[Snyk] Upgrade marked from 0.3.5 to 12.0.0 #5

mnathsnyk · 2024-03-15T00:53:21Z

This PR was automatically created by Snyk using the credentials of a real user.

Snyk has created this PR to upgrade marked from 0.3.5 to 12.0.0.

ℹ️ Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.

Warning: This is a major version upgrade, and may be a breaking change.

The recommended version is 130 versions ahead of your current version.
The recommended version was released a month ago, on 2024-02-03.

The recommended version fixes:

Issue	PriorityScore (*)	Exploit Maturity
Cross-site Scripting (XSS) npm:marked:20150520	654/1000 Why? Has a fix available, CVSS 8.8	No Known Exploit
Cross-site Scripting (XSS) npm:marked:20170112	654/1000 Why? Has a fix available, CVSS 8.8	No Known Exploit
Cross-site Scripting (XSS) npm:marked:20170815	654/1000 Why? Has a fix available, CVSS 8.8	No Known Exploit
Regular Expression Denial of Service (ReDoS) npm:marked:20170907	654/1000 Why? Has a fix available, CVSS 8.8	No Known Exploit
Regular Expression Denial of Service (ReDoS) npm:marked:20180225	654/1000 Why? Has a fix available, CVSS 8.8	Proof of Concept
Regular Expression Denial of Service (ReDoS) SNYK-JS-MARKED-174116	654/1000 Why? Has a fix available, CVSS 8.8	No Known Exploit
Regular Expression Denial of Service (ReDoS) SNYK-JS-MARKED-2342073	654/1000 Why? Has a fix available, CVSS 8.8	Proof of Concept
Regular Expression Denial of Service (ReDoS) SNYK-JS-MARKED-2342082	654/1000 Why? Has a fix available, CVSS 8.8	Proof of Concept
Regular Expression Denial of Service (ReDoS) SNYK-JS-MARKED-451540	654/1000 Why? Has a fix available, CVSS 8.8	No Known Exploit
Regular Expression Denial of Service (ReDoS) SNYK-JS-MARKED-584281	654/1000 Why? Has a fix available, CVSS 8.8	No Known Exploit
Cross-site Scripting (XSS) npm:marked:20170815-1	654/1000 Why? Has a fix available, CVSS 8.8	No Known Exploit

(*) Note that the real score may have changed since the PR was raised.

Release notes

Package name: marked

12.0.0 - 2024-02-03
12.0.0 (2024-02-03)

Bug Fixes
- update to commonmark spec 0.31 (#3176) (3d9017b)
BREAKING CHANGES
- changes to spec
- Update HTML block tags: add search, remove source
- Update punctuation to include unicode punctuation and symbol categories
- Update HTML comment to include 
11.2.0 - 2024-01-27
11.2.0 (2024-01-27)

Bug Fixes
- Fix ENOENT error message in CLI (#3165) (bf44ae8)
Features
- flatten childToken arrays (#3172) (4826841)
11.1.1 - 2023-12-31
11.1.1 (2023-12-31)

Bug Fixes
- improve lexing inline elements step's performance (#3146) (4f87b2a)
11.1.0 - 2023-12-12
11.1.0 (2023-12-12)

Features
- add processAllTokens hook (#3114) (faae243)
11.0.1 - 2023-12-08
11.0.1 (2023-12-08)

Bug Fixes
- allow Renderer class in marked.use (#3118) (a287433)
11.0.0 - 2023-11-29
11.0.0 (2023-11-29)

Bug Fixes
- clean up rules so they can be typed (#3087) (175fc0c)
- fix marked types (#3103) (edae309)
BREAKING CHANGES
- Lexer.rules object has been changed so it can be properly types. Some intermediate rules have been removed.
10.0.0 - 2023-11-11
10.0.0 (2023-11-11)

Bug Fixes
- run spec tests with testutils (#3017) (014d4e6)
BREAKING CHANGES
- drop support for node v16
9.1.6 - 2023-11-10
9.1.6 (2023-11-10)

Bug Fixes
- fix instance options sent to lexer and parser (#3073) (f9d08cc)
9.1.5 - 2023-11-02
9.1.5 (2023-11-02)

Bug Fixes
- fix emstrong unicode (#3070) (54b6d1c)
9.1.4 - 2023-10-31
9.1.4 (2023-10-31)

Bug Fixes
- Fix type declaration bundle(s) (#3038) (a7b402c)
9.1.3 - 2023-10-28
9.1.2 - 2023-10-13
9.1.1 - 2023-10-11
9.1.0 - 2023-10-05
9.0.3 - 2023-09-18
9.0.2 - 2023-09-16
9.0.1 - 2023-09-15
9.0.0 - 2023-09-09
8.0.1 - 2023-09-06
8.0.0 - 2023-09-03
7.0.5 - 2023-08-26
7.0.4 - 2023-08-19
7.0.3 - 2023-08-15
7.0.2 - 2023-08-10
7.0.1 - 2023-08-07
7.0.0 - 2023-08-06
6.0.0 - 2023-07-31
5.1.2 - 2023-07-25
5.1.1 - 2023-07-07
5.1.0 - 2023-06-10
5.0.5 - 2023-06-07
5.0.4 - 2023-05-30
5.0.3 - 2023-05-26
5.0.2 - 2023-05-11
5.0.1 - 2023-05-06
5.0.0 - 2023-05-02
4.3.0 - 2023-03-22
4.2.12 - 2023-01-14
4.2.11 - 2023-01-14
4.2.10 - 2023-01-14
4.2.9 - 2023-01-14
4.2.8 - 2023-01-14
4.2.7 - 2023-01-14
4.2.6 - 2023-01-14
4.2.5 - 2022-12-23
4.2.4 - 2022-12-07
4.2.3 - 2022-11-20
4.2.2 - 2022-11-05
4.2.1 - 2022-11-02
4.2.0 - 2022-10-31
4.1.1 - 2022-10-01
4.1.0 - 2022-08-30
4.0.19 - 2022-08-21
4.0.18 - 2022-07-11
4.0.17 - 2022-06-13
4.0.16 - 2022-05-17
4.0.15 - 2022-05-02
4.0.14 - 2022-04-11
4.0.13 - 2022-04-08
4.0.12 - 2022-01-27
4.0.11 - 2022-01-26
4.0.10 - 2022-01-13
4.0.9 - 2022-01-06
4.0.8 - 2021-12-19
4.0.7 - 2021-12-09
4.0.6 - 2021-12-02
4.0.5 - 2021-11-25
4.0.4 - 2021-11-19
4.0.3 - 2021-11-13
4.0.2 - 2021-11-12
4.0.1 - 2021-11-11
4.0.0 - 2021-11-02
3.0.8 - 2021-10-24
3.0.7 - 2021-10-07
3.0.6 - 2021-10-06
3.0.5 - 2021-10-06
3.0.4 - 2021-09-14
3.0.3 - 2021-09-08
3.0.2 - 2021-08-25
3.0.1 - 2021-08-23
3.0.0 - 2021-08-16
2.1.3 - 2021-06-25
2.1.2 - 2021-06-22
2.1.1 - 2021-06-16
2.1.0 - 2021-06-15
2.0.7 - 2021-06-01
2.0.6 - 2021-05-27
2.0.5 - 2021-05-21
2.0.4 - 2021-05-20
2.0.3 - 2021-04-11
2.0.2 - 2021-04-10
2.0.1 - 2021-02-27
2.0.0 - 2021-02-07
12.0.0 (2024-02-03)

Bug Fixes
- update to commonmark spec 0.31 (#3176) (3d9017b)
BREAKING CHANGES
- changes to spec
- Update HTML block tags: add search, remove source
- Update punctuation to include unicode punctuation and symbol categories
- Update HTML comment to include 
1.2.9 - 2021-02-03
1.2.8 - 2021-01-26
1.2.7 - 2020-12-15
1.2.6 - 2020-12-10
1.2.5 - 2020-11-19
1.2.4 - 2020-11-15
1.2.3 - 2020-11-04
1.2.2 - 2020-10-21
1.2.1 - 2020-10-21
1.2.0 - 2020-09-28
11.2.0 (2024-01-27)

Bug Fixes
- Fix ENOENT error message in CLI (#3165) (bf44ae8)
Features
- flatten childToken arrays (#3172) (4826841)
1.1.2 - 2020-10-21
1.1.1 - 2020-07-14
11.1.1 (2023-12-31)

Bug Fixes
- improve lexing inline elements step's performance (#3146) (4f87b2a)
1.1.0 - 2020-05-16
11.1.0 (2023-12-12)

Features
- add processAllTokens hook (#3114) (faae243)
1.0.0 - 2020-04-21
11.0.0 (2023-11-29)

Bug Fixes
- clean up rules so they can be typed (#3087) (175fc0c)
- fix marked types (#3103) (edae309)
BREAKING CHANGES
- Lexer.rules object has been changed so it can be properly types. Some intermediate rules have been removed.
0.8.2 - 2020-03-22
0.8.1 - 2020-03-18
0.8.0 - 2019-12-12
0.7.0 - 2019-07-06
0.6.3 - 2019-06-30
0.6.2 - 2019-04-05
0.6.1 - 2019-02-19
0.6.0 - 2019-01-01
0.5.2 - 2018-11-20
0.5.1 - 2018-09-26
0.5.0 - 2018-08-16
0.4.0 - 2018-05-21
0.3.19 - 2018-03-26
0.3.18 - 2018-03-22
0.3.17 - 2018-02-27
0.3.16 - 2018-02-20
0.3.15 - 2018-02-19
0.3.14 - 2018-02-16
0.3.13 - 2018-02-16
0.3.12 - 2018-01-09
0.3.9 - 2017-12-23
0.3.7 - 2017-12-01
0.3.6 - 2016-07-30
0.3.5 - 2015-07-31

from marked GitHub release notes

Commit messages

Package name: marked

cd15160 chore(release): 12.0.0 [skip ci]
3d9017b fix: update to commonmark specs 0.31 (#3176)
365e720 chore(deps-dev): Bump @ arethetypeswrong/cli from 0.13.5 to 0.13.6 (#3181)
2bf0645 chore(deps-dev): Bump @ typescript-eslint/eslint-plugin from 6.19.0 to 6.19.1 (#3179)
a26db80 chore(deps-dev): Bump @ typescript-eslint/parser from 6.19.0 to 6.19.1 (#3180)
ee9e20e chore(deps-dev): Bump dts-bundle-generator from 9.2.4 to 9.2.5 (#3178)
f0507cb chore(release): 11.2.0 [skip ci]
4826841 feat: flatten childToken arrays (#3172)
bf44ae8 fix: Fix ENOENT error message in CLI (#3165)
47a140a chore(deps-dev): Bump @ typescript-eslint/parser from 6.18.1 to 6.19.0 (#3175)
8c01a9f chore(deps-dev): Bump @ typescript-eslint/eslint-plugin from 6.18.0 to 6.19.0 (#3174)
f7c3c00 chore(deps-dev): Bump rollup from 4.9.4 to 4.9.6 (#3173)
6f4467c chore(deps-dev): Bump @ typescript-eslint/parser from 6.18.0 to 6.18.1 (#3160)
8dfeba8 chore(deps-dev): Bump semantic-release from 22.0.12 to 23.0.0 (#3161)
99890dd chore(deps-dev): Bump eslint-plugin-n from 16.6.1 to 16.6.2 (#3162)
6570fdf chore(deps-dev): Bump @ rollup/plugin-typescript from 11.1.5 to 11.1.6 (#3163)
1befefc chore(deps-dev): Bump dts-bundle-generator from 9.2.1 to 9.2.4 (#3159)
9514a93 chore(deps-dev): Bump @ typescript-eslint/eslint-plugin from 6.16.0 to 6.18.0 (#3156)
f7aa3d6 chore(deps-dev): Bump eslint-plugin-n from 16.6.0 to 16.6.1 (#3155)
c2dd3f3 chore(deps-dev): Bump rollup from 4.9.2 to 4.9.4 (#3154)
dd1bcd2 chore(deps-dev): Bump @ typescript-eslint/parser from 6.13.2 to 6.18.0 (#3153)
edb1567 chore(deps-dev): Bump dts-bundle-generator from 9.0.0 to 9.2.1 (#3149)
7e839cf chore(deps-dev): Bump markdown-it from 13.0.2 to 14.0.0 (#3152)
b3d5eb3 chore(deps-dev): Bump eslint-plugin-n from 16.5.0 to 16.6.0 (#3151)

Compare

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.

For more information:

🧐 View latest project report

🛠 Adjust upgrade PR settings

🔕 Ignore this dependency or unsubscribe from future upgrade PRs

Snyk has created this PR to upgrade marked from 0.3.5 to 12.0.0. See this package in npm: https://www.npmjs.com/package/marked See this project in Snyk: https://app.snyk.io/org/nath-enterprise-ltd-default/project/3aa451f6-bcb4-4bc1-9638-2333a77f7a01?utm_source=github-enterprise&utm_medium=referral&page=upgrade-pr

[Snyk] Upgrade marked from 0.3.5 to 12.0.0 #5

Are you sure you want to change the base?

[Snyk] Upgrade marked from 0.3.5 to 12.0.0 #5

Conversation

mnathsnyk commented Mar 15, 2024

Snyk has created this PR to upgrade marked from 0.3.5 to 12.0.0.

12.0.0 (2024-02-03)

Bug Fixes

BREAKING CHANGES

11.2.0 (2024-01-27)

Bug Fixes

Features

11.1.1 (2023-12-31)

Bug Fixes

11.1.0 (2023-12-12)

Features

11.0.1 (2023-12-08)

Bug Fixes

11.0.0 (2023-11-29)

Bug Fixes

BREAKING CHANGES

10.0.0 (2023-11-11)

Bug Fixes

BREAKING CHANGES

9.1.6 (2023-11-10)

Bug Fixes

9.1.5 (2023-11-02)

Bug Fixes

9.1.4 (2023-10-31)

Bug Fixes

12.0.0 (2024-02-03)

Bug Fixes

BREAKING CHANGES

11.2.0 (2024-01-27)

Bug Fixes

Features

11.1.1 (2023-12-31)

Bug Fixes

11.1.0 (2023-12-12)

Features

11.0.0 (2023-11-29)

Bug Fixes

BREAKING CHANGES