Skip to content

[Snyk] Upgrade markdownlint from 0.11.0 to 0.27.0 #2

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
wants to merge 1 commit into
base: master
Choose a base branch
from
Open

[Snyk] Upgrade markdownlint from 0.11.0 to 0.27.0 #2

wants to merge 1 commit into from

Conversation

snyk-bot
Copy link

Snyk has created this PR to upgrade markdownlint from 0.11.0 to 0.27.0.

ℹ️ Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.

  • The recommended version is 29 versions ahead of your current version.
  • The recommended version was released 2 months ago, on 2022-12-28.

The recommended version fixes:

Severity Issue PriorityScore (*) Exploit Maturity
Regular Expression Denial of Service (ReDoS)
SNYK-JS-MARKDOWNIT-459438		 586/1000
Why? Proof of Concept exploit, Has a fix available, CVSS 5.3		 Proof of Concept
Regular Expression Denial of Service (ReDoS)
SNYK-JS-MARKDOWNIT-2331914		 586/1000
Why? Proof of Concept exploit, Has a fix available, CVSS 5.3		 No Known Exploit

(*) Note that the real score may have changed since the PR was raised.

Release notes
Package name: markdownlint
  • 0.27.0 - 2022-12-28

    Add new doc-build directory to .npmignore.

  • 0.26.2 - 2022-08-09

    …r needed.

  • 0.26.1 - 2022-07-24

    Update to version 0.26.1.

  • 0.26.0 - 2022-06-22

    Update to version 0.26.0.

  • 0.25.1 - 2022-01-14

    Update to version 0.25.1.

  • 0.25.0 - 2021-12-28

    Merge branch 'next' into main

  • 0.24.0 - 2021-08-23

    Merge branch 'next'

  • 0.23.1 - 2021-02-12

    Update to version 0.23.1.

  • 0.23.0 - 2021-02-07

    Update to version 0.23.0.

  • 0.22.0 - 2020-11-25

    Update to version 0.22.0.

  • 0.21.1 - 2020-10-21
  • 0.21.0 - 2020-09-20
  • 0.20.4 - 2020-06-24
  • 0.20.3 - 2020-05-15
  • 0.20.2 - 2020-04-26
  • 0.20.1 - 2020-04-13
  • 0.20.0 - 2020-04-11
  • 0.19.0 - 2020-01-28
  • 0.18.0 - 2019-12-14
  • 0.17.2 - 2019-10-25
  • 0.17.1 - 2019-10-20
  • 0.17.0 - 2019-10-05
  • 0.16.0 - 2019-08-05
  • 0.15.0 - 2019-06-09
  • 0.14.2 - 2019-05-18
  • 0.14.1 - 2019-05-09
  • 0.14.0 - 2019-05-08
  • 0.13.0 - 2019-03-30
  • 0.12.0 - 2019-02-04
  • 0.11.0 - 2018-07-22
from markdownlint GitHub release notes
Commit messages
Package name: markdownlint
  • e3fbc08 Add new doc-build directory to .npmignore.
  • 5a4cf17 Update to version 0.27.0 (closes #669).
  • bbbb63c Update .markdownlint.json to set line-length/code_blocks to false and remove unnecessary inline comments to disable/restore.
  • a5d9f29 Synchronize package.json/engines/node for helpers to v14 value for markdownlint.
  • 86a4a7d Change helpers.getReferenceLinkImageData().shortcuts from Set to Map using the same schema as .references (fixes #685).
  • f000a33 Add test for helpers.getReferenceLinkImageData().shortcuts to verify non-shortcut link scenaros aren't mis-reported (closes #684).
  • 691b7af Add test case to verify MD052 range parameter to onError is valid and that commit 6974cd6012afbcb3bce95ff78d177a1730845202 fixes #686.
  • 868edf8 Manually fix three new ESLint warnings from the eslint-plugin-regexp plugin (refs #657).
  • 6b01a98 Add ESLint plugin eslint-plugin-regexp, enable recommended rules, apply all automated fixes (refs #657).
  • c346e0d Add Apache Airflow and Electron repositories to README Examples and test-repos.js.
  • d3605b5 Bump eslint from 8.29.0 to 8.30.0
  • 741e6fe Default npm's ignore-scripts flag to true to prevent running pre- or post-scripts in package dependencies.
  • 8d6e0b5 Replace helpers.urlRe with helpers.urlFe to address "innefficient regular expression" CodeQL alert, introduce function expressions as an alternative, test more inputs.
  • 485c63c Add more test cases for helpers.urlRe, refactor corresponding test to go line-by-line and use exec.
  • 0ea385c Remove two projects from README/Examples that are no longer good examples of markdownlint use.
  • aa36351 Update "Fixable: Most violations can be fixed by tooling" to use the word "Some" to avoid over-promising.
  • 466f1d0 Remove outdated exclusions from external repository tests.
  • ac8f495 Update MD051/link-fragments to identify and fix scenarios where the link fragment has the wrong case (fixes #605).
  • d352d4e Update MD034/no-bare-urls to handle more scenarios, simplify slightly, replace blanket MD034 suppression for https://github.com/mdn/content with specific (valid) issues (refs #607).
  • 2e29370 Rename helpers.bareUrlRe to urlRe, improve it a little, add tests
  • 6e38259 Add https://github.com/mdn/content to test-repos scenario, ignore new MD034 issues for now (fixes #607).
  • e8ec7bd Remove clone-test-repos-large npm script, merge into clone-test-repos.
  • e42da81 Tweak test case heading for consistency.
  • cb16438 Add various Markdown lists as formatted by Prettier with the default --tab-width of 2 and the not uncommon alternate of 4, update Prettier.md with the relevant configuration (produced using v2.8.1 of https://prettier.io/playground/) (refs #652).

Compare

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.

For more information:

🧐 View latest project report

🛠 Adjust upgrade PR settings

🔕 Ignore this dependency or unsubscribe from future upgrade PRs

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
1 participant
@snyk-bot