Bump remark-gfm from 1.0.0 to 2.0.0 in /dashboard

[dependabot]

Bumps remark-gfm from 1.0.0 to 2.0.0.

Release notes

Sourced from remark-gfm's releases.

2.0.0

• 6c518d8 Use ESM

  // From CommonJS
  var remarkGfm = require('remark-gfm')
  // To ESM
  import remarkGfm from 'remark-gfm'

  Learn more about ESM in this guide
• 37d92ac Add JSDoc based types
• 0846014 Remove warning for remark 12

Full Changelog: remarkjs/remark-gfm@1.0.0...2.0.0

Commits

• 383f418 2.0.0
• 54b2ada Update xo
• 37d92ac Add JSDoc based types
• 0846014 Remove warning for remark 12
• 1785879 Update docs
• 9bc5759 Refactor code-style
• 331d940 Update dependencies
• 6c518d8 Use ESM
• 93b0afb Replace nyc with c8
• 902b287 Update Node in Actions
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

[antgamdia]

@dependabot recreate

[antgamdia]

For some deps we can come up with some regex catching unist-* and mdast-*, but I don't know if we better declare them explicitly to avoid unnoticed issues.
However, it is just for running jest tests, so we will know really quickly if something fails.

cc @absoludity

[absoludity]

Sorry, I missed the cc earlier. Yeah, given this is just jest config, I'm not too worried. I'm surprised that updating remark-gfm lead to this though (many of the packages just seem to be upgraded... did the previous versions not require transformation?).

Anyway, +1 from me - I generally prefer explicit, but for a huge regex like this for a test module... don't care :)

[antgamdia]

No problem, the ping was mainly for squeezing this PR in the 2.3.4 release, but it's not critical whatsoever.

As many deps are migrating to ES Modules, the jest tests fail. This is an open issue in jest, but they do have some workarounds (see https://jestjs.io/docs/ecmascript-modules).

The currently chosen tweak is the easiest one, declaring each module in transformIgnorePatterns, but it is tedious if a module has many transitive ESM deps (as in this case).
I've seen another dependabot upgrade is also similar, so we need to handle this problem in a more scalable way at some point.

So, what I would suggest is to go ahead with this PR (and perhaps the existing ones), but create a task for looking for a long-term solution.

[absoludity]

Sorry, I missed the cc earlier. Yeah, given this is just jest config, I'm not too worried. I'm surprised that updating remark-gfm lead to this though (many of the packages just seem to be upgraded... did the previous versions not require transformation?).

Anyway, +1 from me - I generally prefer explicit, but for a huge regex like this for a test module... don't care :)