stable

Clone or download

Read-only

fix: request #39687 Remove usage of vue-dompurify-html in @tuleap/plugin-git-repositories-list

There is no need for it, it only works on plaintext messages that should not be interpreted (and as such not sanitized, only escaped). Removing it also removes the usage of an outdated version of DOMPurify which is impacted by CVE-2024-45801 / https://github.com/cure53/DOMPurify/security/advisories/GHSA-mmhx-hmjr-r674 Change-Id: I280d24015d54329668f1e712be7dffdeea255963

Modified Files

Name
M plugins/git/scripts/repositories-list/package.json +0 −1 Go to diff View file
M plugins/git/scripts/repositories-list/pnpm-lock.yaml +0 −34 Go to diff View file
M plugins/git/scripts/repositories-list/src/components/GitlabModal/UnlinkGitlabRepositoryModal/UnlinkRepositoryGitlabModal.vue +3 −4 Go to diff View file
M plugins/git/scripts/repositories-list/src/components/SuccessMessage.vue +1 −1 Go to diff View file
M plugins/git/scripts/repositories-list/src/helpers/local-vue-for-tests.ts +0 −2 Go to diff View file
M plugins/git/scripts/repositories-list/src/index.ts +0 −2 Go to diff View file