Security: sanitize-html 2.12.1 and apostrophe 3.63.1

[boutell]

In this release of apostrophe, we bumped our dependency on sanitize-html to ^2.12.1 at a minimum, to ensure that npm update apostrophe is sufficient to guarantee a security update is installed.

Version 2.12.1 of sanitize-html is a security update, which prevents specially crafted HTML documents from revealing the existence or non-existence of files on the server. The vulnerability did not expose any other information about those files.

Thanks to the Snyk Security team for the disclosure and to Dylan Armstrong for the fix.