Drop ancient browsers support (use .fromCodePoint and other features).
Rewrite to ESM (including all plugins/deps). CJS fallback still available.
No signatures changed, except markdown-it-emoji plugin.
Dropped dist/ folder from repo, build on package publish.
Set punicode.js as external dependency.
Fixed
Html tokens inside img alt are now rendered as their original text, #896.
Hardbreaks inside img alt are now rendered as newlines.
[13.0.2] - 2023-09-26
Security
Fixed crash/infinite loop caused by linkify inline rule, #957.
Fixed
Throw an error if 3rd party plugin doesn't increment line or pos counters
(previously, markdown-it would likely go into infinite loop instead), #847.
[13.0.1] - 2022-05-03
Fixed
Bumped linkify-it to 4.0.1. That should fix some hangs, caused by wrong
data, returned from linkify-it.
[13.0.0] - 2022-04-22
Added
Added a new token type text_special to store escaped characters, same as text but
unaffected by replacement plugins (smartquotes, typographer, linkifier, etc.).
Added a new rule text_join in core ruler. Text replacement plugins may choose to
insert themselves before it.
Changed
(p) is no longer replaced with § by typographer (conflicts with ℗), #763.
text_collapse rule is renamed to fragments_join.
Fixed
Smartquotes, typographic replacements and plain text links can now be escaped
with backslash (e.g. \(c) or google\.com are no longer replaced).
Fixed collision of emphasis and linkifier (so http://example.org/foo._bar_-_baz
is now a single link, not emphasized). Emails and fuzzy links are not affected by this.
[12.3.2] - 2022-01-08
Security
Fix possible ReDOS in newline rule. Thanks to @MakeNowJust.
Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.
Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
- `@dependabot show ignore conditions` will show all of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
Bumps markdown-it from 12.1.0 to 14.0.0.
Changelog
Sourced from markdown-it's changelog.
... (truncated)
Commits
4949a10
14.0.0 released8725522
README: update samples to esmccea8b1
demo: update twemoji cdn, close #91292f2150
rollup: polish configs74ca77a
Demo: plugins bumpd9885ba
Render html tags inside img alt as their original text (#979)9f5e9c6
lint: remove key spacing8b815a6
lint: reduce empty lines3c66f25
eslint: config cleanup & drop nested configs5578e69
Cleanup internal exportsDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting
@dependabot rebase
.Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show