Release version 1.5.11

This release upgrades dependency httpclient to 4.5.13 to address CVE-2020-13956 in this library.

We note that there is also a known vulnerability (CVE-2020-14338) in xercesImpl:2.12.0 but Apache has not released an update to this library yet to eliminate it. We analyzed this CVE and determined that it does NOT affect AntiSamy. However, if you still want to eliminate this CVE, then you can exclude the version used by AntiSamy and use the version patched by JBoss described here: https://mvnrepository.com/artifact/xerces/xercesImpl/2.12.0.SP03. This will require you to do add the JBoss Maven repo to your pom. Alternately, you can upgrade to the patched version released by Apache when that becomes available.

This release also fixes this low risk (phishing) security issue described here:
#48 (Default URL regex allows URL starting with // to jump out of origin domain)

The release also includes some minor code cleanup and various dependency/plugin upgrades that were available.

Release version 1.5.10

This release upgrades dependency batik-css from 1.12 to 1.13 to address CVE-2019-17566 in batik-css.

And also includes adoption of an old pull request:
#18 (Fix the paragraph and name attribute regular expressions in antisamy.xml)

Release version 1.5.9

Minor fix to address issue #39. Upgrade all dependencies to lates available versions.

Release version 1.5.8

Merge pull request #35 from nahsra/1.5.8

1.5.8 release merge