From c91dfd51b6cfc64acaf3c8b1304486b566d9c254 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Wed, 3 Apr 2024 03:51:48 +0000 Subject: [PATCH 1/2] build(deps): bump dompurify Bumps [dompurify](https://github.com/cure53/DOMPurify) from 2.4.9 to 3.0.11. - [Release notes](https://github.com/cure53/DOMPurify/releases) - [Commits](https://github.com/cure53/DOMPurify/compare/2.4.9...3.0.11) --- updated-dependencies: - dependency-name: dompurify dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] --- superset-frontend/plugins/legacy-preset-chart-nvd3/package.json | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/superset-frontend/plugins/legacy-preset-chart-nvd3/package.json b/superset-frontend/plugins/legacy-preset-chart-nvd3/package.json index c221d99ec599b..6f34368f1336b 100644 --- a/superset-frontend/plugins/legacy-preset-chart-nvd3/package.json +++ b/superset-frontend/plugins/legacy-preset-chart-nvd3/package.json @@ -32,7 +32,7 @@ "@data-ui/xy-chart": "^0.0.84", "d3": "^3.5.17", "d3-tip": "^0.9.1", - "dompurify": "^2.0.6", + "dompurify": "^3.0.11", "fast-safe-stringify": "^2.1.1", "lodash": "^4.17.21", "moment": "^2.30.1", From 1b7c8a1052157c0511bf5baf772502a14b83843c Mon Sep 17 00:00:00 2001 From: "GitHub-Actions[bot]" Date: Wed, 3 Apr 2024 03:54:12 +0000 Subject: [PATCH 2/2] Update lock file for Dependabot PR --- superset-frontend/package-lock.json | 22 ++++++++++++++++++---- 1 file changed, 18 insertions(+), 4 deletions(-) diff --git a/superset-frontend/package-lock.json b/superset-frontend/package-lock.json index 931a3fe9a673e..652837a3d79c0 100644 --- a/superset-frontend/package-lock.json +++ b/superset-frontend/package-lock.json @@ -33200,7 +33200,8 @@ "node_modules/dompurify": { "version": "2.3.3", "resolved": "https://registry.npmjs.org/dompurify/-/dompurify-2.3.3.tgz", - "integrity": "sha512-dqnqRkPMAjOZE0FogZ+ceJNM2dZ3V/yNOuFB7+39qpO93hHhfRpHw3heYQC7DPK9FqbQTfBKUJhiSfz4MvXYwg==" + "integrity": "sha512-dqnqRkPMAjOZE0FogZ+ceJNM2dZ3V/yNOuFB7+39qpO93hHhfRpHw3heYQC7DPK9FqbQTfBKUJhiSfz4MvXYwg==", + "optional": true }, "node_modules/domutils": { "version": "3.1.0", @@ -69184,7 +69185,7 @@ "@data-ui/xy-chart": "^0.0.84", "d3": "^3.5.17", "d3-tip": "^0.9.1", - "dompurify": "^2.0.6", + "dompurify": "^3.0.11", "fast-safe-stringify": "^2.1.1", "lodash": "^4.17.21", "moment": "^2.30.1", @@ -69198,6 +69199,11 @@ "react": "^15 || ^16" } }, + "plugins/legacy-preset-chart-nvd3/node_modules/dompurify": { + "version": "3.0.11", + "resolved": "https://registry.npmjs.org/dompurify/-/dompurify-3.0.11.tgz", + "integrity": "sha512-Fan4uMuyB26gFV3ovPoEoQbxRRPfTu3CvImyZnhGq5fsIEO+gEFLp45ISFt+kQBWsK5ulDdT0oV28jS1UrwQLg==" + }, "plugins/plugin-chart-echarts": { "name": "@superset-ui/plugin-chart-echarts", "version": "0.18.25", @@ -87218,13 +87224,20 @@ "@data-ui/xy-chart": "^0.0.84", "d3": "^3.5.17", "d3-tip": "^0.9.1", - "dompurify": "^2.0.6", + "dompurify": "^3.0.11", "fast-safe-stringify": "^2.1.1", "lodash": "^4.17.21", "moment": "^2.30.1", "nvd3-fork": "^2.0.5", "prop-types": "^15.8.1", "urijs": "^1.19.11" + }, + "dependencies": { + "dompurify": { + "version": "3.0.11", + "resolved": "https://registry.npmjs.org/dompurify/-/dompurify-3.0.11.tgz", + "integrity": "sha512-Fan4uMuyB26gFV3ovPoEoQbxRRPfTu3CvImyZnhGq5fsIEO+gEFLp45ISFt+kQBWsK5ulDdT0oV28jS1UrwQLg==" + } } }, "@superset-ui/plugin-chart-echarts": { @@ -97554,7 +97567,8 @@ "dompurify": { "version": "2.3.3", "resolved": "https://registry.npmjs.org/dompurify/-/dompurify-2.3.3.tgz", - "integrity": "sha512-dqnqRkPMAjOZE0FogZ+ceJNM2dZ3V/yNOuFB7+39qpO93hHhfRpHw3heYQC7DPK9FqbQTfBKUJhiSfz4MvXYwg==" + "integrity": "sha512-dqnqRkPMAjOZE0FogZ+ceJNM2dZ3V/yNOuFB7+39qpO93hHhfRpHw3heYQC7DPK9FqbQTfBKUJhiSfz4MvXYwg==", + "optional": true }, "domutils": { "version": "3.1.0",