[Snyk] Upgrade marked from 0.3.5 to 5.1.2

[akanchhaS]

This PR was automatically created by Snyk using the credentials of a real user.

Snyk has created this PR to upgrade marked from 0.3.5 to 5.1.2.

ℹ️ Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.

---

Warning: This is a major version upgrade, and may be a breaking change.

• The recommended version is 103 versions ahead of your current version.
• The recommended version was released 21 days ago, on 2023-07-25.

The recommended version fixes:

Severity	Issue	PriorityScore (*)	Exploit Maturity
	Regular Expression Denial of Service (ReDoS) npm:marked:20170907	589/1000 Why? Has a fix available, CVSS 7.5	No Known Exploit
	Regular Expression Denial of Service (ReDoS) npm:marked:20180225	589/1000 Why? Has a fix available, CVSS 7.5	Proof of Concept
	Cross-site Scripting (XSS) npm:marked:20150520	589/1000 Why? Has a fix available, CVSS 7.5	No Known Exploit
	Cross-site Scripting (XSS) npm:marked:20170112	589/1000 Why? Has a fix available, CVSS 7.5	No Known Exploit
	Cross-site Scripting (XSS) npm:marked:20170815	589/1000 Why? Has a fix available, CVSS 7.5	No Known Exploit
	Cross-site Scripting (XSS) npm:marked:20170815-1	589/1000 Why? Has a fix available, CVSS 7.5	No Known Exploit
	Regular Expression Denial of Service (ReDoS) SNYK-JS-MARKED-174116	589/1000 Why? Has a fix available, CVSS 7.5	No Known Exploit
	Regular Expression Denial of Service (ReDoS) SNYK-JS-MARKED-2342073	589/1000 Why? Has a fix available, CVSS 7.5	Proof of Concept
	Regular Expression Denial of Service (ReDoS) SNYK-JS-MARKED-2342082	589/1000 Why? Has a fix available, CVSS 7.5	Proof of Concept
	Regular Expression Denial of Service (ReDoS) SNYK-JS-MARKED-451540	589/1000 Why? Has a fix available, CVSS 7.5	No Known Exploit
	Regular Expression Denial of Service (ReDoS) SNYK-JS-MARKED-584281	589/1000 Why? Has a fix available, CVSS 7.5	No Known Exploit

(*) Note that the real score may have changed since the PR was raised.

Release notes

Package name: marked

• 5.1.2 - 2023-07-25
  

  5.1.2 (2023-07-25)

  Bug Fixes

  • Add support for Node 16 (#2886) (e465ce4)
• 5.1.1 - 2023-07-07
  

  5.1.1 (2023-07-07)

  Bug Fixes

  • fix typo (#2870) (e6a7184)
• 5.1.0 - 2023-06-10
  

  5.1.0 (2023-06-10)

  Bug Fixes

  • Simplify unicode punctuation (#2841) (f19fe76)

  Features

  • add Marked instance (#2831) (353e13b)
• 5.0.5 - 2023-06-07
  

  5.0.5 (2023-06-07)

  Bug Fixes

  • Fix more Escape conflicts (#2838) (f879a23)
• 5.0.4 - 2023-05-30
  

  5.0.4 (2023-05-30)

  Bug Fixes

  • Add Unicode punctuations (#2811) (b213f02)
  • fix hr after list (#2809) (efc40df)
  • Replace custom repeatString function with repeat() (#2820) (72ee2d6)
• 5.0.3 - 2023-05-26
  

  5.0.3 (2023-05-26)

  Bug Fixes

  • fix quadratic execution in em mask (#2818) (a37fe8e)
• 5.0.2 - 2023-05-11
  

  5.0.2 (2023-05-11)

  Bug Fixes

  • Clarify deprecation messages for default parameters (#2802) (763e9de)
• 5.0.1 - 2023-05-06
  

  5.0.1 (2023-05-06)

  Bug Fixes

  • only warn if langPrefix is changed (#2796) (d193694)
    The deprecated options warnings can be turned off by default by using:

    marked.use({
      mangle: false,
      headerIds: false,
    });

    For the cli you can use:

    marked --no-mangle --no-header-ids ...
    

• 5.0.0 - 2023-05-02
  

  5.0.0 (2023-05-02)

  Bug Fixes

  • deprecate options (#2766) (62d3312)
  • update min node to v18 (#2767) (c6852f5)

  Features

  • add block param to html renderer (#2768) (fa21b9f)

  BREAKING CHANGES

  • Warnings will be logged to the console if these options are used including headerIds, mangle, and langPrefix which are on by default.
    These warnings can be turned off by default by using:

    marked.use({
      mangle: false,
      headerIds: false,
    });

    If you need these options you can use the extensions listed below.
  • deprecate options

    Option	Replacement
    highlight, langPrefix, and callback	marked-highlight
    mangle	marked-mangle
    baseUrl	marked-base-url
    smartypants	marked-smartypants
    xhtml	marked-xhtml
    headerIds and headerPrefix	marked-gfm-heading-id

  • minimum supported node version v18
• 4.3.0 - 2023-03-22
  

  4.3.0 (2023-03-22)

  Bug Fixes

  • always return promise if async (#2728) (042dcc5)
  • fenced code doesn't need a trailing newline (#2756) (3acbb7f)

  Features

  • add preprocess and postprocess hooks (#2730) (9b452bc)
• 4.2.12 - 2023-01-14
• 4.2.11 - 2023-01-14
• 4.2.10 - 2023-01-14
• 4.2.9 - 2023-01-14
• 4.2.8 - 2023-01-14
• 4.2.7 - 2023-01-14
• 4.2.6 - 2023-01-14
• 4.2.5 - 2022-12-23
• 4.2.4 - 2022-12-07
• 4.2.3 - 2022-11-20
• 4.2.2 - 2022-11-05
• 4.2.1 - 2022-11-02
• 4.2.0 - 2022-10-31
• 4.1.1 - 2022-10-01
• 4.1.0 - 2022-08-30
• 4.0.19 - 2022-08-21
• 4.0.18 - 2022-07-11
• 4.0.17 - 2022-06-13
• 4.0.16 - 2022-05-17
• 4.0.15 - 2022-05-02
• 4.0.14 - 2022-04-11
• 4.0.13 - 2022-04-08
• 4.0.12 - 2022-01-27
• 4.0.11 - 2022-01-26
• 4.0.10 - 2022-01-13
• 4.0.9 - 2022-01-06
• 4.0.8 - 2021-12-19
• 4.0.7 - 2021-12-09
• 4.0.6 - 2021-12-02
• 4.0.5 - 2021-11-25
• 4.0.4 - 2021-11-19
• 4.0.3 - 2021-11-13
• 4.0.2 - 2021-11-12
• 4.0.1 - 2021-11-11
• 4.0.0 - 2021-11-02
• 3.0.8 - 2021-10-24
• 3.0.7 - 2021-10-07
• 3.0.6 - 2021-10-06
• 3.0.5 - 2021-10-06
• 3.0.4 - 2021-09-14
• 3.0.3 - 2021-09-08
• 3.0.2 - 2021-08-25
• 3.0.1 - 2021-08-23
• 3.0.0 - 2021-08-16
• 2.1.3 - 2021-06-25
• 2.1.2 - 2021-06-22
• 2.1.1 - 2021-06-16
• 2.1.0 - 2021-06-15
• 2.0.7 - 2021-06-01
• 2.0.6 - 2021-05-27
• 2.0.5 - 2021-05-21
• 2.0.4 - 2021-05-20
• 2.0.3 - 2021-04-11
• 2.0.2 - 2021-04-10
• 2.0.1 - 2021-02-27
• 2.0.0 - 2021-02-07
• 1.2.9 - 2021-02-03
• 1.2.8 - 2021-01-26
• 1.2.7 - 2020-12-15
• 1.2.6 - 2020-12-10
• 1.2.5 - 2020-11-19
• 1.2.4 - 2020-11-15
• 1.2.3 - 2020-11-04
• 1.2.2 - 2020-10-21
• 1.2.1 - 2020-10-21
• 1.2.0 - 2020-09-28
• 1.1.2 - 2020-10-21
• 1.1.1 - 2020-07-14
• 1.1.0 - 2020-05-16
• 1.0.0 - 2020-04-21
• 0.8.2 - 2020-03-22
• 0.8.1 - 2020-03-18
• 0.8.0 - 2019-12-12
• 0.7.0 - 2019-07-06
• 0.6.3 - 2019-06-30
• 0.6.2 - 2019-04-05
• 0.6.1 - 2019-02-19
• 0.6.0 - 2019-01-01
• 0.5.2 - 2018-11-20
• 0.5.1 - 2018-09-26
• 0.5.0 - 2018-08-16
• 0.4.0 - 2018-05-21
• 0.3.19 - 2018-03-26
• 0.3.18 - 2018-03-22
• 0.3.17 - 2018-02-27
• 0.3.16 - 2018-02-20
• 0.3.15 - 2018-02-19
• 0.3.14 - 2018-02-16
• 0.3.13 - 2018-02-16
• 0.3.12 - 2018-01-09
• 0.3.9 - 2017-12-23
• 0.3.7 - 2017-12-01
• 0.3.6 - 2016-07-30
• 0.3.5 - 2015-07-31

from marked GitHub release notes

Commit messages

Package name: marked

• 929d235 chore(release): 5.1.2 [skip ci]
• a33ed06 🗜️ build v5.1.2 [skip ci]
• e465ce4 fix: Add support for Node 16 (#2886)
• ab23e19 chore(deps-dev): Bump jasmine from 5.0.2 to 5.1.0 (#2887)
• c69b62b chore(deps-dev): Bump @ babel/preset-env from 7.22.7 to 7.22.9 (#2880)
• 76a2103 chore(deps-dev): Bump @ semantic-release/github from 9.0.3 to 9.0.4 (#2882)
• af881c1 chore(deps-dev): Bump @ babel/core from 7.22.8 to 7.22.9 (#2881)
• c68be89 chore(deps-dev): Bump rollup from 3.26.2 to 3.26.3 (#2884)
• f59fd2a chore(deps-dev): Bump eslint from 8.44.0 to 8.45.0 (#2883)
• 48daab1 docs: Add raito to the list of tools (#2878)
• 9a3d089 chore(deps-dev): Bump @ babel/core from 7.22.5 to 7.22.8 (#2874)
• 3851a71 chore(deps-dev): Bump rollup from 3.26.0 to 3.26.2 (#2876)
• 5a53a95 chore(deps-dev): Bump semantic-release from 21.0.6 to 21.0.7 (#2875)
• 53ae7bd chore(deps-dev): Bump @ babel/preset-env from 7.22.5 to 7.22.7 (#2873)
• 13cbdf5 chore(deps-dev): Bump @ semantic-release/release-notes-generator from 11.0.3 to 11.0.4 (#2872)
• 19b8ced chore(release): 5.1.1 [skip ci]
• eaa232d 🗜️ build v5.1.1 [skip ci]
• e6a7184 fix: fix typo (#2870)
• 16533f5 chore(deps-dev): Bump semantic-release from 21.0.5 to 21.0.6 (#2866)
• a99ca4f chore(deps-dev): Bump rollup from 3.25.2 to 3.26.0 (#2867)
• 900ff10 chore(deps-dev): Bump eslint from 8.43.0 to 8.44.0 (#2868)
• 884c782 chore(deps-dev): Bump eslint-plugin-n from 15.7.0 to 16.0.1 (#2859)
• 805aa9a chore(deps-dev): Bump jasmine from 5.0.1 to 5.0.2 (#2858)
• 2964347 chore(deps-dev): Bump rollup from 3.25.1 to 3.25.2 (#2857)

Compare

---

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.

For more information:

🧐 View latest project report

🛠 Adjust upgrade PR settings

🔕 Ignore this dependency or unsubscribe from future upgrade PRs