Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We鈥檒l occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[Snyk] Security upgrade handsontable from 0.31.2 to 8.2.0 #3

Open
wants to merge 1 commit into
base: master
Choose a base branch
from
Open

[Snyk] Security upgrade handsontable from 0.31.2 to 8.2.0 #3

wants to merge 1 commit into from

Conversation

snyk-bot
Copy link
Contributor

Snyk has created this PR to fix one or more vulnerable packages in the `npm` dependencies of this project.

Changes included in this PR

  • Changes to the following files to upgrade the vulnerable dependencies to a fixed version:
    • package.json

Vulnerabilities that will be fixed

With an upgrade:
Severity Priority Score (*) Issue Breaking Change Exploit Maturity
medium severity 621/1000
Why? Recently disclosed, Has a fix available, CVSS 6.5		 Cross-site Scripting (XSS)
SNYK-JS-HANDSONTABLE-1019380		 Yes No Known Exploit

(*) Note that the real score may have changed since the PR was raised.

Commit messages
Package name: handsontable The new version differs by 250 commits.
  • 34793d5 Merge branch 'release/8.2.0'
  • 18dbb61 8.2.0
  • 56a3a0b Additional tests cases for parseTable utility (#7379)
  • d4e6c75 Add fixes for #6397 and #7368, change the release date + create a new build for 8.2.0.
  • e1f2403 - Fix a problem with HTML element classes not being cleared properly on IE. #6397 (#7374)
  • c03f2bc Protect Autocomplete editor from XSS (#7368)
  • 762826e 8.2.0
  • 6f715b0 Exclude DOMPurify lib from the handsontable.js build (#7366)
  • c25401d Add the 8.2.0 section to CHANGELOG.md.
  • a36306b 8.2.0
  • 7caffb0 Revert #6742. (#7360)
  • dac8f5e Adds missing tests after v8 release (#7354)
  • 3250f30 Fixes adding 0 rows to index mappers (#7357)
  • 14a258a Correct names of the hooks [DOCS] (#7345)
  • fc87cac Extend copypaste description [DOCS] (#7205)
  • 48a01d5 Modify the "clear column" Context Menu option. (#7348)
  • b7f03bb Fixed scrolling viewport to a cell's editor if some columns were hidden (#7330)
  • dcaaccb Fixed htmlToGridSettings helper (#7315)
  • 6ae4d8d Make the validation-triggering methods propagate renderable indexes. (#7318)
  • 887b3d7 Fix an error being thrown while hovering over row/column headers. (#7335)
  • b68832d Using index mappers instead of own created storage for states of sorting (#7276)
  • 0293030 Add information about optional param (#7344)
  • a98d145 Add sanitization to every place we manipulate HTML (#7310)
  • 5029db6 Improved E2E tests stability in browsers (#7321)

See the full diff

Check the changes in this PR to ensure they won't cause issues with your project.

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information:
馃 View latest project report

馃洜 Adjust project settings

馃摎 Read more about Snyk's upgrade and patch logic

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
1 participant
@snyk-bot