[Snyk] Fix for 1 vulnerabilities

[nicholasklem]

This PR was automatically created by Snyk using the credentials of a real user.

Snyk has created this PR to fix one or more vulnerable packages in the `npm` dependencies of this project.

Changes included in this PR

• Changes to the following files to upgrade the vulnerable dependencies to a fixed version:
  • package.json

Vulnerabilities that will be fixed

With an upgrade:

Severity	Priority Score (*)	Issue	Breaking Change	Exploit Maturity
	768/1000 Why? Proof of Concept exploit, Recently disclosed, Has a fix available, CVSS 7.5	Infinite loop SNYK-JS-MARKDOWNIT-6483324	Yes	Proof of Concept

(*) Note that the real score may have changed since the PR was raised.

Commit messages

Package name: @11ty/eleventy

The new version differs by 250 commits.

• 05c6263 v2.0.0
• 5c2a5bf Update dev-dependencies
• 7ed1fef Merge pull request #2781 from danburzo/mdlib-set
• 97243b6 v2.0.0-beta.3
• 55e0a62 v2.0.0-canary.35
• 23b80d9 Merge pull request #2783 from mrmartineau/fix/serverless-var
• 9f13b8e Fixes serverlessFilePath is not defined (2.0.0-beta.2) #2782
• b466258 Make markdown library .set() method optional
• bde84b4 v2.0.0-beta.2
• 6f877de v2.0.0-canary.34
• 153ea8f One more update to the dev server dep
• c5ce8df A few notes about beta/canary
• 6fedb86 Update dev server dependency
• 2decde9 Fixes #2755
• 786105e Fixes #2773
• 99140d8 Adds `runMode` to `eleventy` global data. Fixes #2770
• 4504820 Update license date
• 2cb8ba2 debug log ignores for glob search
• 3810ccf Fixes #2758 by normalizing references for `.canary` to `.alpha`.
• a79788c v2.0.0-beta.1
• 06434e6 v2.0.0-canary.33
• e35db93 Use new Edge CDN version
• 571b305 v2.0.0-canary.32
• e215445 Update deps

See the full diff

Package name: markdown-it

The new version differs by 35 commits.

• e476f78 13.0.2 released
• dfd485b Dist rebuild
• 80a3adc Fix crash in linkify inline rule on malformed input
• 49ca65b Sync pathological tests with cmark
• 2b6cac2 Sync pathological tests with cmark
• 08444a5 Fix typo; minor copy-edits (Add legal links to footer jamstack/jamstack.org#879)
• 940459e fix: remove outdated comments (Added React Bricks CMS jamstack/jamstack.org#891)
• 1529ff4 Guard against custom rule not incrementing pos
• 6325878 Multiple refactors
• 9ff460e Drop a lot of extra code from blockquotes
• e843acc Merge branch 'master' of github.com:markdown-it/markdown-it
• bda7182 13.0.1 released
• b8b610f Dist rebuild
• d17df13 Bump linkify-it to 4.0.1
• 0c19c37 Merge pull request docsy: fix link jamstack/jamstack.org#866 from yne/patch-1
• e157cd2 doc: Add syntax highlighting
• 6ec0b76 13.0.0 released
• 0e4c0f4 Dist rebuild
• d1757ed Bump linkify-it to v4
• bab0baf Added examples on how to add and modify rules (Add GatherContent as headless CMS offering jamstack/jamstack.org#619)
• e6d1bfd refactor: replace deprecated String.prototype.substr()
• f523514 Remove (p) => § replacement in typographer
• 3fc0deb Put entities to separate token
• 6b58ec4 Add linkifier rule to inline chain for full links

See the full diff

Check the changes in this PR to ensure they won't cause issues with your project.

---

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information:
🧐 View latest project report

🛠 Adjust project settings

📚 Read more about Snyk's upgrade and patch logic

---

Learn how to fix vulnerabilities with free interactive lessons:

🦉 Learn about vulnerability in an interactive lesson of Snyk Learn.

[socket-security]

New and removed dependencies detected. Learn more about Socket for GitHub ↗︎

Package	New capabilities	Transitives	Size	Publisher
npm/@11ty/eleventy@2.0.1	environment, filesystem, unsafe Transitive: eval, network, shell	+189	24.7 MB	zachleat
npm/markdown-it@13.0.2	Transitive: environment, filesystem	+5	967 kB	vitaly

🚮 Removed packages: npm/@11ty/eleventy@0.11.1, npm/markdown-it@12.3.2

View full report↗︎

[nicholasklem]

Closing automated Snyk PR