[Snyk] Security upgrade katex from 0.15.6 to 0.16.10

[zhangpan0907]

This PR was automatically created by Snyk using the credentials of a real user.

Snyk has created this PR to fix one or more vulnerable packages in the `npm` dependencies of this project.

Changes included in this PR

• Changes to the following files to upgrade the vulnerable dependencies to a fixed version:
  • package.json

Vulnerabilities that will be fixed

With an upgrade:

Severity	Priority Score (*)	Issue	Breaking Change	Exploit Maturity
	601/1000 Why? Recently disclosed, Has a fix available, CVSS 6.3	Improper Encoding or Escaping of Output SNYK-JS-KATEX-6483831	No	No Known Exploit
	561/1000 Why? Recently disclosed, Has a fix available, CVSS 5.5	Incomplete List of Disallowed Inputs SNYK-JS-KATEX-6483834	No	No Known Exploit
	611/1000 Why? Recently disclosed, Has a fix available, CVSS 6.5	Unchecked Input for Loop Condition SNYK-JS-KATEX-6483835	No	No Known Exploit
	611/1000 Why? Recently disclosed, Has a fix available, CVSS 6.5	Unchecked Input for Loop Condition SNYK-JS-KATEX-6483836	No	No Known Exploit

(*) Note that the real score may have changed since the PR was raised.

Commit messages

Package name: katex

The new version differs by 61 commits.

• ab32359 chore(release): 0.16.10 [ci skip]
• fc5af64 fix: force protocol to be lowercase for better protocol filtering
• 085e21b fix: maxExpand limit with Unicode sub/superscripts
• e88b4c3 fix: \edef bypassing maxExpand via exponential blowup
• c5897fc fix: escape \includegraphics src and alt
• 5677f37 chore: fix some typos (#3936)
• d9640f1 chore(deps): update dependency json-stable-stringify to v1.1.1 [skip netlify] (#3885)
• 9a1f2f2 chore(deps): update dependency css-loader to v6.10.0 [skip netlify] (#3887)
• 1851860 chore(deps): update dependency cssnano to v5.1.15 [skip netlify] (#3883)
• e69d8b1 chore(deps): update dependency browserslist to v4.23.0 [skip netlify] (#3886)
• 3208440 chore(deps): update dependency @ semantic-release/changelog to v6.0.3 [skip netlify] (#3882)
• 58f2435 chore(deps): update dependency got to v11.8.6 [skip netlify] (#3884)
• 8910f16 chore: upgrade to Yarn 4.1.1 and Node 20 in CI (#3934)
• 3d5de92 docs(users): add bearbei (#3897)
• e89f5d7 chore(deps): update dependency caniuse-lite to v1.0.30001550 [skip netlify] (#3881)
• effb102 chore(deps): update dependency postcss to v8.4.31 [security] (#3871)
• 5ac899e chore(release): 0.16.9 [ci skip]
• 240d5ae feat: Support bold Fraktur (#3777)
• 4f1d916 fixed spelling error (#3845)
• ad03d1e chore(release): 0.16.8 [ci skip]
• 710774a feat: expose error length and raw error message on ParseError (#3820)
• 5dd9bc4 docs(libs.md): add Sphinx extension (#3833)
• c3fb74f docs(libs.md): add a Wechat Mini Program library (#3817)
• 2bb338d docs: use dark-mode logo in README (#3821)

See the full diff

Check the changes in this PR to ensure they won't cause issues with your project.

---

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information:
🧐 View latest project report

🛠 Adjust project settings

📚 Read more about Snyk's upgrade and patch logic

---

Learn how to fix vulnerabilities with free interactive lessons:

🦉 Learn about vulnerability in an interactive lesson of Snyk Learn.