⬆️ Updates remark (major)

[renovate]

This PR contains the following updates:

Package	Change	Age	Adoption	Passing	Confidence
remark-cli (source)	^9.0.0 -> ^12.0.0
remark-lint-code-block-style (source)	^2.0.1 -> ^4.0.0
remark-lint-ordered-list-marker-value (source)	^2.0.1 -> ^4.0.0
remark-validate-links	^10.0.4 -> ^13.0.0

---

Release Notes

remarkjs/remark (remark-cli)

v12.0.0

Compare Source

(see 15.0.0)

v11.0.0

Compare Source

(see 15.0.0)

v10.0.1

Compare Source

See remark@14.0.2

v10.0.0

Compare Source

Changelog

• 1b89df5 Update remark-parse, remark-stringify
• aab3c3e Rework list fields
• 3325c33 Add support for label to associations
• 31ef684 Add support for meta in code
• c77d24f Update unified

See also

• remark-cli@6.0.0
• remark-parse@6.0.0
• remark-stringify@6.0.0

Project

• 4f6b3d7 Update logo
• e7f509f Improve npm search ranking of individual packages
• 7d98e30 Fix git.io links
• ce62e7a Refactor code-style

Plugins

• 4c0e28a Add remark-macro to list of plugins
• a4caa67 Add remark-git-contributors to list of plugins
• fe241aa Add remark-outer-toc to list of plugins
• 4fa8b1d Replace deprecated plugin with remark-behead in list of plugins
• 52ffdff Add remark-redact to list of plugins
• 02297a5 Add remark-attr to list of plugins

remarkjs/remark-lint (remark-lint-code-block-style)

v4.0.0

Compare Source

• Add support for setting allowed file-name characters (fd908a4)
• Fix parameters when using reset (b8f52a9)
• Update list-item-spacing message (d562d6e)
• Fix checkbox lists starting with links (019ff36)

v3.1.2

Compare Source

v3.1.0

• Update main heading rules to accept preferred depth (7f4a51e)
• Remove : requirement for no-emphasis-as-heading (d54441e)

v3.0.0

Compare Source

• Remove support for Duo (e55fb3a)
• Update for changes in remark@4.0.0 (7fde792)
• Add example for running remark with lint plugin (34d19b4)

remarkjs/remark-validate-links (remark-validate-links)

v13.0.1

Compare Source

• 2b4cc25 Fix misclassified type dependency

Full Changelog: remarkjs/remark-validate-links@13.0.0...13.0.1

v13.0.0

Compare Source

Change

• 39c7e22 Change to require Node.js 16
  migrate: update too
• 7c75796 Change to use exports
  migrate: don’t use private APIs
• c81c6ab Update @types/mdast, utilities, etc
  migrate: update too
• 323908a 7ac7d02 Change to improve messages
  migrate: expect better messages

Full Changelog: remarkjs/remark-validate-links@12.1.1...13.0.0

v12.1.1

Compare Source

Fix

• 415557c Fix inferring IDs of headings with HTML

Misc

• 09a3fdf Update hosted-git-info
• 38da293 Fix typo in docs
  by @​CollierCZ in https://github.com/remarkjs/remark-validate-links/pull/72

Full Changelog: remarkjs/remark-validate-links@12.1.0...12.1.1

v12.1.0

Compare Source

• 53b0c24 Add url to vfile messages
  by @​remcohaszing in https://github.com/remarkjs/remark-validate-links/pull/71

Full Changelog: remarkjs/remark-validate-links@12.0.0...12.1.0

v12.0.0

Compare Source

• 8f58878 Update unified-engine, hosted-git-info
  by @​JounQin in https://github.com/remarkjs/remark-validate-links/pull/69
  tiny chance of breaking: properly parses Yaml 1.2
  tiny chance of breaking: matches modern Node in loading modules
• d6420be Remove support for Node 12
  by @​JounQin in https://github.com/remarkjs/remark-validate-links/pull/70

Full Changelog: remarkjs/remark-validate-links@11.0.2...12.0.0

v11.0.2

Compare Source

• 0489d13 Add improved docs
  by @​wooorm in https://github.com/remarkjs/remark-validate-links/pull/63

Full Changelog: remarkjs/remark-validate-links@11.0.1...11.0.2

v11.0.1

Compare Source

• 765b3f5 Fix slugging of headings w/ images

v11.0.0

Compare Source

• e88fecc Use ESM

  // From CommonJS
  var remarkValidateLinks = require('remark-validate-links')
  
  // To ESM
  import remarkValidateLinks from 'remark-validate-links'

  Learn more about ESM in this guide
• b579e27 Add JSDoc based types
• a5677c0 Update dependencies

---

Configuration

📅 Schedule: Branch creation - "after 10pm every weekday,before 5am every weekday,every weekend" in timezone Europe/Moscow, Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

♻ Rebasing: Whenever PR is behind base branch, or you tick the rebase/retry checkbox.

👻 Immortal: This PR will be recreated if closed unmerged. Get config help if that's undesired.

---

• If you want to rebase/retry this PR, check this box

---

This PR has been generated by Mend Renovate. View repository job log here.

[socket-security]

New and removed dependencies detected. Learn more about Socket for GitHub ↗︎

Package	New capabilities	Transitives	Size	Publisher

🚮 Removed packages: npm/git-cz@4.9.0, npm/gradient-string@1.2.0, npm/hero-patterns@2.1.0, npm/husky@7.0.4, npm/if-env@1.0.4, npm/isomorphic-unfetch@3.1.0, npm/jest-circus@27.5.1, npm/jest@27.5.1, npm/jsonlint@1.6.3, npm/license-checker@25.0.1, npm/lunr@2.3.9, npm/markdown-link-check@3.12.1, npm/node-cron@3.0.3, npm/nodemon@2.0.22, npm/onchange@7.1.0, npm/opener@1.5.2, npm/prettier@2.8.8, npm/pretty-quick@3.3.1, npm/randomcolor@0.5.4, npm/remark-cli@9.0.0, npm/remark-lint-code-block-style@2.0.1, npm/remark-lint-ordered-list-marker-value@2.0.1, npm/remark-preset-davidtheclark@0.12.0, npm/remark-validate-links@10.0.4, npm/semantic-release@17.4.7, npm/ts-jest@27.1.5, npm/ts-node@10.9.2, npm/typedoc@0.21.10, npm/typescript@4.9.5, npm/validate-commit-msg@2.14.0

View full report↗︎

[github-actions]

Thanks for opening an issue! Make sure you've followed CONTRIBUTING.md.

[github-actions]

Hello from PR Helper

Is your PR ready for review and processing? Mark the PR ready by including #pr-ready in a comment.

If you still have work to do, even after marking this ready. Put the PR on hold by including #pr-onhold in a comment.

[github-actions]

Thanks for the PR!

This section of the codebase is owner by https://github.com/AlexRogalskiy/ - if they write a comment saying "LGTM" then it will be merged.

[socket-security]

🚨 Potential security issues detected. Learn more about Socket for GitHub ↗︎

To accept the risk, merge this PR and you will not be notified again.

Alert	Package	Note	Source
Install scripts	npm/core-js@2.6.12	Install script: postinstall Source: node -e "try{require('./postinstall')}catch(e){}"	orphan: npm/core-js@2.6.12

View full report↗︎

Next steps

What is an install script?

Install scripts are run when the package is installed. The majority of malware in npm is hidden in install scripts.

Packages should not be running non-essential scripts during install and there are often solutions to problems people solve with install scripts that can be run at publish time instead.

Take a deeper look at the dependency

Take a moment to review the security alert above. Review the linked package source code to understand the potential risk. Ensure the package is not malicious before proceeding. If you're unsure how to proceed, reach out to your security team or ask the Socket team for help at support [AT] socket [DOT] dev.

Remove the package

If you happen to install a dependency that Socket reports as Known Malware you should immediately remove it and select a different dependency. For other alert types, you may may wish to investigate alternative packages or consider if there are other ways to mitigate the specific risk posed by the dependency.

Mark a package as acceptable risk

To ignore an alert, reply with a comment starting with @SocketSecurity ignore followed by a space separated list of ecosystem/package-name@version specifiers. e.g. @SocketSecurity ignore npm/foo@1.0.0 or ignore all packages with @SocketSecurity ignore-all

• @SocketSecurity ignore npm/core-js@2.6.12