san-diego-tech-hub / sdth-site

San Diego Tech Hub website
https://sandiegotechhub.com
MIT License
11 stars 16 forks source link

Bump remark-html from 9.0.0 to 13.0.2 #197

Open dependabot[bot] opened 3 years ago

dependabot[bot] commented 3 years ago

Bumps remark-html from 9.0.0 to 13.0.2.

Release notes

Sourced from remark-html's releases.

13.0.2

  • b0b1ba5 Fix to sanitize by default The docs have always said remark-html is safe by default. It wasn’t and this patches that.

    If you do want to be unsafe, use remark-html with sanitize: false:

    -  .use(remarkHtml)
    +  .use(remarkHtml, {sanitize: false})
    

Full Changelog: https://github.com/remarkjs/remark-html/compare/13.0.1...13.0.2

13.0.1

  • 7a8cb0e Update mdast-util-to-hast

13.0.0

  • 0b1cd0a Change to comply to CommonMark (breaking, potentially, if you have duplicate definitions)

12.0.0

  • 87d88f7 Add types (breaking, potentially, if you or your dependents use typescript)

11.0.2

  • faf7d1f Rename internal method

11.0.1

  • e370aa5 Fix deprecation warning

11.0.0

  • 7781ead Update mdast-util-to-hast (breaking, potentially, if you or your dependents use typescript)
  • 558d4ad Update hast-util-to-html (breaking, potentially, if you or your dependents use typescript)
  • a58bda6 Refactor prose
  • 3d726a4 Add notes on security

10.0.0

9.0.1

  • b7a9bcd Refactor prose
Commits


Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) - `@dependabot use these labels` will set the current labels as the default for future PRs for this repo and language - `@dependabot use these reviewers` will set the current reviewers as the default for future PRs for this repo and language - `@dependabot use these assignees` will set the current assignees as the default for future PRs for this repo and language - `@dependabot use this milestone` will set the current milestone as the default for future PRs for this repo and language You can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/san-diego-tech-hub/sdth-site/network/alerts).