... (truncated)
Commits
624eaa1
TINY-9404: Prepare for TinyMCE 6.3.1 release (#8327)6923d85
Merge pull request from GHSA-gg8r-xjwq-4w92157dc88
TINY-8984: Updated tinymce changelog and security md files3a51fed
DOC-1777: Changelog edits for 6.3 (#8291)b4cae9c
DOC-1006: Update isEdge docs to note it detects Legacy Edge (#8287)398a1f2
TINY-9392: Forgot to add icon to custom colors. (#8286)659adfb
TINY-9298: Add typography premium plugin to the premium plugin list (#8278)415ae82
TINY-9283: Improved colorswatch ui functionality. (#8247)0cb16ae
TINY-9232: Parser needs to handle nested anchor cases better (#8258)9aca3b7
TINY-9335: fixed expanded selections inside block links should not display th...Maintainer changes
This version was pushed to npm by tinymce, a new releaser for tinymce since your current version.
Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting
@dependabot rebase
.Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)