search

tcort / markdown-link-extractor

extracts links from markdown texts
ISC License
23 stars 19 forks source link

Bump `marked` because of security advisory #8

Closed blgm closed 4 years ago

blgm commented 5 years ago

An npm sercutiry advisory recommends bumping the version of marked to v0.7.0 or later. Because it's a v0 release, npm will only install v0.6.* versions which do not have the fix. https://www.npmjs.com/advisories/1076

tcort commented 4 years ago

Thanks for letting me know. Released markdown-link-extractor@1.2.2 with updated dependencies.