⬆️ Updates remark-validate-links to v13 - autoclosed

[renovate]

This PR contains the following updates:

Package	Change	Age	Adoption	Passing	Confidence
remark-validate-links	^10.0.2 -> ^13.0.0

---

Release Notes

remarkjs/remark-validate-links (remark-validate-links)

v13.0.0

Compare Source

Change

• 39c7e22 Change to require Node.js 16
  migrate: update too
• 7c75796 Change to use exports
  migrate: don’t use private APIs
• c81c6ab Update @types/mdast, utilities, etc
  migrate: update too
• 323908a 7ac7d02 Change to improve messages
  migrate: expect better messages

Full Changelog: remarkjs/remark-validate-links@12.1.1...13.0.0

v12.1.1

Compare Source

Fix

• 415557c Fix inferring IDs of headings with HTML

Misc

• 09a3fdf Update hosted-git-info
• 38da293 Fix typo in docs
  by @​CollierCZ in https://github.com/remarkjs/remark-validate-links/pull/72

Full Changelog: remarkjs/remark-validate-links@12.1.0...12.1.1

v12.1.0

Compare Source

• 53b0c24 Add url to vfile messages
  by @​remcohaszing in https://github.com/remarkjs/remark-validate-links/pull/71

Full Changelog: remarkjs/remark-validate-links@12.0.0...12.1.0

v12.0.0

Compare Source

• 8f58878 Update unified-engine, hosted-git-info
  by @​JounQin in https://github.com/remarkjs/remark-validate-links/pull/69
  tiny chance of breaking: properly parses Yaml 1.2
  tiny chance of breaking: matches modern Node in loading modules
• d6420be Remove support for Node 12
  by @​JounQin in https://github.com/remarkjs/remark-validate-links/pull/70

Full Changelog: remarkjs/remark-validate-links@11.0.2...12.0.0

v11.0.2

Compare Source

• 0489d13 Add improved docs
  by @​wooorm in https://github.com/remarkjs/remark-validate-links/pull/63

Full Changelog: remarkjs/remark-validate-links@11.0.1...11.0.2

v11.0.1

Compare Source

• 765b3f5 Fix slugging of headings w/ images

v11.0.0

Compare Source

• e88fecc Use ESM

  // From CommonJS
  var remarkValidateLinks = require('remark-validate-links')
  
  // To ESM
  import remarkValidateLinks from 'remark-validate-links'

  Learn more about ESM in this guide
• b579e27 Add JSDoc based types
• a5677c0 Update dependencies

---

Configuration

📅 Schedule: Branch creation - "after 10pm every weekday,before 5am every weekday,every weekend" in timezone Europe/Moscow, Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

♻ Rebasing: Whenever PR is behind base branch, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.

---

• If you want to rebase/retry this PR, check this box

---

This PR has been generated by Mend Renovate. View repository job log here.

[changelogg]

Hey! Changelogs info seems to be missing or might be in incorrect format.
Please use the below template in PR description to ensure Changelogg can detect your changes:
- (tag) changelog_text
or
- tag: changelog_text
OR
You can add tag in PR header or while doing a commit too
(tag) PR header
or
tag: PR header
Valid tags: added / feat, changed, deprecated, fixed / fix, removed, security, build, ci, chore, docs, perf, refactor, revert, style, test
Thanks!
For more info, check out changelogg docs

[viezly]

Pull request by bot. No need to analyze

[github-actions]

Thanks for opening an issue! Make sure you've followed CONTRIBUTING.md.

[github-actions]

Hello from PR Helper

Is your PR ready for review and processing? Mark the PR ready by including #pr-ready in a comment.

If you still have work to do, even after marking this ready. Put the PR on hold by including #pr-onhold in a comment.

[github-actions]

Thanks for the PR!

This section of the codebase is owner by https://github.com/AlexRogalskiy/ - if they write a comment saying "LGTM" then it will be merged.

[socket-security]

Updated dependencies detected. Learn more about Socket for GitHub ↗︎

Packages	Version	New capabilities	Transitives	Size	Publisher
remark-validate-links	10.0.4...13.0.0	shell	+80/-0	8.68 MB	wooorm

[socket-security]

🚨 Potential security issues detected. Learn more about Socket for GitHub ↗︎

To accept the risk, merge this PR and you will not be notified again.

Issue	Package	Version	Note	Source
Bin script shell injection	npm	6.14.11	Bin Script: which	@semantic-release/changelog@5.0.1, @semantic-release/commit-analyzer@8.0.1, @semantic-release/git@9.0.0, @semantic-release/github@7.2.0, @semantic-release/npm@7.0.10, @semantic-release/release-notes-generator@9.0.1, semantic-release@17.3.9 via package.json

Next steps

What is bin script shell injection?

This package re-exports a well known shell command via an npm bin script. This is possibly a supply chain attack

Packages should not export bin scripts which conflict with well known shell commands

Take a deeper look at the dependency

Take a moment to review the security alert above. Review the linked package source code to understand the potential risk. Ensure the package is not malicious before proceeding. If you're unsure how to proceed, reach out to your security team or ask the Socket team for help at support [AT] socket [DOT] dev.

Remove the package

If you happen to install a dependency that Socket reports as Known Malware you should immediately remove it and select a different dependency. For other alert types, you may may wish to investigate alternative packages or consider if there are other ways to mitigate the specific risk posed by the dependency.

Mark a package as acceptable risk

To ignore an alert, reply with a comment starting with @SocketSecurity ignore followed by a space separated list of package-name@version specifiers. e.g. @SocketSecurity ignore foo@1.0.0 bar@* or ignore all packages with @SocketSecurity ignore-all

• @SocketSecurity ignore npm@6.14.11