Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[Snyk] Upgrade codemirror from 5.30.0 to 5.64.0 #1

Open
wants to merge 1 commit into
base: master
Choose a base branch
from
Open

[Snyk] Upgrade codemirror from 5.30.0 to 5.64.0 #1

wants to merge 1 commit into from

Conversation

snyk-bot
Copy link

Snyk has created this PR to upgrade codemirror from 5.30.0 to 5.64.0.

merge advice
ℹ️ Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.

  • The recommended version is 57 versions ahead of your current version.
  • The recommended version was released 24 days ago, on 2021-11-20.

The recommended version fixes:

Severity Issue PriorityScore (*) Exploit Maturity
Regular Expression Denial of Service (ReDoS)
SNYK-JS-CODEMIRROR-1016937		 586/1000
Why? Proof of Concept exploit, Has a fix available, CVSS 5.3		 Proof of Concept
Regular Expression Denial of Service (ReDoS)
SNYK-JS-CODEMIRROR-569611		 586/1000
Why? Proof of Concept exploit, Has a fix available, CVSS 5.3		 No Known Exploit

(*) Note that the real score may have changed since the PR was raised.

Release notes
Package name: codemirror
  • 5.64.0 - 2021-11-20

    Version 5.64.0

    Bug fixes

    Fix a crash that occurred in some situations with replacing marks across line breaks.

    Make sure native scrollbars reset their position when hidden and re-shown.

    New features

    vim bindings: Support C-u to delete back a line.

  • 5.63.3 - 2021-10-12

    Version 5.63.3

    Bug fixes

    Re-publish 5.63.2 because npm somehow swallowed that, but won't let me publish it again.-----BEGIN PGP SIGNATURE-----

    iQEzBAABCgAdFiEErLY20j+/ljvJRHotcD8b7W0zrh4FAmFlhk0ACgkQcD8b7W0z
    rh6lWgf/WRGEk/c0cqPKXuKvFAMK1El2R/IC6lapruHsOYuF4FilKHy0hssu4W+D
    Fm15suBTDmxGhlP06dcjbJfmS28qBPVzA061guHg63dzFgbCS10+6pBbiRTMgzsG
    rDWAlMawlIfFrW4LIzt7HajaenybGiJKgKezvChTmrhLeLDkvmn442u1PGmuRa5C
    ZtAhL0yPYhbpuqK0wQXL3OuGhgQFHwp3xAiuPVLUJZ4VI2T9caNmckic7y5cJ4NT
    8WXyDjwWTjboeEyYNyqm88uFqf0B0VO5B/vJnbcgfJbplCcQyn9kQDj1pb2jmuBp
    haki+zoTerm6nfBjyBpy6mv68Wcqzw==
    =mCdh
    -----END PGP SIGNATURE-----
    Mark version 5.63.3

  • 5.63.2 - 2021-10-11

    Version 5.63.2

    Bug fixes

    Prevent external styles from giving the hidden textarea a min-height.

    Remove a stray autosave file that was part of the previous release.

  • 5.63.1 - 2021-09-29

    Version 5.63.1

    Bug fixes

    Fix an issue with mouse scrolling on Chrome 94 Windows, which made scrolling by wheel move unusably slow.

  • 5.63.0 - 2021-09-20

    Version 5.63.0

    Bug fixes

    Fix scroll position jumping when scrolling a document with very different line heights.

    xml mode: Look up HTML element behavior in a case-insensitive way.

    New features

    vim bindings: Support guu for case-changing.

  • 5.62.3 - 2021-08-20

    Version 5.62.3

    Bug fixes

    Give the editor a translate=no attribute to prevent automatic translation from modifying its content.

    Give vim-style cursors a width that matches the character after them.

    merge addon: Make buttons keyboard-accessible.

    emacs bindings: Fix by-page scrolling keybindings, which were accidentally inverted.

  • 5.62.2 - 2021-07-21

    Version 5.62.2

    Bug fixes

    lint addon: Fix a regression that broke several addon options.

  • 5.62.1 - 2021-07-20

    Version 5.62.1

    Bug fixes

    vim bindings: Make matching of upper-case characters more Unicode-aware.

    lint addon: Prevent options passed to the addon itself from being given to the linter.

    show-hint addon: Improve screen reader support.

    search addon: Avoid using innerHTML.

  • 5.62.0 - 2021-06-21

    Version 5.62.0

    Bug fixes

    Improve support for vim-style cursors in a number of themes.

    New features

    lint addon: Add support for highlighting lines with errors or warnings.

  • 5.61.1 - 2021-05-20

    Version 5.61.1

    Bug fixes

    Fix a bug where changing the editor's document could confuse text-direction management.

    Fix a bug in horizontally scrolling the cursor into view.

    Optimize adding lots of marks in a single transaction.

    simple mode addon: Support regexps with a unicode flag.

    javascript mode: Add support for TypeScript template string types, improve integration with JSX mode.

  • 5.61.0 - 2021-04-20
  • 5.60.0 - 2021-03-20
  • 5.59.4 - 2021-02-24
  • 5.59.3 - 2021-02-20
  • 5.59.2 - 2021-01-20
  • 5.59.1 - 2020-12-31
  • 5.59.0 - 2020-12-20
  • 5.58.3 - 2020-11-19
  • 5.58.2 - 2020-10-23
  • 5.58.1 - 2020-09-23
  • 5.58.0 - 2020-09-21
  • 5.57.0 - 2020-08-20
  • 5.56.0 - 2020-07-20
  • 5.55.0 - 2020-06-21
  • 5.54.0 - 2020-05-20
  • 5.53.2 - 2020-04-21
  • 5.53.0 - 2020-04-21
  • 5.52.2 - 2020-03-20
  • 5.52.0 - 2020-02-20
  • 5.51.0 - 2020-01-20
  • 5.50.2 - 2020-01-01
  • 5.50.0 - 2019-12-20
  • 5.49.2 - 2019-10-21
  • 5.49.0 - 2019-09-20
  • 5.48.4 - 2019-08-19
  • 5.48.2 - 2019-07-19
  • 5.48.0 - 2019-06-20
  • 5.47.0 - 2019-05-21
  • 5.46.0 - 2019-04-22
  • 5.45.0 - 2019-03-20
  • 5.44.0 - 2019-02-21
  • 5.43.0 - 2019-01-21
  • 5.42.2 - 2018-12-21
  • 5.42.0 - 2018-11-20
  • 5.41.0 - 2018-10-25
  • 5.40.2 - 2018-09-20
  • 5.40.0 - 2018-08-25
  • 5.39.2 - 2018-07-20
  • 5.39.0 - 2018-06-20
  • 5.38.0 - 2018-05-22
  • 5.37.0 - 2018-04-20
  • 5.36.0 - 2018-03-20
  • 5.35.0 - 2018-02-20
  • 5.34.0 - 2018-01-29
  • 5.33.0 - 2017-12-21
  • 5.32.0 - 2017-11-22
  • 5.31.0 - 2017-10-20
  • 5.30.0 - 2017-09-20
from codemirror GitHub release notes
Commit messages
Package name: codemirror
  • d237000 Mark release 5.64.0
  • 8780835 [soy mode] Fix bad matches of map, record, from, as, import
  • c194162 Fix duplicated word in manual
  • aabc6dd Reset native scrollbar when hiding it
  • f9826b4 [sql mode] Correct groupby_concat to group_concat in MariaDB dialect
  • 91a1272 [php mode] Add keywords
  • 475069f [vim] workaround for cm6 not moving cursor after insertions
  • eb6784c [vim] clear highlight timeout when exiting vim mode
  • c91fc40 [vim] call refresh in scroll tests for implementations with delayed dom updates
  • 98d2974 [vim] always use 'new Pos' to allow converting it into a class
  • 27be898 [vim] simpler way of drawing cursor
  • e67ca32 [assembly] Added 8-bit registers
  • eec2c6f [sql mode] Add SparkSQL builtins from current spec
  • 367b5e7 Avoid reading lineView.rest when it is null in mapFromLineView
  • 67bb88e [css mode] Add [video-]dynamic-range media-query support
  • 5ac7b8a Add <C-u> to delete back a line
  • 5ab9f71 consistent way to emulate events in vim test
  • 0e49600 Mark version 5.63.3
  • 7ca2502 Mark version 5.63.2
  • 145c3e2 Add "min-height: 1em" to hiddenTextarea
  • 5f8d6c4 [vim] remove hack for handling $ in substitute pattern
  • e22cfa7 [nsis mode] Add NSIS 3.08 commands (Changes don't appear when updating external css adobe/brackets#6791)
  • 47e8505 Fix invalid variable reference
  • ccdcd15 Mark version 5.63.1

Compare

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.

For more information:

🧐 View latest project report

🛠 Adjust upgrade PR settings

🔕 Ignore this dependency or unsubscribe from future upgrade PRs

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
1 participant
@snyk-bot