Qcodes icon indicating copy to clipboard operation
Qcodes copied to clipboard
verified publisher icon microsoft

Bump mistune from 0.8.4 to 2.0.4

Open dependabot[bot] opened this issue 3 years ago • 2 comments

Bumps mistune from 0.8.4 to 2.0.4.

Release notes

Sourced from mistune's releases.

Version 2.0.2

Fix escape_url via lepture/mistune#295

Version 2.0.1

Fix XSS for image link syntax.

Version 2.0.0

First release of Mistune v2.

Version 2.0.0 RC1

In this release, we have a Security Fix for harmful links.

Version 2.0.0 Alpha 1

This is the first release of v2. An alpha version for users to have a preview of the new mistune.

Changelog

Sourced from mistune's changelog.

Changelog

Here is the full history of mistune v2.

Version 2.0.4


Released on Jul 15, 2022

    

  • Fix url plugin in <a> tag
    • 

  • Fix * formatting
    • 



Version 2.0.3

Released on Jun 27, 2022

  • Fix table plugin
  • Security fix for CVE-2022-34749

Version 2.0.2


Released on Jan 14, 2022

Fix escape_url


Version 2.0.1

Released on Dec 30, 2021

XSS fix for image link syntax.

Version 2.0.0


Released on Dec 5, 2021

This is the first non-alpha release of mistune v2.


Version 2.0.0rc1

Released on Feb 16, 2021

Version 2.0.0a6


</tr></table>

... (truncated)

Commits

Dependabot compatibility score

You can trigger a rebase of this PR by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

dependabot[bot] avatar Jul 15 '22 04:07 dependabot[bot]

@dependabot recreate

jenshnielsen avatar Jul 29 '22 08:07 jenshnielsen

nbconvert 7 will add support for mistune 2

jenshnielsen avatar Jul 31 '22 07:07 jenshnielsen

Looks like mistune is up-to-date now, so this is no longer needed.

dependabot[bot] avatar Aug 23 '22 04:08 dependabot[bot]