Commit 7ad21d90 authored by Igor Drozdov's avatar Igor Drozdov

Upgrade mermaid js library

It contains multiple security fixes

Changelog: security
parent 4ac4918b
...@@ -50,7 +50,7 @@ RSpec.describe "User comments on issue", :js do ...@@ -50,7 +50,7 @@ RSpec.describe "User comments on issue", :js do
add_note(comment) add_note(comment)
expect(page.find('svg.mermaid')).to have_content html_content expect(page.find('svg.mermaid')).not_to have_content 'javascript'
within('svg.mermaid') { expect(page).not_to have_selector('img') } within('svg.mermaid') { expect(page).not_to have_selector('img') }
end end
......
...@@ -4922,12 +4922,7 @@ domhandler@^4.0.0, domhandler@^4.2.0: ...@@ -4922,12 +4922,7 @@ domhandler@^4.0.0, domhandler@^4.2.0:
dependencies: dependencies:
domelementtype "^2.2.0" domelementtype "^2.2.0"
dompurify@2.3.3: dompurify@2.3.4, dompurify@^2.3.4:
version "2.3.3"
resolved "https://registry.yarnpkg.com/dompurify/-/dompurify-2.3.3.tgz#c1af3eb88be47324432964d8abc75cf4b98d634c"
integrity sha512-dqnqRkPMAjOZE0FogZ+ceJNM2dZ3V/yNOuFB7+39qpO93hHhfRpHw3heYQC7DPK9FqbQTfBKUJhiSfz4MvXYwg==
dompurify@^2.3.4:
version "2.3.4" version "2.3.4"
resolved "https://registry.yarnpkg.com/dompurify/-/dompurify-2.3.4.tgz#1cf5cf0105ccb4debdf6db162525bd41e6ddacc6" resolved "https://registry.yarnpkg.com/dompurify/-/dompurify-2.3.4.tgz#1cf5cf0105ccb4debdf6db162525bd41e6ddacc6"
integrity sha512-6BVcgOAVFXjI0JTjEvZy901Rghm+7fDQOrNIcxB4+gdhj6Kwp6T9VBhBY/AbagKHJocRkDYGd6wvI+p4/10xtQ== integrity sha512-6BVcgOAVFXjI0JTjEvZy901Rghm+7fDQOrNIcxB4+gdhj6Kwp6T9VBhBY/AbagKHJocRkDYGd6wvI+p4/10xtQ==
...@@ -8469,16 +8464,16 @@ merge2@^1.3.0: ...@@ -8469,16 +8464,16 @@ merge2@^1.3.0:
resolved "https://registry.yarnpkg.com/merge2/-/merge2-1.4.1.tgz#4368892f885e907455a6fd7dc55c0c9d404990ae" resolved "https://registry.yarnpkg.com/merge2/-/merge2-1.4.1.tgz#4368892f885e907455a6fd7dc55c0c9d404990ae"
integrity sha512-8q7VEgMJW4J8tcfVPy8g09NcQwZdbwFEqhe/WZkoIzjn/3TGDwtOCYtXGxA3O8tPzpczCCDgv+P2P5y00ZJOOg== integrity sha512-8q7VEgMJW4J8tcfVPy8g09NcQwZdbwFEqhe/WZkoIzjn/3TGDwtOCYtXGxA3O8tPzpczCCDgv+P2P5y00ZJOOg==
mermaid@^8.13.4: mermaid@^8.13.8:
version "8.13.4" version "8.13.8"
resolved "https://registry.yarnpkg.com/mermaid/-/mermaid-8.13.4.tgz#924cb85f39380285e0a99f245c66cfa61014a2e1" resolved "https://registry.yarnpkg.com/mermaid/-/mermaid-8.13.8.tgz#fc137e2a59df34a3e053712033833ffbbc8d84a9"
integrity sha512-zdWtsXabVy1PEAE25Jkm4zbTDlQe8rqNlTMq2B3j+D+NxDskJEY5OsgalarvNLsw+b5xFa1a8D1xcm/PijrDow== integrity sha512-Z5v31rvo8P7BPTiGicdJl9BbzyUe9s5sXILK8sM1g7ijkagpfFjPtXZVsq5P1WlN8m/fUp2PPNXVF9SqeTM91w==
dependencies: dependencies:
"@braintree/sanitize-url" "^3.1.0" "@braintree/sanitize-url" "^3.1.0"
d3 "^7.0.0" d3 "^7.0.0"
dagre "^0.8.5" dagre "^0.8.5"
dagre-d3 "^0.6.4" dagre-d3 "^0.6.4"
dompurify "2.3.3" dompurify "2.3.4"
graphlib "^2.1.8" graphlib "^2.1.8"
khroma "^1.4.1" khroma "^1.4.1"
moment-mini "^2.24.0" moment-mini "^2.24.0"
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment