fix(nunjucks): upgrade marked to avoid vulnerability

The previous version of `marked` was vulnerable to a
[ReDoS](https://app.snyk.io/vuln/SNYK-JS-MARKED-174116)
attack.

BREAKING CHANGES

There are a few relevant breaking changes with this latest version of `marked`.
This only affects usage of the `renderMarkdown()` service and the `marked`
nunjucks filter. Take a look through the
[marked release notes](https://github.com/markedjs/marked/releases) and
check if this affects you.

Fixes #280

nunjucks/rendering/filters/marked.spec.js

@@ -33,8 +33,7 @@ describe("marked custom filter", function() {
         '</ul>\n' +
         '<pre><code>code\n' +
         '  indented code\n' +
-        'code\n' +
-        '</code></pre>\n' +
+        'code</code></pre>\n' +
         ''
       );
   });

nunjucks/services/renderMarkdown.spec.js

@@ -40,8 +40,7 @@ describe("renderMarkdown", function() {
       '<p>some test</p>\n' +
       '<pre><code>code\n' +
       '  indented code\n' +
-      'more code\n' +
-      '</code></pre>\n' +
+      'more code</code></pre>\n' +
       '<p>more text</p>\n'
     );
 

package.json

@@ -47,7 +47,7 @@
     "glob": "^7.0.5",
     "htmlparser2": "^3.7.3",
     "lodash": "^4.13.1",
-    "marked": "^0.3.2",
+    "marked": "^0.7.0",
     "minimatch": "^3.0.2",
     "mkdirp": "^0.5.1",
     "mkdirp-promise": "^5.0.0",

yarn.lock

@@ -1327,10 +1327,10 @@ map-visit@^1.0.0:
   dependencies:
     object-visit "^1.0.0"
 
-marked@^0.3.2:
-  version "0.3.19"
-  resolved "https://registry.yarnpkg.com/marked/-/marked-0.3.19.tgz#5d47f709c4c9fc3c216b6d46127280f40b39d790"
-  integrity sha512-ea2eGWOqNxPcXv8dyERdSr/6FmzvWwzjMxpfGB/sbMccXoct+xY+YukPD+QTUZwyvK7BZwcr4m21WBOW41pAkg==
+marked@^0.7.0:
+  version "0.7.0"
+  resolved "https://registry.yarnpkg.com/marked/-/marked-0.7.0.tgz#b64201f051d271b1edc10a04d1ae9b74bb8e5c0e"
+  integrity sha512-c+yYdCZJQrsRjTPhUx7VKkApw9bwDkNbHUKo1ovgcfDjb2kc8rLuRbIFyXL5WOEUwzSSKo3IXpph2K6DqB/KZg==
 
 micromatch@^3.1.10, micromatch@^3.1.4:
   version "3.1.10"