[Snyk] Upgrade marked from 0.3.5 to 9.1.0 #1051

akanchhaS · 2023-10-26T15:18:34Z

This PR was automatically created by Snyk using the credentials of a real user.

Snyk has created this PR to upgrade marked from 0.3.5 to 9.1.0.

ℹ️ Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.

Warning: This is a major version upgrade, and may be a breaking change.

The recommended version is 117 versions ahead of your current version.
The recommended version was released 22 days ago, on 2023-10-05.

The recommended version fixes:

Issue	PriorityScore (*)	Exploit Maturity
Cross-site Scripting (XSS) npm:marked:20170815	589/1000 Why? Has a fix available, CVSS 7.5	No Known Exploit
Regular Expression Denial of Service (ReDoS) npm:marked:20170907	589/1000 Why? Has a fix available, CVSS 7.5	No Known Exploit
Regular Expression Denial of Service (ReDoS) npm:marked:20180225	589/1000 Why? Has a fix available, CVSS 7.5	Proof of Concept
Cross-site Scripting (XSS) npm:marked:20150520	589/1000 Why? Has a fix available, CVSS 7.5	No Known Exploit
Cross-site Scripting (XSS) npm:marked:20170112	589/1000 Why? Has a fix available, CVSS 7.5	No Known Exploit
Cross-site Scripting (XSS) npm:marked:20170815-1	589/1000 Why? Has a fix available, CVSS 7.5	No Known Exploit
Regular Expression Denial of Service (ReDoS) SNYK-JS-MARKED-174116	589/1000 Why? Has a fix available, CVSS 7.5	No Known Exploit
Regular Expression Denial of Service (ReDoS) SNYK-JS-MARKED-2342073	589/1000 Why? Has a fix available, CVSS 7.5	Proof of Concept
Regular Expression Denial of Service (ReDoS) SNYK-JS-MARKED-2342082	589/1000 Why? Has a fix available, CVSS 7.5	Proof of Concept
Regular Expression Denial of Service (ReDoS) SNYK-JS-MARKED-451540	589/1000 Why? Has a fix available, CVSS 7.5	No Known Exploit
Regular Expression Denial of Service (ReDoS) SNYK-JS-MARKED-584281	589/1000 Why? Has a fix available, CVSS 7.5	No Known Exploit

(*) Note that the real score may have changed since the PR was raised.

Release notes

Package name: marked

9.1.0 - 2023-10-05
9.1.0 (2023-10-05)

Features
- add --no-clobber option to CLI (#3025) (b8adee7)
9.0.3 - 2023-09-18
9.0.3 (2023-09-18)

Bug Fixes
- marked --help (#2991) (43643b3)
9.0.2 - 2023-09-16
9.0.2 (2023-09-16)

Bug Fixes
- fix unicode emstrong (#2989) (8ebbb3c)
9.0.1 - 2023-09-15
9.0.1 (2023-09-15)

Bug Fixes
- fix unexpected setext heading (#2986) (bcc3067)
- single column table (#2985) (0743d4a)
9.0.0 - 2023-09-09
9.0.0 (2023-09-09)

Bug Fixes
- Clean up files in repo (#2963) (7d95a91)
BREAKING CHANGES
- remove built files from git repo.
- If you need to use the latest version of marked on the web you can use a cdn to get marked.min.js from npm:
  - https://cdn.jsdelivr.net/npm/marked/marked.min.js
8.0.1 - 2023-09-06
8.0.1 (2023-09-06)

Bug Fixes
- deprecated trimLeft/trimRight (#2973) (eda75a6)
- fix space removed after checkbox (#2971) (9a2a4ad)
8.0.0 - 2023-09-03
8.0.0 (2023-09-03)

Bug Fixes
- remove deprecated options (#2936) (22ebdb2)
Features
- add --config options to marked cli (#2937) (fc643a2)
BREAKING CHANGES
- deprecated options removed. See https://marked.js.org/using_advanced#options to see how to enable the removed options with extensions.
7.0.5 - 2023-08-26
7.0.5 (2023-08-26)

Bug Fixes
- remove unknown from walkTokens return types (#2955) (65934c1)
7.0.4 - 2023-08-19
7.0.4 (2023-08-19)

Bug Fixes
- fix more types (#2893) (a990c54)
- ignore async: false when async: true is set by an extension (#2920) (b6ee877)
7.0.3 - 2023-08-15
7.0.3 (2023-08-15)

Bug Fixes
- Fix unicode Regex miscounting emoji length (#2942) (f3af23e)
7.0.2 - 2023-08-10
7.0.1 - 2023-08-07
7.0.0 - 2023-08-06
6.0.0 - 2023-07-31
5.1.2 - 2023-07-25
5.1.1 - 2023-07-07
5.1.0 - 2023-06-10
5.0.5 - 2023-06-07
5.0.4 - 2023-05-30
5.0.3 - 2023-05-26
5.0.2 - 2023-05-11
5.0.1 - 2023-05-06
5.0.0 - 2023-05-02
4.3.0 - 2023-03-22
4.2.12 - 2023-01-14
4.2.11 - 2023-01-14
4.2.10 - 2023-01-14
4.2.9 - 2023-01-14
4.2.8 - 2023-01-14
4.2.7 - 2023-01-14
4.2.6 - 2023-01-14
4.2.5 - 2022-12-23
4.2.4 - 2022-12-07
4.2.3 - 2022-11-20
4.2.2 - 2022-11-05
4.2.1 - 2022-11-02
4.2.0 - 2022-10-31
4.1.1 - 2022-10-01
4.1.0 - 2022-08-30
4.0.19 - 2022-08-21
4.0.18 - 2022-07-11
4.0.17 - 2022-06-13
4.0.16 - 2022-05-17
4.0.15 - 2022-05-02
4.0.14 - 2022-04-11
4.0.13 - 2022-04-08
4.0.12 - 2022-01-27
4.0.11 - 2022-01-26
4.0.10 - 2022-01-13
4.0.9 - 2022-01-06
4.0.8 - 2021-12-19
4.0.7 - 2021-12-09
4.0.6 - 2021-12-02
4.0.5 - 2021-11-25
4.0.4 - 2021-11-19
4.0.3 - 2021-11-13
4.0.2 - 2021-11-12
4.0.1 - 2021-11-11
4.0.0 - 2021-11-02
3.0.8 - 2021-10-24
3.0.7 - 2021-10-07
3.0.6 - 2021-10-06
3.0.5 - 2021-10-06
3.0.4 - 2021-09-14
3.0.3 - 2021-09-08
3.0.2 - 2021-08-25
3.0.1 - 2021-08-23
3.0.0 - 2021-08-16
2.1.3 - 2021-06-25
2.1.2 - 2021-06-22
2.1.1 - 2021-06-16
2.1.0 - 2021-06-15
2.0.7 - 2021-06-01
2.0.6 - 2021-05-27
2.0.5 - 2021-05-21
2.0.4 - 2021-05-20
2.0.3 - 2021-04-11
2.0.2 - 2021-04-10
2.0.1 - 2021-02-27
2.0.0 - 2021-02-07
1.2.9 - 2021-02-03
1.2.8 - 2021-01-26
1.2.7 - 2020-12-15
1.2.6 - 2020-12-10
1.2.5 - 2020-11-19
1.2.4 - 2020-11-15
1.2.3 - 2020-11-04
1.2.2 - 2020-10-21
1.2.1 - 2020-10-21
1.2.0 - 2020-09-28
1.1.2 - 2020-10-21
1.1.1 - 2020-07-14
1.1.0 - 2020-05-16
1.0.0 - 2020-04-21
0.8.2 - 2020-03-22
0.8.1 - 2020-03-18
0.8.0 - 2019-12-12
0.7.0 - 2019-07-06
0.6.3 - 2019-06-30
0.6.2 - 2019-04-05
0.6.1 - 2019-02-19
0.6.0 - 2019-01-01
0.5.2 - 2018-11-20
0.5.1 - 2018-09-26
0.5.0 - 2018-08-16
0.4.0 - 2018-05-21
0.3.19 - 2018-03-26
0.3.18 - 2018-03-22
0.3.17 - 2018-02-27
0.3.16 - 2018-02-20
0.3.15 - 2018-02-19
0.3.14 - 2018-02-16
0.3.13 - 2018-02-16
0.3.12 - 2018-01-09
0.3.9 - 2017-12-23
0.3.7 - 2017-12-01
0.3.6 - 2016-07-30
0.3.5 - 2015-07-31

from marked GitHub release notes

Commit messages

Package name: marked

7242d58 chore(release): 9.1.0 [skip ci]
b8adee7 feat: add `--no-clobber` option to CLI (#3025)
c9ffa64 chore(deps-dev): Bump eslint from 8.48.0 to 8.50.0 (#3024)
4cdea5f chore(deps-dev): Bump markdown-it from 13.0.1 to 13.0.2 (#3023)
2bb06c1 chore(deps-dev): Bump @ typescript-eslint/parser from 6.7.2 to 6.7.3 (#3022)
dcb1802 chore(deps-dev): Bump @ semantic-release/github from 9.0.7 to 9.2.1 (#3021)
6bc8f58 chore(deps-dev): Bump rollup from 3.29.3 to 3.29.4 (#3020)
587729f chore: remove node 4 polyfills (#3014)
591ad80 docs: Update authors link in SECURITY.md (#3013)
ad06713 chore(deps-dev): Bump @ typescript-eslint/eslint-plugin from 6.6.0 to 6.7.3 (#3009)
e7ce7cd chore(deps-dev): Bump @ typescript-eslint/eslint-plugin from 6.6.0 to 6.7.2 (#3008)
b69fbd2 chore(deps-dev): Bump rollup from 3.29.2 to 3.29.3 (#3007)
c084e46 chore(deps-dev): Bump @ semantic-release/github from 9.0.5 to 9.0.7 (#3006)
52a5a96 chore(deps-dev): Bump @ typescript-eslint/parser from 6.6.0 to 6.7.2 (#3005)
13608ef chore(deps-dev): Bump semantic-release from 22.0.0 to 22.0.5 (#3004)
6f4afad docs: fix typo in `USING_PRO` (#3000)
a942ef3 docs: remove @ types/marked (#2998)
2ec4c00 chore(release): 9.0.3 [skip ci]
43643b3 fix: marked --help (#2991)
a080469 chore(deps-dev): Bump @ semantic-release/release-notes-generator from 11.0.7 to 12.0.0 (#2992)
d21f560 chore(deps-dev): Bump semantic-release from 21.1.1 to 22.0.0 (#2996)
4a0747f chore(deps-dev): Bump @ semantic-release/commit-analyzer from 10.0.4 to 11.0.0 (#2994)
af238ee chore(deps-dev): Bump @ semantic-release/npm from 10.0.5 to 11.0.0 (#2995)
c114ae8 chore(deps-dev): Bump rollup from 3.28.1 to 3.29.2 (#2993)

Compare

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.

For more information:

🧐 View latest project report

🛠 Adjust upgrade PR settings

🔕 Ignore this dependency or unsubscribe from future upgrade PRs

Snyk has created this PR to upgrade marked from 0.3.5 to 9.1.0. See this package in npm: https://www.npmjs.com/package/marked See this project in Snyk: https://app.snyk.io/org/panda-co/project/ebfb2282-581e-4b1b-afb0-8a0e07b1b540?utm_source=github&utm_medium=referral&page=upgrade-pr

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

[Snyk] Upgrade marked from 0.3.5 to 9.1.0 #1051

[Snyk] Upgrade marked from 0.3.5 to 9.1.0 #1051

akanchhaS commented Oct 26, 2023

9.1.0 (2023-10-05)

Features

9.0.3 (2023-09-18)

Bug Fixes

9.0.2 (2023-09-16)

Bug Fixes

9.0.1 (2023-09-15)

Bug Fixes

9.0.0 (2023-09-09)

Bug Fixes

BREAKING CHANGES

8.0.1 (2023-09-06)

Bug Fixes

8.0.0 (2023-09-03)

Bug Fixes

Features

BREAKING CHANGES

7.0.5 (2023-08-26)

Bug Fixes

7.0.4 (2023-08-19)

Bug Fixes

7.0.3 (2023-08-15)

Bug Fixes

[Snyk] Upgrade marked from 0.3.5 to 9.1.0 #1051

Are you sure you want to change the base?

[Snyk] Upgrade marked from 0.3.5 to 9.1.0 #1051

Conversation

akanchhaS commented Oct 26, 2023

Snyk has created this PR to upgrade marked from 0.3.5 to 9.1.0.

9.1.0 (2023-10-05)

Features

9.0.3 (2023-09-18)

Bug Fixes

9.0.2 (2023-09-16)

Bug Fixes

9.0.1 (2023-09-15)

Bug Fixes

9.0.0 (2023-09-09)

Bug Fixes

BREAKING CHANGES

8.0.1 (2023-09-06)

Bug Fixes

8.0.0 (2023-09-03)

Bug Fixes

Features

BREAKING CHANGES

7.0.5 (2023-08-26)

Bug Fixes

7.0.4 (2023-08-19)

Bug Fixes

7.0.3 (2023-08-15)

Bug Fixes