Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

[Snyk] Upgrade draft-js from 0.10.5 to 0.11.7 #2

Open
wants to merge 1 commit into
base: main
Choose a base branch
from

Conversation

wingn8t
Copy link
Owner

@wingn8t wingn8t commented Jun 14, 2024

This PR was automatically created by Snyk using the credentials of a real user.


![snyk-top-banner](https://github.com/andygongea/OWASP-Benchmark/assets/818805/c518c423-16fe-447e-b67f-ad5a49b5d123)

Snyk has created this PR to upgrade draft-js from 0.10.5 to 0.11.7.

ℹ️ Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.


  • The recommended version is 12 versions ahead of your current version.

  • The recommended version was released on 4 years ago.

Issues fixed by the recommended upgrade:

Issue Score Exploit Maturity
medium severity Information Exposure
SNYK-JS-NODEFETCH-2342118
539 No Known Exploit
medium severity Denial of Service
SNYK-JS-NODEFETCH-674311
539 No Known Exploit
Release notes
Package name: draft-js
  • 0.11.7 - 2020-08-17

    0.11.7 (Aug 13th, 2020)

    Added

    • Allow aria-describedby overriding (Jeff Dickey in 8b8b9c0)
    • Add support to create editor state using text string (Abhishek Pandya in fc9395f)

    Changed

    • Update readme to suggest building with yarn (#2527) (Kevin Chavez in 54213a1)
    • Update build, static analysis deps (+ upgrade to fbjs 2.0.0) (#2541) (Kevin Chavez in 5e92a32)
    • Tex example: Update babel to v7 + other deps (#2533) (Kevin Chavez in ce94ecf)
    • Update package.json (#2490) (Michaël De Boey in b79082f)
    • Update media.html (#2452) (fay in a8f44b1)
    • Upgrade dependencies in playground example (#2534) (Kevin Chavez in f6bf4ed)
    • feat(docs): Update README.md (#2523) (Darsh Shah in e0fc33e)
    • adds highlight in docs (#2469) (Tunde Thomas in cef6191)
    • Update QuickStart-API-Basics.md (#2491) (Michaël De Boey in 170fe23)
    • Update .travis.yml (#2495) (Michaël De Boey in 3eb391e)
    • Update link to Record in docs (#2418) (Rounak Agarwal in 6a55c38)
    • Update link to Immutable Map in docs (#2530) (Rounak Agarwal in 31dde91)
    • Upgrade browserify and babel deps in universal example (#2532) (Kevin Chavez in 1c8815a)
    • Upgrade eslint, flow, jest (#2531) (Kevin Chavez in ccd0470)
    • Fix the build by adding an argument to catch statement (Kevin Chavez in 5482c90)
    • Conditionally invokes URI.tryParseURI in OSS code (Claudio Procida in 36de6f1)
    • formatPastedText prop (Laura González in 9a9ccbd)
    • fix pasting invalid links (Frank Thompson in 862a5b2)
    • chore(dependabot): adds examples directories separately (#2505) (Claudio Procida in fb0eb34)
    • style(website): Removes desaturation (#2504) (Claudio Procida in 2b8edb1)
    • Fixes links accessibility by adding underlines (#2497) (R Nabors in 5e17cc2)
    • add codes to suppressions in www (Daniel Sainati in 8457ebb)
    • update comments in mobile to support error codes (Daniel Sainati in fb728fd)
    • Use object shorthand in DraftEditorCompositionHandler (Kevin Chavez in d949433)
    • Force the selection when composition is resolved (#2094) (Robbert Brak in 3be4d37)
    • fix(security): Upgrades Docusaurus to address CVE-2020-7662 (#2457) (Claudio Procida in a08a8fa)
  • 0.11.6 - 2020-06-05

    0.11.6 (June 4th, 2020)

    Added

    • Adds BLM banner (#2454) (claudiopro in 2a0c5bb)
    • HtmlConversion: Add support for telephone links (#2365) (Andrew Lauria in e1e9a0c)
    • 7.C - Block Operations - Consume (Shalabh Vyas in 99c6b06)
    • Add fromJS() API to Draft model objects (Shalabh Vyas in 3ee5a23)

    Changed

    • Add Null return value type in code example (#2429) (Jacob D. Castro in 45bb6b5)
    • Add /meta/bundle-size-stats to .gitignore (#2436) (Kevin Chavez in e3a689d)
    • Update eslint, cross-env and gulp-derequire. Fix version numbers for … (#2437) (Kevin Chavez in 79a25b5)
    • Update Overview.md (#2434) (Mohamed ABDELLANI in e5e293f)
    • Upgrade jest and flow-bin deps (#2435) (Kevin Chavez in 9ac399c)
    • Update cadence for dependabot updates (#2402) (Kevin Chavez in 6619077)
    • Bump alex from 8.0.0 to 8.1.1 (#2407) (dependabot-preview[bot] in 7e604b0)
    • Bump fstream from 1.0.11 to 1.0.12 in /examples/draft-0-10-0/tex (#2396) (dependabot[bot] in 1f5d40e)
    • Bump acorn from 6.0.5 to 6.4.1 in /examples/draft-0-10-0/tex (#2376) (dependabot[bot] in 9028881)
    • chore(flow): Updates flow-bin to 0.123 (#2393) (Claudio Procida in 497a478)
    • Short-circuit getUpdatedSelectionState for invalid selection updates on prod (Kevin Chavez in 0585b68)
    • Type selection object in setDraftEditorSelection.js (Kevin Chavez in 31dec71)
    • Type selection object in keyCommandBackspaceToStartOfLine.js (Kevin Chavez in aa5c4a1)
    • Flow v0.123.0 in www (Panagiotis Vekris in af67575)
    • Type selection object in getDraftEditorSelection.js (Kevin Chavez in dfacb1b)
    • Type selection object in editOnBlur.js (Kevin Chavez in 2299714)
    • Type selection object in editOnInput. (Kevin Chavez in 41beae1)
    • upgrade to flow 0.122.0 (Marshall Roch in 97dd19b)
    • DraftEntity ID Changes (Shalabh Vyas in 13989e3)
    • use pasted block type if pasting to empty unstyled block (Frank Thompson in 7d3d3c8)
    • Update deps for and cleanup playground example (#2368) (Kevin Chavez in 2658dd6)
    • Only extend selection if it has ranges in setDraftEditorSelection.js (Kevin Chavez in d53fa7a)
    • Update draft.js on website to v0.11.5 (#2370) (Kevin Chavez in 538d864)
    • Make a few types exact (Kevin Chavez in 0950285)
    • Remaining non-generated non-reason-parsed files (Jordan Brown in 153482f)

    Fixed

    • Fix draft-js pasted inline styles (Giulio Jiang in 92176ab)
    • docs: in react hooks example, limit createEmpty calls (#2432) (Benjamin Atkin in 05e838e)
    • Revisit comment for todo of T65805998, validate there's nothing to worry about (Kevin Chavez in 268ece3)
    • html/shared/draft-js/model/transaction (generatedunixname89002005287564 in c75f1e4)
    • types-first in html/js/mobile (Panagiotis Vekris in e66f39e)
    • Address #2413 by making Firefox follow the same behaviour as Chrome (#2414) (Kevin Chavez in 6d619c6)
    • Prevent placeholder from unnecessarily wrapping (#2392) (Frank Yan in 9d6bbfd)
    • docs: Fix simple typo, sibbling -> sibling (#2384) (Tim Gates in d1cb1e7)
    • Fix build by adding missing modules (Kevin Chavez in fbe3417)
    • Fix flow by allowing optional chaining (#2369) (Kevin Chavez in 8576432)
  • 0.11.5 - 2020-03-26

    0.11.5 (Mar 26, 2020)

    Removed

    • Remove examples for draft.js 0.9.0 (#2358) (Kevin Chavez in fd16d8e)

    Changed

    • Update deps in 'universal' example (#2362) (Kevin Chavez in dc8bfbb)
    • Remove unused Flow suppressions in WWW (George Zahariev in 3858858)
    • Improve types for EditorState (Kevin Chavez in 792bd3a)
    • Don't SSR example editor on website. (#2356) (Kevin Chavez in 9191a3f)
    • Deprecate Travis Bot files and configuration (Chris Lüer in 6c1c654)
    • Require ReactDOMComet instead of ReactDOM (Dan Abramov in 6630163)
    • Strictify DraftEditorLeaf.react.js (Kevin Chavez in b4a1db9)
    • Make decodeEntityRanges flow strict (Kevin Chavez in 7af73b7)
    • Move key to static argument instead of spread (Sebastian Markbage in d6527a9)
    • "ecmascript" => "ECMAScript" (#2327) (Agastya Chandrakant in 6cfed73)
    • Abstract ReactDOM as ReactDOMComet (Sebastian Markbage in 24339f1)
    • Prevent (but not fix) ‘Cannot read property 'getIn' of undefined’ in getUpdatedSelectionState (Steven Luscher in a9fcbb2)
    • Make some more modules strict(-local) (Kevin Chavez in c30ca73 and 7002565)
    • Update webpack deps (#2310) (Kevin Chavez in 0131e1d)
    • Remove unused gulp task remained from docusaurus 2 migration (#2308) (Kanitkorn S in 963e312)
    • Re-write DraftEditorExample in the website using react hooks (#2287) (Kevin Chavez in 9b9376b)
    • Add a preventScroll prop (Dan Abramov in 3ba907b)
    • Add editorRef prop to DraftEditor (Dan Abramov in 8c50042)
    • Remove findDOMNode from DraftEditorBlockNode (Sebastian Markbage in 0dd3978)
    • Remove findDOMNode in DraftEditorDragHandler (Sebastian Markbage in c1a55ce)
    • Remove findDOMNode from getContentEditableContainer (Sebastian Markbage in 9d587d9)
    • Upgrade to Flow explicit inexact object type syntax (Jordan Brown in b051fc1)
    • Upgrade eslint + flow, and fix failed test from nullishCoalescingOperator (#2083) (Kanitkorn S in 824fd12)
    • chore(travis): bumps node versions used in Travis CI to 10 and 12 (#2300) (Claudio Procida in e711230)

    Fixed

    • Fix Uncaught TypeError: Cannot read property 'nodeType' of null at editOnInput (#2330) (Konstantin Tarkus in db3216d)
    • Fix keyBindingFn documentation URL (Ryan Silva in 3251017)
    • fix style handling in convertFromHTMLToContentBlocks (Frank Thompson in ad8374d)
    • remove unused flow suppressions (Panagiotis Vekris in 822d2fb)
  • 0.11.4 - 2020-01-06

    0.11.4 (January 7th, 2020)

    Added

    • Add Section and Article to DefaultBlockRenderMap (#2212) (Tarun047 in e20f79f)

    Changed

    • Add rules to .flowconfig for flow strict rules (#2288) (Kevin Chavez in f223799)
    • Update website's yarn version to 0.11.3 (Kevin Chavez in efcaf42)
    • Prettify docs files (#2275) (Yangshun Tay in 6fc9964)
    • Remove Jest auto mocking (#2279) (Yangshun Tay in 817e371)
    • Add myself to get TravisCI emails (Kevin Chavez in f4167fe)
    • Unit tests for isHTMLBRElement (Claudio Procida in bb81765)
    • Remove niveditc from Travis CI email (Nivedita Chopra in 7721805)
    • Create CNAME (#2276) (Yangshun Tay in 92680be)
    • Upgrade to Docusaurus 2 (#2268) (Yangshun Tay in 5b10191)
    • move alex to dev dependencies (#2272) (Ilya in b889d5d)
    • Improve docs syntax and formatting (#2267) (Yangshun Tay in 9b4a628)

    Fixed

    • fix(chore): fixes webpack-stream error with missing catch var declaration (#2291) (Claudio Procida in 4252469)
    • IE could not display composer when opening or creating a new group chat from the chat create view (Jainil Parekh in 64b51df)
    • Fix DOMObserver mutation data for IE (#2285) (Jainil Parekh in

Snyk has created this PR to upgrade draft-js from 0.10.5 to 0.11.7.

See this package in npm:
draft-js

See this project in Snyk:
https://app.snyk.io/org/wingn8t/project/f3169c74-73f1-4787-9ef2-e1386736ba14?utm_source=github&utm_medium=referral&page=upgrade-pr
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

2 participants