obsidian-auto-class icon indicating copy to clipboard operation
obsidian-auto-class copied to clipboard
verified publisher icon nathonius

[Snyk] Upgrade sortablejs from 1.14.0 to 1.15.6

Open nathonius opened this issue 6 months ago • 3 comments

snyk-top-banner

Snyk has created this PR to upgrade sortablejs from 1.14.0 to 1.15.6.

:information_source: Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.

  • The recommended version is 7 versions ahead of your current version.

  • The recommended version was released 7 months ago.

Issues fixed by the recommended upgrade:

Issue Score Exploit Maturity
medium severity Regular Expression Denial of Service (ReDoS)
SNYK-JS-MINIMATCH-3050818		 479 No Known Exploit
Release notes
Package name: sortablejs
  • 1.15.6 - 2024-11-28
    • Restore pervious text clearing selection behaviour on fallback-enabled sortable lists. Text should be cleared whenever mouse is down on a sortable item, but text inputs within items should still be interactable
    • #2244: Fix issue where multi-drag selection doesn't work on IOS devices
  • 1.15.5 - 2024-11-27
    • #2410: Further improvements to handling of text selection during drag, to allow text inputs to continue to function within sortable items. Removed the previous nextTick solution which caused text inputs to be noninteractive, and instead have moved the text selection clearing to the actual drag start.
  • 1.15.4 - 2024-11-24
    • Fix issue where text selection occurs during dragging when fallback is enabled
    • Improved support for pointer events
    • #1897: [MultiDrag] Prevent multi-select of non-draggable and filtered items
  • 1.15.3 - 2024-09-01
    • Expose expando value in Sortable.utils
    • #2346: Fix inability to drag in fallback when handle has a shadowRoot
    • Include src folder in NPM package
  • 1.15.2 - 2024-01-14
    • #2339: Fixes 1.15.1 regression with not being able to add element into start & end of list.
  • 1.15.1 - 2023-11-30
    • #2203: Fix multi drag sort event not firing
    • #2263: Only call onDrop on destroy if dragged element inside parent element
    • #1686: Prevent drag item from jumping to end of list if last element has smaller width/height
  • 1.15.0 - 2022-03-20
    • #2072: Make sure dragged element is inserted after last dragged element
    • #2084: Added avoidImplicitDeselect option to MultiDrag
    • #2093: Remove ID from cloned element
    • #2095: Remove ignoring click on Chrome for Android when dragging (wasn't necessary)
  • 1.14.0 - 2021-07-04
    • Clarify dataIdAttr option docs
    • #1942: Check if ghost is first
    • #2021: Fix multidrag indicies
    • #2025: Fix reverting with nested sortables
    • Added forceAutoScrollFallback option
    • Add trick for empty sortables to README
    • Use minified version main field of package.json
from sortablejs GitHub release notes

[!IMPORTANT]

  • Check the changes in this PR to ensure they won't cause issues with your project.
  • This PR was automatically created by Snyk using the credentials of a real user.
  • Max score is 1000. Note that the real score may have changed since the PR was raised.

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.

For more information:

nathonius avatar Jun 13 '25 09:06 nathonius

Quality Gate Passed Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarQube Cloud

sonarqubecloud[bot] avatar Jun 13 '25 09:06 sonarqubecloud[bot]

This pull request sets up GitHub code scanning for this repository. Once the scans have completed and the checks have passed, the analysis results for this pull request branch will appear on this overview. Once you merge this pull request, the 'Security' tab will show more code scanning analysis results (for example, for the default branch). Depending on your configuration and choice of analysis tool, future pull requests will be annotated with code scanning analysis results. For more information about GitHub code scanning, check out the documentation.

github-advanced-security[bot] avatar Jun 13 '25 09:06 github-advanced-security[bot]

Had been running this plugin successfully and recently stopped working! .. is this pull request from two weeks ago a fix? ... Had issues trying to install it via Brat Plugin so was hoping could be committed to main, if it's a fix! ... Thanks so much for your efforts with this little plugin @nathonius !

ReessKennedy avatar Jun 25 '25 20:06 ReessKennedy