Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

[Snyk] Upgrade markdownlint from 0.6.4 to 0.26.2 #3

Open
wants to merge 1 commit into
base: master
Choose a base branch
from

Conversation

snyk-bot
Copy link

Snyk has created this PR to upgrade markdownlint from 0.6.4 to 0.26.2.

ℹ️ Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.


  • The recommended version is 34 versions ahead of your current version.
  • The recommended version was released 5 months ago, on 2022-08-09.

The recommended version fixes:

Severity Issue PriorityScore (*) Exploit Maturity
Regular Expression Denial of Service (ReDoS)
SNYK-JS-MARKDOWNIT-459438
586/1000
Why? Proof of Concept exploit, Has a fix available, CVSS 5.3
Proof of Concept
Regular Expression Denial of Service (ReDoS)
SNYK-JS-MARKDOWNIT-2331914
586/1000
Why? Proof of Concept exploit, Has a fix available, CVSS 5.3
No Known Exploit

(*) Note that the real score may have changed since the PR was raised.

Release notes
Package name: markdownlint
  • 0.26.2 - 2022-08-09

    …r needed.

  • 0.26.1 - 2022-07-24

    Update to version 0.26.1.

  • 0.26.0 - 2022-06-22

    Update to version 0.26.0.

  • 0.25.1 - 2022-01-14

    Update to version 0.25.1.

  • 0.25.0 - 2021-12-28

    Merge branch 'next' into main

  • 0.24.0 - 2021-08-23

    Merge branch 'next'

  • 0.23.1 - 2021-02-12

    Update to version 0.23.1.

  • 0.23.0 - 2021-02-07

    Update to version 0.23.0.

  • 0.22.0 - 2020-11-25

    Update to version 0.22.0.

  • 0.21.1 - 2020-10-21

    Update to version 0.21.1.

  • 0.21.0 - 2020-09-20
  • 0.20.4 - 2020-06-24
  • 0.20.3 - 2020-05-15
  • 0.20.2 - 2020-04-26
  • 0.20.1 - 2020-04-13
  • 0.20.0 - 2020-04-11
  • 0.19.0 - 2020-01-28
  • 0.18.0 - 2019-12-14
  • 0.17.2 - 2019-10-25
  • 0.17.1 - 2019-10-20
  • 0.17.0 - 2019-10-05
  • 0.16.0 - 2019-08-05
  • 0.15.0 - 2019-06-09
  • 0.14.2 - 2019-05-18
  • 0.14.1 - 2019-05-09
  • 0.14.0 - 2019-05-08
  • 0.13.0 - 2019-03-30
  • 0.12.0 - 2019-02-04
  • 0.11.0 - 2018-07-22
  • 0.10.0 - 2018-05-28
  • 0.9.0 - 2018-05-13
  • 0.8.1 - 2018-03-21
  • 0.8.0 - 2018-03-11
  • 0.7.0 - 2018-01-23
  • 0.6.4 - 2017-11-23
from markdownlint GitHub release notes
Commit messages
Package name: markdownlint
  • 2488a5c Remove some ignores for external repository testing that are no longer needed.
  • ebf249b Update to version 0.26.2.
  • a6489ac Update MD053/link-image-reference-definitions to add ignored_definitions parameter (default to ["//"]) (fixes #545).
  • 2c3e8c9 Update MD053/link-image-reference-definitions to handle multi-line references inside blockquotes (fixes #544).
  • 5544ea5 Remove workaround for markdown-it-texmath issue fixed in @ 1.0.0.
  • 1154ab4 Update MD037/no-space-in-emphasis to ignore the content of HTML attributes (fixes #540).
  • 48f47b5 Update MD053/link-image-reference-definitions to recognize links within square brackets (fixes #537).
  • 08cdd95 Add Lombiq Node.js Extensions to the "Related" section of the README (fixes #541).
  • 6c8ef48 Update MD051/link-fragments to support `id` attributes on non-`a` elements (fixes #538).
  • cba2ca0 Update to version 0.26.1.
  • 5b0588f Update helpers.expandTildePath to handle receiving an os object without homedir, address minor @ ts-check confusion in same file.
  • 95466e2 Remove some ignores for external repository testing that are no longer needed.
  • 59a4a56 Add tests for MD051/link-fragments to validate quotes and accented characters (refs #536).
  • 1bd748f Update MD051/link-fragments to ignore HTML comments embedded in heading text.
  • 6700acc Merge branch 'main' into 'next'.
  • ed8a2e6 Add permissions/security-events:write to CodeQL action to allow it to run in read-only Workflow permissions mode.
  • 1dba010 Add "exports" to package.json, use it to limit what's exported, leave "main" for compatability.
  • 51cec76 Update to version 0.26.0.
  • 91856f0 Update dependency: ava to 4.3.0.
  • 9868700 Replace all instances of test.cb(...) with test(new Promise(...)) to prepare for upgrade to AVA@4 where it is not available.
  • 53cbf06 Update dependencies: c8 to 7.11.3, eslint to 8.18.0, eslint-plugin-jsdoc to 39.3.3, eslint-plugin-unicorn to 42.0.0, globby to 13.1.2, markdown-it-texmath to 1.0.0, markdownlint-rule-helpers to 0.16.0, ts-loader to 9.3.0, typescript to 4.7.4, webpack to 5.73.0, webpack-cli to 4.10.0.
  • 949b69e Update github/codeql-action/init and github/codeql-action/analyze to v2.
  • 6e8a073 Reimplement helpers.forEachInlineCodeSpan for ~11% time reduction measured via profile-fixture.mjs on GitHub Codespaces.
  • d177ee2 Update helpers.forEachInlineCodeSpan to remove backtick detection in link destinations for ~22% time reduction measured via profile-fixture.mjs on GitHub Codespaces.

Compare


Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.

For more information:

🧐 View latest project report

🛠 Adjust upgrade PR settings

🔕 Ignore this dependency or unsubscribe from future upgrade PRs

@vercel
Copy link

vercel bot commented Dec 31, 2022

The latest updates on your projects. Learn more about Vercel for Git ↗︎

Name Status Preview Updated
awesome-search-abc ✅ Ready (Inspect) Visit Preview Dec 31, 2022 at 6:13PM (UTC)

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

None yet

1 participant