Commit Graph

2 Commits

Author SHA1 Message Date
LIghtJUNction
2126002b7a fix: 修复 Vue 样式穿透警告并更新 tsconfig 解析模式 2026-04-02 23:16:09 +08:00
LIghtJUNction
bae7ec410c fix(dashboard): patch bundled DOMPurify to fix XSS vulnerability
monaco-editor@0.55.1 hardcodes dompurify@3.2.7 (vulnerable to SAFE_FOR_XML
bypass via rawtext elements). Added postinstall script that downloads the
patched 3.3.3 source and replaces the bundled file in node_modules.

Also keeps dompurify override at 3.3.2 for the npm package.
2026-03-28 12:40:02 +08:00