Skip to content
This repository has been archived by the owner on Dec 2, 2021. It is now read-only.

[Snyk] Upgrade showdown from 1.8.2 to 1.9.1 #9

Open
wants to merge 1 commit into
base: master
Choose a base branch
from
Open

[Snyk] Upgrade showdown from 1.8.2 to 1.9.1 #9

wants to merge 1 commit into from

Conversation

snyk-bot
Copy link

Snyk has created this PR to upgrade showdown from 1.8.2 to 1.9.1.

ℹ️ Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.

  • The recommended version is 7 versions ahead of your current version.
  • The recommended version was released 2 years ago, on 2019-11-02.

The recommended version fixes:

Severity Issue PriorityScore (*) Exploit Maturity
Prototype Pollution
SNYK-JS-Y18N-1021887		 472/1000
Why? Proof of Concept exploit, CVSS 7.3		 Proof of Concept
Denial of Service (DoS)
npm:mem:20180117		 472/1000
Why? Proof of Concept exploit, CVSS 7.3		 No Known Exploit
Prototype Pollution
SNYK-JS-YARGSPARSER-560381		 472/1000
Why? Proof of Concept exploit, CVSS 7.3		 Proof of Concept
Reverse Tabnabbing
SNYK-JS-SHOWDOWN-469487		 472/1000
Why? Proof of Concept exploit, CVSS 7.3		 No Known Exploit

(*) Note that the real score may have changed since the PR was raised.

Release notes
Package name: showdown
  • 1.9.1 - 2019-11-02

    1.9.1 (2019-11-02)

    Bug Fixes

    • openLinksInNewWindow: add rel="noopener noreferrer" to links (1cd281f), closes #670

    Dependecy update

    • yargs: update yargs to latest version ^14.2 (dae65c6)
  • 1.9.0 - 2018-11-10

    Version 1.9.0 introduces a new feature, the HTML to Markdown converter. This feature is still experimental and is a partial backport of the new Reverse Converter planned for version 2.0.

    Bug Fixes

    • italicsAndBold: fix issue with consecutive spans (#608) (5c0d67e), closes #544
    • underline: fix issue with consecutive spans (81edc70)

    Features

    • converter.makeMarkdown: [EXPERIMENTAL] add an HTML to MD converter (e4b0e69), closes #388 #233
  • 1.8.7 - 2018-10-16

    Bug Fixes

    • emojis: fix emoji excessive size (4aca41c)
    • gfm-codeblocks:
      • add support for spaces before language declaration (24bf7b1), closes #569
      • leading space no longer breaks gfm codeblocks (828c32f), closes #523
    • images: fix js error when using image references (980e702), closes #585
    • literalMidWordAsterisks: now parses single characters enclosed by * correctly (fe70e45), closes #478
    • mentions: allow for usernames with dot, underscore and dash (dfeb1e2), closes #574
    • nbsp: fix replacing of nbsp with regular spaces (8bc1f42)
  • 1.8.6 - 2017-12-22

    Features

    • splitAdjacentBlockquotes: add option to split adjacent blockquote blocks (da328f2), closes #477
  • 1.8.5 - 2017-12-10

    Features

    • completeHTMLDocument: add option to output a complete HTML document (a8427c9)
    • metadata: add support for embedded metadata (63d949f), closes #260
  • 1.8.4 - 2017-12-05

    Bug Fixes

    • tables: raw html inside code tags in tables no longer breaks tables (4ef4c5e), closes #471
  • 1.8.3 - 2017-11-28

    Bug Fixes

    • literalMidWordAsterisks: no longer treats colon as alphanumeric char (21194c8), closes #461
    • spanGamut: code spans are hashed after parsing (f4f63c5), closes #464
    • tables: pipe character in code spans no longer breaks table (0c933a0), closes #465
  • 1.8.2 - 2017-11-11

    Bug Fixes

    • fenced codeblocks: add tilde as fenced code block delimiter (c956ede), closes #456
    • openLinksInNewWindow: hash links are not affected by the option (11936ec), closes #457
from showdown GitHub release notes
Commit messages
Package name: showdown
  • 483e51f release 1.9.1
  • 5cc3fcc update dev dependencies
  • 1cd281f fix(openLinksInNewWindow): add rel="noopener noreferrer" to links
  • 58208e5 update dependencies
  • 8afa1ff release 1.9.0
  • cc1b955 prep release
  • a894a0e docs: add mention to makeMd() to reamde.md
  • e4b0e69 feat(converter.makeMarkdown): add an HTML to MD converter
  • 5c0d67e fix(italicsAndBold): Make italicsAndBold lazy (#608)
  • afbaec9 docs(donations.md): update
  • 0087148 docs(readme.md): update
  • 69b816e docs(completeHTMLDocument): Change completeHTMLDocument comment (#610)
  • a608114 docs(readme.md): update readme.md
  • 9907c95 add md-page to people who use (#604)
  • 3fe5e9a Update DONATIONS.md
  • 012f8d6 Update DONATIONS.md
  • 47428b7 Update README.md
  • c96c3ef Update README.md
  • dc70e68 docs(emoji): Change emoji comment (#611)
  • 0c6f345 fix(italicsAndBold): Make italicsAndBold lazy (#608)
  • e6aeb61 release 1.8.7
  • 828c32f fix(gfm-codeblocks): leading space no longer breaks gfm codeblocks
  • dfeb1e2 fix(mentions): allow for usernames with dot, underscore and dash
  • 79ed024 test: add test for issue 585

Compare

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.

For more information:

🧐 View latest project report

🛠 Adjust upgrade PR settings

🔕 Ignore this dependency or unsubscribe from future upgrade PRs

Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
1 participant
@snyk-bot