[Snyk] Upgrade marked from 0.3.5 to 0.8.2 #7

hubertczarnowskipracuj · 2023-08-04T19:34:38Z

This PR was automatically created by Snyk using the credentials of a real user.

Snyk has created this PR to upgrade marked from 0.3.5 to 0.8.2.

ℹ️ Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.

The recommended version is 23 versions ahead of your current version.
The recommended version was released 3 years ago, on 2020-03-22.

The recommended version fixes:

Issue	PriorityScore (*)	Exploit Maturity
Remote Code Execution (RCE) SNYK-JS-HANDLEBARS-1056767	457/1000 Why? Proof of Concept exploit, CVSS 7	Proof of Concept
Regular Expression Denial of Service (ReDoS) SNYK-JS-ACORN-559469	457/1000 Why? Proof of Concept exploit, CVSS 7	No Known Exploit
Regular Expression Denial of Service (ReDoS) SNYK-JS-ACORN-559469	457/1000 Why? Proof of Concept exploit, CVSS 7	No Known Exploit
Cross-site Scripting (XSS) npm:marked:20170815	457/1000 Why? Proof of Concept exploit, CVSS 7	No Known Exploit
Regular Expression Denial of Service (ReDoS) npm:marked:20170907	457/1000 Why? Proof of Concept exploit, CVSS 7	No Known Exploit
Regular Expression Denial of Service (ReDoS) npm:marked:20180225	457/1000 Why? Proof of Concept exploit, CVSS 7	Proof of Concept
Prototype Pollution SNYK-JS-CACHEDPATHRELATIVE-2342653	457/1000 Why? Proof of Concept exploit, CVSS 7	Proof of Concept
Denial of Service (DoS) SNYK-JS-DICER-2311764	457/1000 Why? Proof of Concept exploit, CVSS 7	Mature
Prototype Pollution SNYK-JS-JSONSCHEMA-1920922	457/1000 Why? Proof of Concept exploit, CVSS 7	No Known Exploit
Prototype Pollution SNYK-JS-NCONF-2395478	457/1000 Why? Proof of Concept exploit, CVSS 7	Proof of Concept
Prototype Pollution SNYK-JS-HANDLEBARS-469063	457/1000 Why? Proof of Concept exploit, CVSS 7	No Known Exploit
Arbitrary Code Execution SNYK-JS-HANDLEBARS-534478	457/1000 Why? Proof of Concept exploit, CVSS 7	Proof of Concept
Arbitrary Code Execution SNYK-JS-ISMYJSONVALID-597167	457/1000 Why? Proof of Concept exploit, CVSS 7	Proof of Concept
Remote Code Execution (RCE) SNYK-JS-SHELLQUOTE-1766506	457/1000 Why? Proof of Concept exploit, CVSS 7	No Known Exploit
Server-side Request Forgery (SSRF) SNYK-JS-NETMASK-1089716	457/1000 Why? Proof of Concept exploit, CVSS 7	Proof of Concept
Remote Code Execution (RCE) SNYK-JS-PACRESOLVER-1564857	457/1000 Why? Proof of Concept exploit, CVSS 7	Proof of Concept
Regular Expression Denial of Service (ReDoS) SNYK-JS-HOSTEDGITINFO-1088355	457/1000 Why? Proof of Concept exploit, CVSS 7	Proof of Concept
Cryptographic Issues SNYK-JS-ELLIPTIC-1064899	457/1000 Why? Proof of Concept exploit, CVSS 7	No Known Exploit
Cross-site Scripting (XSS) npm:marked:20170815-1	457/1000 Why? Proof of Concept exploit, CVSS 7	No Known Exploit
Prototype Pollution SNYK-JS-JSONPOINTER-1577288	457/1000 Why? Proof of Concept exploit, CVSS 7	Proof of Concept
Prototype Pollution SNYK-JS-JSONPOINTER-598804	457/1000 Why? Proof of Concept exploit, CVSS 7	Proof of Concept
Prototype Pollution SNYK-JS-HANDLEBARS-173692	457/1000 Why? Proof of Concept exploit, CVSS 7	No Known Exploit
Prototype Pollution SNYK-JS-HANDLEBARS-174183	457/1000 Why? Proof of Concept exploit, CVSS 7	No Known Exploit
Denial of Service (DoS) SNYK-JS-HANDLEBARS-480388	457/1000 Why? Proof of Concept exploit, CVSS 7	No Known Exploit
Regular Expression Denial of Service (ReDoS) SNYK-JS-ISMYJSONVALID-597165	457/1000 Why? Proof of Concept exploit, CVSS 7	Proof of Concept
Authorization Bypass Through User-Controlled Key SNYK-JS-PARSEPATH-2936439	457/1000 Why? Proof of Concept exploit, CVSS 7	Proof of Concept
Prototype Pollution SNYK-JS-Y18N-1021887	457/1000 Why? Proof of Concept exploit, CVSS 7	Proof of Concept
Cryptographic Issues SNYK-JS-ELLIPTIC-571484	457/1000 Why? Proof of Concept exploit, CVSS 7	Proof of Concept
Prototype Pollution SNYK-JS-LODASHSET-1320032	457/1000 Why? Proof of Concept exploit, CVSS 7	Proof of Concept
Cross-site Scripting (XSS) npm:marked:20150520	457/1000 Why? Proof of Concept exploit, CVSS 7	No Known Exploit
Denial of Service (DoS) SNYK-JS-JSZIP-1251497	457/1000 Why? Proof of Concept exploit, CVSS 7	Proof of Concept
Regular Expression Denial of Service (ReDoS) SNYK-JS-HOSTEDGITINFO-1088355	457/1000 Why? Proof of Concept exploit, CVSS 7	Proof of Concept
Prototype Pollution SNYK-JS-HANDLEBARS-1279029	457/1000 Why? Proof of Concept exploit, CVSS 7	Proof of Concept
Arbitrary File Write via Archive Extraction (Zip Slip) SNYK-JS-JSZIP-3188562	457/1000 Why? Proof of Concept exploit, CVSS 7	No Known Exploit
Prototype Pollution SNYK-JS-HANDLEBARS-534988	457/1000 Why? Proof of Concept exploit, CVSS 7	No Known Exploit
Prototype Pollution SNYK-JS-HANDLEBARS-567742	457/1000 Why? Proof of Concept exploit, CVSS 7	Proof of Concept
Cross-site Scripting (XSS) SNYK-JS-PARSEURL-2935944	457/1000 Why? Proof of Concept exploit, CVSS 7	Proof of Concept
Information Exposure SNYK-JS-PARSEURL-2935947	457/1000 Why? Proof of Concept exploit, CVSS 7	Proof of Concept
Server-side Request Forgery (SSRF) SNYK-JS-PARSEURL-2936249	457/1000 Why? Proof of Concept exploit, CVSS 7	Proof of Concept
Cross-site Scripting (XSS) npm:marked:20170112	457/1000 Why? Proof of Concept exploit, CVSS 7	No Known Exploit
Command Injection SNYK-JS-SNYK-3037342	457/1000 Why? Proof of Concept exploit, CVSS 7	Proof of Concept
Cross-site Scripting (XSS) SNYK-JS-PARSEURL-2942134	457/1000 Why? Proof of Concept exploit, CVSS 7	Proof of Concept
Command Injection SNYK-JS-SNYK-3038622	457/1000 Why? Proof of Concept exploit, CVSS 7	Proof of Concept
Code Injection SNYK-JS-SNYK-3111871	457/1000 Why? Proof of Concept exploit, CVSS 7	No Known Exploit
Command Injection SNYK-JS-SNYKDOCKERPLUGIN-3039679	457/1000 Why? Proof of Concept exploit, CVSS 7	Proof of Concept
Command Injection SNYK-JS-SNYKGOPLUGIN-3037316	457/1000 Why? Proof of Concept exploit, CVSS 7	Proof of Concept
Command Injection SNYK-JS-SNYKGRADLEPLUGIN-3038624	457/1000 Why? Proof of Concept exploit, CVSS 7	Proof of Concept
Command Injection SNYK-JS-SNYKMVNPLUGIN-3038623	457/1000 Why? Proof of Concept exploit, CVSS 7	Proof of Concept
Command Injection SNYK-JS-SNYKPYTHONPLUGIN-3039677	457/1000 Why? Proof of Concept exploit, CVSS 7	Proof of Concept
Command Injection SNYK-JS-SNYKSBTPLUGIN-3038626	457/1000 Why? Proof of Concept exploit, CVSS 7	Proof of Concept
Command Injection SNYK-JS-SNYKSNYKCOCOAPODSPLUGIN-3038625	457/1000 Why? Proof of Concept exploit, CVSS 7	Proof of Concept
Regular Expression Denial of Service (ReDoS) SNYK-JS-UGLIFYJS-1727251	457/1000 Why? Proof of Concept exploit, CVSS 7	No Known Exploit
Arbitrary Code Injection SNYK-JS-UNDERSCORE-1080984	457/1000 Why? Proof of Concept exploit, CVSS 7	Proof of Concept
Prototype Pollution SNYK-JS-XML2JS-5414874	457/1000 Why? Proof of Concept exploit, CVSS 7	Proof of Concept
Prototype Pollution SNYK-JS-XML2JS-5414874	457/1000 Why? Proof of Concept exploit, CVSS 7	Proof of Concept
Regular Expression Denial of Service (ReDoS) npm:brace-expansion:20170302	457/1000 Why? Proof of Concept exploit, CVSS 7	No Known Exploit
Server-side Request Forgery (SSRF) SNYK-JS-PARSEURL-3023021	457/1000 Why? Proof of Concept exploit, CVSS 7	Proof of Concept
Improper Input Validation SNYK-JS-PARSEURL-3024398	457/1000 Why? Proof of Concept exploit, CVSS 7	Proof of Concept
Regular Expression Denial of Service (ReDoS) SNYK-JS-PATHPARSE-1077067	457/1000 Why? Proof of Concept exploit, CVSS 7	Proof of Concept
Timing Attack SNYK-JS-ELLIPTIC-511941	457/1000 Why? Proof of Concept exploit, CVSS 7	No Known Exploit
Open Redirect SNYK-JS-GOT-2932019	457/1000 Why? Proof of Concept exploit, CVSS 7	No Known Exploit
Regular Expression Denial of Service (ReDoS) SNYK-JS-MARKED-174116	457/1000 Why? Proof of Concept exploit, CVSS 7	No Known Exploit
Regular Expression Denial of Service (ReDoS) SNYK-JS-MARKED-451540	457/1000 Why? Proof of Concept exploit, CVSS 7	No Known Exploit
Regular Expression Denial of Service (ReDoS) SNYK-JS-WORDWRAP-3149973	457/1000 Why? Proof of Concept exploit, CVSS 7	Proof of Concept

(*) Note that the real score may have changed since the PR was raised.

Release notes

Package name: marked

0.8.2 - 2020-03-22
Fixes
- Add html to TextRenderer for html in headings #1622
- Remove html tags in heading ids #1622
Docs
- Update comment about GitHub breaks #1620
0.8.1 - 2020-03-18
Fixes
- Fix marked --help #1588
- Fix GFM Example 116 code fences #1600
- Send inline html to renderer #1602 (fixes #1601)
- Improve docs example for invoking highlight.js #1603
- Fix block-level elements breaking tables #1598 (fixes #1467)
- break nptables on block-level structures #1617
0.8.0 - 2019-12-12
Breaking changes
- Remove substitutions #1532
- Separate source into modules #1563 #1572 #1573 #1575 #1576 #1581
Fixes
- Fix relative urls in baseUrl option #1526
- Loose task list #1535
- Fix image parentheses #1557
- remove module field & update devDependencies #1581
Docs
- Update examples with es6+ #1521
- Fix link to USING_PRO.md page #1552
- Fix typo in USING_ADVANCED.md #1558
- Node worker threads are stable #1555
Dev Dependencies
- Update deps #1516
- Update eslint #1542
- Update htmldiffer async matcher #1543
0.7.0 - 2019-07-06
Security
- Sanitize paragraph and text tokens #1504
- Fix ReDOS for links with backticks (issue #1493) #1515
Breaking Changes
- Deprecate sanitize and sanitizer options #1504
- Move fences to CommonMark #1511
- Move tables to GFM #1511
- Remove tables option #1511
- Single backtick in link text needs to be escaped #1515
Fixes
- Fix parentheses around a link #1509
- Fix headings (issue #1510) #1511
Tests
- Run tests with correct options #1511
0.6.3 - 2019-06-30
Fixes
- Fix nested blockquotes #1464
- Fix <em> issue with mixed content #1451
- revert #1464 #1497
- Fix breaks: true #1507
Docs
- add docs for workers #1432
- Add security policy #1492
- Update supported spec versions #1491
- Update test folder descriptions #1506
DevOps
- Use latest commit for demo master #1457
- Update tests to commonmark 0.29 #1465
- Update tests to GFM 0.29 #1470
- Fix commonmark spec 57 and 40 (headings) #1475
0.6.2 - 2019-04-05
Read more
0.6.1 - 2019-02-19
Fixes
- Fix parenthesis url redos #1414
Docs
- Update demo site to use a worker #1418
- Update devDependencies to last stable #1409
- Update documentation about extending Renderer #1417
- Remove --save option as it isn't required anymore #1422
- Add snyk badge #1420
0.6.0 - 2019-01-01
Read more
0.5.2 - 2018-11-20
Read more
0.5.1 - 2018-09-26
Read more
0.5.0 - 2018-08-16
0.4.0 - 2018-05-21
0.3.19 - 2018-03-26
0.3.18 - 2018-03-22
0.3.17 - 2018-02-27
0.3.16 - 2018-02-20
0.3.15 - 2018-02-19
0.3.14 - 2018-02-16
0.3.13 - 2018-02-16
0.3.12 - 2018-01-09
0.3.9 - 2017-12-23
0.3.7 - 2017-12-01
0.3.6 - 2016-07-30
0.3.5 - 2015-07-31

from marked GitHub release notes

Commit messages

Package name: marked

4af69d3 Merge pull request #1624 from UziTech/release-0.8.2
19f0d4f 0.8.2
38403c0 build
d7b05cb update devdeps
17ee15f build [skip ci]
58e9fed Merge pull request #1622 from UziTech/render-html
193a41e simplify tag regex
7330a9c add html test to heading ids
f01ba94 add html to TextRenderer
cf3d0a0 Merge pull request #1620 from julien-c/patch-1
9f2c0d1 Update docs/USING_ADVANCED.md
885d728 Update docs/USING_ADVANCED.md
b8c5541 Merge pull request #1616 from UziTech/release-0.8.1
20d85bd 0.8.1
b0928cb build [skip ci]
8d51037 Merge pull request #1617 from UziTech/following-nptable
4e3d20d Remove inaccurate proposition on GitHub
c71ac10 Merge pull request #1619 from markedjs/dependabot/npm_and_yarn/acorn-7.1.1
65febe4 Bump acorn from 7.1.0 to 7.1.1
2d8045f test 3 spaces before table rows
431f523 remove unneeded code
d8c09c1 add tests
cbcda26 copy table rules to nptables
11a035e build [skip ci]

Compare

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.

For more information:

🧐 View latest project report

🛠 Adjust upgrade PR settings

🔕 Ignore this dependency or unsubscribe from future upgrade PRs

Snyk has created this PR to upgrade marked from 0.3.5 to 0.8.2. See this package in npm: https://www.npmjs.com/package/marked See this project in Snyk: https://app.snyk.io/org/grupa-poc-org-1/project/4d25b9be-4d02-48d1-b1f5-69fe45ca9974?utm_source=github-enterprise&utm_medium=referral&page=upgrade-pr

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

[Snyk] Upgrade marked from 0.3.5 to 0.8.2 #7

[Snyk] Upgrade marked from 0.3.5 to 0.8.2 #7

hubertczarnowskipracuj commented Aug 4, 2023

Fixes

Docs

Fixes

Breaking changes

Fixes

Docs

Dev Dependencies

Security

Breaking Changes

Fixes

Tests

Fixes

Docs

DevOps

Fixes

Docs

[Snyk] Upgrade marked from 0.3.5 to 0.8.2 #7

Are you sure you want to change the base?

[Snyk] Upgrade marked from 0.3.5 to 0.8.2 #7

Conversation

hubertczarnowskipracuj commented Aug 4, 2023

Snyk has created this PR to upgrade marked from 0.3.5 to 0.8.2.

Fixes

Docs

Fixes

Breaking changes

Fixes

Docs

Dev Dependencies

Security

Breaking Changes

Fixes

Tests

Fixes

Docs

DevOps

Fixes

Docs