Browse Source
Update to bluemonday-1.0.6 (#15294) (#15297)
Update to bluemonday-1.0.6 (#15294) (#15297)
Signed-off-by: Andrew Thornton <art27@cantab.net> Co-authored-by: zeripath <art27@cantab.net>mj-v1.14.3
committed by
GitHub
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
14 changed files with 154 additions and 69 deletions
-
6go.mod
-
9go.sum
-
4modules/markup/sanitizer.go
-
12modules/markup/sanitizer_test.go
-
0vendor/github.com/aymerick/douceur/parser/parser.go
-
22vendor/github.com/chris-ramon/douceur/LICENSE
-
15vendor/github.com/microcosm-cc/bluemonday/SECURITY.md
-
7vendor/github.com/microcosm-cc/bluemonday/go.mod
-
11vendor/github.com/microcosm-cc/bluemonday/go.sum
-
1vendor/github.com/microcosm-cc/bluemonday/handlers.go
-
43vendor/github.com/microcosm-cc/bluemonday/policy.go
-
52vendor/github.com/microcosm-cc/bluemonday/sanitize.go
-
33vendor/golang.org/x/net/internal/socket/rawconn.go
-
8vendor/modules.txt
@ -1,22 +0,0 @@ |
|||
The MIT License (MIT) |
|||
|
|||
Copyright (c) 2015 Aymerick JEHANNE |
|||
|
|||
Permission is hereby granted, free of charge, to any person obtaining a copy |
|||
of this software and associated documentation files (the "Software"), to deal |
|||
in the Software without restriction, including without limitation the rights |
|||
to use, copy, modify, merge, publish, distribute, sublicense, and/or sell |
|||
copies of the Software, and to permit persons to whom the Software is |
|||
furnished to do so, subject to the following conditions: |
|||
|
|||
The above copyright notice and this permission notice shall be included in all |
|||
copies or substantial portions of the Software. |
|||
|
|||
THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR |
|||
IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, |
|||
FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE |
|||
AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER |
|||
LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, |
|||
OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE |
|||
SOFTWARE. |
|||
|
@ -0,0 +1,15 @@ |
|||
# Security Policy |
|||
|
|||
## Supported Versions |
|||
|
|||
Latest tag and tip are supported. |
|||
|
|||
Older tags remain present but changes result in new tags and are not back ported... please verify any issue against the latest tag and tip. |
|||
|
|||
## Reporting a Vulnerability |
|||
|
|||
Email: <bluemonday@buro9.com> |
|||
|
|||
Bluemonday is pure OSS and not maintained by a company. As such there is no bug bounty program but security issues will be taken seriously and resolved as soon as possible. |
|||
|
|||
The maintainer lives in the United Kingdom and whilst the email is monitored expect a reply or ACK when the maintainer is awake. |
@ -1,10 +1,9 @@ |
|||
module github.com/microcosm-cc/bluemonday |
|||
|
|||
go 1.9 |
|||
go 1.16 |
|||
|
|||
require ( |
|||
github.com/aymerick/douceur v0.2.0 // indirect |
|||
github.com/chris-ramon/douceur v0.2.0 |
|||
github.com/aymerick/douceur v0.2.0 |
|||
github.com/gorilla/css v1.0.0 // indirect |
|||
golang.org/x/net v0.0.0-20181220203305-927f97764cc3 |
|||
golang.org/x/net v0.0.0-20210331212208-0fccb6fa2b5c |
|||
) |
@ -1,8 +1,11 @@ |
|||
github.com/aymerick/douceur v0.2.0 h1:Mv+mAeH1Q+n9Fr+oyamOlAkUNPWPlA8PPGR0QAaYuPk= |
|||
github.com/aymerick/douceur v0.2.0/go.mod h1:wlT5vV2O3h55X9m7iVYN0TBM0NH/MmbLnd30/FjWUq4= |
|||
github.com/chris-ramon/douceur v0.2.0 h1:IDMEdxlEUUBYBKE4z/mJnFyVXox+MjuEVDJNN27glkU= |
|||
github.com/chris-ramon/douceur v0.2.0/go.mod h1:wDW5xjJdeoMm1mRt4sD4c/LbF/mWdEpRXQKjTR8nIBE= |
|||
github.com/gorilla/css v1.0.0 h1:BQqNyPTi50JCFMTw/b67hByjMVXZRwGha6wxVGkeihY= |
|||
github.com/gorilla/css v1.0.0/go.mod h1:Dn721qIggHpt4+EFCcTLTU/vk5ySda2ReITrtgBl60c= |
|||
golang.org/x/net v0.0.0-20181220203305-927f97764cc3 h1:eH6Eip3UpmR+yM/qI9Ijluzb1bNv/cAU/n+6l8tRSis= |
|||
golang.org/x/net v0.0.0-20181220203305-927f97764cc3/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= |
|||
golang.org/x/net v0.0.0-20210331212208-0fccb6fa2b5c h1:KHUzaHIpjWVlVVNh65G3hhuj3KB1HnjY6Cq5cTvRQT8= |
|||
golang.org/x/net v0.0.0-20210331212208-0fccb6fa2b5c/go.mod h1:p54w0d4576C0XHj96bSt6lcn1PtDYWL6XObtHCRCNQM= |
|||
golang.org/x/sys v0.0.0-20201119102817-f84b799fce68/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= |
|||
golang.org/x/sys v0.0.0-20210330210617-4fbd30eecc44/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= |
|||
golang.org/x/term v0.0.0-20201126162022-7de9c90e9dd1/go.mod h1:bj7SfCRtBDWHUb9snDiAeCFNEtKQo2Wmx5Cou7ajbmo= |
|||
golang.org/x/text v0.3.3/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ= |
|||
golang.org/x/tools v0.0.0-20180917221912-90fa682c2a6e/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ= |
Write
Preview
Loading…
Cancel
Save
Reference in new issue