stable
Clone or download
Read-only
fix: request #39687 Remove usage of vue-dompurify-html in @tuleap/plugin-git-repositories-list
There is no need for it, it only works on plaintext messages that should not be interpreted (and as such not sanitized, only escaped). Removing it also removes the usage of an outdated version of DOMPurify which is impacted by CVE-2024-45801 / https://github.com/cure53/DOMPurify/security/advisories/GHSA-mmhx-hmjr-r674 Change-Id: I280d24015d54329668f1e712be7dffdeea255963
Modified Files
Name | ||||
---|---|---|---|---|
M | plugins/git/scripts/repositories-list/package.json | +0 | −1 | Go to diff View file |
M | plugins/git/scripts/repositories-list/pnpm-lock.yaml | +0 | −34 | Go to diff View file |
M | plugins/git/scripts/repositories-list/src/components/GitlabModal/UnlinkGitlabRepositoryModal/UnlinkRepositoryGitlabModal.vue | +3 | −4 | Go to diff View file |
M | plugins/git/scripts/repositories-list/src/components/SuccessMessage.vue | +1 | −1 | Go to diff View file |
M | plugins/git/scripts/repositories-list/src/helpers/local-vue-for-tests.ts | +0 | −2 | Go to diff View file |
M | plugins/git/scripts/repositories-list/src/index.ts | +0 | −2 | Go to diff View file |