Update enshrined/svg-sanitize dependency

Created on 8 October 2025, 6 days ago

Problem/Motivation

There is a security issue in enshrined/svg-sanitize version 0.15

SVG Image Field composer.json requires ~0.15, which is flexible enough to allow individual site owners to update their own dependencies. However, as a best practice we should draw a new line in the sand so that existing installs can simply update the module and get a new version.

Steps to reproduce

Proposed resolution

Bump the enshrined/svg-sanitize dependency in composer.json to ~0.22.

Remaining tasks

User interface changes

API changes

Data model changes

📌 Task

Status

Active

Version

2.3

Component

Code

Created by

🇪🇨Ecuador jwilson3

Live updates comments and jobs are added and updated live.

Incomplete comments

Merge Requests

!44Update enshrined/svg-sanitize dependency
Merged
🇪🇨Ecuador jwilson3
updated 1 day ago

Comments & Activities

Not all content is available!

It's likely this issue predates Contrib.social: some issue and comment data are missing.

Merge request !44Issue #3551011 by jwilson3: Update enshrined/svg-sanitize dependency to 0.22 → (Merged) created by jwilson3

contrib.social Blog FAQ Discussions

Production build 0.71.5 2024