Mirrors/servo
1
0
Fork 0
mirror of https://github.com/servo/servo.git synced 2025-09-29 16:19:14 +01:00
Code Issues Projects Releases Packages Wiki Activity

build(deps): bump data-url from 0.3.1 to 0.3.2 (#38862)

Browse source 
Bumps [data-url](https://github.com/servo/rust-url) from 0.3.1 to 0.3.2.
<details>
<summary>Commits</summary>
<ul>
<li>See full diff in <a
href="https://github.com/servo/rust-url/commits">compare view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=data-url&package-manager=cargo&previous-version=0.3.1&new-version=0.3.2)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

---------

Signed-off-by: dependabot[bot] <support@github.com>
Signed-off-by: Martin Robinson <mrobinson@igalia.com>
Signed-off-by: Euclid Ye <euclid.ye@huawei.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Martin Robinson <mrobinson@igalia.com>
Co-authored-by: Euclid Ye <euclid.ye@huawei.com>
This commit is contained in:
dependabot[bot] 2025-08-27 03:22:13 +00:00 committed by GitHub
parent 10ca3b6fde
commit c2f664d16e
No known key found for this signature in database
GPG key ID: B5690EEEBB952194
16 changed files with 17 additions and 42 deletions
Download patch file Download diff file Expand all files Collapse all files

3
tests/wpt/meta/fetch/security/dangling-markup/dangling-markup-mitigation-data-url.tentative.sub.html.ini vendored
View file

@ -1,7 +1,4 @@
[dangling-markup-mitigation-data-url.tentative.sub.html]
[<img id="dangling" src="data:image/svg+xml;utf8,\\n <svg width='1' height='1' xmlns='http://www.w3.org/2000/svg'>\\n <rect width='100%' height='100%' fill='rebeccapurple'/>\\n <rect x='10%' y='10%' width='80%' height='80%' fill='lightgreen'/>\\n </svg>">]
expected: FAIL
[<iframe id="dangling"\\n src="data:text/html,\\n <img\\n onload='window.parent.postMessage(&quot;loaded&quot;, &quot;*&quot;);'\\n onerror='window.parent.postMessage(&quot;error&quot;, &quot;*&quot;);'\\n src='http://web-platform.test:8000/images/gr&#10;een-256x256.png?&lt;'>\\n ">\\n </iframe>]
expected: FAIL