Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Merge main into 3.x #805

Merged
merged 12 commits into from
May 6, 2023
Merged

Merge main into 3.x #805

merged 12 commits into from
May 6, 2023

Conversation

cure53
Copy link
Owner

@cure53 cure53 commented May 6, 2023

See above

dependabot bot and others added 12 commits April 25, 2023 04:30
@dependabot
build(deps): bump yaml and xo
c123ca3 
Removes [yaml](https://github.com/eemeli/yaml). It's no longer used after updating ancestor dependency [xo](https://github.com/xojs/xo). These dependencies need to be updated together.


Removes `yaml`

Updates `xo` from 0.48.0 to 0.54.1
- [Release notes](https://github.com/xojs/xo/releases)
- [Commits](xojs/xo@v0.48.0...v0.54.1)

---
updated-dependencies:
- dependency-name: yaml
  dependency-type: indirect
- dependency-name: xo
  dependency-type: direct:development
...

Signed-off-by: dependabot[bot] <support@github.com>
@cure53
Merge pull request #794 from cure53/dependabot/npm_and_yarn/yaml-and-…
b49972b 
…xo--removed

build(deps): bump yaml and xo
@cure53
chore: fixed the tests after bumping xo and dropping yaml deps
60202c7
@SelfMadeSystem
Moved feDropShadow to the svg filter allowlist
d507666 
The reason it was there was because "If I remember correctly there was some mXSS risk connected to those", however I searched and couldn't find one (and neither could cure53 #573 (comment)) and so I change it back.
@cure53
Merge pull request #795 from SelfMadeSystem/patch-1
f3a5f0c 
Moved feDropShadow to the svg filter allowlist
@dejang
support TRUSTED_TYPES_POLICY configuration option
8dc24e4
@cure53
Merge pull request #800 from dejang/configurable-trusted-types-policy
bb04683 
support TRUSTED_TYPES_POLICY configuration option
@dejang
create internal trustedTypes policy only if not specified via config …
2377fc5 
…object
@dependabot
build(deps): bump engine.io and socket.io
8a2ca66 
Bumps [engine.io](https://github.com/socketio/engine.io) and [socket.io](https://github.com/socketio/socket.io). These dependencies needed to be updated together.

Updates `engine.io` from 6.2.1 to 6.4.2
- [Release notes](https://github.com/socketio/engine.io/releases)
- [Changelog](https://github.com/socketio/engine.io/blob/main/CHANGELOG.md)
- [Commits](socketio/engine.io@6.2.1...6.4.2)

Updates `socket.io` from 4.5.3 to 4.6.1
- [Release notes](https://github.com/socketio/socket.io/releases)
- [Changelog](https://github.com/socketio/socket.io/blob/main/CHANGELOG.md)
- [Commits](socketio/socket.io@4.5.3...4.6.1)

---
updated-dependencies:
- dependency-name: engine.io
  dependency-type: indirect
- dependency-name: socket.io
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>
@cure53
Merge pull request #803 from cure53/dependabot/npm_and_yarn/engine.io…
e7895b4 
…-and-socket.io-6.4.2

build(deps): bump engine.io and socket.io
@cure53
Merge pull request #801 from dejang/refactor-policy-creation-order
ad1bdd4 
create internal trustedTypes policy only if not specified via config object
@cure53
chore: preparing 3.0.3 release
ca67d37
@cure53 cure53 merged commit c70f8c5 into 3.x May 6, 2023
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@cure53 @SelfMadeSystem @dejang