Bump bootstrap from 3.3.7 to 3.4.1 in /build
Created by: dependabot[bot]
Bumps bootstrap from 3.3.7 to 3.4.1.
Release notes
Sourced from bootstrap's releases.
v3.4.1
- Security: Fixed an XSS vulnerability (CVE-2019-8331) in our tooltip and popover plugins by implementing a new HTML sanitizer
- Handle bad selectors (
#
) indata-target
for Dropdowns- Clarified tooltip selector documentation
- Added support for NuGet contentFiles
v3.4.0
- New: Added a
.row-no-gutters
class.- New: Added docs searching via Algolia.
- Fixed: Resolved an XSS issue in Alert, Carousel, Collapse, Dropdown, Modal, and Tab components. See https://snyk.io/vuln/npm:bootstrap:20160627 for details.
- Fixed: Added padding to
.navbar-fixed-*
on modal open- Fixed: Removed the double border on
<abbr>
elements.- Removed Gist creation in web-based Customizer since anonymous gists were disabled long ago by GitHub.
- Removed drag and drop support from Customizer since it didn't work anymore.
- Added a dropdown to the docs nav for newer and previous versions.
- Update the docs to use a new
baseurl
,/docs/3.4/
, to version the v3.x documentation like we do with v4.- Reorganized the v3 docs CSS to use Less.
- Switched to BrowserStack for tests.
- Updated links to always use https and fix broken URLs.
- Replaced ZeroClipboard with clipboard.js
Commits
-
68b0d23
Dist -
2ccfa57
handle # selector for dropdown -
a43077d
Bump version to 3.4.1. -
d821de2
Backport sanitize docs from v4. -
5cd9ef4
Add wdm gem for Windows. -
d6b8501
ES5 fixes. -
2c8abb9
Add sanitize for tooltips and popovers html content. -
d4129df
Bump year. -
0d64d6a
less/modals.less: Add missing semicolon. -
48c5d7b
Use https. - Additional commits viewable in compare view
Maintainer changes
This version was pushed to npm by xhmikosr, a new releaser for bootstrap since your current version.
Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase
.
Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR:
-
@dependabot rebase
will rebase this PR -
@dependabot recreate
will recreate this PR, overwriting any edits that have been made to it -
@dependabot merge
will merge this PR after your CI passes on it -
@dependabot squash and merge
will squash and merge this PR after your CI passes on it -
@dependabot cancel merge
will cancel a previously requested merge and block automerging -
@dependabot reopen
will reopen this PR if it is closed -
@dependabot ignore this [patch|minor|major] version
will close this PR and stop Dependabot creating any more for this minor/major version (unless you reopen the PR or upgrade to it yourself) -
@dependabot ignore this dependency
will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) -
@dependabot use these labels
will set the current labels as the default for future PRs for this repo and language -
@dependabot use these reviewers
will set the current reviewers as the default for future PRs for this repo and language -
@dependabot use these assignees
will set the current assignees as the default for future PRs for this repo and language -
@dependabot use this milestone
will set the current milestone as the default for future PRs for this repo and language