96e8f67425
This commit upgrades the OWASP HTML sanitizer used by watcher to the
latest version and also upgrades guava, which it depends on. The guava
upgrade also requires the addition of a new dependency that guava
itself requires as of version 27.0. The sanitizer's behavior has changed to
re-write these templated values with a comment that results in this output
`{<!-- -->{ctx.metadata.name}}`. This would be an issue if we attempted to
sanitize the template, but the code that uses the sanitizer runs the rendered
string through the sanitizer, which means that the templated values have
been replaced already.
Relates #50395
|
||
|---|---|---|
| .. | ||
| failureaccess-1.0.1.jar.sha1 | ||
| failureaccess-LICENSE.txt | ||
| failureaccess-NOTICE.txt | ||
| guava-27.1-jre.jar.sha1 | ||
| guava-LICENSE.txt | ||
| guava-NOTICE.txt | ||
| jakarta.activation-1.2.1.jar.sha1 | ||
| jakarta.activation-LICENSE.txt | ||
| jakarta.activation-NOTICE.txt | ||
| jakarta.mail-1.6.4.jar.sha1 | ||
| jakarta.mail-LICENSE.txt | ||
| jakarta.mail-NOTICE.txt | ||
| owasp-java-html-sanitizer-20191001.1.jar.sha1 | ||
| owasp-java-html-sanitizer-LICENSE.txt | ||
| owasp-java-html-sanitizer-NOTICE.txt | ||