yuzutech/kroki v0.29.1 on GitHub

Changelog

This release includes two security fixes and several bug fixes and enhancements. It also contains the latest available versions of:

disallow marks[].data[].url and data.url in Vega when running in SECURE mode by @ggrossetie in #1957 - vulnerability found by Catalin Iovita from Snyk Security Labs
disallow \verbatiminput command in tikz diagrams when running in SECURE mode by @ggrossetie in #1956 - vulnerability found by @Vealending

add the missing components of the plantuml-stdlib by @klenkes74 in #1915
set XDG_CONFIG_HOME and XDG_CACHE_HOME to temp directory otherwise Chrome cannot write files when running Docker in read-only by @ggrossetie in #1912
fix bad tikz render due to bad documentclass by @rfdonnelly in #1926

update kroki base image from eclipse-temurin:17.0.14_7-jre-noble to eclipse-temurin:21.0.9_10-jre-noble
migrate from Node (pkg) to Deno to produce a standalone executable of Vega and Vega-Lite
update java testing packages by @ggrossetie in #1908 #1920 #1953 #1955 #1962
update docker images node22.21 by @ggrossetie in #1904 #1952 #1923
update docker images rust1.92 by @ggrossetie in #1904 #1952 #1968
update maven to v3.9.12 by @ggrossetie in #1918 #1942 #1967
update maven-wrapper to v3.3.4 by @ggrossetie in #1949
update java dependencies (caffeine, bouncycastle, opentelemetry, vertx, logback, netty) by @ggrossetie in #1899 #1960
update GitHub Actions by @ggrossetie in #1951 #1954 #1970
update maven plugins by @ggrossetie in #1950
update Vert.x to 5.0 by @ggrossetie in #1917
update Java from 17 to 21 by @ggrossetie in #1966

Full Changelog: v0.28.0...v0.29.1