Update dependency @ionic/core to v4.0.3 [SECURITY] - abandoned

[renovate]

This PR contains the following updates:

Package	Change	Age	Adoption	Passing	Confidence
@ionic/core (source)	4.0.0-rc.2 -> 4.0.3

GitHub Vulnerability Alerts

GHSA-r3xc-47qg-h929

Versions of @ionic/core prior to 4.0.3, 4.1.3, 4.2.1 or 4.3.1 are vulnerable to Cross-Site Scripting (XSS). The package uses the unsafe innerHTML function without sanitizing input, which may allow attackers to execute arbitrary JavaScript on the victim's browser. This issue affects the components:

• <ion-alert>.message
• <ion-searchbar>.placeholder
• <ion-infinite-scroll-content>.loadingText
• <ion-refresher-content>.pullingText
• <ion-refresher-content>.refershingText

Recommendation

• If you are using @​ionic/core 4.0.x, upgrade to 4.0.3 or later.
• If you are using @​ionic/core 4.1.x, upgrade to 4.1.3 or later.
• If you are using @​ionic/core 4.2.x, upgrade to 4.2.1 or later.
• If you are using @​ionic/core 4.3.x, upgrade to 4.3.1 or later.

---

Release Notes

ionic-team/ionic

v4.0.3: 4.0.3

Compare Source

Bug Fixes

• security: sanitize components using innerHTML (#​18143) (b33d940)

v4.0.2: 4.0.2

Compare Source

Bug Fixes

• button: show proper shade for activated button on ios (#​17508) (3a9b679), closes #​17436
• config: update types for scrollPadding, inputBlurring and hideCaretOnScroll to boolean (#​17302) (39fbc32)
• datetime: default to current date when no value given (#​17443) (644f9f4)
• item-sliding: sliding no longer breaks after removing an item (#​17492) (e27bb2e)
• range: implement RTL (from PR 17157) (#​17384) (4f203bc), closes #​17012
• searchbar: allow setting of toolbar color and searchbar color (#​17474) (ba4e117)
• select: account for when options are not loaded immediately (#​17405) (f9f1775)
• tab-bar: add translucent tab-bar styles back (#​17376) (374bd77)

v4.0.1: 4.0.1

Compare Source

Bug Fixes

• build: modify rollup.config.js to work with Windows (#​17231) (d26d43d)
• grid: add flex to ion-grid to allow it to properly render in an ion-item (#​17258) (40c6955), closes #​17075
• menu: fix content shadow when revealed in iOS (#​17383) (fc43faa)
• platform: add additional check for safari PWA (a584f6e)
• platform: add mobileweb platform back (cf2b2b3)
• popover: apply fixed position to keep backdrop in viewport (#​17352) (ee3b04a), closes #​17337
• popover: originate animation from right in RTL/MD (#​17381) (bc3aa21)
• range: chrome bug with will-change (74ce34f)
• react: duplicate events being fired in ionic/react (#​17321) (a415001)
• reorder: capture click event (#​17244) (986e67b), closes #​17241
• searchbar: hide search icon when focused with cancel button (#​17260) (c87867c), closes #​17252

v4.0.0: 4.0.0 Neutronium

Compare Source

Enjoy! 🎈

v4.0.0-rc.3: 4.0.0-rc.3

Compare Source

Bug Fixes

• alert: update styles for rtl (#​17129) (ceae5d2), closes #​16295 #​17012
• angular: apply validation classes properly (2b4d7b7), closes #​17171 #​16052 #​15572 #​16452 #​17063
• angular: navigateRoot + animated (#​17164) (a6559a4), closes #​17144
• angular: race condition when fast navigation (#​17197) (a945b03), closes #​17194 #​16449 #​15413
• button: avoid using attribute selectors for disabled (#​17198) (3defbf3)
• content: tap-click deadlock (#​17170) (5cb7f68), closes #​17138 #​16863 #​16191 #​16911
• fab: remove layout contain from content (#​17048) (0cf1894), closes #​16780
• gesture: destroy gesture handler when it's done (#​17184) (59bd823), closes #​16433 #​16974
• icon: update ionicons to flip for rtl (#​17196) (d3b6e60), closes #​17012
• item: fix margins on slotted content (avatar, thumbnail) (#​17065) (3612651), closes #​16997
• searchbar: keep search icon shown when searchbar has focus (#​17154) (c917bb4)
• select: pass click event to popover interface (#​17146) (3ff9faf), closes #​17142
• textarea: new-line in firefox (#​17176) (e7538f3), closes #​17155

Features

• angular: add global pop() (#​17182) (766c79d), closes #​16340
• datetime: add readonly prop (#​17139) (d513e8a)
• input: add getInputElement() (#​17183) (a90084c), closes #​17174
• react: complete controller integrations and navigation (#​16849) (f46cd50)
• slides: expose updateAutoHeight (#​17208) (835aea9), closes #​15079

BREAKING CHANGES

• NavController.goBack() renamed to NavController.back()

---

Configuration

📅 Schedule: Branch creation - "" (UTC), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.

---

• If you want to rebase/retry this PR, check this box

---

This PR has been generated by Mend Renovate. View repository job log here.

[renovate]

Edited/Blocked Notification

Renovate will not automatically rebase this PR, because it does not recognize the last commit author and assumes somebody else may have edited the PR.

You can manually request rebase by checking the rebase/retry box above.

⚠ Warning: custom changes will be lost.

[renovate]

Autoclosing Skipped

This PR has been flagged for autoclosing. However, it is being skipped due to the branch being already modified. Please close/delete it manually or report a bug if you think this is in error.