[Snyk] Upgrade codemirror from 5.45.0 to 5.61.1
Created by: snyk-bot
Snyk has created this PR to upgrade codemirror from 5.45.0 to 5.61.1.
- The recommended version is 30 versions ahead of your current version.
- The recommended version was released 2 months ago, on 2021-05-20.
The recommended version fixes:
| Severity | Issue | PriorityScore (*) | Exploit Maturity |
|---|---|---|---|
 |
Regular Expression Denial of Service (ReDoS) SNYK-JS-CODEMIRROR-1016937 |
586/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 5.3 |
Proof of Concept |
 |
Regular Expression Denial of Service (ReDoS) SNYK-JS-CODEMIRROR-569611 |
586/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 5.3 |
No Known Exploit |
(*) Note that the real score may have changed since the PR was raised.
Release notes
Package name: codemirror
-
5.61.1 - 2021-05-20
Version 5.61.1
Bug fixes
Fix a bug where changing the editor's document could confuse text-direction management.
Fix a bug in horizontally scrolling the cursor into view.
Optimize adding lots of marks in a single transaction.
simple mode addon: Support regexps with a unicode flag.
javascript mode: Add support for TypeScript template string types, improve integration with JSX mode.
-
5.61.0 - 2021-04-20
Version 5.61.0
Bug fixes
Improve support for being in a shadow DOM in contenteditable mode.
Prevent line number from being read by screen readers.
show-hint addon: Fix a crash caused by a race condition.
javascript mode: Improve scope tracking.
New features
The library now emits an
"updateGutter"event when the gutter width changes.emacs bindings: Provide named commands for all bindings.
-
5.60.0 - 2021-03-20
Version 5.60.0
Bug fixes
Fix autofocus feature in contenteditable mode.
simple mode addon: Fix a null-dereference crash.
multiplex addon: Make it possible to use
parseDelimiterswhen both delimiters are the same.julia mode: Fix a lockup bug.
New features
setSelectionsnow allows ranges to omit theheadproperty when it is equal toanchor.sublime bindings: Add support for reverse line sorting.
-
5.59.4 - 2021-02-24
Version 5.59.4
Bug fixes
Give the scrollbar corner filler a background again, to prevent content from peeping through between the scrollbars.
-
5.59.3 - 2021-02-20
Version 5.59.3
Bug fixes
Don't override the way zero-with non-joiners are rendered.
Fix an issue where resetting the history cleared the
undoDepthoption's value.vim bindings: Fix substitute command when joining and splitting lines, fix global command when line number change, add support for
:vglobal, properly treat caps lock as a modifier key. -
5.59.2 - 2021-01-20
Version 5.59.2
Bug fixes
Don't try to scroll the selection into view in
readonly: "nocursor"mode.closebrackets addon: Fix a regression in the behavior of pressing enter between brackets.
javascript mode: Fix an infinite loop on specific syntax errors in object types.
various modes: Fix inefficient RegExp matching.
-
5.59.1 - 2020-12-31
Version 5.59.1
Bug fixes
Fix an issue where some Chrome browsers were detected as iOS.
-
5.59.0 - 2020-12-20
Version 5.59.0
Bug fixes
Fix platform detection on recent iPadOS.
lint addon: Don't show duplicate messages for a given line.
clojure mode: Fix regexp that matched in exponential time for some inputs.
hardwrap addon: Improve handling of words that are longer than the line length.
matchbrackets addon: Fix leaked event handler on disabling the addon.
New features
search addon: Make it possible to configure the search addon to show the dialog at the bottom of the editor.
-
5.58.3 - 2020-11-19
Version 5.58.3
Bug fixes
Suppress quick-firing of blur-focus events when dragging and clicking on Internet Explorer.
Fix the
insertAtoption toaddLineWidgetto actually allow the widget to be placed after all widgets for the line.soy mode: Support
@ Attributeand element composition.shell mode: Support heredoc quoting.
- 5.58.2 - 2020-10-23
- 5.58.1 - 2020-09-23
- 5.58.0 - 2020-09-21
- 5.57.0 - 2020-08-20
- 5.56.0 - 2020-07-20
- 5.55.0 - 2020-06-21
- 5.54.0 - 2020-05-20
- 5.53.2 - 2020-04-21
- 5.53.0 - 2020-04-21
- 5.52.2 - 2020-03-20
- 5.52.0 - 2020-02-20
- 5.51.0 - 2020-01-20
- 5.50.2 - 2020-01-01
- 5.50.0 - 2019-12-20
- 5.49.2 - 2019-10-21
- 5.49.0 - 2019-09-20
- 5.48.4 - 2019-08-19
- 5.48.2 - 2019-07-19
- 5.48.0 - 2019-06-20
- 5.47.0 - 2019-05-21
- 5.46.0 - 2019-04-22
- 5.45.0 - 2019-03-20
Commit messages
Package name: codemirror
- 9b57f4b Mark version 5.61.1
- 4cc111c [mustache demo] Fix link to mustache documentation url
- 72579dd Remove quadratic complexity of adding lots of marks to a single line
- 687b6dd Fix bug in scrolling the cursor into view
- c7aeed9 [javascript mode] Properly handle exclamation marks in class fields
- 472b458 [javascript mode] Add support for template string types
- e2d0b28 [crystal mode] Fix `%` highlight
- 3207e3c [abbott.vim theme] Fix -moz-selection syntax error
- 90ee74f Add primo sponsor link
- 3694fe2 [abbott.vim theme] Add
- 484dde3 Add 4me sponsor logo
- ca15ef7 [yaml-frontmatter mode] Pass through indentation queries to inner modes
- dc2070a Make sure options.direction and doc.direction stay in sync
- 555ed62 [velocity mode] Allow an exclamation point at start of variable
- 804968b [jsx mode] Improve the way expressions are skipped in the outer JS mode
- 88f32d5 [wast mode] Add support for Wasm EH control instructions.
- dc3952a [simple-mode addon] Don't drop regexp unicode flags
- eac70bb Mark version 5.61.0
- 97ee575 [emacs bindings] Define named commands for the key bindings
- 86af2dc [show-hint addon] Fix race condition in scroll measurement
- f3033a2 Send new "updateGutter" signal on gutter resize
- a8f5286 [runmode] Export countColumn on the minimal CodeMirror
- 123c670 [anywordhint demo] Update to show current code
- 2997167 Prevent line numbers from being voiced by screen readers
Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.
For more information: