Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Bump tinymce from 6.2.0 to 6.3.1 #4005

Open
wants to merge 1 commit into
base: master
Choose a base branch
from

Conversation

dependabot[bot]
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Dec 8, 2022

Bumps tinymce from 6.2.0 to 6.3.1.

Changelog

Sourced from tinymce's changelog.

6.3.1 - 2022-12-06

Fixed

  • HTML in messages for the WindowManager.alert and WindowManager.confirm APIs were not properly sanitized. #TINY-3548

6.3.0 - 2022-11-23

Added

  • New expand function added to tinymce.selection which expands the selection around the nearest word. #TINY-9001
  • New expand function added to tinymce.dom.RangeUtils to return a new range expanded around the nearest word. #TINY-9001
  • New color_map_background and color_map_foreground options which set the base colors used in the backcolor and forecolor toolbar buttons and menu items. #TINY-9184
  • Added optional storageKey property to colorinput component and colorswatch fancy menu item. #TINY-9184
  • New addView function added to editor.ui.registry which makes it possible to register custom editor views. #TINY-9210
  • New ToggleView command which makes it possible to hide or show registered custom views. #TINY-9210
  • New color_default_foreground and color_default_background options to set the initial default color for the forecolor and backcolor toolbar buttons and menu items. #TINY-9183
  • New getTransparentElements function added to tinymce.html.Schema to return a map object of transparent HTML elements. #TINY-9172
  • Added ToggleToolbarDrawer event to subscribe to toolbar’s opening and closing. #TINY-9271

Changed

  • Transparent elements, like anchors, are now allowed in the root of the editor body if they contain blocks. #TINY-9172
  • Colorswatch keyboard navigation now starts on currently selected color if present in the colorswatch. #TINY-9283
  • setContent is now allowed to accept any custom keys and values as a second options argument. #TINY-9143

Improved

  • Transparent elements, like anchors, can now contain block elements. #TINY-9172
  • Colorswatch now displays a checkmark for selected color. #TINY-9283
  • Color picker dialog now starts on the appropriate color for the cursor position. #TINY-9213

Fixed

  • Parsing media content would cause a memory leak, which for example occurred when using the getContent API. #TINY-9186
  • Dragging a noneditable element toward the bottom edge would cause the page to scroll up. #TINY-9025
  • Range expanding capabilities would behave inconsistently depending on where the cursor was placed. #TINY-9029
  • Compilation errors were thrown when using TypeScript 4.8. #TINY-9161
  • Line separator scrolling in floating toolbars. #TINY-8948
  • A double bottom border appeared on inline mode editor for the tinymce-5 skin. #TINY-9108
  • The editor header showed up even with no menubar and toolbar configured. #TINY-8819
  • Inline text pattern no longer triggers if it matches only the end but not the start. #TINY-8947
  • Matches of inline text patterns that are similar are now managed correctly. #TINY-8949
  • Using editor.selection.getContent({ format: 'text' }) or editor.getContent({ format: 'text' }) would sometimes deselect selected radio buttons. #TINY-9213
  • The context toolbar prevented the user from placing the cursor at the edges of the editor. #TINY-8890
  • The Quick Insert context toolbar provided by the quickbars plugin showed when the cursor was in a fake block caret. #TINY-9190
  • The editor.selection.getRng() API was not returning a proper range on hidden editors in Firefox. #TINY-9259
  • The editor.selection.getBookmark() API was not returning a proper bookmark on hidden editors in Firefox. #TINY-9259
  • Dragging a noneditable element before or after another noneditable element now works correctly. #TINY-9253
  • The restored selection after a redo or undo action was not scrolled into view. #TINY-9222
  • A newline could not be inserted when the selection was restored from a bookmark after an inline element with a contenteditable="false" attribute. #TINY-9194
  • The global tinymce.dom.styleSheetLoader was not affected by the content_css_cors option. #TINY-6037
  • The caret was moved to the previous line when a text pattern executed a mceInsertContent command on Enter key when running on Firefox. #TINY-9193
  • The autoresize plugin used to cause infinite resize when content_css is set to document. #TINY-8872
Commits
  • 624eaa1 TINY-9404: Prepare for TinyMCE 6.3.1 release (#8327)
  • 6923d85 Merge pull request from GHSA-gg8r-xjwq-4w92
  • 157dc88 TINY-8984: Updated tinymce changelog and security md files
  • 3a51fed DOC-1777: Changelog edits for 6.3 (#8291)
  • b4cae9c DOC-1006: Update isEdge docs to note it detects Legacy Edge (#8287)
  • 398a1f2 TINY-9392: Forgot to add icon to custom colors. (#8286)
  • 659adfb TINY-9298: Add typography premium plugin to the premium plugin list (#8278)
  • 415ae82 TINY-9283: Improved colorswatch ui functionality. (#8247)
  • 0cb16ae TINY-9232: Parser needs to handle nested anchor cases better (#8258)
  • 9aca3b7 TINY-9335: fixed expanded selections inside block links should not display th...
  • Additional commits viewable in compare view

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
  • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
  • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
  • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
  • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

You can disable automated security fix PRs for this repo from the Security Alerts page.

Bumps [tinymce](https://github.com/tinymce/tinymce/tree/HEAD/modules/tinymce) from 6.2.0 to 6.3.1.
- [Release notes](https://github.com/tinymce/tinymce/releases)
- [Changelog](https://github.com/tinymce/tinymce/blob/develop/modules/tinymce/CHANGELOG.md)
- [Commits](https://github.com/tinymce/tinymce/commits/6.3.1/modules/tinymce)

---
updated-dependencies:
- dependency-name: tinymce
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot bot added the dependencies Pull requests that update a dependency file label Dec 8, 2022
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
dependencies Pull requests that update a dependency file
Projects
None yet
Development

Successfully merging this pull request may close these issues.

0 participants