Bump HtmlSanitizer from 5.0.372 to 9.0.892

[dependabot]

Updated HtmlSanitizer from 5.0.372 to 9.0.892.

Release notes

Sourced from HtmlSanitizer's releases.

9.0.892

Sanitize contents of template tag

9.0.889

Update NuGet packages

9.0.886

Target net47 (fixes #​580)

9.0.884

#​574

9.0.881

#​572
#​573

9.0.876

#​565

9.0.873

Add FilterUrl to IHtmlSanitizer (fixes #​565)

8.1.870

#​556

8.0.865

#​542

8.0.843

Add package README file

8.0.838

Create customizable comment encoding method (fixes #​525)

8.0.811

Merge pull request #​516 from jerriep/allow-overriding-literal-text-element-encoding

8.0.795

See #​494

8.0.746

Fix #​483

8.0.744

Fix #​483

8.0.723

Fix for GHSA-43cp-6p3q-2pc4

8.0.718

Fix #​469

8.0.692

Fixes a bug in CSS url() sanitizing (see #​411)

8.0.645

#​420
#​423

8.0.601

#​361
#​364
#​365
#​366
#​367
#​368
#​369
#​370
#​371
#​372
#​373
#​374
#​375
#​396

7.1.542

Merge pull request #​359 from vanillajonathan/patch-2

7.1.512

Update to AngleSharp 0.17.1

7.1.509

• Update to AngleSharp 0.17.0
• Target net461

7.1.488

Update to AngleSharp.Css 0.16.4

7.1.475

Add custom CSS formatting (see #​112)

7.0.473

Update to AngleSharp.Css 0.16.3

7.0.470

Prerelease version

6.0.453

Merge pull request #​305 from mganss/dependabot/nuget/Microsoft.NET.Test.Sdk-17.0.0

6.0.441

Update to AngleSharp.Css 0.16.1
#​298
#​66

6.0.437

NRT

6.0.430

Update to AngleSharp 0.16

6.0.423

Merge pull request #​286 from The-Nutty/master

6.0.409

Use static HtmlParser instance
Enable nullable reference types

5.0.404

Update AngleSharp to 0.15.0

5.0.376

#​256

Commits viewable in compare view.

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
  You can disable automated security fix PRs for this repo from the Security Alerts page.

[Copilot]

Pull request overview

Updates the Md2Html command-line tool’s HTML sanitization dependency to a newer major version, aligning the tool with upstream HtmlSanitizer fixes (including security and sanitization behavior changes).

Changes:

• Bump HtmlSanitizer NuGet package from 5.0.372 to 9.0.892 in the Md2Html tool project.

[QilongTang]

@copilot Notice the PR checks are failing, fix those. FYI: @jasonstratton

[Copilot]

@copilot Notice the PR checks are failing, fix those. FYI: @jasonstratton

Fixed the failing build checks in commit 6cc5f48c by updating Md2Html to use the HtmlSanitizer 9.x namespace (Ganss.Xss), which resolves the CS0234/CS0246 errors in CI. The remaining Jira ticket check is branch/PR-metadata based and requires a valid DYN-#### reference in PR title/body/branch.

[sonarqubecloud]

Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarQube Cloud