[Snyk] Upgrade ckeditor5 from 42.0.0 to 42.0.2 #929
+578
−345
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Snyk has created this PR to upgrade ckeditor5 from 42.0.0 to 42.0.2. See this package in npm: ckeditor5 See this project in Snyk: https://app.snyk.io/org/klantinteractie-servicesysteem/project/5208dc30-2f31-46e9-9126-03cc6e8b7ca8?utm_source=github&utm_medium=referral&page=upgrade-pr
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Snyk has created this PR to upgrade ckeditor5 from 42.0.0 to 42.0.2.
ℹ️ Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.
The recommended version is 9 versions ahead of your current version.
The recommended version was released on 3 months ago.
Release notes
Package name: ckeditor5
We are happy to announce the release of CKEditor 5 v42.0.2.
Release highlights
This is a patch release that includes the following bug fixes for new installation methods introduced in v42.0.0:
ckeditor5-editor.css,ckeditor5-content.css, and other optimized style sheets (see #16703).Additionally, we fixed some performance issues in the track changes plugin. The editing experience was heavily affected if there were many (hundreds or more) suggestions in the document. This was a regression introduced in v41.0.0.
Bug fixes
package.json. See #16684. (commit)exportsfield inpackage.jsonto fix issues with loading CSS and translations in older bundlers. See #16638. (commit)package.json.exportsfield inpackage.jsonto fix issues with loading CSS and translations in older bundlers.distfolder as productiondependenciesinstead ofdevDependencies. Related to #16646. (commit)Other changes
Released packages
Check out the Versioning policy guide for more information.
Released packages (summary)
Other releases:
We are happy to announce the release of CKEditor 5 v42.0.1.
Release highlights
This is a patch release that fixes issues with
ckeditor5-editor.cssand other editor-only stylesheets that contained extra newline characters causing incorrect syntax reported in ckeditor/ckeditor5#16670.Additionally, if you maintain custom CKEditor 5 plugins and migrated them to the new package generator, you should update
@ ckeditor/ckeditor5-dev-build-toolsto the latest version to avoid this problem in your plugin.Released packages
Check out the Versioning policy guide for more information.
Released packages (summary)
Other releases:
We are happy to announce the release of CKEditor 5 v42.0.0.
Release highlights
New installation methods
We are excited to announce the latest release of CKEditor 5, bringing major improvements to simplify the installation and setup process. After extensive research and gathering feedback, we have improved the setup methods to enhance the developer experience and align with modern standards.
The most prominent changes:
ckeditor5andckeditor5-premium-featurespackages, reducing dependency management complexity.The old installation methods are still supported, but we put them on the deprecation path. Read more about this in our migration guides.
New Builder
Along with the new release, we present you the brand new CKEditor 5 Builder.
The new Builder allows you to start with one of the predefined presets, customize it by adding and removing features, and observe the changes live in an editor preview (and play with the editor!). Once you are happy with your custom setup, you get ready-to-use code snippets for React, Angular, Vue, and VanillaJS setups for both npm and CDN distributions.
Updated documentation
We rewrote large parts of the documentation to complete the picture and ensure consistency across the ecosystem. The entire Getting started section was redesigned to focus on the new installation methods and to better guide the integrator through the ecosystem.
If you need clarification or a more in-depth explanation, please let us know.
Migration paths
Finally, detailed migration guides can be found in our documentation. These guides provide step-by-step instructions and examples to help you seamlessly transition to the new installation methods:
We value your input, so please share your experiences, ask questions, and provide feedback to help us refine these changes. Join us in this exciting new chapter for CKEditor 5 and let’s make the developer experience as smooth and enjoyable as possible.
Removal of superbuild and predefined builds from the CDN
We have stopped publishing the superbuild and predefined builds to our CDN. Predefined builds can still be accessed as an npm package. If you want to keep using our CDN with new versions of the editor, we recommend migrating to the new installation methods.
Other updates
We are excited to announce a major update to our premium Export to Word feature, delivering significantly improved quality with multiple enhancements and bug fixes. This release also brings a substantial reduction in the conversion time. Export to Word v2 is an opt-in feature right now, and to use it you need to slightly change the editor’s configuration. Detailed information can be found in the documentation.
MINOR BREAKING CHANGES ℹ️
Insert image via URLUI component form has been moved to a modal dialog instead of being available directly in the insert image dropdown..image-style-block-align-[right/left],.image-style-align-[right/left], and.image-style-sideCSS classes by adding the.imageclass. See #16317.Paginationelements, they might stop working after this change. The reason is that a stricter CSS selector withck-pagination-loadedis now used to hide or show these elements.Features
Schemanow supports disallowing items. Introduced theSchemaItemDefinition#disallowIn,SchemaItemDefinition#disallowChildrenandSchemaItemDefinition#disallowAttributesproperties. Closes #15835. (commit)DiffItemInsert#action,DiffItemInsert#beforeandDiffItemRemove#actionproperties which give more information about the change that happened in the model. Refer to the API documentation to learn more. Closes #15800. (commit)menuBar:insertImagecomponent is by default added to the "Insert" menu and replaces current buttons related to image insertion. Closes #16445. (commit)menuBar:multiLevelListcomponent is by default added in the "Format" menu.EditorCreatorFunctionandWatchdogConfigtypes from the main index file. (commit)Bug fixes
h1tags will no longer be normalized toh2tags in the AI Assistant response if the editor hash1tags enabled in its content.@ ckeditor/ckeditor-cloud-services-collaborationbuild targetinges2022when creating a browser build ofckeditor5-premium-features.EditorAnnotationsplugin is not loaded.insertImagedropdown will no longer have an unnecessary tooltip. (commit).image-style-block-align-[right/left],.image-style-align-[right/left], and.image-style-sideCSS classes by adding the.imageclass. Closes #16317. (commit)inputmode=urlto a link balloon form input. Closes #16389. (commit)onwhen the multi-level list is selected. This refers to the single button, not the split button. See #16345.PageBreakandPaginationplugin styles no longer conflict. Closes #16506.config.presenceList.onClickconfiguration is set.commentsrepository-duplicated-comment-thread-iderror thrown after callingTrackChangesData#getDataWithAcceptedSuggestions()andTrackChangesData#getDataWithDiscardedSuggestions().TooltipManagertooltips should immediately show up when triggered by user focus for better responsiveness and accessibility. (commit)declareto dynamically populated class fields. Closes #16386. (commit)Other changes
@ ckeditor/ckeditor5-build-*packages todevDependenciesto reduce the installation size of theckeditor5package. Related to #16360. (commit)index.jstockeditor5.jsin the new installation method builds. (commit)main,module,typesandexportsfields to thepackage.jsonfile. Closes #16257. (commit)ckeditor5. (commit)index.jsfile tockeditor5-premium-features.jsin new installation method builds.EditorWatchdog,ContextWatchdog, andContextclasses are now exposed as static fields of theEditorclass. Closes #13852. (commit)XmlDataProcessorfrom the main index. (commit)ViewDocumentBlurEventandViewDocumentFocusEventtypes from the main index. (commit)insertImageViaUrltoolbar button and themenuBar:insertImageViaUrlmenu bar button. (commit)Insert image via URLform has been moved to a modal dialog instead of being available directly in the insert image dropdown. (commit)html2markdownandmarkdown2htmlto classes to improve tree-shaking. Related to #16292. (commit)turndownto version7.2.0. Closes #16371. (commit)compiledmessages.jsfile tree-shakeable.TrackChangesEditing#_descriptionFactoryproperty. UsedescriptionFactoryinstead. The old property was deprecated in thev41.4.0release./* #__PURE__ */magic comment. See #16292. (commit)Released packages
Check out the Versioning policy guide for more information.
Released packages (summary)
Minor releases (contain minor breaking changes):
Releases containing new features:
Other releases: