Skip to content

[Snyk] Security upgrade sanitize-html from 2.17.2 to 2.17.3#1244

Open
rhamzeh wants to merge 1 commit intomainfrom
snyk-fix-dabcfa138244312f782c9bcac74c08a4
Open

[Snyk] Security upgrade sanitize-html from 2.17.2 to 2.17.3#1244
rhamzeh wants to merge 1 commit intomainfrom
snyk-fix-dabcfa138244312f782c9bcac74c08a4

Conversation

@rhamzeh
Copy link
Copy Markdown
Member

@rhamzeh rhamzeh commented Apr 16, 2026

snyk-top-banner

Snyk has created this PR to fix 1 vulnerabilities in the npm dependencies of this project.

Snyk changed the following file(s):

  • package.json
  • package-lock.json

Vulnerabilities that will be fixed with an upgrade:

Issue
low severity Cross-site Scripting (XSS)
SNYK-JS-SANITIZEHTML-16086080

Important

  • Check the changes in this PR to ensure they won't cause issues with your project.
  • Max score is 1000. Note that the real score may have changed since the PR was raised.
  • This PR was automatically created by Snyk using the credentials of a real user.

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information:
🧐 View latest project report
📜 Customise PR templates
🛠 Adjust project settings
📚 Read about Snyk's upgrade logic

Learn how to fix vulnerabilities with free interactive lessons:

🦉 Cross-site Scripting (XSS)

@rhamzeh rhamzeh requested a review from a team as a code owner April 16, 2026 21:51
Copilot AI review requested due to automatic review settings April 16, 2026 21:51
@rhamzeh rhamzeh requested a review from a team as a code owner April 16, 2026 21:51
@coderabbitai
Copy link
Copy Markdown
Contributor

coderabbitai bot commented Apr 16, 2026

Important

Review skipped

Ignore keyword(s) in the title.

Please check the settings in the CodeRabbit UI or the .coderabbit.yaml file in this repository. To trigger a single review, invoke the @coderabbitai review command.

⚙️ Run configuration

Configuration used: Organization UI

Review profile: CHILL

Plan: Pro

Run ID: be920a8e-5b8e-4b2f-bb42-596090599c8e

You can disable this status message by setting the reviews.review_status to false in the CodeRabbit configuration file.

Use the checkbox below for a quick retry:

  • 🔍 Trigger review
✨ Finishing Touches
🧪 Generate unit tests (beta)
  • Create PR with unit tests
  • Commit unit tests in branch snyk-fix-dabcfa138244312f782c9bcac74c08a4

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

Comment @coderabbitai help to get the list of available commands and usage tips.

Copilot AI reviewed Apr 16, 2026
View reviewed changes
Copy link
Copy Markdown
Contributor

Copilot AI left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull request overview

This PR upgrades the sanitize-html npm dependency to address a reported low-severity XSS vulnerability (SNYK-JS-SANITIZEHTML-16086080) in the docs UI project.

Changes:

  • Bumps sanitize-html from 2.17.2 to 2.17.3 in package.json.
  • Updates sanitize-html resolution metadata in package-lock.json.

Reviewed changes

Copilot reviewed 1 out of 2 changed files in this pull request and generated no comments.

File Description
package.json Pins sanitize-html to 2.17.3 to remediate the Snyk-reported vulnerability.
package-lock.json Updates the lockfile’s installed sanitize-html version to 2.17.3 (but currently introduces a spec mismatch vs package.json).

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

@github-actions
Copy link
Copy Markdown
Contributor

github-actions bot commented Apr 16, 2026

PR Preview Action v1.8.1

QR code for preview link

🚀 View preview at
https://openfga.github.io/openfga.dev/pr-preview/pr-1244/

Built to branch gh-pages at 2026-04-16 21:53 UTC.
Preview will be ready when the GitHub Pages deployment is complete.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

Copilot code review Copilot Copilot left review comments

At least 1 approving review is required to merge this pull request.

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@rhamzeh @snyk-bot