Merge branch 'develop' into trunk

10up · Jun 27, 2022 · 63a5665 · 63a5665
2 parents 9335e26 + ab9e00a
commit 63a5665
Show file tree

Hide file tree

Showing 6 changed files with 61 additions and 27 deletions.
diff --git a/.github/workflows/dependency-review.yml b/.github/workflows/dependency-review.yml
@@ -0,0 +1,20 @@
+# Dependency Review Action
+#
+# This Action will scan dependency manifest files that change as part of a Pull Reqest, surfacing known-vulnerable versions of the packages declared or updated in the PR. Once installed, if the workflow run is marked as required, PRs introducing known-vulnerable packages will be blocked from merging.
+#
+# Source repository: https://github.com/actions/dependency-review-action
+# Public documentation: https://docs.github.com/en/code-security/supply-chain-security/understanding-your-software-supply-chain/about-dependency-review#dependency-review-enforcement
+name: 'Dependency Review'
+on: [pull_request]
+
+permissions:
+  contents: read
+
+jobs:
+  dependency-review:
+    runs-on: ubuntu-latest
+    steps:
+      - name: 'Checkout Repository'
+        uses: actions/checkout@v3
+      - name: 'Dependency Review'
+        uses: actions/dependency-review-action@v1
diff --git a/CHANGELOG.md b/CHANGELOG.md
@@ -4,6 +4,17 @@ All notable changes to this project will be documented in this file, per [the Ke
 
 ## [Unreleased] - TBD
 
+## [1.0.2] - 2022-06-27
+### Added
+- Dependency security scanning (props [@jeffpaul](https://github.com/jeffpaul) via [#70](https://github.com/10up/insecure-content-warning/pull/70)).
+
+### Changed
+- Bump WordPress version "tested up to" 6.0 (props [@cadic](https://github.com/cadic) via [#74](hthttps://github.com/10up/insecure-content-warning/pull/74)).
+
+### Security
+- Bump `minimist` from 1.2.5 to 1.2.6 (props [@dependabot](https://github.com/apps/dependabot) via [#67](https://github.com/10up/insecure-content-warning/pull/67)).
+- Bump `postcss` from 7.0.32 to 7.0.39 (props [@dependabot](https://github.com/apps/dependabot) via [#68](https://github.com/10up/insecure-content-warning/pull/68)).
+
 ## [1.0.1] - 2022-02-17
 ### Fixed
 - Ensure we support WordPress 5.9 (props [@dkotter](https://github.com/dkotter), [@mohitwp](https://github.com/mohitwp), [@peterwilsoncc](https://github.com/peterwilsoncc) via [#64](https://github.com/10up/insecure-content-warning/pull/64)).
@@ -13,5 +24,6 @@ All notable changes to this project will be documented in this file, per [the Ke
 - Initial public release! 🎉
 
 [Unreleased]: https://github.com/10up/insecure-content-warning/compare/trunk...develop
+[1.0.2]: https://github.com/10up/insecure-content-warning/compare/1.0.1...1.0.2
 [1.0.1]: https://github.com/10up/insecure-content-warning/compare/1.0.0...1.0.1
 [1.0.0]: https://github.com/10up/insecure-content-warning/tree/2b267880164895f9df356c9573c3546ac5673882
diff --git a/insecure-content-warning.php b/insecure-content-warning.php
@@ -3,7 +3,7 @@
  * Plugin Name:       Insecure Content Warning
  * Plugin URI:        https://wordpress.org/plugins/insecure-content-warning/
  * Description:       Prevent editors from adding insecure content in the editor.
- * Version:           1.0.1
+ * Version:           1.0.2
  * Requires at least: 5.3
  * Requires PHP:      7.0
  * Author:            10up
@@ -22,7 +22,7 @@
 define( 'INSECURE_CONTENT_TEMPLATE_URL', get_template_directory_uri() );
 define( 'INSECURE_CONTENT_PATH', __DIR__ . DIRECTORY_SEPARATOR );
 define( 'INSECURE_CONTENT_INC', INSECURE_CONTENT_PATH . 'includes' . DIRECTORY_SEPARATOR );
-define( 'INSECURE_CONTENT_VERSION', '1.0.1' );
+define( 'INSECURE_CONTENT_VERSION', '1.0.2' );
 
 require_once INSECURE_CONTENT_INC . 'assets.php';
 require_once INSECURE_CONTENT_INC . 'rest.php';

diff --git a/package-lock.json b/package-lock.json
diff --git a/package.json b/package.json
@@ -1,6 +1,6 @@
 {
   "name": "insecure-content-warning",
-  "version": "1.0.1",
+  "version": "1.0.2",
   "description": "Prevent editors from adding insecure content in the editor.",
   "homepage": "https://github.com/10up/insecure-content-warning",
   "license": "GPL-2.0-or-later",

diff --git a/readme.txt b/readme.txt
@@ -1,10 +1,10 @@
 === Insecure Content Warning ===
-Contributors:      10up, psorensen, adamsilverstein, tlovett, davidrgreen, dkotter
+Contributors:      10up, psorensen, adamsilverstein, tlovett, davidrgreen, dkotter, jeffpaul
 Tags:              publishing, publishers, secure content, https, ssl
 Requires at least: 5.3
-Tested up to:      5.9
+Tested up to:      6.0
 Requires PHP:      7.0
-Stable tag:        1.0.1
+Stable tag:        1.0.2
 License:           GPLv2 or later
 License URI:       http://www.gnu.org/licenses/gpl-2.0.html
 
@@ -38,8 +38,14 @@ This plugin requires no configuration. Simply activate and the plugin will preve
 
 == Changelog ==
 
-= 1.0.1 =
+= 1.0.2 - 2022-06-27 =
+* **Added:** Dependency security scanning (props [@jeffpaul](https://github.com/jeffpaul) via [#70](https://github.com/10up/insecure-content-warning/pull/70)).
+* **Changed:** Bump WordPress version "tested up to" 6.0 (props [@cadic](https://github.com/cadic) via [#74](hthttps://github.com/10up/insecure-content-warning/pull/74)).
+* **Security:** Bump `minimist` from 1.2.5 to 1.2.6 (props [@dependabot](https://github.com/apps/dependabot) via [#67](https://github.com/10up/insecure-content-warning/pull/67)).
+* **Security:** Bump `postcss` from 7.0.32 to 7.0.39 (props [@dependabot](https://github.com/apps/dependabot) via [#68](https://github.com/10up/insecure-content-warning/pull/68)).
+
+= 1.0.1 - 2022-02-17 =
 * **Fixed:** Ensure we support WordPress 5.9 (props [@dkotter](https://github.com/dkotter), [@mohitwp](https://github.com/mohitwp), [@peterwilsoncc](https://github.com/peterwilsoncc)).
 
-= 1.0.0 =
+= 1.0.0 - 2021-08-24 =
 * **Added:** Initial public release! 🎉