de.react.dev icon indicating copy to clipboard operation
de.react.dev copied to clipboard
verified publisher icon reactjs

Bump remark-html from 12.0.0 to 13.0.2

Open dependabot[bot] opened this issue 2 years ago • 1 comments

Bumps remark-html from 12.0.0 to 13.0.2.

Release notes

Sourced from remark-html's releases.

13.0.2

  • b0b1ba5 Fix to sanitize by default The docs have always said remark-html is safe by default. It wasn’t and this patches that.

    If you do want to be unsafe, use remark-html with sanitize: false:

    -  .use(remarkHtml)
+  .use(remarkHtml, {sanitize: false})

Full Changelog: https://github.com/remarkjs/remark-html/compare/13.0.1...13.0.2

13.0.1

  • 7a8cb0e Update mdast-util-to-hast

13.0.0

  • 0b1cd0a Change to comply to CommonMark (breaking, potentially, if you have duplicate definitions)
Commits

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) You can disable automated security fix PRs for this repo from the Security Alerts page.

dependabot[bot] avatar Apr 24 '23 08:04 dependabot[bot]

Size changes

📦 Next.js Bundle Analysis for react-dev

This analysis was generated by the Next.js Bundle Analysis action. 🤖

⚠️ Global Bundle Size Increased

Page Size (compressed)
global 93.63 KB (🟡 +4.43 KB)
Details

The global bundle is the javascript bundle that loads alongside every page. It is in its own category because its impact is much higher - an increase to its size means that every page on your website loads slower, and a decrease means every page loads faster.

Any third party scripts you have added directly to your app using the <script> tag are not accounted for in this analysis

If you want further insight into what is behind the changes, give @next/bundle-analyzer a try!

Three Pages Changed Size

The following pages changed size from the code in this PR compared to its base branch:

Page Size (compressed) First Load
/404 76 KB (🔴 +32.38 KB) 169.63 KB
/500 76 KB (🔴 +32.4 KB) 169.62 KB
/[[...markdownPath]] 77.42 KB (🔴 +33.64 KB) 171.05 KB
Details

Only the gzipped size is provided here based on an expert tip.

First Load is the size of the global bundle plus the bundle for the individual page. If a user were to show up to your website and land on a given page, the first load size represents the amount of javascript that user would need to download. If next/link is used, subsequent page loads would only need to download that page's bundle (the number in the "Size" column), since the global bundle has already been downloaded.

Any third party scripts you have added directly to your app using the <script> tag are not accounted for in this analysis

Next to the size is how much the size has increased or decreased compared with the base branch of this PR. If this percentage has increased by 10% or more, there will be a red status indicator applied, indicating that special attention should be given to this.

github-actions[bot] avatar Apr 24 '23 08:04 github-actions[bot]

OK, I won't notify you again about this release, but will get in touch when a new version is available. If you'd rather skip all updates until the next major or minor version, let me know by commenting @dependabot ignore this major version or @dependabot ignore this minor version. You can also ignore all major, minor, or patch releases for a dependency by adding an ignore condition with the desired update_types to your config file.

If you change your mind, just re-open this PR and I'll resolve any conflicts on it.

dependabot[bot] avatar Jul 15 '24 08:07 dependabot[bot]