Fix conflict

.github/CHANGELOG.md

@@ -95,6 +95,18 @@
 - Document can't be exported when inline formulas are in other blocks than paragraph (#1522)
 - Wrong task-list item alignment (#1540)
 
+## 0.15.1
+
+v0.15.1 is an unplanned release to fix a XSS security vulnerability.
+
+**:beetle:Bug fix**
+
+- **Fixed a XSS security vulnerability when parsing inline HTML (#1390)**
+- Fixed portable mode detection if current working directory don't match the application directory (#1382)
+- Fixed exception in main process due to file watcher (#1284)
+- Added emoji fallback fonts for macOS and Windows too (#1299)
+- Fixed RegEx for recommend title (#1128)
+
 ## 0.15.0
 
 **:warning:Breaking Changes:**

src/muya/lib/parser/render/renderInlines/htmlTag.js

@@ -1,7 +1,10 @@
+import createDOMPurify from 'dompurify'
 import { CLASS_OR_ID, BLOCK_TYPE6 } from '../../../config'
 import { snakeToCamel } from '../../../utils'
 import sanitize from '../../../utils/dompurify'
 
+const { sanitize } = createDOMPurify(window)
+
 export default function htmlTag (h, cursor, block, token, outerClass) {
   const { tag, openTag, closeTag, children, attrs } = token
   const className = children ? this.getClassName(outerClass, block, token, cursor) : CLASS_OR_ID.AG_GRAY
@@ -39,7 +42,11 @@ export default function htmlTag (h, cursor, block, token, outerClass) {
         // we also recommand user not use block level element in paragraph. use block element in html block.
         // Use code !sanitize(`<${tag}>`) to filter some malicious tags. for example: <embed>.
         let selector = BLOCK_TYPE6.includes(tag) || !sanitize(`<${tag}>`) ? 'span' : tag
+<<<<<<< HEAD
         selector += `.${CLASS_OR_ID.AG_INLINE_RULE}.${CLASS_OR_ID.AG_RAW_HTML}`
+=======
+        selector += `.${CLASS_OR_ID.AG_INLINE_RULE}`
+>>>>>>> master
         const data = {
           attrs: {},
           dataset: {