Bump tinymce and @league-of-foundry-developers/foundry-vtt-types

[dependabot]

Bumps tinymce to 6.8.5 and updates ancestor dependency @league-of-foundry-developers/foundry-vtt-types. These dependencies need to be updated together.

Updates tinymce from 5.6.2 to 6.8.5

Changelog

Sourced from tinymce's changelog.

6.8.5 - 2024-10-10

Fixed

• Upgraded dependencies. #TINY-11331
• Invalid HTML elements within an svg element are removed. #TINY-11331

6.8.4 - 2024-06-19

Fixed

• HTML entities that were double decoded in noscript elements caused an XSS vulnerability. #TINY-11019
• It was possible to inject XSS HTML that was not matching the regexp when using the noneditable_regexp option. #TINY-11022

6.8.3 - 2024-02-08

Changed

• Update outbound TinyMCE website links. #TINY-10491

Fixed

• The floating toolbar would not be fully visible when the editor was placed inside a scrollable container. #TINY-10335
• ShadowDOM skin was not loaded properly when used with js bundling feature. #TINY-10451

6.8.2 - 2023-12-11

Fixed

• Bespoke select toolbar buttons including fontfamily, fontsize, blocks, and styles incorrectly used plural words in their accessible names. #TINY-10426
• The align bespoke select toolbar button had an accessible name that was misleading and grammatically incorrect in certain cases. #TINY-10435
• Accessible names of bespoke select toolbar buttons including align, fontfamily, fontsize, blocks, and styles were incorrectly translated. #TINY-10426 #TINY-10435
• Clicking inside table cells with heavily nested content could cause the browser to hang. #TINY-10380
• Toggling a list that contains an LI element having another list as its first child would remove the remaining content within that LI element. #TINY-10414

6.8.1 - 2023-11-29

Improved

• Colorpicker now includes the Brightness/Saturation selector and hue slider in the keyboard navigable items. #TINY-9287

Fixed

• Translation syntax for announcement text in the table grid was incorrectly formatted. #TINY-10141
• The functions schema.isWrapper and schema.isInline did not exclude node names that started with # which should not be considered as elements. #TINY-10385

6.8.0 - 2023-11-22

Added

• CSS files are now also generated as separate JS files to improve bundling of all resources. #TINY-10352
• Added new StylesheetLoader.loadRawCss API that can be used to load CSS into a style element. #TINY-10352
• Added new StylesheetLoader.unloadRawCss API that can be used to unload CSS that was loaded into a style element. #TINY-10352
• Added force_hex_color editor option. Option 'always' converts all RGB & RGBA colours to hex, 'rgb_only' will only convert RGB and not RGBA colours to hex, 'off' won't convert any colours to hex. #TINY-9819
• Added default_font_stack editor option that makes it possible to define what is considered a system font stack. #TINY-10290
• New sandbox_iframes option that controls whether iframe elements will be added a sandbox="" attribute to mitigate malicious intent. #TINY-10348
• New convert_unsafe_embeds option that controls whether <object> and <embed> elements will be converted to more restrictive alternatives, namely <img> for image MIME types, <video> for video MIME types, <audio> audio MIME types, or <iframe> for other or unspecified MIME types. #TINY-10349

... (truncated)

Commits

• a3d8e2e TINY-11334: Changelog
• 6fb4248 TINY-11331: Update dependencies (#9907)
• 8c9f1c1 TINY-11375: Remote testing capabilities for tinymce/6 (#9904)
• 5acb741 TINY-11019 & TINY-11022: Fixed issues with noscript encoding and noneditable_...
• e7d6eaf TINY-10457: Update changelog for 6.8.3 release
• 3d61118 TINY-10451: ShadowDOM skin was not imported correctly when using js bundling ...
• 91867cd TINY-10457: Fix accidental bump of TinyMCE version
• 8a7b799 Publish
• 36e1029 TINY-10491: Update outbound website links (#9361)
• 5e788d1 TINY-10457: Prepare for 6.8.3 (#9355)
• Additional commits viewable in compare view

Maintainer changes

This version was pushed to npm by tinymce, a new releaser for tinymce since your current version.

Updates @league-of-foundry-developers/foundry-vtt-types from 0.7.9-6 to 12.331.3-beta

Release notes

Sourced from @​league-of-foundry-developers/foundry-vtt-types's releases.

v12.331.3-beta

No release notes provided.

v12.331.2-beta

No release notes provided.

12.331.1-beta

No release notes provided.

12.331.0-beta

Beta release for Foundry version 12.331.

This is in beta because the branch is incomplete, contains known bugs, and has stability issues in DataModel due to bugs in tsc. See microsoft/TypeScript#59667.

11.315.0-beta

Beta release for Foundry version 11.315.

This is in beta because the branch is incomplete, contains known bugs, and has stability issues in DataModel due to bugs in tsc. See microsoft/TypeScript#59667.

9.280.1

• Fix pan type inconsistencies.
• Add canavs.mousePosition.

9.280.0

• Integrated all changes made in Foundry VTT V9.280

9.269.1

• Fixed an issue with FrameViewer (#2197)

9.269.0

• Improved they types for CONFIG.statusEffects (#1806)
• Fixed a small mistake in AVSettings (#1813)
• Made it possible to not specify a default button for Dialogs (#1803)

9.268.2

• Readded the types property to package.json for backwards compatibility

9.268.1

• Reorganized files to match foundry's directory structure
• Use override consistently
• Removed some noise in documentation comments
• Fixed a small error in the round data of combat (thanks @​KristjanLaane)
• Relaxed the type of the mode property of EffectChangeData to number (thanks @​moo-man)

9.268.0

• Incorporated changes made in v9.268
• Improved the typing of layer class configuration
• Include @pixi/graphics-smooth
• Added type definitions for the card related Applications
• Updated LightingLayer

... (truncated)

Commits

• 459b7cb 12.331.3-beta
• a869098 Change report upload plus refactor
• 8856b0a Display deleted and new tests
• 089a278 Run workflows using pull_request_target
• 4086f5c Add permissions.pull-requests: write to workflow
• 70009ef Fix typo of Prettier
• 03067cd Always cache node_modules
• 6bafb1f Merge pull request #2981 from dovrosenberg/documentation-cleanup
• 68b8b6f fixed typos in config documentation
• 0680b87 Post a Test Report in PRs
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
  You can disable automated security fix PRs for this repo from the Security Alerts page.