| commit | 9cc4fe1c5e9a5266708e9cf9db30734527e62eaa | [log] [tgz] |
|---|---|---|
| author | dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> | Fri Sep 19 12:52:30 2025 +0200 |
| committer | GitHub <noreply@github.com> | Fri Sep 19 12:52:30 2025 +0200 |
| tree | 7d58a879e3556468e7b30dc7364c1ba0e5ef779b | |
| parent | 8b4f62242f8060a04a552d14056f314cf3ef7cee [diff] |
Bump dompurify from 3.2.6 to 3.2.7 in /themes/common-theme/webapp/common-theme/js (#911) Bumps [dompurify](https://github.com/cure53/DOMPurify) from 3.2.6 to 3.2.7. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/cure53/DOMPurify/releases">dompurify's releases</a>.</em></p> <blockquote> <h2>DOMPurify 3.2.7</h2> <ul> <li>Added new attributes and elements to default allow-list, thanks <a href="https://github.com/elrion018"><code>@elrion018</code></a></li> <li>Added <code>tagName</code> parameter to custom element <code>attributeNameCheck</code>, thanks <a href="https://github.com/nelstrom"><code>@nelstrom</code></a></li> <li>Added better check for animated <code>href</code> attributes, thanks <a href="https://github.com/llamakko"><code>@llamakko</code></a></li> <li>Updated and improved the bundled types, thanks <a href="https://github.com/ssi02014"><code>@ssi02014</code></a></li> <li>Updated several tests to better align with new browser encoding behaviors</li> <li>Improved the handling of potentially risky content inside CDATA elements, thanks <a href="https://github.com/securityMB"><code>@securityMB</code></a> & <a href="https://github.com/terjanq"><code>@terjanq</code></a></li> <li>Improved the regular expression for raw-text elements to cover textareas, thanks <a href="https://github.com/securityMB"><code>@securityMB</code></a> & <a href="https://github.com/terjanq"><code>@terjanq</code></a></li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/cure53/DOMPurify/commit/eaa0bdb26a1d0164af587d9059b98269008faece"><code>eaa0bdb</code></a> Merge pull request <a href="https://redirect.github.com/cure53/DOMPurify/issues/1144">#1144</a> from cure53/main</li> <li><a href="https://github.com/cure53/DOMPurify/commit/f712593118c158c0daaf16527d804c84c96f4ce5"><code>f712593</code></a> fix: removed a possibly dossy regex</li> <li><a href="https://github.com/cure53/DOMPurify/commit/eb9b3b68747fa2cf99629c6b764a14c041f96c23"><code>eb9b3b6</code></a> Merge branch 'main' of github.com:cure53/DOMPurify</li> <li><a href="https://github.com/cure53/DOMPurify/commit/ce006f705cfa16836271d2d92cf0f57487361ac6"><code>ce006f7</code></a> chore: Preparing 3.2.7 release</li> <li><a href="https://github.com/cure53/DOMPurify/commit/ef0e0cb6eb8bdee8ed9651b7340226136287aac1"><code>ef0e0cb</code></a> chore: Preparing 3.2.6 release</li> <li><a href="https://github.com/cure53/DOMPurify/commit/2f09cd3c8ed58906e5cd12e9bebc15c60fd48c4c"><code>2f09cd3</code></a> Update README.md</li> <li><a href="https://github.com/cure53/DOMPurify/commit/6a795bcf3e67712f481e8b32616e218d5a389cc3"><code>6a795bc</code></a> Merge pull request <a href="https://redirect.github.com/cure53/DOMPurify/issues/1142">#1142</a> from cure53/dependabot/github_actions/actions/setup-...</li> <li><a href="https://github.com/cure53/DOMPurify/commit/2458bbdfcaf9b77423ef5e201a435f98ab229355"><code>2458bbd</code></a> build(deps): bump actions/setup-node from 4 to 5</li> <li><a href="https://github.com/cure53/DOMPurify/commit/e43d3f354861f273852d16f35359f529199dc104"><code>e43d3f3</code></a> Merge pull request <a href="https://redirect.github.com/cure53/DOMPurify/issues/1136">#1136</a> from cure53/dependabot/github_actions/actions/checko...</li> <li><a href="https://github.com/cure53/DOMPurify/commit/6f5be37ee02c145b30ca58b1c57264b1b84b99ff"><code>6f5be37</code></a> build(deps): bump actions/checkout from 4 to 5</li> <li>Additional commits viewable in <a href="https://github.com/cure53/DOMPurify/compare/3.2.6...3.2.7">compare view</a></li> </ul> </details> <br /> [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>