chore(deps): update dompurify requirement from ^3.2.4 to ^3.3.1 in /superset-frontend/packages/superset-ui-core#36513
Conversation
|
CodeAnt AI is reviewing your PR. |
|
Bito Automatic Review Skipped - Files Excluded |
codeant-ai-for-open-source
Bot
added
the
size:XS
|
CodeAnt AI finished reviewing your PR. |
💡 Enhance Your PR ReviewsWe noticed that 3 feature(s) are not configured for this repository. Enabling these features can help improve your code quality and workflow: 🚦 Quality GatesStatus: Quality Gates are not enabled at the organization level 🎫 Jira Ticket ComplianceStatus: Jira credentials file not found. Please configure Jira integration in your settings ⚙️ Custom RulesStatus: No custom rules configured. Add rules via organization settings or .codeant/review.json in your repository Want to enable these features? Contact your organization admin or check our documentation for setup instructions. |
|
Skipping PR review because a bot author is detected. If you want to trigger CodeAnt AI, comment |
Updates the requirements on [dompurify](https://github.com/cure53/DOMPurify) to permit the latest version. - [Release notes](https://github.com/cure53/DOMPurify/releases) - [Commits](cure53/DOMPurify@3.2.4...3.3.1) --- updated-dependencies: - dependency-name: dompurify dependency-version: 3.3.1 dependency-type: direct:production ... Signed-off-by: dependabot[bot] <support@github.com>
🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
rusackas
force-pushed
the
dependabot/npm_and_yarn/superset-frontend/packages/superset-ui-core/dompurify-tw-3.3.1
branch
from
2710e7a to
9a71795
Compare
rusackas
deleted the
dependabot/npm_and_yarn/superset-frontend/packages/superset-ui-core/dompurify-tw-3.3.1
branch
…uperset-frontend/packages/superset-ui-core (apache#36513) Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Evan Rusackas <evan@rusackas.com>
1 participant
User description
Updates the requirements on dompurify to permit the latest version.
Release notes
Sourced from dompurify's releases.
Commits
6fc446aMerge pull request #1175 from cure53/main3b3bf91Merge branch 'main' of github.com:cure53/DOMPurify9863f41chore: Preparing 3.3.1 releaseb4e0295chore: Preparing 3.3.0 release077746bbuild(deps-dev): bump js-yaml from 4.1.0 to 4.1.1 (#1170)4de68bbbuild(deps): bump actions/checkout from 5 to 6 (#1171)4c76b6fUse correct ESM import syntax (#1173)27e8496Merge pull request #1168 from MariusRumpf/add-forbid-contentsa920096Add ADD_FORBID_CONTENTS setting to extend default listac64660Merge pull request #1163 from cure53/dependabot/github_actions/actions/setup-...Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting
@dependabot rebase.Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR:
@dependabot rebasewill rebase this PR@dependabot recreatewill recreate this PR, overwriting any edits that have been made to it@dependabot mergewill merge this PR after your CI passes on it@dependabot squash and mergewill squash and merge this PR after your CI passes on it@dependabot cancel mergewill cancel a previously requested merge and block automerging@dependabot reopenwill reopen this PR if it is closed@dependabot closewill close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually@dependabot show <dependency name> ignore conditionswill show all of the ignore conditions of the specified dependency@dependabot ignore this major versionwill close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this minor versionwill close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this dependencywill close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)CodeAnt-AI Description
Bump DOMPurify to 3.3.1 in frontend dependencies
What Changed
Impact
✅ Safer HTML sanitization✅ Fewer risky HTML renderings in dashboards✅ Some user-provided markup may be removed more strictly💡 Usage Guide
Checking Your Pull Request
Every time you make a pull request, our system automatically looks through it. We check for security issues, mistakes in how you're setting up your infrastructure, and common code problems. We do this to make sure your changes are solid and won't cause any trouble later.
Talking to CodeAnt AI
Got a question or need a hand with something in your pull request? You can easily get in touch with CodeAnt AI right here. Just type the following in a comment on your pull request, and replace "Your question here" with whatever you want to ask:
This lets you have a chat with CodeAnt AI about your pull request, making it easier to understand and improve your code.
Example
Preserve Org Learnings with CodeAnt
You can record team preferences so CodeAnt AI applies them in future reviews. Reply directly to the specific CodeAnt AI suggestion (in the same thread) and replace "Your feedback here" with your input:
This helps CodeAnt AI learn and adapt to your team's coding style and standards.
Example
Retrigger review
Ask CodeAnt AI to review the PR again, by typing:
Check Your Repository Health
To analyze the health of your code repository, visit our dashboard at https://app.codeant.ai. This tool helps you identify potential issues and areas for improvement in your codebase, ensuring your repository maintains high standards of code health.