Skip to content

Bump tinymce from 4.5.7 to 5.10.0 in /web-ui

Created by: dependabot[bot]

Bumps tinymce from 4.5.7 to 5.10.0.

Changelog

Sourced from tinymce's changelog.

5.10.0 - 2021-10-11

Added

  • Added a new URI.isDomSafe(uri) API to check if a URI is considered safe to be inserted into the DOM #TINY-7998
  • Added the ESC key code constant to the VK API #TINY-7917
  • Added a new deprecation_warnings setting for turning off deprecation console warning messages #TINY-8049

Improved

  • The element argument of the editor.selection.scrollIntoView() API is now optional, and if it is not provided the current selection will be scrolled into view #TINY-7291

Changed

  • The deprecated scope attribute is no longer added to td cells when converting a row to a header row #TINY-7731
  • The number of col elements is normalized to match the number of columns in a table after a table action #TINY-8011

Fixed

  • Fixed a regression that caused block wrapper formats to apply and remove incorrectly when using a collapsed selection with multiple words #TINY-8036
  • Resizing table columns in some scenarios would resize the column to an incorrect position #TINY-7731
  • Inserting a table where the parent element had padding would cause the table width to be incorrect #TINY-7991
  • The resize backdrop element did not have the data-mce-bogus="all" attribute set to prevent it being included in output #TINY-7854
  • Resize handles appeared on top of dialogs and menus when using an inline editor #TINY-3263
  • Fixed the autoresize plugin incorrectly scrolling to the top of the editor content in some cases when changing content #TINY-7291
  • Fixed the editor.selection.scrollIntoView() type signature, as it incorrectly required an Element instead of HTMLElement #TINY-7291
  • Table cells that were both row and column headers did not retain the correct state when converting back to a regular row or column #TINY-7709
  • Clicking beside a non-editable element could cause the editor to incorrectly scroll to the top of the content #TINY-7062
  • Clicking in a table cell, with a non-editable element in an adjacent cell, incorrectly caused the non-editable element to be selected #TINY-7736
  • Split toolbar buttons incorrectly had nested tabindex="-1" attributes #TINY-7879
  • Fixed notifications rendering in the wrong place initially and when the page was scrolled #TINY-7894
  • Fixed an exception getting thrown when the number of col elements didn't match the number of columns in a table #TINY-7041 #TINY-8011
  • The table selection state could become incorrect after selecting a noneditable table cell #TINY-8053
  • As of Mozilla Firefox 91, toggling fullscreen mode with toolbar_sticky enabled would cause the toolbar to disappear #TINY-7873
  • Fixed URLs not cleaned correctly in some cases in the link and image plugins #TINY-7998
  • Fixed the image and media toolbar buttons incorrectly appearing to be in an inactive state in some cases #TINY-3463
  • Fixed the editor.selection.selectorChanged API not firing if the selector matched the current selection when registered in some cases #TINY-3463
  • Inserting content into a contenteditable="true" element that was contained within a contenteditable="false" element would move the selection to an incorrect location #TINY-7842
  • Dragging and dropping contenteditable="false" elements could result in the element being placed in an unexpected location #TINY-7917
  • Pressing the Escape key would not cancel a drag action that started on a contenteditable="false" element within the editor #TINY-7917
  • video and audio elements were unable to be played when the media plugin live embeds were enabled in some cases #TINY-7674
  • Pasting images would throw an exception if the clipboard items were not files (for example, screenshots taken from gnome-software). Patch contributed by cedric-anne #TINY-8079

Deprecated

  • Several APIs have been deprecated. See the release notes section for information #TINY-8023 #TINY-8063
  • Several Editor settings have been deprecated. See the release notes section for information #TINY-8086
  • The Table of Contents and Image Tools plugins will be classified as Premium plugins in the next major release #TINY-8087
  • Word support in the paste plugin has been deprecated and will be removed in the next major release #TINY-8087

5.9.2 - 2021-09-08

Fixed

  • Fixed an exception getting thrown when disabling events and setting content #TINY-7956
  • Delete operations could behave incorrectly if the selection crossed a table boundary #TINY-7596

... (truncated)

Commits
  • 1526a9b TINY-7519: Update changelog and security.md for 5.10.0 release
  • 17776d0 TINY-8100: Deprecate Schema.getSpecialElements() (#7288)
  • 8005d93 TINY-8087: Fixed missing comma
  • fcdaf29 TINY-8086: Deprecate media_scripts setting (#7283)
  • 2942f91 TINY-8079: Add a unit test
  • c94449c Prevent error when DataTransferItem.getAsFile() returns null (#7214)
  • 87560be TINY-8087: Mark more things as deprecated (#7280)
  • 631ad1d TINY-8070: Make editor commands class private
  • cf444b2 TINY-8070: More deprecation fixes
  • 4472895 suggested changes to the 5.10 changelog (#7274)
  • Additional commits viewable in compare view

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
  • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
  • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
  • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
  • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

You can disable automated security fix PRs for this repo from the Security Alerts page.

Merge request reports

Loading