Bump xss from 1.0.9 to 1.0.14 (#15115)
* Bump xss from 1.0.9 to 1.0.14 Bumps [xss](https://github.com/leizongmin/js-xss) from 1.0.9 to 1.0.14. - [Release notes](https://github.com/leizongmin/js-xss/releases) - [Changelog](https://github.com/leizongmin/js-xss/blob/master/CHANGELOG.md) - [Commits](https://github.com/leizongmin/js-xss/compare/v1.0.9...v1.0.14) --- updated-dependencies: - dependency-name: xss dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> * Use whitelist type from package Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Steve Repsher <steverep@users.noreply.github.com>
This commit is contained in:
parent
21f3eb9103
commit
e206e86fb3
|
@ -143,7 +143,7 @@
|
|||
"workbox-precaching": "^6.5.4",
|
||||
"workbox-routing": "^6.5.4",
|
||||
"workbox-strategies": "^6.5.4",
|
||||
"xss": "^1.0.9"
|
||||
"xss": "^1.0.14"
|
||||
},
|
||||
"devDependencies": {
|
||||
"@babel/core": "^7.20.2",
|
||||
|
|
|
@ -2,14 +2,10 @@
|
|||
import { expose } from "comlink";
|
||||
import { marked } from "marked";
|
||||
import "proxy-polyfill";
|
||||
import { filterXSS, getDefaultWhiteList } from "xss";
|
||||
import { filterXSS, getDefaultWhiteList, IWhiteList } from "xss";
|
||||
|
||||
interface WhiteList {
|
||||
[tag: string]: string[];
|
||||
}
|
||||
|
||||
let whiteListNormal: WhiteList | undefined;
|
||||
let whiteListSvg: WhiteList | undefined;
|
||||
let whiteListNormal: IWhiteList | undefined;
|
||||
let whiteListSvg: IWhiteList | undefined;
|
||||
|
||||
// Override the default `onTagAttr` behavior to only render
|
||||
// our markdown checkboxes.
|
||||
|
@ -43,7 +39,7 @@ const renderMarkdown = (
|
|||
): string => {
|
||||
if (!whiteListNormal) {
|
||||
whiteListNormal = {
|
||||
...(getDefaultWhiteList() as WhiteList),
|
||||
...getDefaultWhiteList(),
|
||||
input: ["type", "disabled", "checked"],
|
||||
"ha-icon": ["icon"],
|
||||
"ha-svg-icon": ["path"],
|
||||
|
@ -51,7 +47,7 @@ const renderMarkdown = (
|
|||
};
|
||||
}
|
||||
|
||||
let whiteList: WhiteList | undefined;
|
||||
let whiteList: IWhiteList | undefined;
|
||||
|
||||
if (hassOptions.allowSvg) {
|
||||
if (!whiteListSvg) {
|
||||
|
|
10
yarn.lock
10
yarn.lock
|
@ -9475,7 +9475,7 @@ fsevents@^1.2.7:
|
|||
workbox-precaching: ^6.5.4
|
||||
workbox-routing: ^6.5.4
|
||||
workbox-strategies: ^6.5.4
|
||||
xss: ^1.0.9
|
||||
xss: ^1.0.14
|
||||
languageName: unknown
|
||||
linkType: soft
|
||||
|
||||
|
@ -16608,15 +16608,15 @@ typescript@^3.8.3:
|
|||
languageName: node
|
||||
linkType: hard
|
||||
|
||||
"xss@npm:^1.0.9":
|
||||
version: 1.0.9
|
||||
resolution: "xss@npm:1.0.9"
|
||||
"xss@npm:^1.0.14":
|
||||
version: 1.0.14
|
||||
resolution: "xss@npm:1.0.14"
|
||||
dependencies:
|
||||
commander: ^2.20.3
|
||||
cssfilter: 0.0.10
|
||||
bin:
|
||||
xss: bin/xss
|
||||
checksum: fdb5e60e51be4edd3a694f92a910f3cd55e3d4746fcf53133863e4d40572c9b4ab1ce8e0011645c776c61f86c5a2ff9fc3e02554766e987bc0bf27d16cd3b407
|
||||
checksum: 77c6a60a5f96490098ef837c3b49321c0f31963f323c748cb0a01bc02fc6e465a6accbe4c54cad62f8d6ffe647d984be173879433af861883f6213d9416d3f53
|
||||
languageName: node
|
||||
linkType: hard
|
||||
|
||||
|
|
Loading…
Reference in New Issue