request #26748 mermaid: 8.14.0 -> 9.0.1 (includes fix for CVE-2021-23648

) Changes: https://github.com/mermaid-js/mermaid/releases/tag/9.0.0 https://github.com/mermaid-js/mermaid/releases/tag/9.0.1 This includes a fix for a sanitizing library Mermaid uses (CVE-2021-23648 [0]) and a direct fix for a Mermaid security issue [1]. [0] GHSA-hqq7-2q2v-82xq [1] mermaid-js/mermaid#2958 Change-Id: Ifedba57d22797ae90b4d60f1238ae530bda7b86b
Enalean · May 3, 2022 · 55bd831 · 55bd831
1 parent d359467
commit 55bd831
Show file tree

Hide file tree

Showing 2 changed files with 400 additions and 60 deletions.
diff --git a/src/package.json b/src/package.json
@@ -37,7 +37,7 @@
     "dompurify": "^2.3.6",
     "dragula": "^3.7.2",
     "marked": "^4.0.10",
-    "mermaid": "^8.14.0",
+    "mermaid": "^9.0.1",
     "moment": "^2.29.1",
     "mustache": "^4.2.0",
     "node-gettext": "^3.0.0",