chore(dgeni): fix rendering of docs markdown

- this adds 1 High severity advisory back in by pinning at `marked@0.3.6` - 301 vulnerabilities found - Severity: 189 Low | 28 Moderate | 80 High | 4 Critical - in reality, there are many serious security issues with this old version of `marked` - but our docs don't render with the newer versions due to angular/dgeni-packages#310 - another downside is that this forces `firebase-tools` to use an old, vulnerable version of marked for parsing console output
DevIntent · Jun 6, 2021 · d1c6cdd · d1c6cdd
1 parent bb44e1b
commit d1c6cdd
Show file tree

Hide file tree

Showing 3 changed files with 4 additions and 9 deletions.
diff --git a/docs/config/index.js b/docs/config/index.js
@@ -148,7 +148,7 @@ module.exports = new Package('angularjs', [
 
 .config(function(checkAnchorLinksProcessor) {
   checkAnchorLinksProcessor.base = '/';
-  checkAnchorLinksProcessor.errorOnUnmatchedLinks = false;
+  checkAnchorLinksProcessor.errorOnUnmatchedLinks = true;
   // We are only interested in docs that have an area (i.e. they are pages)
   checkAnchorLinksProcessor.checkDoc = function(doc) { return doc.area; };
 })

diff --git a/package.json b/package.json
@@ -79,7 +79,6 @@
     "lodash": "~4.17.21",
     "log4js": "^0.6.27",
     "lunr": "^0.7.2",
-    "marked": "~0.3.0",
     "node-html-encoder": "0.0.2",
     "npm-run": "^4.1.0",
     "open-sans-fontface": "^1.4.0",
@@ -106,7 +105,8 @@
     "//2": "(E.g. see https://github.com/gulpjs/gulp/issues/2162 and https://github.com/nodejs/node/issues/25132.)",
     "natives": "1.1.6",
     "//3": "`graceful-fs` needs to be pinned to support gulp 3, on Node v12+",
-    "graceful-fs": "^4.2.3"
+    "graceful-fs": "^4.2.3",
+    "marked": "0.3.6"
   },
   "commitplease": {
     "style": "angular",

diff --git a/yarn.lock b/yarn.lock
@@ -7552,12 +7552,7 @@ marked-terminal@^3.3.0:
     node-emoji "^1.4.1"
     supports-hyperlinks "^1.0.1"
 
-marked@^0.7.0:
-  version "0.7.0"
-  resolved "https://registry.yarnpkg.com/marked/-/marked-0.7.0.tgz#b64201f051d271b1edc10a04d1ae9b74bb8e5c0e"
-  integrity sha512-c+yYdCZJQrsRjTPhUx7VKkApw9bwDkNbHUKo1ovgcfDjb2kc8rLuRbIFyXL5WOEUwzSSKo3IXpph2K6DqB/KZg==
-
-marked@~0.3.0:
+marked@0.3.6, marked@^0.7.0:
   version "0.3.6"
   resolved "https://registry.yarnpkg.com/marked/-/marked-0.3.6.tgz#b2c6c618fccece4ef86c4fc6cb8a7cbf5aeda8d7"
   integrity sha1-ssbGGPzOzk74bE/Gy4p8v1rtqNc=