dtao
commented
7 years ago Sure! I don't think the referenced vulnerabilities quite apply to this library (autodoc uses marked to generate docs from your code, so "malicious" user input would be your own code); but hey, the tests pass and there's a new version so why not.
See https://nodesecurity.io/advisories/marked_multiple_content_injection_vulnerabilities