Closed chasenlehara closed 3 years ago
(*) Note that the real score may have changed since the PR was raised.
Check the changes in this PR to ensure they won't cause issues with your project.
Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.
For more information: 🧐 View latest project report
🛠 Adjust project settings
📚 Read more about Snyk's upgrade and patch logic
Snyk has created this PR to fix one or more vulnerable packages in the `npm` dependencies of this project.
Changes included in this PR
Vulnerabilities that will be fixed
With an upgrade:
Why? Recently disclosed, Has a fix available, CVSS 7.5
SNYK-JS-MARKED-1070800
(*) Note that the real score may have changed since the PR was raised.
Commit messages
Package name: marked
The new version differs by 13 commits.- 8a7502f chore(release): 2.0.0 [skip ci]
- 9d3a781 🗜️ build [skip ci]
- 7293251 fix: Total rework of Emphasis/Strong (#1864)
- f848e77 fix: Join adjacent inlineText tokens (#1926)
- f2535f1 chore(release): 1.2.9 [skip ci]
- f0dc8a2 🗜️ build [skip ci]
- 1e36afd fix: allow sublist to be single space in pedantic (#1924)
- b97b802 chore(deps-dev): Bump rollup from 2.38.0 to 2.38.3 (#1922)
- 409ef11 chore(deps-dev): Bump @ rollup/plugin-babel from 5.2.2 to 5.2.3 (#1917)
- f86549d chore(deps-dev): Bump rollup from 2.38.0 to 2.38.2 (#1916)
- b2fe7c1 chore(deps-dev): Bump uglify-js from 3.12.5 to 3.12.6 (#1919)
- aec6b9d chore(deps-dev): Bump @ rollup/plugin-commonjs from 17.0.0 to 17.1.0 (#1918)
- afb285d chore(deps-dev): Bump eslint from 7.18.0 to 7.19.0 (#1920)
See the full diffCheck the changes in this PR to ensure they won't cause issues with your project.
Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.
For more information:
🧐 View latest project report
🛠 Adjust project settings
📚 Read more about Snyk's upgrade and patch logic