Skip to content

chore(deps): update module github.com/microcosm-cc/bluemonday to v1.0.27 - autoclosed #919

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Closed
red-hat-konflux wants to merge 1 commit into from
Closed

chore(deps): update module github.com/microcosm-cc/bluemonday to v1.0.27 - autoclosed #919

red-hat-konflux wants to merge 1 commit into from

Conversation

@red-hat-konflux
Copy link
Contributor

@red-hat-konflux red-hat-konflux bot commented Nov 6, 2025
edited
Loading

This PR contains the following updates:

Package Change Age Confidence
github.com/microcosm-cc/bluemonday v1.0.23 -> v1.0.27 age confidence

Warning

Some dependencies could not be looked up. Check the warning logs for more information.

Release Notes

microcosm-cc/bluemonday (github.com/microcosm-cc/bluemonday)

v1.0.27

Compare Source

v1.0.26: Update golang.org/x/net to latest and force latest version

Compare Source

Bumping version and ensuring latest golang.org/x/net as the HTTP rapid reset is triggering primitive vuln scanners, we do not implement a HTTP2 server and are not vulnerable but a minor bump can still help reduce noise for those searching for what they need to upgrade and patch.

Nothing else is in this release aside from the dependency updates and some staticcheck messages being resolved that should not modify behaviour.

v1.0.25: Added src rewriter to allow for proxying inline assets.

Compare Source

What's Changed

New Contributors

Full Changelog: microcosm-cc/bluemonday@v1.0.24...v1.0.25

v1.0.24: Added AllowURLSchemesMatching

Compare Source

This is a feature release, there are no security fixes in this release.

What's Changed

New Contributors

Full Changelog: microcosm-cc/bluemonday@v1.0.23...v1.0.24

Configuration

📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.

  • If you want to rebase/retry this PR, check this box

To execute skipped test pipelines write comment /ok-to-test.

Documentation

Find out how to configure dependency updates in MintMaker documentation or see all available configuration options in Renovate documentation.

@openshift-ci openshift-ci bot added the needs-ok-to-test Indicates a PR that requires an org member to verify it is safe to test. label Nov 6, 2025
@openshift-ci
Copy link

openshift-ci bot commented Nov 6, 2025

Hi @red-hat-konflux[bot]. Thanks for your PR.

I'm waiting for a github.com member to verify that this patch is reasonable to test. If it is, they should reply with /ok-to-test on its own line. Until that is done, I will not automatically test new commits in this PR, but the usual testing commands by org members will still work. Regular contributors should join the org to skip this step.

Once the patch is verified, the new status will be reflected by the ok-to-test label.

I understand the commands that are listed here.

Details

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository.

@coderabbitai
Copy link

coderabbitai bot commented Nov 6, 2025
edited
Loading

Important

Review skipped

Auto reviews are limited based on label configuration.

🚫 Review skipped — only excluded labels are configured. (1)
  • do-not-merge/work-in-progress

Please check the settings in the CodeRabbit UI or the .coderabbit.yaml file in this repository. To trigger a single review, invoke the @coderabbitai review command.

You can disable this status message by setting the reviews.review_status to false in the CodeRabbit configuration file.

Comment @coderabbitai help to get the list of available commands and usage tips.

@red-hat-konflux
Copy link
Contributor Author

red-hat-konflux bot commented Nov 11, 2025

ℹ Artifact update notice

File name: go.mod

In order to perform the update(s) described in the table above, Renovate ran the go get command, which resulted in the following additional change(s):

  • 1 additional dependency was updated

Details:

Package Change
github.com/gorilla/css v1.0.0 -> v1.0.1

@red-hat-konflux red-hat-konflux bot force-pushed the konflux/mintmaker/main/github.com-microcosm-cc-bluemonday-1.x branch from f9bfea4 to 771fccd Compare November 11, 2025 16:42
@red-hat-konflux red-hat-konflux bot force-pushed the konflux/mintmaker/main/github.com-microcosm-cc-bluemonday-1.x branch from 771fccd to 8427f63 Compare November 20, 2025 17:09
@openshift-ci
Copy link

openshift-ci bot commented Nov 20, 2025

[APPROVALNOTIFIER] This PR is NOT APPROVED

This pull-request has been approved by: red-hat-konflux[bot]
Once this PR has been reviewed and has the lgtm label, please assign rcampos2029 for approval. For more information see the Code Review Process.

The full list of commands accepted by this bot can be found here.

Details Needs approval from an approver in each of these files:

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

@red-hat-konflux red-hat-konflux bot force-pushed the konflux/mintmaker/main/github.com-microcosm-cc-bluemonday-1.x branch 2 times, most recently from 45acc77 to 1ed7486 Compare November 27, 2025 04:48
@red-hat-konflux red-hat-konflux bot force-pushed the konflux/mintmaker/main/github.com-microcosm-cc-bluemonday-1.x branch 2 times, most recently from 78ebbb3 to fb1b2f4 Compare December 2, 2025 00:50
@red-hat-konflux red-hat-konflux bot force-pushed the konflux/mintmaker/main/github.com-microcosm-cc-bluemonday-1.x branch from fb1b2f4 to ee852aa Compare December 16, 2025 16:54
@red-hat-konflux red-hat-konflux bot force-pushed the konflux/mintmaker/main/github.com-microcosm-cc-bluemonday-1.x branch 2 times, most recently from 82ac882 to d1293b2 Compare January 7, 2026 16:56
@red-hat-konflux
chore(deps): update module github.com/microcosm-cc/bluemonday to v1.0.27
a9e9ddf 
Signed-off-by: red-hat-konflux <126015336+red-hat-konflux[bot]@users.noreply.github.com>
@red-hat-konflux red-hat-konflux bot force-pushed the konflux/mintmaker/main/github.com-microcosm-cc-bluemonday-1.x branch from d1293b2 to a9e9ddf Compare January 8, 2026 20:53
@rcampos2029 rcampos2029 added the ok-to-test Indicates a non-member PR verified by an org member that is safe to test. label Jan 15, 2026
@red-hat-konflux red-hat-konflux bot changed the title chore(deps): update module github.com/microcosm-cc/bluemonday to v1.0.27 chore(deps): update module github.com/microcosm-cc/bluemonday to v1.0.27 - autoclosed Jan 16, 2026
@red-hat-konflux red-hat-konflux bot closed this Jan 16, 2026
@red-hat-konflux red-hat-konflux bot deleted the konflux/mintmaker/main/github.com-microcosm-cc-bluemonday-1.x branch January 16, 2026 17:26
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

needs-ok-to-test Indicates a PR that requires an org member to verify it is safe to test. ok-to-test Indicates a non-member PR verified by an org member that is safe to test.

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@rcampos2029