tamirverthim / NodeGoat

The OWASP NodeGoat project provides an environment to learn how OWASP Top 10 security risks apply to web applications developed using Node.js and how to effectively address them.
https://www.owasp.org/index.php/Projects/OWASP_Node_js_Goat_Project
Apache License 2.0
0 stars 1 forks source link

Update dependency marked to v0.3.18 - autoclosed #215

Closed mend-for-github-com[bot] closed 1 year ago

mend-for-github-com[bot] commented 1 year ago

This PR contains the following updates:

Package Type Update Change
marked (source) dependencies patch 0.3.9 -> 0.3.18

By merging this PR, the below issues will be automatically resolved and closed:

Severity CVSS Score CVE GitHub Issue
High 7.5 CVE-2022-21680 #175
High 7.5 CVE-2022-21681 #174
Medium 5.9 WS-2020-0163 #6
Medium 5.3 WS-2018-0628 #74
Medium 5.3 WS-2019-0027 #132

Release Notes

markedjs/marked ### [`v0.3.18`](https://togithub.com/markedjs/marked/releases/tag/v0.3.18): Minor fixes and updated docs [Compare Source](https://togithub.com/markedjs/marked/compare/v0.3.17...v0.3.18) - Supported Markdown flavors: CommonMark 0.28 and GitHub Flavored Markdown 0.28 - Updates to our CI pipeline; we're all green! [#​1098](https://togithub.com/markedjs/marked/issues/1098) with the caveat that there is a test that needs to get sorted (help us out [#​1092](https://togithub.com/markedjs/marked/issues/1092)) - Start ordered lists using the initial numbers from markdown lists ([#​1144](https://togithub.com/markedjs/marked/issues/1144)) - Added GitHub Pages site for documentation https://marked.js.org/ ([#​1138](https://togithub.com/markedjs/marked/issues/1138)) ### [`v0.3.17`](https://togithub.com/markedjs/marked/releases/tag/v0.3.17): Processes and tools [Compare Source](https://togithub.com/markedjs/marked/compare/5f765201af4aa021d7adaf5c68b550325b2818db...v0.3.17) - The elephant in the room: A security vulnerability was discovered and fixed. Please note, if something breaks due to these changes, it was not our intent, and please let us know by submitting a PR or issue to course correct (the nature of the zero-major release and having security as a number one priority) [#​1083](https://togithub.com/markedjs/marked/issues/1083) - The other elephant in the room: We missed publishing a 0.3.16 release to GitHub; so, trying to make up for that a bit. - Updates to the project documentation and operations, you should check it out, just start with the README and you should be good. - New release PR template available [#​1076](https://togithub.com/markedjs/marked/issues/1076) - Updates to default PR and Issue templates [#​1076](https://togithub.com/markedjs/marked/issues/1076) - Lint checks + tests + continuous integration using Travis [#​1020](https://togithub.com/markedjs/marked/issues/1020) - Updated testing output [#​1085](https://togithub.com/markedjs/marked/issues/1085) & [#​1087](https://togithub.com/markedjs/marked/issues/1087) ### [`v0.3.16`](https://togithub.com/markedjs/marked/compare/0.3.15...5f765201af4aa021d7adaf5c68b550325b2818db) [Compare Source](https://togithub.com/markedjs/marked/compare/0.3.15...5f765201af4aa021d7adaf5c68b550325b2818db) ### [`v0.3.15`](https://togithub.com/markedjs/marked/releases/tag/0.3.15): Fix capturing parens [Compare Source](https://togithub.com/markedjs/marked/compare/0.3.14...0.3.15) Fixes unintended breaking change from v0.3.14 ### [`v0.3.14`](https://togithub.com/markedjs/marked/releases/tag/0.3.14): New year, new home [Compare Source](https://togithub.com/markedjs/marked/compare/343b623eac763b8e0f21ddc6a9d661854fdf7971...0.3.14) - Marked has a new home under the MarkedJS org! Other advances soon to come. - Updated minifier. - Various parser fixes ### [`v0.3.13`](https://togithub.com/markedjs/marked/compare/v0.3.12...343b623eac763b8e0f21ddc6a9d661854fdf7971) [Compare Source](https://togithub.com/markedjs/marked/compare/v0.3.12...343b623eac763b8e0f21ddc6a9d661854fdf7971) ### [`v0.3.12`](https://togithub.com/markedjs/marked/releases/tag/v0.3.12): New Year, new Marked! [Compare Source](https://togithub.com/markedjs/marked/compare/0.3.9...v0.3.12) - Addresses issue where some users might not have been able to update due to missing `use strict` [#​991](https://togithub.com/markedjs/marked/issues/991) - Parser fix [#​977](https://togithub.com/markedjs/marked/issues/977) - New way to perform tests with options and running individual tests [#​1002](https://togithub.com/markedjs/marked/issues/1002) - Improved test cases - Improved links