Update monaco-editor to resolve DOMPurify CVEs

We should upgrade the version of [monaco-editor](https://github.com/coder/coder/blob/cd1faffeff834d2c96653485a38d745e3bf5bb69/site/package.json#L96) from 0.52.0 to [0.52.2](https://github.com/microsoft/monaco-editor/releases/tag/v0.52.2)
https://github.com/coder/coder/blob/cd1faffeff834d2c96653485a38d745e3bf5bb69/site/package.json#L96

This patch version introduced an upgrade of the DOMPurify html sanitizer:
https://github.com/microsoft/monaco-editor/blob/release/0.52/CHANGELOG.md#0521

> To be verified if the monaco-editor/react package shouldn't be upgraded as well from 4.6.0 to [4.7.0](https://github.com/suren-atoyan/monaco-react/releases/tag/v4.7.0)
> https://github.com/coder/coder/blob/cd1faffeff834d2c96653485a38d745e3bf5bb69/site/package.json#L50

Reference:
[CVE-2024-45801](https://nvd.nist.gov/vuln/detail/CVE-2024-45801)



Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

Update monaco-editor to resolve DOMPurify CVEs #19445

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

Update monaco-editor to resolve DOMPurify CVEs #19445

Description

Metadata

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

Issue actions