[Snyk] Upgrade dompurify from 2.2.2 to 2.2.3 by snyk-bot · Pull Request #1457 · docsifyjs/docsify
Snyk has created this PR to upgrade dompurify from 2.2.2 to 2.2.3.
ℹ️ Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.
- The recommended version is 1 version ahead of your current version.
- The recommended version was released 21 days ago, on 2020-12-07.
Release notes
Package name: dompurify
-
2.2.3 - 2020-12-07
- Fixed an mXSS issue reported by PewGrand
- Fixed a minor issue with the license header
- Fixed a problem with overly-eager CSS stripping
- Updated the README and removed an XSS warning
-
2.2.2 - 2020-11-02
- Fixed an mXSS bypass dropped on us publicly via #482
- Fixed an mXSS variation that was reported privately short after
- Added dialog to permitted elements list
- Fixed a small typo in the README
Commit messages
Package name: dompurify
- e7086f7 chore: prepared 2.2.3 release
- 0c2edea fix: addressed an mXSS problem caused by nested headlines
- 2c0017c see docs language russian #490
- feeeaa9 docs: Changed granlem's URL
- 042dac1 docs: added a fellow sponsor to the README
- 89fee39 Fix Adding Spanish #489
- 66de7be Merge branch 'main' of git@github.com:cure53/DOMPurify.git into main
- 185abbb Merge pull request 是否能在Cli中加入像Hexo那样生成静态HTML的功能? #488 from jochenberger/patch-2
- 9dd85f4 Fix multi-license declaration
- 77d1281 Merge branch 'main' of git@github.com:cure53/DOMPurify.git into main
- 4aacbcd Merge pull request Question about "General Tips" #483 from yejiel/patch-1
- 25b269f Update license Header to match current Version
- b84f6ba fix: oh dear, reverted the code removal
- 4c8a84c chore: experimentally removed some possibly redundant mXSS check
Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.
For more information:
🔕 Ignore this dependency or unsubscribe from future upgrade PRs