DEV: Update xss.js package (#16398)

app/assets/javascripts/pretty-text/addon/sanitizer.js

@@ -76,7 +76,7 @@ export function sanitize(text, allowLister) {
   }
 
   let result = xss(text, {
-    whiteList: allowList.tagList,
+    allowList: allowList.tagList,
     stripIgnoreTag: true,
     stripIgnoreTagBody: ["script", "table"],
 

app/assets/javascripts/pretty-text/engines/discourse-markdown/upload-protocol.js

@@ -35,7 +35,7 @@ function findUploadsInHtml(uploads, blockToken) {
 
   let foundImage = false;
   const newContent = xss(blockToken.content, {
-    whiteList: fakeAllowList,
+    allowList: fakeAllowList,
     allowCommentTag: true,
     onTag(tag, html, options) {
       // We're not using this for sanitizing, so allow all tags through

app/assets/javascripts/pretty-text/package.json

@@ -18,7 +18,7 @@
     "ember-auto-import": "^2.2.4",
     "ember-cli-babel": "^7.13.0",
     "ember-cli-htmlbars": "^4.2.0",
-    "xss": "^1.0.8",
+    "xss": "^1.0.11",
     "webpack": "^5.67.0"
   },
   "devDependencies": {