Skip to content

chore(deps): bump marked from 16.4.2 to 17.0.5#5159

Merged
marcoscaceres merged 3 commits intomainfrom
dependabot/npm_and_yarn/marked-17.0.5
Mar 30, 2026
Merged

chore(deps): bump marked from 16.4.2 to 17.0.5#5159
marcoscaceres merged 3 commits intomainfrom
dependabot/npm_and_yarn/marked-17.0.5

Conversation

@dependabot
Copy link
Copy Markdown
Contributor

@dependabot dependabot bot commented on behalf of github Mar 30, 2026
edited
Loading

Bumps marked from 16.4.2 to 17.0.5.

Release notes

Sourced from marked's releases.

v17.0.5

17.0.5 (2026-03-20)

Bug Fixes

  • Fix catastrophic backtracking (ReDoS) in link/reflink label regex (#3918) (4625980)
  • prevent quadratic complexity in emStrongLDelim regex (#3906) (c732dd2)
  • prevent single-tilde strikethrough false positives (#3910) (5e03369)
  • re-assign tokenizer.lexer and renderer.parser at start of each parse call (#3907) (f3a3ec0)
  • trim trailing whitespace from lheading text (#3920) (3ea7e88)

v17.0.4

17.0.4 (2026-03-04)

Bug Fixes

  • prevent ReDoS in inline link regex title group (#3902) (46fb9b8)

v17.0.3

17.0.3 (2026-02-17)

Bug Fixes

v17.0.2

17.0.2 (2026-02-11)

Bug Fixes

v17.0.1

17.0.1 (2025-11-20)

Bug Fixes

v17.0.0

17.0.0 (2025-11-07)

... (truncated)

Commits
  • 811ea59 chore(release): 17.0.5 [skip ci]
  • c732dd2 fix: prevent quadratic complexity in emStrongLDelim regex (#3906)
  • f3a3ec0 fix: re-assign tokenizer.lexer and renderer.parser at start of each parse cal...
  • 4625980 fix: Fix catastrophic backtracking (ReDoS) in link/reflink label regex (#3918)
  • 5e03369 fix: prevent single-tilde strikethrough false positives (#3910)
  • 288349d test: add heading edge case tests (#3919)
  • 3ea7e88 fix: trim trailing whitespace from lheading text (#3920)
  • d4c0fe5 chore(deps-dev): Bump esbuild from 0.27.3 to 0.27.4 (#3915)
  • 30682c1 chore(deps-dev): Bump undici from 6.23.0 to 6.24.0 (#3914)
  • 59752c4 chore(deps-dev): Bump minimatch from 9.0.5 to 9.0.9 (#3913)
  • Additional commits viewable in compare view
Maintainer changes

This version was pushed to npm by [GitHub Actions](https://www.npmjs.com/~GitHub Actions), a new releaser for marked since your current version.

@dependabot dependabot bot added the dependencies Pull requests that update a dependency file label Mar 30, 2026
@dependabot
chore(deps): bump marked from 16.4.2 to 17.0.5
047630c 
Bumps [marked](https://github.com/markedjs/marked) from 16.4.2 to 17.0.5.
- [Release notes](https://github.com/markedjs/marked/releases)
- [Commits](markedjs/marked@v16.4.2...v17.0.5)

---
updated-dependencies:
- dependency-name: marked
  dependency-version: 17.0.5
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot bot force-pushed the dependabot/npm_and_yarn/marked-17.0.5 branch from f68441a to 047630c Compare March 30, 2026 11:21
@marcoscaceres marcoscaceres merged commit 19d15ae into main Mar 30, 2026
8 checks passed
@marcoscaceres marcoscaceres deleted the dependabot/npm_and_yarn/marked-17.0.5 branch March 30, 2026 13:27
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@marcoscaceres marcoscaceres marcoscaceres approved these changes

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@marcoscaceres