-
-
Notifications
You must be signed in to change notification settings - Fork 856
Permalink
Choose a base ref
{{ refName }}
default
Choose a head ref
{{ refName }}
default
Comparing changes
Choose two branches to see what’s changed or to start a new pull request.
If you need to, you can also or
learn more about diff comparisons.
Open a pull request
Create a new pull request by comparing changes across two branches. If you need to, you can also .
Learn more about diff comparisons here.
base repository: cure53/DOMPurify
Failed to load repositories. Confirm that selected base ref is valid, then try again.
Loading
base: 3.3.1
Could not load branches
Nothing to show
Loading
Could not load tags
Nothing to show
{{ refName }}
default
Loading
...
head repository: cure53/DOMPurify
Failed to load repositories. Confirm that selected head ref is valid, then try again.
Loading
compare: 3.3.2
Could not load branches
Nothing to show
Loading
Could not load tags
Nothing to show
{{ refName }}
default
Loading
- 4 commits
- 21 files changed
- 3 contributors
Commits on Mar 5, 2026
-
Getting 3.x branch ready for 3.3.2 releas (#1205)
* Update README.md * build(deps): bump qs and body-parser (#1178) Bumps [qs](https://github.com/ljharb/qs) and [body-parser](https://github.com/expressjs/body-parser). These dependencies needed to be updated together. Updates `qs` from 6.13.0 to 6.14.1 - [Changelog](https://github.com/ljharb/qs/blob/main/CHANGELOG.md) - [Commits](ljharb/qs@v6.13.0...v6.14.1) Updates `body-parser` from 1.20.3 to 1.20.4 - [Release notes](https://github.com/expressjs/body-parser/releases) - [Changelog](https://github.com/expressjs/body-parser/blob/master/HISTORY.md) - [Commits](expressjs/body-parser@1.20.3...1.20.4) --- updated-dependencies: - dependency-name: qs dependency-version: 6.14.1 dependency-type: indirect - dependency-name: body-parser dependency-version: 1.20.4 dependency-type: indirect ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * chore: update tested nodejs version (#1181) Test currently supported nodejs versions. Drop: 18, 19, 21, 23 Add: 24, 25 * chore: update dependencies (#1183) - migrate to official rollup plugin `@rollup/plugin-typescript` from `rollup-plugin-typescript2` - migrate to `rimraf` v6 * Revert "chore: update dependencies (#1183)" (#1184) This reverts commit 50f6dfe. * fix: remove deprecated call `QUnit.load()` (#1188) This is no longer needed since QUnit 2.1.1, and the call to QUnit.load() is safe to remove. https://qunitjs.com/api/QUnit/load/ * fix: prettier windows end of line not lf (#1186) * remove abandoned dependency `npm-run-all` (#1190) * remove dependency `lodash.sample` (#1191) use native code * build(deps-dev): bump lodash-es from 4.17.21 to 4.17.23 (#1192) Bumps [lodash-es](https://github.com/lodash/lodash) from 4.17.21 to 4.17.23. - [Release notes](https://github.com/lodash/lodash/releases) - [Commits](lodash/lodash@4.17.21...4.17.23) --- updated-dependencies: - dependency-name: lodash-es dependency-version: 4.17.23 dependency-type: indirect ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * build(deps): bump lodash from 4.17.21 to 4.17.23 (#1193) Bumps [lodash](https://github.com/lodash/lodash) from 4.17.21 to 4.17.23. - [Release notes](https://github.com/lodash/lodash/releases) - [Commits](lodash/lodash@4.17.21...4.17.23) --- updated-dependencies: - dependency-name: lodash dependency-version: 4.17.23 dependency-type: indirect ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Update README.md (#1195) * build(deps-dev): bump webpack from 5.94.0 to 5.105.0 (#1194) Bumps [webpack](https://github.com/webpack/webpack) from 5.94.0 to 5.105.0. - [Release notes](https://github.com/webpack/webpack/releases) - [Changelog](https://github.com/webpack/webpack/blob/main/CHANGELOG.md) - [Commits](webpack/webpack@v5.94.0...v5.105.0) --- updated-dependencies: - dependency-name: webpack dependency-version: 5.105.0 dependency-type: indirect ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Update README.md * Update README.md * build(deps): bump qs from 6.14.1 to 6.14.2 (#1196) Bumps [qs](https://github.com/ljharb/qs) from 6.14.1 to 6.14.2. - [Changelog](https://github.com/ljharb/qs/blob/main/CHANGELOG.md) - [Commits](ljharb/qs@v6.14.1...v6.14.2) --- updated-dependencies: - dependency-name: qs dependency-version: 6.14.2 dependency-type: indirect ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * fix: Added smaller fixes addressing several LLM bug reports * fix: Adding a slighjtly tighter regex because of possible jsdom woes * build(deps-dev): bump minimatch from 3.1.2 to 3.1.5 (#1200) Bumps [minimatch](https://github.com/isaacs/minimatch) from 3.1.2 to 3.1.5. - [Changelog](https://github.com/isaacs/minimatch/blob/main/changelog.md) - [Commits](isaacs/minimatch@v3.1.2...v3.1.5) --- updated-dependencies: - dependency-name: minimatch dependency-version: 3.1.5 dependency-type: indirect ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * build(deps-dev): bump rollup from 3.29.5 to 3.30.0 (#1199) Bumps [rollup](https://github.com/rollup/rollup) from 3.29.5 to 3.30.0. - [Release notes](https://github.com/rollup/rollup/releases) - [Changelog](https://github.com/rollup/rollup/blob/v3.30.0/CHANGELOG.md) - [Commits](rollup/rollup@v3.29.5...v3.30.0) --- updated-dependencies: - dependency-name: rollup dependency-version: 3.30.0 dependency-type: direct:development ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * fix: Adding a slightly tighter regex because of possible jsdom woes * fix: Expanded the regex ever so slightly to also cover script * build(deps): bump @tootallnate/once and jsdom (#1204) Removes [@tootallnate/once](https://github.com/TooTallNate/once). It's no longer used after updating ancestor dependency [jsdom](https://github.com/jsdom/jsdom). These dependencies need to be updated together. Removes `@tootallnate/once` Updates `jsdom` from 20.0.0 to 28.1.0 - [Release notes](https://github.com/jsdom/jsdom/releases) - [Changelog](https://github.com/jsdom/jsdom/blob/main/Changelog.md) - [Commits](jsdom/jsdom@20.0.0...28.1.0) --- updated-dependencies: - dependency-name: "@tootallnate/once" dependency-version: dependency-type: indirect - dependency-name: jsdom dependency-version: 28.1.0 dependency-type: direct:development ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * chore: Preparing 3.3.2 release * fix: moved back from jsdom 28 to jsdom 20 --------- Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Rotzbua <Rotzbua@users.noreply.github.com>
Configuration menu - View commit details
-
Copy full SHA for 5cad4ce - Browse repository at this point
Copy the full SHA 5cad4ceView commit details -
Configuration menu - View commit details
-
Copy full SHA for 9636037 - Browse repository at this point
Copy the full SHA 9636037View commit details -
Configuration menu - View commit details
-
Copy full SHA for e8c95f4 - Browse repository at this point
Copy the full SHA e8c95f4View commit details -
Getting 3.x branch ready for 3.3.2 release (#1208)
* Update README.md * build(deps): bump qs and body-parser (#1178) Bumps [qs](https://github.com/ljharb/qs) and [body-parser](https://github.com/expressjs/body-parser). These dependencies needed to be updated together. Updates `qs` from 6.13.0 to 6.14.1 - [Changelog](https://github.com/ljharb/qs/blob/main/CHANGELOG.md) - [Commits](ljharb/qs@v6.13.0...v6.14.1) Updates `body-parser` from 1.20.3 to 1.20.4 - [Release notes](https://github.com/expressjs/body-parser/releases) - [Changelog](https://github.com/expressjs/body-parser/blob/master/HISTORY.md) - [Commits](expressjs/body-parser@1.20.3...1.20.4) --- updated-dependencies: - dependency-name: qs dependency-version: 6.14.1 dependency-type: indirect - dependency-name: body-parser dependency-version: 1.20.4 dependency-type: indirect ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * chore: update tested nodejs version (#1181) Test currently supported nodejs versions. Drop: 18, 19, 21, 23 Add: 24, 25 * chore: update dependencies (#1183) - migrate to official rollup plugin `@rollup/plugin-typescript` from `rollup-plugin-typescript2` - migrate to `rimraf` v6 * Revert "chore: update dependencies (#1183)" (#1184) This reverts commit 50f6dfe. * fix: remove deprecated call `QUnit.load()` (#1188) This is no longer needed since QUnit 2.1.1, and the call to QUnit.load() is safe to remove. https://qunitjs.com/api/QUnit/load/ * fix: prettier windows end of line not lf (#1186) * remove abandoned dependency `npm-run-all` (#1190) * remove dependency `lodash.sample` (#1191) use native code * build(deps-dev): bump lodash-es from 4.17.21 to 4.17.23 (#1192) Bumps [lodash-es](https://github.com/lodash/lodash) from 4.17.21 to 4.17.23. - [Release notes](https://github.com/lodash/lodash/releases) - [Commits](lodash/lodash@4.17.21...4.17.23) --- updated-dependencies: - dependency-name: lodash-es dependency-version: 4.17.23 dependency-type: indirect ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * build(deps): bump lodash from 4.17.21 to 4.17.23 (#1193) Bumps [lodash](https://github.com/lodash/lodash) from 4.17.21 to 4.17.23. - [Release notes](https://github.com/lodash/lodash/releases) - [Commits](lodash/lodash@4.17.21...4.17.23) --- updated-dependencies: - dependency-name: lodash dependency-version: 4.17.23 dependency-type: indirect ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Update README.md (#1195) * build(deps-dev): bump webpack from 5.94.0 to 5.105.0 (#1194) Bumps [webpack](https://github.com/webpack/webpack) from 5.94.0 to 5.105.0. - [Release notes](https://github.com/webpack/webpack/releases) - [Changelog](https://github.com/webpack/webpack/blob/main/CHANGELOG.md) - [Commits](webpack/webpack@v5.94.0...v5.105.0) --- updated-dependencies: - dependency-name: webpack dependency-version: 5.105.0 dependency-type: indirect ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Update README.md * Update README.md * build(deps): bump qs from 6.14.1 to 6.14.2 (#1196) Bumps [qs](https://github.com/ljharb/qs) from 6.14.1 to 6.14.2. - [Changelog](https://github.com/ljharb/qs/blob/main/CHANGELOG.md) - [Commits](ljharb/qs@v6.14.1...v6.14.2) --- updated-dependencies: - dependency-name: qs dependency-version: 6.14.2 dependency-type: indirect ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * fix: Added smaller fixes addressing several LLM bug reports * fix: Adding a slighjtly tighter regex because of possible jsdom woes * build(deps-dev): bump minimatch from 3.1.2 to 3.1.5 (#1200) Bumps [minimatch](https://github.com/isaacs/minimatch) from 3.1.2 to 3.1.5. - [Changelog](https://github.com/isaacs/minimatch/blob/main/changelog.md) - [Commits](isaacs/minimatch@v3.1.2...v3.1.5) --- updated-dependencies: - dependency-name: minimatch dependency-version: 3.1.5 dependency-type: indirect ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * build(deps-dev): bump rollup from 3.29.5 to 3.30.0 (#1199) Bumps [rollup](https://github.com/rollup/rollup) from 3.29.5 to 3.30.0. - [Release notes](https://github.com/rollup/rollup/releases) - [Changelog](https://github.com/rollup/rollup/blob/v3.30.0/CHANGELOG.md) - [Commits](rollup/rollup@v3.29.5...v3.30.0) --- updated-dependencies: - dependency-name: rollup dependency-version: 3.30.0 dependency-type: direct:development ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * fix: Adding a slightly tighter regex because of possible jsdom woes * fix: Expanded the regex ever so slightly to also cover script * build(deps): bump @tootallnate/once and jsdom (#1204) Removes [@tootallnate/once](https://github.com/TooTallNate/once). It's no longer used after updating ancestor dependency [jsdom](https://github.com/jsdom/jsdom). These dependencies need to be updated together. Removes `@tootallnate/once` Updates `jsdom` from 20.0.0 to 28.1.0 - [Release notes](https://github.com/jsdom/jsdom/releases) - [Changelog](https://github.com/jsdom/jsdom/blob/main/Changelog.md) - [Commits](jsdom/jsdom@20.0.0...28.1.0) --- updated-dependencies: - dependency-name: "@tootallnate/once" dependency-version: dependency-type: indirect - dependency-name: jsdom dependency-version: 28.1.0 dependency-type: direct:development ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * chore: Preparing 3.3.2 release * fix: moved back from jsdom 28 to jsdom 20 * fix: moved back from jsdom 28 to jsdom 20 --------- Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Rotzbua <Rotzbua@users.noreply.github.com>
Configuration menu - View commit details
-
Copy full SHA for 5e56114 - Browse repository at this point
Copy the full SHA 5e56114View commit details
Loading
This comparison is taking too long to generate.
Unfortunately it looks like we can’t render this comparison for you right now. It might be too big, or there might be something weird with your repository.
You can try running this command locally to see the comparison on your machine:
git diff 3.3.1...3.3.2