github.com/verdaccio
1
0
Fork 0
mirror of https://github.com/verdaccio/verdaccio.git synced 2025-02-21 07:29:37 +01:00
Code Releases Wiki Activity

fix(deps): update dependency dompurify to v3.2.3 (master) (#5064)

Browse Source 
* fix(deps): update dependency dompurify to v3.2.3

* fix dep

* Update utils.ts

---------

Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: Juan Picado <juanpicado19@gmail.com>
This commit is contained in:
renovate[bot] 2025-01-28 22:50:54 +01:00 committed by GitHub
parent 71a0b06e31
commit 9d91368b46
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
4 changed files with 46 additions and 172 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
packages/plugins/ui-theme/package.json
View File

@ -36,7 +36,7 @@
"country-flag-icons": "1.5.14",
"css-loader": "6.11.0",
"dayjs": "1.11.13",
"dompurify": "3.1.6",
"dompurify": "3.2.3",
"friendly-errors-webpack-plugin": "1.7.0",
"harmony-reflect": "1.6.2",
"highlight.js": "11.11.1",
@ -50,7 +50,7 @@
"lodash": "4.17.21",
"marked": "15.0.6",
"mini-css-extract-plugin": "2.7.7",
"msw": "0.49.3",
"msw": "2.7.0",
"mutationobserver-shim": "0.3.7",
"node-mocks-http": "1.14.1",
"normalize.css": "8.0.1",

2
packages/ui-components/package.json
View File

@ -34,7 +34,7 @@
"@rematch/persist": "2.1.2",
"country-flag-icons": "1.5.14",
"dayjs": "1.11.13",
"dompurify": "3.1.6",
"dompurify": "3.2.3",
"highlight.js": "11.11.1",
"history": "4.10.1",
"i18next": "20.6.1",

4
packages/ui-components/src/components/Readme/utils.ts
View File

@ -1,4 +1,4 @@
import * as DOMPurify from 'dompurify';
import DOMPurify from 'dompurify';
import { Marked } from 'marked';
import { markedHighlight } from 'marked-highlight';
@ -22,5 +22,5 @@ marked.setOptions({
export function parseReadme(readme: string): string | void {
const html = marked.parse(readme);
return DOMPurify.sanitize(html);
return DOMPurify.sanitize(html as string);
}

208
pnpm-lock.yaml generated
View File

@ -1247,8 +1247,8 @@ importers:
specifier: 1.11.13
version: 1.11.13
dompurify:
specifier: 3.1.6
version: 3.1.6
specifier: 3.2.3
version: 3.2.3
friendly-errors-webpack-plugin:
specifier: 1.7.0
version: 1.7.0(webpack@5.97.1)
@ -1289,8 +1289,8 @@ importers:
specifier: 2.7.7
version: 2.7.7(webpack@5.97.1)
msw:
specifier: 0.49.3
version: 0.49.3(typescript@5.3.3)
specifier: 2.7.0
version: 2.7.0(@types/node@20.14.12)(typescript@5.3.3)
mutationobserver-shim:
specifier: 0.3.7
version: 0.3.7
@ -1939,8 +1939,8 @@ importers:
specifier: 1.11.13
version: 1.11.13
dompurify:
specifier: 3.1.6
version: 3.1.6
specifier: 3.2.3
version: 3.2.3
highlight.js:
specifier: 11.11.1
version: 11.11.1
@ -7422,30 +7422,6 @@ packages:
- encoding
dev: false
/@mswjs/cookies@0.2.2:
resolution: {integrity: sha512-mlN83YSrcFgk7Dm1Mys40DLssI1KdJji2CMKN8eOlBqsTADYzj2+jWzsANsUTFbxDMWPD5e9bfA1RGqBpS3O1g==}
engines: {node: '>=14'}
dependencies:
'@types/set-cookie-parser': 2.4.2
set-cookie-parser: 2.6.0
dev: true
/@mswjs/interceptors@0.17.9:
resolution: {integrity: sha512-4LVGt03RobMH/7ZrbHqRxQrS9cc2uh+iNKSj8UWr8M26A2i793ju+csaB5zaqYltqJmA2jUq4VeYfKmVqvsXQg==}
engines: {node: '>=14'}
dependencies:
'@open-draft/until': 1.0.3
'@types/debug': 4.1.12
'@xmldom/xmldom': 0.8.7
debug: 4.4.0(supports-color@5.5.0)
headers-polyfill: 3.1.2
outvariant: 1.4.0
strict-event-emitter: 0.2.8
web-encoding: 1.1.5
transitivePeerDependencies:
- supports-color
dev: true
/@mswjs/interceptors@0.37.5:
resolution: {integrity: sha512-AAwRb5vXFcY4L+FvZ7LZusDuZ0vEe0Zm8ohn1FM6/X7A3bj4mqmkAcGRWuvC2JwSygNwHAAmMnAI73vPHeqsHA==}
engines: {node: '>=18'}
@ -8364,10 +8340,6 @@ packages:
outvariant: 1.4.3
dev: true
/@open-draft/until@1.0.3:
resolution: {integrity: sha512-Aq58f5HiWdyDlFffbbSjAlv596h/cOnt2DO1w3DOC7OJ5EHs0hd/nycJfiu9RJbT6Yk6F1knnRRXNSpxoIVZ9Q==}
dev: true
/@open-draft/until@2.1.0:
resolution: {integrity: sha512-U69T3ItWHvLwGg5eJ0n3I62nWuE6ilHlmz7zM0npLBRvPRd7e6NYmg54vvRtP5mZG7kZqZCFVdsTWo7BPtBujg==}
dev: true
@ -9808,10 +9780,6 @@ packages:
dependencies:
'@types/node': 20.14.12
/@types/cookie@0.4.1:
resolution: {integrity: sha512-XW/Aa8APYr6jSVVA1y/DEIZX0/GMKLEVekNG727R8cs56ahETkRAy/3DR7+fJyh7oUgGwNQaRfXCun0+KbWY7Q==}
dev: true
/@types/cookie@0.6.0:
resolution: {integrity: sha512-4Kh9a6B2bQciAhf7FSuMRRkUWecJgJu9nPnx3yzpsfXX/c50REIqpHY4C82bXP90qrLtXtkDxTZosYO3UpOwlA==}
dev: true
@ -10140,10 +10108,6 @@ packages:
pretty-format: 29.7.0
dev: true
/@types/js-levenshtein@1.1.1:
resolution: {integrity: sha512-qC4bCqYGy1y/NP7dDVr7KJarn+PbX1nSpwA7JXdu0HxT3QYjO8MJ+cntENtHFVy2dRAyBV23OZ6MxsW1AM1L8g==}
dev: true
/@types/json-schema@7.0.15:
resolution: {integrity: sha512-5+fP8P8MFNC+AyZCDxrB2pkZFPGzqQWUzpSeuuVLvm8VMcorNYavBqoFcxK8bQz4Qsbn4oUEEem4wDLfcysGHA==}
@ -10393,12 +10357,6 @@ packages:
'@types/node': 20.14.12
'@types/send': 0.17.4
/@types/set-cookie-parser@2.4.2:
resolution: {integrity: sha512-fBZgytwhYAUkj/jC/FAV4RQ5EerRup1YQsXQCh8rZfiHkc4UahC192oH0smGwsXol3cL3A5oETuAHeQHmhXM4w==}
dependencies:
'@types/node': 20.14.12
dev: true
/@types/sinonjs__fake-timers@8.1.1:
resolution: {integrity: sha512-0kSuKjAS0TrGLJ0M/+8MaFkGsQhZpB6pxOmvS3K8FYI72K//YmdfoW9X2qPsAKh1mkwxGD5zib9s1FIFed6E8g==}
dev: true
@ -10450,7 +10408,6 @@ packages:
/@types/trusted-types@2.0.7:
resolution: {integrity: sha512-ScaPdn1dQczgbl0QFTeTOmVHFULt394XJgOQNoyVhZ6r2vLnMLJfBPd53SB52T/3G36VI1/g2MZaX0cwDuXsfw==}
requiresBuild: true
dev: false
optional: true
/@types/unist@2.0.6:
@ -11077,11 +11034,6 @@ packages:
webpack-cli: 4.10.0(webpack-bundle-analyzer@4.10.2)(webpack-dev-server@3.11.3)(webpack@5.97.1)
webpack-dev-server: 3.11.3(webpack-cli@4.10.0)(webpack@5.97.1)
/@xmldom/xmldom@0.8.7:
resolution: {integrity: sha512-sI1Ly2cODlWStkINzqGrZ8K6n+MTSbAeQnAipGyL+KZCXuHaRlj2gyyy8B/9MvsFFqN7XHryQnB2QwhzvJXovg==}
engines: {node: '>=10.0.0'}
dev: true
/@xtuc/ieee754@1.2.0:
resolution: {integrity: sha512-DX8nKgqcGwsc0eJSqYt5lwP4DH5FlHnmuWWBRy7X0NcaGR0ZtuyeESgMwTYVEtxmsNGY+qit4QYT/MIYTOTPeA==}
@ -11106,12 +11058,6 @@ packages:
hasBin: true
dev: false
/@zxing/text-encoding@0.9.0:
resolution: {integrity: sha512-U/4aVJ2mxI0aDNI8Uq0wEhMgY+u4CNtEb0om3+y3+niDAsoTCOB33UF0sxpzqzdqXLqmvc+vZyAt4O8pPdfkwA==}
requiresBuild: true
dev: true
optional: true
/JSONStream@1.3.5:
resolution: {integrity: sha512-E+iruNOY8VV9s4JEbe1aNEm6MiszPRr/UfcHMz0TQh1BXSxHK+ASV1R6W4HpjBhSeS+54PIsAMCBmwD06LLsqQ==}
hasBin: true
@ -12450,14 +12396,6 @@ packages:
supports-color: 7.2.0
dev: true
/chalk@4.1.1:
resolution: {integrity: sha512-diHzdDKxcU+bAsUboHLPEDQiw0qEe0qd7SYUn3HgcFlWgbDcfLGswOHYeGrHKzG9z6UYf01d9VFMfZxPM1xZSg==}
engines: {node: '>=10'}
dependencies:
ansi-styles: 4.3.0
supports-color: 7.2.0
dev: true
/chalk@4.1.2:
resolution: {integrity: sha512-oKnbhFyRIXpUuez8iBMmyEa4nbj4IOQyuhc/wy9kY7/WVPcwIO9VA668Pu8RkO7+0G76SLROeyw9CpQ061i4mA==}
engines: {node: '>=10'}
@ -13039,11 +12977,6 @@ packages:
/cookie-signature@1.0.6:
resolution: {integrity: sha512-QADzlaHc8icV8I7vbaJXJwod9HWYp8uCqf1xa4OfNu1T7JVxQIrUgOWtHdNDtPiywmFbiS12VjotIXLrKM3orQ==}
/cookie@0.4.2:
resolution: {integrity: sha512-aSWTXFzaKWkvHO1Ny/s+ePFpvKsPnjc551iI41v3ny/ow6tBG5Vd+FuqGNhh1LxOmVzOlGUriIlOaokOvhaStA==}
engines: {node: '>= 0.6'}
dev: true
/cookie@0.5.0:
resolution: {integrity: sha512-YZ3GUyn/o8gfKJlnlX7g7xq4gyO6OSuhGPKaaGssGB2qgDUS0gPgtTvoyZLTt9Ab6dC4hfc9dV5arkvc/OCmrw==}
engines: {node: '>= 0.6'}
@ -14488,14 +14421,10 @@ packages:
dependencies:
domelementtype: 2.3.0
/dompurify@3.1.6:
resolution: {integrity: sha512-cTOAhc36AalkjtBpfG6O8JimdTMWNXjiePT2xQH/ppBGi/4uIpmj8eKyIkMJErXWARyINV/sB38yf8JCLF5pbQ==}
/dompurify@3.2.3:
resolution: {integrity: sha512-U1U5Hzc2MO0oW3DF+G9qYN0aT7atAou4AgI0XjWz061nyBPbdxkfdhfy5uMgGn6+oLFCfn44ZGbdDqCzVmlOWA==}
optionalDependencies:
'@types/trusted-types': 2.0.7
dev: false
/domutils@2.8.0:
resolution: {integrity: sha512-w96Cjofp72M5IIhpjgobBimYEfoPjx1Vx0BSX9P30WBdZW2WIKU0T1Bd0kz2eNZ9ikjKgHbEyKx8BB6H1L3h3A==}
@ -16488,11 +16417,6 @@ packages:
engines: {node: ^12.22.0 || ^14.16.0 || ^16.0.0 || >=17.0.0}
dev: true
/graphql@16.6.0:
resolution: {integrity: sha512-KPIBPDlW7NxrbT/eh4qPXz5FiFdL5UbaA0XUNz2Rp3Z3hqBSkbj0GVjwFDztsWVauZUWsbKHgMg++sk8UX0bkw==}
engines: {node: ^12.22.0 || ^14.16.0 || ^16.0.0 || >=17.0.0}
dev: true
/gray-matter@4.0.3:
resolution: {integrity: sha512-5v6yZd4JK3eMI3FqqCouswVqwugaA9r4dNZB1wwcmrD02QkV5H0y7XBQW8QwQqEaZY1pM9aqORSORhJRdNK44Q==}
engines: {node: '>=6.0'}
@ -16739,10 +16663,6 @@ packages:
resolution: {integrity: sha512-F/1DnUGPopORZi0ni+CvrCgHQ5FyEAHRLSApuYWMmrbSwoN2Mn/7k+Gl38gJnR7yyDZk6WLXwiGod1JOWNDKGw==}
hasBin: true
/headers-polyfill@3.1.2:
resolution: {integrity: sha512-tWCK4biJ6hcLqTviLXVR9DTRfYGQMXEIUj3gwJ2rZ5wO/at3XtkI4g8mCvFdUF9l1KMBNCfmNAdnahm1cgavQA==}
dev: true
/headers-polyfill@4.0.3:
resolution: {integrity: sha512-IScLbePpkvO846sIwOtOTDjutRMWdXdJmXdMvk6gCBHxFO8d+QKOQedyZSxFTTFYRSmlgSTDtXqqq4pcenBXLQ==}
dev: true
@ -18353,11 +18273,6 @@ packages:
/js-base64@3.7.7:
resolution: {integrity: sha512-7rCnleh0z2CkXhH67J8K1Ytz0b2Y+yxTPL+/KOJoa20hfnVQ/3/T6W/KflYI4bRHRagNeXeU2bkNGI3v1oS/lw==}
/js-levenshtein@1.1.6:
resolution: {integrity: sha512-X2BB11YZtrRqY4EnQcLX5Rh373zbK4alC1FW7D7MBhL2gtcC17cTnr6DmfHZeS0s2rTHjUTMMHfG7gO8SSdw+g==}
engines: {node: '>=0.10.0'}
dev: true
/js-tokens@4.0.0:
resolution: {integrity: sha512-RdJUflcE3cUzKiMqQgsCu06FPu9UdIJO0beYbPhHN4k6apgJtifcoCtT9bcxOpYBtpD2kCM6Sbzg4CausW/PKQ==}
@ -20263,42 +20178,6 @@ packages:
msw: 2.7.0(@types/node@20.14.12)(typescript@4.9.5)
dev: true
/msw@0.49.3(typescript@5.3.3):
resolution: {integrity: sha512-kRCbDNbNnRq5LC1H/NUceZlrPAvSrMH6Or0mirIuH69NY84xwDruPn/hkXTovIK1KwDwbk+ZdoSyJlpiekLxEA==}
engines: {node: '>=14'}
hasBin: true
requiresBuild: true
peerDependencies:
typescript: '>= 4.4.x <= 4.9.x'
peerDependenciesMeta:
typescript:
optional: true
dependencies:
'@mswjs/cookies': 0.2.2
'@mswjs/interceptors': 0.17.9
'@open-draft/until': 1.0.3
'@types/cookie': 0.4.1
'@types/js-levenshtein': 1.1.1
chalk: 4.1.1
chokidar: 3.5.3
cookie: 0.4.2
graphql: 16.6.0
headers-polyfill: 3.1.2
inquirer: 8.2.5
is-node-process: 1.2.0
js-levenshtein: 1.1.6
node-fetch: 2.6.7
outvariant: 1.4.0
path-to-regexp: 6.2.1
strict-event-emitter: 0.4.6
type-fest: 2.19.0
typescript: 5.3.3
yargs: 17.7.1
transitivePeerDependencies:
- encoding
- supports-color
dev: true
/msw@2.7.0(@types/node@20.14.12)(typescript@4.9.5):
resolution: {integrity: sha512-BIodwZ19RWfCbYTxWTUfTXc+sg4OwjCAgxU1ZsgmggX/7S3LdUifsbUPJs61j0rWb19CZRGY5if77duhc0uXzw==}
engines: {node: '>=18'}
@ -20333,6 +20212,40 @@ packages:
- '@types/node'
dev: true
/msw@2.7.0(@types/node@20.14.12)(typescript@5.3.3):
resolution: {integrity: sha512-BIodwZ19RWfCbYTxWTUfTXc+sg4OwjCAgxU1ZsgmggX/7S3LdUifsbUPJs61j0rWb19CZRGY5if77duhc0uXzw==}
engines: {node: '>=18'}
hasBin: true
requiresBuild: true
peerDependencies:
typescript: '>= 4.8.x'
peerDependenciesMeta:
typescript:
optional: true
dependencies:
'@bundled-es-modules/cookie': 2.0.1
'@bundled-es-modules/statuses': 1.0.1
'@bundled-es-modules/tough-cookie': 0.1.6
'@inquirer/confirm': 5.1.2(@types/node@20.14.12)
'@mswjs/interceptors': 0.37.5
'@open-draft/deferred-promise': 2.2.0
'@open-draft/until': 2.1.0
'@types/cookie': 0.6.0
'@types/statuses': 2.0.5
graphql: 16.10.0
headers-polyfill: 4.0.3
is-node-process: 1.2.0
outvariant: 1.4.3
path-to-regexp: 6.3.0
picocolors: 1.1.1
strict-event-emitter: 0.5.1
type-fest: 4.32.0
typescript: 5.3.3
yargs: 17.7.2
transitivePeerDependencies:
- '@types/node'
dev: true
/multicast-dns-service-types@1.1.0:
resolution: {integrity: sha512-cnAsSVxIDsYt0v7HmC0hWZFwwXSh+E6PgCrREDuN/EsjgLwA5XRmlMHhSiDPrt6HxY1gTivEa/Zh7GtODoLevQ==}
@ -20430,7 +20343,7 @@ packages:
'@sinonjs/fake-timers': 11.2.2
'@sinonjs/text-encoding': 0.7.2
just-extend: 6.2.0
path-to-regexp: 6.2.1
path-to-regexp: 6.3.0
dev: true
/no-case@3.0.4:
@ -21505,10 +21418,6 @@ packages:
resolution: {integrity: sha512-/jHxFIzoMXdqPzTaCpFzAAWhpkSjZPF4Vsn6jAfNpmbH/ymsmd7Qc6VE9BGn0L6YMj6uwpQLxCECpus4ukKS9Q==}
dev: true
/outvariant@1.4.0:
resolution: {integrity: sha512-AlWY719RF02ujitly7Kk/0QlV+pXGFDHrHf9O2OKqyqgBieaPOIeuSkL8sRK6j2WK+/ZAURq2kZsY0d8JapUiw==}
dev: true
/outvariant@1.4.3:
resolution: {integrity: sha512-+Sl2UErvtsoajRDKCE5/dBz4DIvHXQQnAxtQTF04OJxY0+DyZXSo5P5Bb7XYWOh81syohlYL24hbDwxedPUJCA==}
dev: true
@ -21842,10 +21751,6 @@ packages:
/path-to-regexp@3.3.0:
resolution: {integrity: sha512-qyCH421YQPS2WFDxDjftfc1ZR5WKQzVzqsp4n9M2kQhVOo/ByahFoUNJfl58kOcEGfQ//7weFTDhm+ss8Ecxgw==}
/path-to-regexp@6.2.1:
resolution: {integrity: sha512-JLyh7xT1kizaEvcaXOQwOc2/Yhw6KZOvPf1S8401UyLk86CU79LN3vl7ztXGm/pZ+YjoyAJ4rxmHwbkBXJX+yw==}
dev: true
/path-to-regexp@6.3.0:
resolution: {integrity: sha512-Yhpw4T9C6hPpgPeA28us07OJeqZ5EzQTkbfwuhsUg0c237RomFoETJgmp2sa3F/41gfLE6G5cqcYwznmeEeOlQ==}
dev: true
@ -25428,16 +25333,6 @@ packages:
bare-events: 2.4.2
dev: false
/strict-event-emitter@0.2.8:
resolution: {integrity: sha512-KDf/ujU8Zud3YaLtMCcTI4xkZlZVIYxTLr+XIULexP+77EEVWixeXroLUXQXiVtH4XH2W7jr/3PT1v3zBuvc3A==}
dependencies:
events: 3.3.0
dev: true
/strict-event-emitter@0.4.6:
resolution: {integrity: sha512-12KWeb+wixJohmnwNFerbyiBrAlq5qJLwIt38etRtKtmmHyDSoGlIqFE9wx+4IwG0aDjI7GV8tc8ZccjWZZtTg==}
dev: true
/strict-event-emitter@0.5.1:
resolution: {integrity: sha512-vMgjE/GGEPEFnhFub6pa4FmJBRBVOLpIII2hvCZ8Kzb7K0hlHo7mQv6xYrBvCL2LtAIBwFUK8wvuJgTVSQ5MFQ==}
dev: true
@ -27278,14 +27173,6 @@ packages:
dependencies:
defaults: 1.0.4
/web-encoding@1.1.5:
resolution: {integrity: sha512-HYLeVCdJ0+lBYV2FvNZmv3HJ2Nt0QYXqZojk3d9FJOLkwnuhzM9tmamh8d7HPM8QqjKH8DeHkFTx+CFlWpZZDA==}
dependencies:
util: 0.12.5
optionalDependencies:
'@zxing/text-encoding': 0.9.0
dev: true
/web-namespaces@2.0.1:
resolution: {integrity: sha512-bKr1DkiNa2krS7qxNtdrtHAmzuYGFQLiQ13TsorsdT6ULTkPLKuu5+GsFpDlg6JFjUTwX2DyhMPG2be8uPrqsQ==}
@ -28040,19 +27927,6 @@ packages:
y18n: 4.0.3
yargs-parser: 13.1.2
/yargs@17.7.1:
resolution: {integrity: sha512-cwiTb08Xuv5fqF4AovYacTFNxk62th7LKJ6BL9IGUpTJrWoU7/7WdQGTP2SjKf1dUNBGzDd28p/Yfs/GI6JrLw==}
engines: {node: '>=12'}
dependencies:
cliui: 8.0.1
escalade: 3.2.0
get-caller-file: 2.0.5
require-directory: 2.1.1
string-width: 4.2.3
y18n: 5.0.8
yargs-parser: 21.1.1
dev: true
/yargs@17.7.2:
resolution: {integrity: sha512-7dSzzRQ++CKnNI/krKnYRV7JKKPUXMEh61soaHKg9mrWEhzFWhFnxPxGl+69cD1Ou63C13NUPCnmIcrvqCuM6w==}
engines: {node: '>=12'}