Bump dompurify and @mermaid-js/mermaid-cli #706

dependabot · 2024-09-16T20:58:01Z

Removes dompurify. It's no longer used after updating ancestor dependency @mermaid-js/mermaid-cli. These dependencies need to be updated together.

Removes dompurify

Updates @mermaid-js/mermaid-cli from 9.0.0 to 9.4.0

Release notes

Sourced from @mermaid-js/mermaid-cli's releases.

9.4.0

Changes

docs: fix broken animated flowchart @aloisklink (#481)

Change docker workdir @daamien (#472)

FIX #435: Use absolute path for the entrypoint @daamien (#469)

🚀 Features

Support the .markdown file extension for markdown files @aloisklink (#483)

🐛 Bug Fixes

Improve stdin input handling on (fixes Windows) @aloisklink (#482)

📦 Dependency updates

build(deps-dev): bump mermaid from 9.3.0 to 9.4.0 @dependabot (#489)

build(deps-dev): bump vite from 4.1.1 to 4.1.2 @dependabot (#490)

build(deps): bump puppeteer from 19.6.3 to 19.7.1 @dependabot (#491)

build(deps-dev): bump jest from 29.4.2 to 29.4.3 @dependabot (#492)

build(deps-dev): bump vite-plugin-singlefile from 0.13.2 to 0.13.3 @dependabot (#485)

build(deps-dev): bump jest from 29.4.1 to 29.4.2 @dependabot (#484)

build(deps): bump puppeteer from 19.6.2 to 19.6.3 @dependabot (#480)

build(deps): bump docker/build-push-action from 3 to 4 @dependabot (#479)

build(deps-dev): bump vite from 4.0.4 to 4.1.1 @dependabot (#478)

build(deps): bump actions/github-script from 6.3.3 to 6.4.0 @dependabot (#477)

build(deps-dev): bump jest from 29.3.1 to 29.4.1 @dependabot (#476)

build(deps): bump puppeteer from 19.5.2 to 19.6.2 @dependabot (#475)

build(deps-dev): bump yarn-upgrade-all from 0.7.1 to 0.7.2 @dependabot (#464)

build(deps): bump commander from 9.5.0 to 10.0.0 @dependabot (#465)

build(deps): bump puppeteer from 19.4.1 to 19.5.2 @dependabot (#466)

build(deps-dev): bump vite from 4.0.3 to 4.0.4 @dependabot (#459)

build(deps): bump commander from 9.4.1 to 9.5.0 @dependabot (#460)

build(deps): bump actions/upload-artifact from 3.1.1 to 3.1.2 @dependabot (#461)

build(deps): bump release-drafter/release-drafter from 5.21.1 to 5.22.0 @dependabot (#462)

build(deps): bump json5 from 1.0.1 to 1.0.2 @dependabot (#458)

9.3.0

Changes

Correct compatible Node.JS version in package.json @jrynd (#454)

Refactor commander CLI options @aloisklink (#443)

Improvement the docker command line example @daamien (#439)

Use an absolute path for the docker entrypoint @daamien (#438)

Update README.md to highlight install step @sidharthv96 (#434)

docs: add npm/dockerhub version badges @aloisklink (#428)

🐛 Bug Fixes

fix: handle empty newlines before diagrams in md @aloisklink (#455)

... (truncated)

Commits

3469440 build(deps-dev): bump mermaid from 9.3.0 to 9.4.0
a46bf85 build(deps-dev): bump vite from 4.1.1 to 4.1.2
2b742bc build(deps): bump puppeteer from 19.6.3 to 19.7.1
c954405 build(deps-dev): bump jest from 29.4.2 to 29.4.3
f862691 feat: support the .markdown file extension
d1bf16f fix: improve stdin input handling
c851234 fix: use console.warn (stderr) to print warnings
e2e7008 docs: fix broken animated flowchart CSS
67ed625 build(deps-dev): bump vite-plugin-singlefile from 0.13.2 to 0.13.3
91dccb9 build(deps-dev): bump jest from 29.4.1 to 29.4.2
Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

@dependabot rebase will rebase this PR
@dependabot recreate will recreate this PR, overwriting any edits that have been made to it
@dependabot merge will merge this PR after your CI passes on it
@dependabot squash and merge will squash and merge this PR after your CI passes on it
@dependabot cancel merge will cancel a previously requested merge and block automerging
@dependabot reopen will reopen this PR if it is closed
@dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
@dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
@dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
@dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
@dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
You can disable automated security fix PRs for this repo from the Security Alerts page.

Removes [dompurify](https://github.com/cure53/DOMPurify). It's no longer used after updating ancestor dependency [@mermaid-js/mermaid-cli](https://github.com/mermaid-js/mermaid-cli). These dependencies need to be updated together. Removes `dompurify` Updates `@mermaid-js/mermaid-cli` from 9.0.0 to 9.4.0 - [Release notes](https://github.com/mermaid-js/mermaid-cli/releases) - [Commits](mermaid-js/mermaid-cli@9.0.0...9.4.0) --- updated-dependencies: - dependency-name: dompurify dependency-type: indirect - dependency-name: "@mermaid-js/mermaid-cli" dependency-type: direct:production ... Signed-off-by: dependabot[bot] <[email protected]>

dependabot bot added the dependencies Pull requests that update a dependency file label Sep 16, 2024

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Bump dompurify and @mermaid-js/mermaid-cli #706

Bump dompurify and @mermaid-js/mermaid-cli #706

dependabot bot commented on behalf of github Sep 16, 2024

Bump dompurify and @mermaid-js/mermaid-cli #706

Are you sure you want to change the base?

Bump dompurify and @mermaid-js/mermaid-cli #706

Conversation

dependabot bot commented on behalf of github Sep 16, 2024

9.4.0

Changes

🚀 Features

🐛 Bug Fixes

📦 Dependency updates

9.3.0

Changes

🐛 Bug Fixes