Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[BUMP] Update dependency @xmldom/xmldom to ^0.8.0 (api) #6529

Closed
wants to merge 1 commit into from
Closed

[BUMP] Update dependency @xmldom/xmldom to ^0.8.0 (api) #6529

wants to merge 1 commit into from

Conversation

renovate[bot]
Copy link
Contributor

@renovate renovate bot commented Jul 5, 2023

Mend Renovate

This PR contains the following updates:

Package Change Age Adoption Passing Confidence
@xmldom/xmldom ^0.7.5 -> ^0.8.0 age adoption passing confidence

Release Notes

xmldom/xmldom (@​xmldom/xmldom)

v0.8.8

Compare Source

Fixed
  • extend list of HTML entities #489

Thank you, @​zorkow, for your contributions

v0.8.7

Compare Source

Fixed
  • properly parse closing where the last attribute has no value #485 / #486

Thank you, @​bulandent, for your contributions

v0.8.6

Compare Source

Fixed
  • Properly check nodes before replacement #457 / #455 / #456

Thank you, @​edemaine, @​pedro-l9, for your contributions

v0.8.5

Compare Source

Fixed
  • fix: Restore ES5 compatibility #452 / #453

Thank you, @​fengxinming, for your contributions

v0.8.4

Compare Source

Fixed
  • Security: Prevent inserting DOM nodes when they are not well-formed CVE-2022-39353
    In case such a DOM would be created, the part that is not well-formed will be transformed into text nodes, in which xml specific characters like < and > are encoded accordingly.
    In the upcoming version 0.9.0 those text nodes will no longer be added and an error will be thrown instead.
    This change can break your code, if you relied on this behavior, e.g. multiple root elements in the past. We consider it more important to align with the specs that we want to be aligned with, considering the potential security issues that might derive from people not being aware of the difference in behavior.
    Related Spec: https://dom.spec.whatwg.org/#concept-node-ensure-pre-insertion-validity

Thank you, @​frumioj, @​cjbarth, @​markgollnick for your contributions

v0.8.3

Compare Source

Fixed
  • Avoid iterating over prototype properties #437 / #436

Thank you, @​Supraja9726 for your contributions

v0.8.2

Compare Source

Fixed
  • fix(dom): Serialize &gt; as specified (#​395) #58
Other
  • docs: Add nodeType values to public interface description #396
  • test: Add executable examples for node and typescript #317
  • fix(dom): Serialize &gt; as specified #395
  • chore: Add minimal Object.assign ponyfill #379
  • docs: Refine release documentation #378
  • chore: update various dev dependencies

Thank you @​niklasl, @​cburatto, @​SheetJSDev, @​pyrsmk for your contributions

v0.8.1

Compare Source

Fixes
  • Only use own properties in entityMap #374
Docs
  • Add security policy #365
  • changelog: Correct contributor name and link #366
  • Describe release/publish steps #358, #376
  • Add snyk package health badge #360

v0.8.0

Compare Source

Fixed
  • Normalize all line endings according to XML specs 1.0 and 1.1
    BREAKING CHANGE: Certain combination of line break characters are normalized to a single \n before parsing takes place and will no longer be preserved.
  • XMLSerializer: Preserve whitespace character references #284 / #310
    BREAKING CHANGE: If you relied on the not spec compliant preservation of literal \t, \n or \r in attribute values.
    To preserve those you will have to create XML that instead contains the correct numerical (or hexadecimal) equivalent (e.g. &#x9;, &#xA;, &#xD;).
  • Drop deprecated exports DOMImplementation and XMLSerializer from lib/dom-parser.js #​53 / #309
    BREAKING CHANGE: Use the one provided by the main package export.
  • dom: Remove all links as part of removeChild #343 / #355
Chore
  • ci: Restore latest tested node version to 16.x #325
  • ci: Split test and lint steps into jobs #111 / #304
  • Pinned and updated devDependencies

Thank you @​marrus-sh, @​victorandree, @​mdierolf, @​tsabbay, @​fatihpense for your contributions

Configuration

📅 Schedule: Branch creation - "every 1 hour every weekday" (UTC), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

Rebasing: Never, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.

  • If you want to rebase/retry this PR, check this box

This PR has been generated by Mend Renovate. View repository job log here.

@renovate renovate bot added the dependencies Pull requests that update a dependency file label Jul 5, 2023
@pix-bot-github
Copy link

Une fois les applications déployées, elles seront accessibles via les liens suivants :

Les variables d'environnement seront accessibles via les liens suivants :

@renovate
Copy link
Contributor Author

renovate bot commented Jul 5, 2023
edited

Renovate Ignore Notification

Because you closed this PR without merging, Renovate will ignore this update (^0.8.0). You will get a PR once a newer version is released. To ignore this dependency forever, add it to the ignoreDeps array of your Renovate config.

If you accidentally closed this PR, or if you changed your mind: rename this PR to get a fresh replacement PR.

@renovate renovate bot deleted the renovate/api-xmldom-xmldom-0.x branch July 5, 2023 13:47
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
dependencies Pull requests that update a dependency file
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
2 participants
@pix-bot-github @francois2metz