From 4f510887d2b711dc16b5658abd95dbb3dd2a28a2 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Tue, 24 Jun 2025 14:37:23 +0000 Subject: [PATCH] Bump dompurify and hexo-renderer-marked Bumps [dompurify](https://github.com/cure53/DOMPurify) to 3.2.6 and updates ancestor dependency [hexo-renderer-marked](https://github.com/hexojs/hexo-renderer-marked). These dependencies need to be updated together. Updates `dompurify` from 2.4.5 to 3.2.6 - [Release notes](https://github.com/cure53/DOMPurify/releases) - [Commits](https://github.com/cure53/DOMPurify/compare/2.4.5...3.2.6) Updates `hexo-renderer-marked` from 6.0.0 to 6.3.0 - [Release notes](https://github.com/hexojs/hexo-renderer-marked/releases) - [Commits](https://github.com/hexojs/hexo-renderer-marked/compare/v6.0.0...v6.3.0) --- updated-dependencies: - dependency-name: dompurify dependency-version: 3.2.6 dependency-type: indirect - dependency-name: hexo-renderer-marked dependency-version: 6.3.0 dependency-type: direct:production ... Signed-off-by: dependabot[bot] --- package-lock.json | 125 ++++++++++++++++++++++++++++++++++++++++++---- package.json | 2 +- 2 files changed, 116 insertions(+), 11 deletions(-) diff --git a/package-lock.json b/package-lock.json index 67d3e5c..8f5fd0d 100644 --- a/package-lock.json +++ b/package-lock.json @@ -16,7 +16,7 @@ "hexo-generator-index": "^3.0.0", "hexo-generator-tag": "^2.0.0", "hexo-renderer-ejs": "^2.0.0", - "hexo-renderer-marked": "^6.0.0", + "hexo-renderer-marked": "^6.3.0", "hexo-renderer-stylus": "^2.1.0", "hexo-server": "^3.0.0" } @@ -29,6 +29,13 @@ "node": ">= 10" } }, + "node_modules/@types/trusted-types": { + "version": "2.0.7", + "resolved": "https://registry.npmjs.org/@types/trusted-types/-/trusted-types-2.0.7.tgz", + "integrity": "sha512-ScaPdn1dQczgbl0QFTeTOmVHFULt394XJgOQNoyVhZ6r2vLnMLJfBPd53SB52T/3G36VI1/g2MZaX0cwDuXsfw==", + "license": "MIT", + "optional": true + }, "node_modules/a-sync-waterfall": { "version": "1.0.1", "resolved": "https://registry.npmjs.org/a-sync-waterfall/-/a-sync-waterfall-1.0.1.tgz", @@ -1638,9 +1645,13 @@ } }, "node_modules/dompurify": { - "version": "2.4.5", - "resolved": "https://registry.npmjs.org/dompurify/-/dompurify-2.4.5.tgz", - "integrity": "sha512-jggCCd+8Iqp4Tsz0nIvpcb22InKEBrGz5dw3EQJMs8HPJDsKbFIO3STYtAvCfDx26Muevn1MHVI0XxjgFfmiSA==" + "version": "3.2.6", + "resolved": "https://registry.npmjs.org/dompurify/-/dompurify-3.2.6.tgz", + "integrity": "sha512-/2GogDQlohXPZe6D6NOgQvXLPSYBqIWMnZ8zzOhn09REE4eyAzb+Hed3jhoM9OkuaJ8P6ZGTTVWQKAi8ieIzfQ==", + "license": "(MPL-2.0 OR Apache-2.0)", + "optionalDependencies": { + "@types/trusted-types": "^2.0.7" + } }, "node_modules/domutils": { "version": "2.8.0", @@ -3222,19 +3233,113 @@ } }, "node_modules/hexo-renderer-marked": { - "version": "6.0.0", - "resolved": "https://registry.npmjs.org/hexo-renderer-marked/-/hexo-renderer-marked-6.0.0.tgz", - "integrity": "sha512-/B/ud8q9pNldbipuv6cPyqL+fir973+blV79n6j59M3S8LRz/4hLXwd0TA4RHxcHVrgPakeWUtiH3UWo6B6Pag==", + "version": "6.3.0", + "resolved": "https://registry.npmjs.org/hexo-renderer-marked/-/hexo-renderer-marked-6.3.0.tgz", + "integrity": "sha512-V/ATcJ+tZHkTJSbScPzzHKmrwVMohU8i9MfuX9jp07Un/NpPtaTP821unP3JPu+O1nNLWMi+3xRbFRdm+8vajw==", + "license": "MIT", "dependencies": { - "dompurify": "^2.4.0", - "hexo-util": "^2.7.0", + "dompurify": "^3.0.3", + "hexo-util": "^3.1.0", "jsdom": "^20.0.1", - "marked": "^4.1.1" + "marked": "^4.3.0" + }, + "engines": { + "node": ">=14" + } + }, + "node_modules/hexo-renderer-marked/node_modules/dom-serializer": { + "version": "2.0.0", + "resolved": "https://registry.npmjs.org/dom-serializer/-/dom-serializer-2.0.0.tgz", + "integrity": "sha512-wIkAryiqt/nV5EQKqQpo3SToSOV9J0DnbJqwK7Wv/Trc92zIAYZ4FlMu+JPFW1DfGFt81ZTCGgDEabffXeLyJg==", + "license": "MIT", + "dependencies": { + "domelementtype": "^2.3.0", + "domhandler": "^5.0.2", + "entities": "^4.2.0" + }, + "funding": { + "url": "https://github.com/cheeriojs/dom-serializer?sponsor=1" + } + }, + "node_modules/hexo-renderer-marked/node_modules/domhandler": { + "version": "5.0.3", + "resolved": "https://registry.npmjs.org/domhandler/-/domhandler-5.0.3.tgz", + "integrity": "sha512-cgwlv/1iFQiFnU96XXgROh8xTeetsnJiDsTc7TYCLFd9+/WNkIqPTxiM/8pSd8VIrhXGTf1Ny1q1hquVqDJB5w==", + "license": "BSD-2-Clause", + "dependencies": { + "domelementtype": "^2.3.0" + }, + "engines": { + "node": ">= 4" + }, + "funding": { + "url": "https://github.com/fb55/domhandler?sponsor=1" + } + }, + "node_modules/hexo-renderer-marked/node_modules/domutils": { + "version": "3.2.2", + "resolved": "https://registry.npmjs.org/domutils/-/domutils-3.2.2.tgz", + "integrity": "sha512-6kZKyUajlDuqlHKVX1w7gyslj9MPIXzIFiz/rGu35uC1wMi+kMhQwGhl4lt9unC9Vb9INnY9Z3/ZA3+FhASLaw==", + "license": "BSD-2-Clause", + "dependencies": { + "dom-serializer": "^2.0.0", + "domelementtype": "^2.3.0", + "domhandler": "^5.0.3" + }, + "funding": { + "url": "https://github.com/fb55/domutils?sponsor=1" + } + }, + "node_modules/hexo-renderer-marked/node_modules/entities": { + "version": "4.5.0", + "resolved": "https://registry.npmjs.org/entities/-/entities-4.5.0.tgz", + "integrity": "sha512-V0hjH4dGPh9Ao5p0MoRY6BVqtwCjhz6vI5LT8AJ55H+4g9/4vbHx1I54fS0XuclLhDHArPQCiMjDxjaL8fPxhw==", + "license": "BSD-2-Clause", + "engines": { + "node": ">=0.12" + }, + "funding": { + "url": "https://github.com/fb55/entities?sponsor=1" + } + }, + "node_modules/hexo-renderer-marked/node_modules/hexo-util": { + "version": "3.3.0", + "resolved": "https://registry.npmjs.org/hexo-util/-/hexo-util-3.3.0.tgz", + "integrity": "sha512-YvGngXijE2muEh5L/VI4Fmjqb+/yAkmY+VuyhWVoRwQu1X7bmWodsfYRXX7CUYhi5LqsvH8FAe/yBW1+f6ZX4Q==", + "hasInstallScript": true, + "license": "MIT", + "dependencies": { + "camel-case": "^4.1.2", + "cross-spawn": "^7.0.3", + "deepmerge": "^4.2.2", + "highlight.js": "^11.6.0", + "htmlparser2": "^9.0.0", + "prismjs": "^1.29.0", + "strip-indent": "^3.0.0" }, "engines": { "node": ">=14" } }, + "node_modules/hexo-renderer-marked/node_modules/htmlparser2": { + "version": "9.1.0", + "resolved": "https://registry.npmjs.org/htmlparser2/-/htmlparser2-9.1.0.tgz", + "integrity": "sha512-5zfg6mHUoaer/97TxnGpxmbR7zJtPwIYFMZ/H5ucTlPZhKvtum05yiPK3Mgai3a0DyVxv7qYqoweaEd2nrYQzQ==", + "funding": [ + "https://github.com/fb55/htmlparser2?sponsor=1", + { + "type": "github", + "url": "https://github.com/sponsors/fb55" + } + ], + "license": "MIT", + "dependencies": { + "domelementtype": "^2.3.0", + "domhandler": "^5.0.3", + "domutils": "^3.1.0", + "entities": "^4.5.0" + } + }, "node_modules/hexo-renderer-stylus": { "version": "2.1.0", "resolved": "https://registry.npmjs.org/hexo-renderer-stylus/-/hexo-renderer-stylus-2.1.0.tgz", diff --git a/package.json b/package.json index 0584785..fd82b0e 100644 --- a/package.json +++ b/package.json @@ -20,7 +20,7 @@ "hexo-generator-index": "^3.0.0", "hexo-generator-tag": "^2.0.0", "hexo-renderer-ejs": "^2.0.0", - "hexo-renderer-marked": "^6.0.0", + "hexo-renderer-marked": "^6.3.0", "hexo-renderer-stylus": "^2.1.0", "hexo-server": "^3.0.0" }