mod: bump github.com/microcosm-cc/bluemonday from 1.0.17 to 1.0.19

[dependabot]

Bumps github.com/microcosm-cc/bluemonday from 1.0.17 to 1.0.19.

Release notes

Sourced from github.com/microcosm-cc/bluemonday's releases.

Add SVG inline images, improve RGB color and length matching, fix bug

What's Changed

• css: improve RGB hex color and length matching by @​hochhaus in microcosm-cc/bluemonday#142
• css: add support for image/svg+xml for data-uri inline images
• html: fix double-escaping of content within HTML attributes
• tests: added more tests to provide examples of proofs of some open issues

New Contributors

• @​hochhaus made their first contribution in microcosm-cc/bluemonday#142

Full Changelog: microcosm-cc/bluemonday@v1.0.18...v1.0.19

Fix bug in iframe sandboxvalues

What's Changed

• Fix incorrect handling of iframe SandboxValues by @​kiwiz in microcosm-cc/bluemonday#138

Full Changelog: microcosm-cc/bluemonday@v1.0.17...v1.0.18

Commits

• 84409dd Only test n-1 Go versions
• 8fc9802 Merge branch 'main' of github.com:microcosm-cc/bluemonday into main
• c66f9ff Updated Go version, retract old versions of this package which are always con...
• a232bac Removed outdated build badge
• 97a5b1f Test recent Go versions
• 9ec48cf Test recent Go versions
• d4b11cb Added funding file
• 9ef01f7 Closes #134 add tests to show all sanitize methods are roughly equal in time
• ed50dcc Closes #139 by demonstrating in a test that it still works
• cdefdb2 Closes #143 Rely on html and url packages for sanitization, don't roll your o...
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

[dependabot]

Dependabot tried to add @unknwon as a reviewer to this PR, but received the following error from GitHub:

POST https://api.github.com/repos/CodeCmn/gogs/pulls/20/requested_reviewers: 422 - Reviews may only be requested from collaborators. One or more of the users or teams you specified is not a collaborator of the CodeCmn/gogs repository. // See: https://docs.github.com/rest/reference/pulls#request-reviewers-for-a-pull-request

[dependabot]

Superseded by #23.