Upgrade markdown-it-anchor to v5.0.0

markdown-it-anchor@4.0.0 uses string@3.3.3. string@3.3.3 is reported to be unsafe and contains vulnerabilities [1]. It is also no longer in use in markdown-it-anchor@5.0.0. Let's upgrade markdown-it-anchor, so that it no longer uses string@3.3.3. [1] - jprichardson/string.js#212
yamgent · Aug 3, 2018 · b9005ba · b9005ba
1 parent 0793f09
commit b9005ba
Show file tree

Hide file tree

Showing 2 changed files with 5 additions and 9 deletions.
diff --git a/package-lock.json b/package-lock.json
diff --git a/package.json b/package.json
@@ -36,7 +36,7 @@
     "live-server": "^1.2.0",
     "lodash": "^4.17.5",
     "markdown-it": "^8.3.0",
-    "markdown-it-anchor": "^4.0.0",
+    "markdown-it-anchor": "^5.0.0",
     "markdown-it-emoji": "^1.3.0",
     "markdown-it-imsize": "^2.0.1",
     "markdown-it-ins": "^2.0.0",