Skip to content

build(deps): bump linkify-it from 5.0.0 to 5.0.2 in /client/web#73

Open
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/npm_and_yarn/client/web/linkify-it-5.0.1
Open

build(deps): bump linkify-it from 5.0.0 to 5.0.2 in /client/web#73
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/npm_and_yarn/client/web/linkify-it-5.0.1

Conversation

@dependabot

@dependabot dependabot Bot commented on behalf of github Jun 30, 2026

Copy link
Copy Markdown

Bumps linkify-it from 5.0.0 to 5.0.2.

Changelog

Sourced from linkify-it's changelog.

5.0.2 / 2026-07-02

  • Fixed DoS in mailto: links (restrict user name to 64 chars).
  • Restricted user/pass part length in links.

5.0.1 / 2026-05-23

  • Fixed DoS in fuzzy links/emails search.
  • Reworked search logic - check each pattern separate, use g regexes instead of slice.
  • Removed internal cache - useless overcomplication.
Commits

@dependabot dependabot Bot added dependencies Pull requests that update a dependency file javascript Pull requests that update javascript code labels Jun 30, 2026
@dependabot dependabot Bot changed the title Bump linkify-it from 5.0.0 to 5.0.1 in /client/web build(deps): bump linkify-it from 5.0.0 to 5.0.2 in /client/web Jul 7, 2026
@dependabot dependabot Bot force-pushed the dependabot/npm_and_yarn/client/web/linkify-it-5.0.1 branch from 849aa63 to 2234163 Compare July 7, 2026 18:26
Bumps [linkify-it](https://github.com/markdown-it/linkify-it) from 5.0.0 to 5.0.2.
- [Changelog](https://github.com/markdown-it/linkify-it/blob/master/CHANGELOG.md)
- [Commits](markdown-it/linkify-it@5.0.0...5.0.2)

---
updated-dependencies:
- dependency-name: linkify-it
  dependency-version: 5.0.1
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot force-pushed the dependabot/npm_and_yarn/client/web/linkify-it-5.0.1 branch from 2234163 to b0876a9 Compare July 7, 2026 23:29
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

dependencies Pull requests that update a dependency file javascript Pull requests that update javascript code

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant