search

stanleyowen / otlio

An open source project of Todo which is easy to use and easy to organize!
https://otlio.netlify.app
MIT License
23 stars 4 forks source link

[Snyk] Upgrade dompurify from 2.4.0 to 2.4.3 #403

Closed snyk-bot closed 1 year ago

snyk-bot commented 1 year ago

Snyk has created this PR to upgrade dompurify from 2.4.0 to 2.4.3.

:information_source: Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.

Release notes
Package name: dompurify
  • 2.4.3 - 2023-01-06
    • Final release that is compatible with MSIE10 & MSIE 11
  • 2.4.2 - 2023-01-05
    • Fixed a Trusted Types sink violation with empty input and NAMESPACE , thanks @ tosmolka
    • Fixed a Prototype Pollution issue discovered and reported by @ kevin-mizu
  • 2.4.1 - 2022-11-10
    • Added new config option ALLOWED_NAMESPACES for better XML handling, thanks @ kevin-deyoungster @ tosmolka
    • Added better detection of template literals when SAFE_FOR_TEMPLATES is true
    • Fixed an exception caused by DOM clobbering, thanks @ masatokinugawa
    • Bumped some dependencies, thanks @ marcpenya-tf
  • 2.4.0 - 2022-08-24
    • Removed bundled types again as they caused too much trouble
from dompurify GitHub release notes
Commit messages
Package name: dompurify
  • 90326ef Merge pull request #750 from cure53/dependabot/npm_and_yarn/json5-1.0.2
  • fade506 chore: Prepare 2.4.3, final feature release compatible w. MSIE10/11
  • 3afe389 build(deps): bump json5 from 1.0.1 to 1.0.2
  • f1e180f fix: merged from latest main
  • 7707778 Update README.md
  • 5267b04 chore: Preparing 2.4.2 release
  • d1dd037 fix: Fixed a prototype pollution bug reported by @ kevin_mizu
  • 24d2a7f Merge pull request #748 from tosmolka/tosmolka/747
  • 7de86a0 Fix formatting
  • 191cc00 Fix Trusted Types Sink violation with empty input and NAMESPACE
  • 4945074 Merge pull request #745 from cure53/dependabot/npm_and_yarn/qs-and-body-parser-6.11.0
  • 7e9fcd9 build(deps): bump qs and body-parser
  • 2734b2d Merge pull request #737 from cure53/dependabot/npm_and_yarn/engine.io-and-socket.io-6.2.1
  • f3b68d9 build(deps): bump engine.io and socket.io
  • 9a751e4 Merge pull request #732 from Pomierski/patch-1
  • 2c03b6c fix
  • 7477926 chore: fix allowCustomizedBuiltInElements comment in readme
  • 67f784c chore: preparing 2.4.1 release
  • e50e814 Merge pull request #731 from cure53/dependabot/npm_and_yarn/minimatch-3.1.2
  • 4712fa3 test: attempted to fix ALLOWED_NAMESPACES tests for IE/Edge v2
  • 48d009c test: attempted to fix ALLOWED_NAMESPACES tests for IE/Edge
  • 36eb7c3 build(deps): bump minimatch from 3.0.4 to 3.1.2
  • 16232f0 Merge pull request #730 from cure53/dependabot/npm_and_yarn/socket.io-parser-4.0.5
  • 5f77429 Merge pull request #729 from kevin-deyoungster/kdeyoungster/xml
Compare

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.

For more information:

🧐 View latest project report

🛠 Adjust upgrade PR settings

🔕 Ignore this dependency or unsubscribe from future upgrade PRs

netlify[bot] commented 1 year ago

Deploy Preview for otlio ready!

Name Link
Latest commit f59340fa8ef85590c2e20d2f0f1a70918351b5e6
Latest deploy log https://app.netlify.com/sites/otlio/deploys/63dab465f4ea670008108060
Deploy Preview https://deploy-preview-403--otlio.netlify.app/
Preview on mobile
Toggle QR Code...

QR Code

Use your smartphone camera to open QR code link.

To edit notification comments on pull requests, go to your Netlify site settings.