Audit Report Issue due to 'marked' dependency

[FBNitro]

Both esdoc and esdoc-publish-html-plugin depend on 'marked', which has a security warning in the npm audit report.

Please upgrade to >=0.6.2 of marked to resolve this audit failure.
See: https://nodesecurity.io/advisories/812 for more information

npm audit --registry https://registry.npmjs.org

                       === npm audit security report ===


                                 Manual Review
             Some vulnerabilities require your attention to resolve

          Visit https://go.npm.me/audit-guide for additional guidance


  Moderate        Regular Expression Denial of Service

  Package         marked

  Patched in      >=0.6.2

  Dependency of   esdoc [dev]

  Path            esdoc > marked

  More info       https://nodesecurity.io/advisories/812


  Moderate        Regular Expression Denial of Service

  Package         marked

  Patched in      >=0.6.2

  Dependency of   esdoc-standard-plugin [dev]

  Path            esdoc-standard-plugin > esdoc-publish-html-plugin > marked

  More info       https://nodesecurity.io/advisories/812

found 2 moderate severity vulnerabilities in 859520 scanned packages
  2 vulnerabilities require manual review. See the full report for details.

[zachawilson]

Check #543

[Sonictherocketman]

+1

[csimi]

Other than that it seems that all dependencies are locked to a single version which makes deduplication a no-go.
Also, if a vulnerability is found in any other dependency it's impossible to npm audit fix it automatically.

[gomesalexandre]

The author of the package seems mostly inactive, I'd suggest using a fork directly from GitHub in the meantime