Bump the npm_and_yarn group across 4 directories with 26 updates

[dependabot]

Bumps the npm_and_yarn group with 22 updates in the / directory:

Package	From	To
axios	0.27.2	0.28.0
body-parser	1.20.2	1.20.3
express	4.18.2	4.20.0
mongoose	5.13.15	6.13.5
sanitize-html	2.10.0	2.12.1
sharp	0.31.3	0.32.6
postcss	8.4.23	8.4.31
tinymce	5.10.7	6.8.4
webpack	5.80.0	5.94.0
@adobe/css-tools	4.2.0	4.4.1
@babel/traverse	7.21.4	7.26.4
@cypress/request	2.88.11	2.88.12
@grpc/grpc-js	1.8.14	1.12.4
browserify-sign	4.2.1	4.2.3
elliptic	6.5.4	6.6.1
http-proxy-middleware	2.0.6	2.0.7
nanoid	3.3.6	3.3.8
protobufjs	6.11.3	6.11.4
react-devtools-core	4.27.6	4.28.5
tar	6.1.13	6.2.1
word-wrap	1.2.3	1.2.5
ws	7.5.9	7.5.10

Bumps the npm_and_yarn group with 6 updates in the /api directory:

Package	From	To
axios	0.27.2	0.28.0
body-parser	1.20.2	1.20.3
express	4.18.2	4.20.0
mongoose	5.13.15	6.13.5
sanitize-html	2.10.0	2.12.1
sharp	0.31.3	0.32.6

Bumps the npm_and_yarn group with 2 updates in the /e2e directory: axios and tinymce.
Bumps the npm_and_yarn group with 4 updates in the /web directory: axios, postcss, tinymce and webpack.

Updates axios from 0.27.2 to 0.28.0

Release notes

Sourced from axios's releases.

Release v0.28.0

Release notes:

Bug Fixes

• fix(security): fixed CVE-2023-45857 by backporting withXSRFToken option to v0.x (#6091)

Backports from v1.x:

• Allow null indexes on formSerializer and paramsSerializer v0.x (#4961)
• Fixing content-type header repeated #4745
• Fixed timeout error message for HTTP 4738
• Added axios.formToJSON method (#4735)
• URL params serializer (#4734)
• Fixed toFormData Blob issue on node>v17 #4728
• Adding types for progress event callbacks #4675
• Fixed max body length defaults #4731
• Added data URL support for node.js (#4725)
• Added isCancel type assert (#4293)
• Added the ability for the url-encoded-form serializer to respect the formSerializer config (#4721)
• Add string[] to AxiosRequestHeaders type (#4322)
• Allow type definition for axios instance methods (#4224)
• Fixed AxiosError stack capturing; (#4718)
• Fixed AxiosError status code type; (#4717)
• Adding Canceler parameters config and request (#4711)
• fix(types): allow to specify partial default headers for instance creation (#4185)
• Added blob to the list of protocols supported by the browser (#4678)
• Fixing Z_BUF_ERROR when no content (#4701)
• Fixed race condition on immediate requests cancellation (#4261)
• Added a clear() function to the request and response interceptors object so a user can ensure that all interceptors have been removed from an Axios instance axios/axios#4248
• Added generic AxiosAbortSignal TS interface to avoid importing AbortController polyfill (#4229)
• Fix TS definition for AxiosRequestTransformer (#4201)
• Use type alias instead of interface for AxiosPromise (#4505)
• Include request and config when creating a CanceledError instance (#4659)
• Added generic TS types for the exposed toFormData helper (#4668)
• Optimized the code that checks cancellation (#4587)
• Replaced webpack with rollup (#4596)
• Added stack trace to AxiosError (#4624)
• Updated AxiosError.config to be optional in the type definition (#4665)
• Removed incorrect argument for NetworkError constructor (#4656)

Changelog

Sourced from axios's changelog.

0.28.0 (2024-02-12)

Release notes:

Bug Fixes

• fix(security): fixed CVE-2023-45857 by backporting withXSRFToken option to v0.x (#6091)

Backports from v1.x:

• Allow null indexes on formSerializer and paramsSerializer v0.x (#4961)
• Fixing content-type header repeated #4745
• Fixed timeout error message for HTTP 4738
• Added axios.formToJSON method (#4735)
• URL params serializer (#4734)
• Fixed toFormData Blob issue on node>v17 #4728
• Adding types for progress event callbacks #4675
• Fixed max body length defaults #4731
• Added data URL support for node.js (#4725)
• Added isCancel type assert (#4293)
• Added the ability for the url-encoded-form serializer to respect the formSerializer config (#4721)
• Add string[] to AxiosRequestHeaders type (#4322)
• Allow type definition for axios instance methods (#4224)
• Fixed AxiosError stack capturing; (#4718)
• Fixed AxiosError status code type; (#4717)
• Adding Canceler parameters config and request (#4711)
• fix(types): allow to specify partial default headers for instance creation (#4185)
• Added blob to the list of protocols supported by the browser (#4678)
• Fixing Z_BUF_ERROR when no content (#4701)
• Fixed race condition on immediate requests cancellation (#4261)
• Added a clear() function to the request and response interceptors object so a user can ensure that all interceptors have been removed from an Axios instance axios/axios#4248
• Added generic AxiosAbortSignal TS interface to avoid importing AbortController polyfill (#4229)
• Fix TS definition for AxiosRequestTransformer (#4201)
• Use type alias instead of interface for AxiosPromise (#4505)
• Include request and config when creating a CanceledError instance (#4659)
• Added generic TS types for the exposed toFormData helper (#4668)
• Optimized the code that checks cancellation (#4587)
• Replaced webpack with rollup (#4596)
• Added stack trace to AxiosError (#4624)
• Updated AxiosError.config to be optional in the type definition (#4665)
• Removed incorrect argument for NetworkError constructor (#4656)

Commits

• 3b7635a [Release] v0.28.0 (#6211)
• 27c0076 feat(backport): added ability for paramsSerializer to handle function; (#6227)
• 80c3d74 chore(ci): backported publish action; (#6224)
• 2755df5 fix(security): fixed CVE-2023-45857 by backporting withXSRFToken option to ...
• 880b42e docs: Fix a typo in README
• c4bf0a4 Allow null indexes on formSerializer and paramsSerializer v0.x (#4961)
• 1e2679f fix: [Types] Type of header in AxiosRequestConfig / for Axios.create is incor...
• 80b546c fix: loosing request header (#4858) (#4871)
• 6acb5ef feat: brower platform add data protocol. (#4814)
• bbb2264 fix(typing): axios response headers can be undefined (#4813)
• Additional commits viewable in compare view

Updates body-parser from 1.20.2 to 1.20.3

Release notes

Sourced from body-parser's releases.

1.20.3

What's Changed

Important

• deps: qs@6.13.0
• add depth option to customize the depth level in the parser
• IMPORTANT: The default depth level for parsing URL-encoded data is now 32 (previously was Infinity). Documentation

Other changes

• chore: add support for OSSF scorecard reporting by @​inigomarquinez in expressjs/body-parser#522
• ci: fix errors in ci github action for node 8 and 9 by @​inigomarquinez in expressjs/body-parser#523
• fix: pin to node@22.4.1 by @​wesleytodd in expressjs/body-parser#527
• deps: qs@6.12.3 by @​melikhov-dev in expressjs/body-parser#521
• Add OSSF Scorecard badge by @​bjohansebas in expressjs/body-parser#531
• Linter by @​UlisesGascon in expressjs/body-parser#534
• Release: 1.20.3 by @​UlisesGascon in expressjs/body-parser#535

New Contributors

• @​inigomarquinez made their first contribution in expressjs/body-parser#522
• @​melikhov-dev made their first contribution in expressjs/body-parser#521
• @​bjohansebas made their first contribution in expressjs/body-parser#531
• @​UlisesGascon made their first contribution in expressjs/body-parser#534

Full Changelog: expressjs/body-parser@1.20.2...1.20.3

Changelog

Sourced from body-parser's changelog.

1.20.3 / 2024-09-10

• deps: qs@6.13.0
• add depth option to customize the depth level in the parser
• IMPORTANT: The default depth level for parsing URL-encoded data is now 32 (previously was Infinity)

Commits

• 1752951 1.20.3
• 39744cf chore: linter (#534)
• b2695c4 Merge commit from fork
• ade0f3f add scorecard to readme (#531)
• 99a1bd6 deps: qs@6.12.3 (#521)
• 9478591 fix: pin to node@22.4.1
• 83db46a ci: fix errors in ci github action for node 8 and 9 (#523)
• 9d4e212 chore: add support for OSSF scorecard reporting (#522)
• See full diff in compare view

Maintainer changes

This version was pushed to npm by ulisesgascon, a new releaser for body-parser since your current version.

Updates express from 4.18.2 to 4.20.0

Release notes

Sourced from express's releases.

4.20.0

What's Changed

Important

• IMPORTANT: The default depth level for parsing URL-encoded data is now 32 (previously was Infinity)
• Remove link renderization in html while using res.redirect

Other Changes

• 4.19.2 Staging by @​wesleytodd in expressjs/express#5561
• remove duplicate location test for data uri by @​wesleytodd in expressjs/express#5562
• feat: document beta releases expectations by @​marco-ippolito in expressjs/express#5565
• Cut down on duplicated CI runs by @​jonchurch in expressjs/express#5564
• Add a Threat Model by @​UlisesGascon in expressjs/express#5526
• Assign captain of encodeurl by @​blakeembrey in expressjs/express#5579
• Nominate jonchurch as repo captain for http-errors, expressjs.com, morgan, cors, body-parser by @​jonchurch in expressjs/express#5587
• docs: update Security.md by @​inigomarquinez in expressjs/express#5590
• docs: update triage nomination policy by @​UlisesGascon in expressjs/express#5600
• Add CodeQL (SAST) by @​UlisesGascon in expressjs/express#5433
• docs: add UlisesGascon as triage initiative captain by @​UlisesGascon in expressjs/express#5605
• deps: encodeurl@~2.0.0 by @​blakeembrey in expressjs/express#5569
• skip QUERY method test by @​jonchurch in expressjs/express#5628
• ignore ETAG query test on 21 and 22, reuse skip util by @​jonchurch in expressjs/express#5639
• add support Node.js@22 in the CI by @​mertcanaltin in expressjs/express#5627
• doc: add table of contents, tc/triager lists to readme by @​mertcanaltin in expressjs/express#5619
• List and sort all projects, add captains by @​blakeembrey in expressjs/express#5653
• docs: add @​UlisesGascon as captain for cookie-parser by @​UlisesGascon in expressjs/express#5666
• ✨ bring back query tests for node 21 by @​ctcpip in expressjs/express#5690
• [v4] Deprecate res.clearCookie accepting options.maxAge and options.expires by @​jonchurch in expressjs/express#5672
• skip QUERY tests for Node 21 only, still not supported by @​jonchurch in expressjs/express#5695
• 📝 update people, add ctcpip to TC by @​ctcpip in expressjs/express#5683
• remove minor version pinning from ci by @​jonchurch in expressjs/express#5722
• Fix link variable use in attribution section of CODE OF CONDUCT by @​IamLizu in expressjs/express#5762
• Replace Appveyor windows testing with GHA by @​jonchurch in expressjs/express#5599
• Add OSSF Scorecard badge by @​UlisesGascon in expressjs/express#5436
• update scorecard link by @​bjohansebas in expressjs/express#5814
• Nominate @​IamLizu to the triage team by @​UlisesGascon in expressjs/express#5836
• deps: path-to-regexp@0.1.8 by @​blakeembrey in expressjs/express#5603
• docs: specify new instructions for question and discuss by @​IamLizu in expressjs/express#5835
• 4.x: Upgrade merge-descriptors dependency by @​RobinTail in expressjs/express#5781
• path-to-regexp@0.1.10 by @​blakeembrey in expressjs/express#5902

New Contributors

• @​marco-ippolito made their first contribution in expressjs/express#5565
• @​inigomarquinez made their first contribution in expressjs/express#5590
• @​mertcanaltin made their first contribution in expressjs/express#5627
• @​ctcpip made their first contribution in expressjs/express#5690
• @​bjohansebas made their first contribution in expressjs/express#5814

Full Changelog: expressjs/express@4.19.1...4.20.0

... (truncated)

Changelog

Sourced from express's changelog.

4.20.0 / 2024-09-10

• deps: serve-static@0.16.0
  • Remove link renderization in html while redirecting
• deps: send@0.19.0
  • Remove link renderization in html while redirecting
• deps: body-parser@0.6.0
  • add depth option to customize the depth level in the parser
  • IMPORTANT: The default depth level for parsing URL-encoded data is now 32 (previously was Infinity)
• Remove link renderization in html while using res.redirect
• deps: path-to-regexp@0.1.10
  • Adds support for named matching groups in the routes using a regex
  • Adds backtracking protection to parameters without regexes defined
• deps: encodeurl@~2.0.0
  • Removes encoding of \, |, and ^ to align better with URL spec
• Deprecate passing options.maxAge and options.expires to res.clearCookie
  • Will be ignored in v5, clearCookie will set a cookie with an expires in the past to instruct clients to delete the cookie

4.19.2 / 2024-03-25

• Improved fix for open redirect allow list bypass

4.19.1 / 2024-03-20

• Allow passing non-strings to res.location with new encoding handling checks

4.19.0 / 2024-03-20

• Prevent open redirect allow list bypass due to encodeurl
• deps: cookie@0.6.0

4.18.3 / 2024-02-29

• Fix routing requests without method
• deps: body-parser@1.20.2
  • Fix strict json error message on Node.js 19+
  • deps: content-type@~1.0.5
  • deps: raw-body@2.5.2
• deps: cookie@0.6.0
  • Add partitioned option

Commits

• 21df421 4.20.0
• 4c9ddc1 feat: upgrade to serve-static@0.16.0
• 9ebe5d5 feat: upgrade to send@0.19.0 (#5928)
• ec4a01b feat: upgrade to body-parser@1.20.3 (#5926)
• 54271f6 fix: don't render redirect values in anchor href
• 125bb74 path-to-regexp@0.1.10 (#5902)
• 2a980ad merge-descriptors@1.0.3 (#5781)
• a3e7e05 docs: specify new instructions for question and discuss
• c5addb9 deps: path-to-regexp@0.1.8 (#5603)
• e35380a docs: add @​IamLizu to the triage team (#5836)
• Additional commits viewable in compare view

Maintainer changes

This version was pushed to npm by ulisesgascon, a new releaser for express since your current version.

Updates mongoose from 5.13.15 to 6.13.5

Release notes

Sourced from mongoose's releases.

6.10.1 / 2023-03-03

• fix: avoid removing empty query filters in $and and $or #13086 #12898
• fix(schematype): fixed validation for required UUID field #13018 lpizzinidev
• fix(types): add missing Paths generic param to Model.populate() #13070
• docs(migrating_to_6): added info about removal of reconnectTries and reconnectInterval options #13083 lpizzinidev
• docs: fix code in headers for migrating_to_5 #13077 hasezoey
• docs: backport misc documentation changes into 6.x #13091 hasezoey

6.10.0 / 2023-02-22

• feat: upgrade to mongodb driver 4.14.0 #13036
• feat: added Schema.prototype.omit() function #12939 #12931 lpizzinidev
• feat(index): added createInitialConnection option to Mongoose constructor #13021 #12965 lpizzinidev

6.9.3 / 2023-02-22

• fix(connection): delay calculating autoCreate and autoIndex until after initial connection established #13007 #12940 lpizzinidev
• fix(discriminator): allows update doc with discriminatorKey #13056 #13055 abarriel
• fix(query): avoid sending unnecessary empty projection to MongoDB server #13059 #13050
• fix(model): avoid sending null session option with document operations #13053 #13052 lpizzinidev
• fix(types): use MergeTypes for type overrides in HydratedDocument #13066 #13040
• docs(middleware): list validate as a potential query middleware #13057 #12680
• docs(getters-setters): explain that getters do not run by default on toJSON() #13058 #13049
• docs: refactor docs generation scripts #13044 hasezoey

6.9.2 / 2023-02-16

• fix(model): fixed post('save') callback parameter #13030 #13026 lpizzinidev
• fix(UUID): added null check to prevent error on binaryToString conversion #13034 #13032 #13029 lpizzinidev Freezystem
• fix(query): revert breaking changes introduced by #12797 #12999 lpizzinidev
• fix(document): make array $shift() use $pop instead of overwriting array #13004
• docs: update & remove old links #13019 hasezoey
• docs(middleware): describe how to access model from document middleware #13031 AxeOfMen
• docs: update broken & outdated links #13001 hasezoey
• chore: change deno tests to also use MMS #12918 hasezoey

6.9.1 / 2023-02-06

• fix(document): isModified should not be triggered when setting a nested boolean to the same value as previously #12994 lpizzinidev
• fix(document): save newly set defaults underneath single nested subdocuments #13002 #12905
• fix(update): handle custom discriminator model name when casting update #12947 wassil
• fix(connection): handles unique autoincrement ID for connections #12990 lpizzinidev
• fix(types): fix type of options of Model.aggregate #12933 ghost91-
• fix(types): fix "near" aggregation operator input type #12954 Jokero
• fix(types): add missing Top operator to AccumulatorOperator type declaration #12952 lpizzinidev
• docs(transactions): added example for Connection.transaction() method #12943 #12934 lpizzinidev
• docs(populate): fix out of date comment referencing onModel property #13000
• docs(transactions): fix typo in transactions.md #12995 Parth86

... (truncated)

Changelog

Sourced from mongoose's changelog.

6.13.5 / 2024-11-26

• fix: disallow using $where in match

6.13.4 / 2024-11-15

• fix: save execution stack in query as string #15043 #15039
• docs: clarify strictQuery default will flip-flop in "Migrating to 6.x" #14998 markstos

6.13.3 / 2024-09-23

• docs(migrating_to_6): document that Lodash _.isEmpty() with ObjectId() as a parameter returns true in Mongoose 6 #11152

6.13.2 / 2024-09-12

• fix(document): make set() respect merge option on deeply nested objects #14870 #14878

6.13.1 / 2024-09-06

• fix: remove empty $and, $or, $not that were made empty by scrict mode #14749 #13086 0x0a0d

6.13.0 / 2024-06-06

• feat(model): add throwOnValidationError option for opting into getting MongooseBulkWriteError if all valid operations succeed in bulkWrite() and insertMany() #14599 #14587 #14572 #13410

6.12.9 / 2024-05-24

• fix(cast): cast $comment to string in query filters #14590 #14576
• types(model): allow passing strict type checking override to create() #14571 #14548

6.12.8 / 2024-04-10

• fix(document): handle virtuals that are stored as objects but getter returns string with toJSON #14468 #14446
• fix(schematype): consistently set wasPopulated to object with value property rather than boolean #14418
• docs(model): add extra note about lean option for insertMany() skipping casting #14415 #14376

6.12.7 / 2024-03-01

• perf(model): make insertMany() lean option skip hydrating Mongoose docs #14376 #14372
• perf(document+schema): small optimizations to make init() faster #14383 #14113
• fix(connection): don't modify passed options object to openUri() #14370 #13376 #13335
• fix(ChangeStream): bubble up resumeTokenChanged changeStream event #14355 #14349 3150

6.12.6 / 2024-01-22

• fix(collection): correctly handle buffer timeouts with find() #14277
• fix(document): allow calling push() with different $position arguments #14254

6.12.5 / 2024-01-03

... (truncated)

Commits

• 15bdccf chore: release 6.13.5
• 33679bc fix: disallow using $where in match
• 22210b1 chore: release 6.13.4
• d21a239 Merge pull request #15043 from Automattic/vkarpov15/gh-15039
• 68377ff fix: save execution stack in query as string
• 6fbe9f0 Merge pull request #14998 from markstos/UT-8434-doc-strict-query-flipflop
• 3e3dc2e docs: clarify strictQuery default will flip-flop in "Migrating to 6.x"
• d98b2e7 docs: Add missing closing tag for Lodash entry.
• c068e2f Merge pull request #14919 from markstos/task/document-modelSchema-removal
• fd2081c Update migrating_to_6.md about mongoose.modelSchemas
• Additional commits viewable in compare view

Updates sanitize-html from 2.10.0 to 2.12.1

Changelog

Sourced from sanitize-html's changelog.

2.12.1 (2024-02-22)

• Do not parse sourcemaps in post-css. This fixes a vulnerability in which information about the existence or non-existence of files on a server could be disclosed via properly crafted HTML input when the style attribute is allowed by the configuration. Thanks to the Snyk Security team for the disclosure and to Dylan Armstrong for the fix.

2.12.0 (2024-02-21)

• Introduced the allowedEmptyAttributes option, enabling explicit specification of empty string values for select attributes, with the default attribute set to alt. Thanks to Na for the contribution.

• Clarified the use of SVGs with a new test and changes to documentation. Thanks to Gauav Kumar for the contribution.

• Do not process source maps when processing style tags with PostCSS.

2.11.0 (2023-06-21)

• Fix to allow false in allowedClasses attributes. Thanks to Kevin Jiang for this fix!
• Upgrade mocha version
• Apply small linter fixes in tests
• Add .idea temp files to .gitignore
• Thanks to Vitalii Shpital for the updates!
• Show parseStyleAttributes warning in browser only. Thanks to mog422 for this update!
• Remove empty non-boolean attributes via an exhaustive, configurable list of known non-boolean attributes. Thanks to Dylan Armstrong for this update!

Commits

• 4a7d7dd Merge pull request #654 from apostrophecms/release-2.12.1
• f8e02be release 2.12.1
• c5dbdf7 Merge pull request #650 from dylanarmstrong/fix/ignore-source-maps
• 5a5a74e Merge pull request #652 from apostrophecms/add-thanks-to-changelog
• ee71ff0 Add community contribution thanks you
• a226fe7 Merge pull request #651 from apostrophecms/release-2.12.0
• ff18600 release 2.12.0
• 1e2294c test: added test for postcss map
• c376501 doc: update changelog
• 075499d fix: ignore source maps when processing with postcss
• Additional commits viewable in compare view

Updates sharp from 0.31.3 to 0.32.6

Changelog

Sourced from sharp's changelog.

v0.32.6 - 18th September 2023

• Upgrade to libvips v8.14.5 for upstream bug fixes.

• Ensure composite tile images are fully decoded (regression in 0.32.0). #3767

• Ensure withMetadata can add ICC profiles to RGB16 output. #3773

• Ensure withMetadata does not reduce 16-bit images to 8-bit (regression in 0.32.5). #3773

• TypeScript: Add definitions for block and unblock. #3799 @​ldrick

v0.32.5 - 15th August 2023

• Upgrade to libvips v8.14.4 for upstream bug fixes.

• TypeScript: Add missing WebpPresetEnum to definitions. #3748 @​pilotso11

• Ensure compilation using musl v1.2.4. #3755 @​kleisauke

• Ensure resize with a fit of inside respects 90/270 degree rotation. #3756

• TypeScript: Ensure minSize property of WebpOptions is boolean. #3758 @​sho-xizz

• Ensure withMetadata adds default sRGB profile. #3761

v0.32.4 - 21st July 2023

• Upgrade to libvips v8.14.3 for upstream bug fixes.

• Expose ability to (un)block low-level libvips operations by name.

• Prebuilt binaries: restore support for tile-based output. #3581

v0.32.3 - 14th July 2023

... (truncated)

Commits

• eefaa99 Release v0.32.6
• dbce6fa Upgrade to libvips v8.14.5
• af0fcb3 Docs: changelog for #3799
• c6f54e5 Bump devDeps
• 846563e TypeScript: add definitions for block and unblock (#3799)
• 9c217ab Ensure withMetadata can add RGB16 profiles #3773
• e7381e5 Alternative fix for 4340d60, uses existing StaySequential
• 4340d60 Ensure composite tile images fully decoded #3767
• 7f64d46 Docs: add missing returns property to raw
• 67e927b Docs: ensure all functions include method signature #3777
• Additional commits viewable in compare view

Updates postcss from 8.4.23 to 8.4.31

Release notes

Sourced from postcss's releases.

8.4.31

• Fixed \r parsing to fix CVE-2023-44270.

8.4.30

• Improved source map performance (by @​romainmenke).

8.4.29

• Fixed Node#source.offset (by @​idoros).
• Fixed docs (by @​coliff).

8.4.28

• Fixed Root.source.end for better source map (by @​romainmenke).
• Fixed Result.root types when process() has no parser.

8.4.27

• Fixed Container clone methods types.

8.4.26

• Fixed clone methods types.

8.4.25

• Improve stringify performance (by @​romainmenke).
• Fixed docs (by @​vikaskaliramna07).

8.4.24

• Fixed Plugin types.

Changelog

Sourced from postcss's changelog.

8.4.31

• Fixed \r parsing to fix CVE-2023-44270.

8.4.30

• Improved source map performance (by Romain Menke).

8.4.29

• Fixed Node#source.offset (by Ido Rosenthal).
• Fixed docs (by Christian Oliff).

8.4.28

• Fixed Root.source.end for better source map (by Romain Menke).
• Fixed Result.root types when process() has no parser.

8.4.27

• Fixed Container clone methods types.

8.4.26

• Fixed clone methods types.

8.4.25

• Improve stringify performance (by Romain Menke).
• Fixed docs (by @​vikaskaliramna07).

8.4.24

• Fixed Plugin types.

Commits

• 90208de Release 8.4.31 version
• 58cc860 Fix carrier return parsing
• 4fff8e4 Improve pnpm test output
• cd43ed1 Update dependencies
• caa916b Update dependencies
• 8972f76 Typo
• 11a5286 Typo
• 45c5501 Release 8.4.30 version
• bc3c341 Update linter
• b2be58a Merge pull request #1881 from romainmenke/improve-sourcemap-performance--phil...
• Additional commits viewable in compare view

Updates tinymce from 5.10.7 to 6.8.4

Changelog

Sourced from tinymce's changelog.

Changelog

All notable changes to this project will be documented in this file.

The format is based on Keep a Changelog, adheres to Semantic Versioning, and is generated by Changie.

7.6.0 - 2024-12-11

Added

• It is now possible to create labeled groups in context toolbars. #TINY-11095
• New contextsliderform and contextsizeinput context form types. #TINY-11342
• New back function in ContextFormApi to go back to the previous toolbar. #TINY-11344
• New QuickbarInsertImage command that is executed by the quickimage button. #TINY-11399
• New onSetup function to the context form API. #TINY-11494
• New placeholder to the context form input field API. #TINY-11459
• New disabled option to resto...

  Description has been truncated