[Snyk] Upgrade: marked, path #3
Open
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Snyk has created this PR to upgrade:
- marked from 0.3.19 to 0.8.2.
See this package in npm: https://www.npmjs.com/package/marked
- path from 0.4.10 to 0.12.7.
See this package in npm: https://www.npmjs.com/package/path
See this project in Snyk:
https://app.snyk.io/org/wexkalebur/project/1d189933-7445-4fb9-bb00-3f33598facb8?utm_source=github&utm_medium=referral&page=upgrade-pr
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Snyk has created this PR to upgrade multiple dependencies.
👯 The following dependencies are linked and will therefore be updated together.ℹ️ Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.
marked
from 0.3.19 to 0.8.2 | 12 versions ahead of your current version | 4 years ago
on 2020-03-22
path
from 0.4.10 to 0.12.7 | 2 versions ahead of your current version | 9 years ago
on 2015-09-13
Issues fixed by the recommended upgrade:
SNYK-JS-MARKED-174116
SNYK-JS-MARKED-451540
Release notes
Package name: marked
-
0.8.2 - 2020-03-22
- Add html to TextRenderer for html in headings #1622
- Remove html tags in heading ids #1622
- Update comment about GitHub breaks #1620
-
0.8.1 - 2020-03-18
- Fix
- Fix GFM Example 116 code fences #1600
- Send inline html to renderer #1602 (fixes #1601)
- Improve docs example for invoking highlight.js #1603
- Fix block-level elements breaking tables #1598 (fixes #1467)
- break nptables on block-level structures #1617
-
0.8.0 - 2019-12-12
- Remove substitutions #1532
- Separate source into modules #1563 #1572 #1573 #1575 #1576 #1581
- Fix relative urls in
- Loose task list #1535
- Fix image parentheses #1557
- remove module field & update devDependencies #1581
- Update examples with es6+ #1521
- Fix link to USING_PRO.md page #1552
- Fix typo in USING_ADVANCED.md #1558
- Node worker threads are stable #1555
- Update deps #1516
- Update eslint #1542
- Update htmldiffer async matcher #1543
-
0.7.0 - 2019-07-06
- Sanitize
- Fix ReDOS for links with backticks (issue #1493) #1515
- Deprecate
- Move
- Move
- Remove
- Single backtick in link text needs to be escaped #1515
- Fix parentheses around a link #1509
- Fix headings (issue #1510) #1511
- Run tests with correct options #1511
-
0.6.3 - 2019-06-30
- Fix nested blockquotes #1464
- Fix
- revert #1464 #1497
- Fix
- add docs for workers #1432
- Add security policy #1492
- Update supported spec versions #1491
- Update test folder descriptions #1506
- Use latest commit for demo master #1457
- Update tests to commonmark 0.29 #1465
- Update tests to GFM 0.29 #1470
- Fix commonmark spec 57 and 40 (headings) #1475
-
0.6.2 - 2019-04-05
- Link redos #1426
- Text redos #1460
- Links parens #1435
- New line after table with escaped pipe #1439
- List item tables #1446
- Pass token boolean to the
- Allow html without \n after #1438
- Update man page to include
- Add a
- Normalize marked tests #1444
- Update tests to node 4 syntax #1449
-
0.6.1 - 2019-02-19
- Fix parenthesis url redos #1414
- Update demo site to use a worker #1418
- Update devDependencies to last stable #1409
- Update documentation about extending Renderer #1417
- Remove
- Add snyk badge #1420
-
0.6.0 - 2019-01-01
- Drop support for Node v0.10 and old browsers such as Internet Explorer
- You should not have any problems if using Node 4+ or a modern browser
- Add parameter
- You should not have any problems if you do not override this method
- Add new export
- Fix emphasis followed by a punctuation #1383
- Fix bold around autolink email address #1385
- Make autolinks case insensitive #1384
- Make code fences compliant with Commonmark spec #1387
- Make blockquote paragraph continuation compliant with Commonmark spec #1394
- Make ordered list marker length compliant with Commonmark spec #1391
- Make empty list items compliant with Commonmark spec #1395
- Make tag escaping compliant with Commonmark spec #1397
- Make strong/bold compliant with Commonmark spec #1400
- Fix handling of adjacent lists #684
- Add better error handling when token type cannot be found #1005
- Fix duplicate heading id and non-latin characters #1401
- Pretty print ENOENT errors on cli #1396
- Update repo url in man #1403
- Fix
- Update docs to include "Since" version #1382
- Add defibrillator badge for @ mccraveiro #1392
- Remove old test covered by gfm/cm #1389
-
0.5.2 - 2018-11-20
- Fix emphasis closing by single _ (part of left-flanking run) #1351
- Make URL handling consistent between links and images #1359
- Add missing semicolons, add lint rule #1340
- Make Steven (@ styfle) a npm publisher #1346
- Fix typo in docs: responsibility #1364
- Add the ability to specify options on the demo page as JSON #1357
- Show red border when JSON options are invalid #1360
- Move license file back to root dir #1356
- Fix builds: remove node v0.10 from travis matrix #1366
- This does not a break compatibility in this release but it will a future release
- Add
-
0.5.1 - 2018-09-26
- Fix inline code regex and prevent REDOS #1337
- Use
- Fix typographic substitution in (pre|code|kbd|script) blocks when smartypants=true #1335
- Fix auto-linking email address #1338
- Refactor the
- Update copyright in source code #1326
- Update benchmark tests #1019
- Add dependency badges to readme #1333
-
0.5.0 - 2018-08-16
-
0.4.0 - 2018-05-21
-
0.3.19 - 2018-03-26
from marked GitHub release notesFixes
Docs
Fixes
marked --help#1588Breaking changes
Fixes
baseUrloption #1526Docs
Dev Dependencies
Security
paragraphandtexttokens #1504Breaking Changes
sanitizeandsanitizeroptions #1504fencesto CommonMark #1511tablesto GFM #1511tablesoption #1511Fixes
Tests
Fixes
<em>issue with mixed content #1451breaks: true#1507Docs
DevOps
Security
Fixes
Enhancements
listitemfunction #1440CLI
--testand fix argv parameters #1442--versionflag to print marked version #1448Testing
Fixes
Docs
--saveoption as it isn't required anymore #1422Breaking Changes
sluggertoRenderer.prototype.headingmethod #1401New Features
marked.Slugger#1401Fixes
CLI
Docs
breaksoption description #1381Tests
Bug Fixes
Other
fileskey to package.json to prevent publishing unused files #1367Security
@ markedjs/html-differto prevent REDOS #1331Bug Fixes
Other
escape()function to improve performance 10-20% #975Package name: path
-
0.12.7 - 2015-09-13
-
0.11.14 - 2015-01-07
-
0.4.10 - 2015-01-07
from path GitHub release notesMerge pull request #4 from jinder/pr/3
Pr/3
v0.4.10
v0.4.10
Important
Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.
For more information: