[Snyk] Upgrade marked from 0.3.5 to 2.1.3

[snyk-bot]

Snyk has created this PR to upgrade marked from 0.3.5 to 2.1.3.

ℹ️ Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.

---

Warning: This is a major version upgrade, and may be a breaking change.

• The recommended version is 49 versions ahead of your current version.
• The recommended version was released 21 days ago, on 2021-06-25.

The recommended version fixes:

Severity	Issue	PriorityScore (*)	Exploit Maturity
	Regular Expression Denial of Service (ReDoS) npm:marked:20180225	696/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 7.5	Proof of Concept
	Regular Expression Denial of Service (ReDoS) npm:marked:20170907	696/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 7.5	No Known Exploit
	Cross-site Scripting (XSS) npm:marked:20170815	696/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 7.5	No Known Exploit
	Cross-site Scripting (XSS) npm:marked:20170112	696/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 7.5	No Known Exploit
	Cross-site Scripting (XSS) npm:marked:20150520	696/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 7.5	No Known Exploit
	Cross-site Scripting (XSS) npm:marked:20170815-1	696/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 7.5	No Known Exploit
	Regular Expression Denial of Service (ReDoS ) SNYK-JS-MARKED-584281	696/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 7.5	No Known Exploit
	Regular Expression Denial of Service (ReDoS) SNYK-JS-MARKED-451540	696/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 7.5	No Known Exploit
	Regular Expression Denial of Service (ReDoS) SNYK-JS-MARKED-174116	696/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 7.5	No Known Exploit

(*) Note that the real score may have changed since the PR was raised.

Release notes

Package name: marked

• 2.1.3 - 2021-06-25
  

  2.1.3 (2021-06-25)

  Bug Fixes

  • update commonmark spec to v0.30 (#2113) (62d6a0e)
• 2.1.2 - 2021-06-22
  

  2.1.2 (2021-06-22)

  Bug Fixes

  • add Node.js 10 to CI and loosen engines field (#2119) (8659353)
• 2.1.1 - 2021-06-16
  

  2.1.1 (2021-06-16)

  Bug Fixes

  • fix node v12 (#2109) (af14068)
• 2.1.0 - 2021-06-15
  

  2.1.0 (2021-06-15)

  Features

  • Custom Tokenizer/Renderer extensions (#2043) (5be9d6d)
• 2.0.7 - 2021-06-01
  

  2.0.7 (2021-06-01)

  Bug Fixes

  • em strong (#2075) (825a9f8)
• 2.0.6 - 2021-05-27
  

  2.0.6 (2021-05-27)

  Bug Fixes

  • fix autolink email after single space (#2073) (6c9a899)
• 2.0.5 - 2021-05-21
  

  2.0.5 (2021-05-21)

  Bug Fixes

  • call walkTokens when calling marked with a callback(#2060) (1d97308)
• 2.0.4 - 2021-05-20
  

  2.0.4 (2021-05-20)

  Bug Fixes

  • Fix indented markdown in html (#2052) (6435ac9)
• 2.0.3 - 2021-04-11
  

  2.0.3 (2021-04-11)

  Bug Fixes

  • actually add a type property to the def token (#2002) (47e65cf)
• 2.0.2 - 2021-04-10
  

  2.0.2 (2021-04-10)

  Bug Fixes

  • add type property on def token (#2001) (009427f)
• 2.0.1 - 2021-02-27
• 2.0.0 - 2021-02-07
• 1.2.9 - 2021-02-03
• 1.2.8 - 2021-01-26
• 1.2.7 - 2020-12-15
• 1.2.6 - 2020-12-10
• 1.2.5 - 2020-11-19
• 1.2.4 - 2020-11-15
• 1.2.3 - 2020-11-04
• 1.2.2 - 2020-10-21
• 1.2.1 - 2020-10-21
• 1.2.0 - 2020-09-28
• 1.1.2 - 2020-10-21
• 1.1.1 - 2020-07-14
• 1.1.0 - 2020-05-16
• 1.0.0 - 2020-04-21
• 0.8.2 - 2020-03-22
• 0.8.1 - 2020-03-18
• 0.8.0 - 2019-12-12
• 0.7.0 - 2019-07-06
• 0.6.3 - 2019-06-30
• 0.6.2 - 2019-04-05
• 0.6.1 - 2019-02-19
• 0.6.0 - 2019-01-01
• 0.5.2 - 2018-11-20
• 0.5.1 - 2018-09-26
• 0.5.0 - 2018-08-16
• 0.4.0 - 2018-05-21
• 0.3.19 - 2018-03-26
• 0.3.18 - 2018-03-22
• 0.3.17 - 2018-02-27
• 0.3.16 - 2018-02-20
• 0.3.15 - 2018-02-19
• 0.3.14 - 2018-02-16
• 0.3.13 - 2018-02-16
• 0.3.12 - 2018-01-09
• 0.3.9 - 2017-12-23
• 0.3.7 - 2017-12-01
• 0.3.6 - 2016-07-30
• 0.3.5 - 2015-07-31

from marked GitHub release notes

Commit messages

Package name: marked

• 3a81bde chore(release): 2.1.3 [skip ci]
• a90848f 🗜️ build [skip ci]
• 62d6a0e fix: update commonmark spec to v0.30 (#2113)
• c7b4664 chore(release): 2.1.2 [skip ci]
• 8659353 fix: add Node.js 10 to CI and loosen `engines` field (#2119)
• 30c3d05 chore(deps-dev): Bump @ babel/core from 7.14.5 to 7.14.6 (#2118)
• 7c1fa84 chore(deps-dev): Bump eslint from 7.28.0 to 7.29.0 (#2115)
• b611bb1 chore(deps-dev): Bump rollup from 2.51.2 to 2.52.2 (#2116)
• 8321e89 chore(deps-dev): Bump semantic-release from 17.4.3 to 17.4.4 (#2117)
• da1c57f chore(docs): add extensions link to nav links (#2105)
• a2af658 chore(release): 2.1.1 [skip ci]
• cbd60d0 🗜️ build [skip ci]
• af14068 fix: fix node v12 (#2109)
• a86701f chore(release): 2.1.0 [skip ci]
• 122dd8b 🗜️ build [skip ci]
• 5be9d6d feat: Custom Tokenizer/Renderer extensions (#2043)
• e22d16f chore(deps-dev): Bump @ babel/preset-env from 7.14.4 to 7.14.5 (#2104)
• 1aa5156 chore(deps-dev): Bump cheerio from 1.0.0-rc.9 to 1.0.0-rc.10 (#2101)
• 02720ed chore(deps-dev): Bump @ babel/core from 7.14.2 to 7.14.5 (#2100)
• fa8b3a0 chore(deps-dev): Bump @ semantic-release/release-notes-generator (#2102)
• 992179c chore(deps-dev): Bump rollup from 2.51.0 to 2.51.2 (#2103)
• 1944edc chore(deps): Bump normalize-url from 6.0.0 to 6.0.1 (#2095)
• dabef07 chore(deps): Bump css-what from 5.0.0 to 5.0.1 (#2093)
• aecec20 chore(deps): Bump trim-newlines from 3.0.0 to 3.0.1 (#2094)

Compare

---

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.

For more information:

🧐 View latest project report

🛠 Adjust upgrade PR settings

🔕 Ignore this dependency or unsubscribe from future upgrade PRs