Update dependency marked to v0.8.2 - autoclosed

[mend-for-github-com]

This PR contains the following updates:

Package	Type	Update	Change
marked (source)	dependencies	minor	0.3.19 -> 0.8.2

This PR resolves the vulnerabilities described in Issue #8

---

Version 0.3.19

Risk Change	Critical	High	Medium	Low
N/A	0	2	3	0

Version 0.8.2

Risk Change	Critical	High	Medium	Low
-1%	0 (--)	2 (--)	1 (-2 )	0 (--)

Mend ensures you have the greatest risk reduction ("Recommended Fix"-highlighted in green) by removing as many vulnerabilities as possible. Click to see how we calculate risk reduction.

---

Release Notes

markedjs/marked (marked)

v0.8.2: 0.8.2

Compare Source

Fixes

• Add html to TextRenderer for html in headings #​1622
• Remove html tags in heading ids #​1622

Docs

• Update comment about GitHub breaks #​1620

v0.8.1: 0.8.1

Compare Source

Fixes

• Fix marked --help #​1588
• Fix GFM Example 116 code fences #​1600
• Send inline html to renderer #​1602 (fixes #​1601)
• Improve docs example for invoking highlight.js #​1603
• Fix block-level elements breaking tables #​1598 (fixes #​1467)
• break nptables on block-level structures #​1617

v0.8.0: 0.8.0

Compare Source

Breaking changes

• Remove substitutions #​1532
• Separate source into modules #​1563 #​1572 #​1573 #​1575 #​1576 #​1581

Fixes

• Fix relative urls in baseUrl option #​1526
• Loose task list #​1535
• Fix image parentheses #​1557
• remove module field & update devDependencies #​1581

Docs

• Update examples with es6+ #​1521
• Fix link to USING_PRO.md page #​1552
• Fix typo in USING_ADVANCED.md #​1558
• Node worker threads are stable #​1555

Dev Dependencies

• Update deps #​1516
• Update eslint #​1542
• Update htmldiffer async matcher #​1543

v0.7.0: 0.7.0

Compare Source

Security

• Sanitize paragraph and text tokens #​1504
• Fix ReDOS for links with backticks (issue #​1493) #​1515

Breaking Changes

• Deprecate sanitize and sanitizer options #​1504
• Move fences to CommonMark #​1511
• Move tables to GFM #​1511
• Remove tables option #​1511
• Single backtick in link text needs to be escaped #​1515

Fixes

• Fix parentheses around a link #​1509
• Fix headings (issue #​1510) #​1511

Tests

• Run tests with correct options #​1511

v0.6.3: 0.6.3

Compare Source

Fixes

• Fix nested blockquotes #​1464
• Fix <em> issue with mixed content #​1451
• revert #​1464 #​1497
• Fix breaks: true #​1507

Docs

• add docs for workers #​1432
• Add security policy #​1492
• Update supported spec versions #​1491
• Update test folder descriptions #​1506

DevOps

• Use latest commit for demo master #​1457
• Update tests to commonmark 0.29 #​1465
• Update tests to GFM 0.29 #​1470
• Fix commonmark spec 57 and 40 (headings) #​1475

v0.6.2: 0.6.2

Compare Source

Security

• Link redos #​1426
• Text redos #​1460

Fixes

• Links parens #​1435
• New line after table with escaped pipe #​1439
• List item tables #​1446

Enhancements

• Pass token boolean to the listitem function #​1440
• Allow html without \n after #​1438

CLI

• Update man page to include --test and fix argv parameters #​1442
• Add a --version flag to print marked version #​1448

Testing

• Normalize marked tests #​1444
• Update tests to node 4 syntax #​1449

v0.6.1: 0.6.1

Compare Source

Fixes

• Fix parenthesis url redos #​1414

Docs

• Update demo site to use a worker #​1418
• Update devDependencies to last stable #​1409
• Update documentation about extending Renderer #​1417
• Remove --save option as it isn't required anymore #​1422
• Add snyk badge #​1420

v0.6.0: 0.6.0

Compare Source

Breaking Changes

• Drop support for Node v0.10 and old browsers such as Internet Explorer
  • You should not have any problems if using Node 4+ or a modern browser
• Add parameter slugger to Renderer.prototype.heading method #​1401
  • You should not have any problems if you do not override this method

New Features

• Add new export marked.Slugger #​1401

Fixes

• Fix emphasis followed by a punctuation #​1383
• Fix bold around autolink email address #​1385
• Make autolinks case insensitive #​1384
• Make code fences compliant with Commonmark spec #​1387
• Make blockquote paragraph continuation compliant with Commonmark spec #​1394
• Make ordered list marker length compliant with Commonmark spec #​1391
• Make empty list items compliant with Commonmark spec #​1395
• Make tag escaping compliant with Commonmark spec #​1397
• Make strong/bold compliant with Commonmark spec #​1400
• Fix handling of adjacent lists #​684
• Add better error handling when token type cannot be found #​1005
• Fix duplicate heading id and non-latin characters #​1401

CLI

• Pretty print ENOENT errors on cli #​1396
• Update repo url in man #​1403

Docs

• Fix breaks option description #​1381
• Update docs to include "Since" version #​1382
• Add defibrillator badge for @​mccraveiro #​1392

Tests

• Remove old test covered by gfm/cm #​1389

v0.5.2: 0.5.2

Compare Source

Bug Fixes

• Fix emphasis closing by single _ (part of left-flanking run) #​1351
• Make URL handling consistent between links and images #​1359

Other

• Add missing semicolons, add lint rule #​1340
• Make Steven (@​styfle) a npm publisher #​1346
• Fix typo in docs: responsibility #​1364
• Add the ability to specify options on the demo page as JSON #​1357
  • Show red border when JSON options are invalid #​1360
• Move license file back to root dir #​1356
• Fix builds: remove node v0.10 from travis matrix #​1366
  • This does not a break compatibility in this release but it will a future release
• Add files key to package.json to prevent publishing unused files #​1367

v0.5.1: 0.5.1

Compare Source

Security

• Fix inline code regex and prevent REDOS #​1337
• Use @markedjs/html-differ to prevent REDOS #​1331

Bug Fixes

• Fix typographic substitution in (pre|code|kbd|script) blocks when smartypants=true #​1335
• Fix auto-linking email address #​1338

Other

• Refactor the escape() function to improve performance 10-20% #​975
• Update copyright in source code #​1326
• Update benchmark tests #​1019
• Add dependency badges to readme #​1333

v0.5.0: 0.5.0

Compare Source

Security

• Use rtrim, not unsafe /X+$/ #​1260

Breaking Changes

• Fix GFM empty table cells #​1262
• Fix GFM extended auto-linking requiring multiple backpedals #​1293
• Fix GFM strikethrough compatibility #​1258
• Fix issues link references and prototypes #​1299
• Fix hard line break when backslash at EOL #​1303
• Fix hyperlinks with parenthesis #​1305
• Fix loose lists #​1304
• Fix strong and em #​1315

Docs

• Fix typo in USING_ADVANCED.md #​1276
• Add pictures to AUTHORS.md #​1272
• Change badge to latest version of marked #​1300
• Change badges from shields.io to badgen.net #​1317
• Use iframe to sandbox generated html #​1295
• Add additional links into readme #​1310
• Add missing parameters for renderer methods #​1311
• Add undocumented option descriptions #​1312
• Add navigation sidebar to the docs #​1316

CI

• Change travis clone depth to 3 #​1270

v0.4.0

Compare Source

Security Fixes

• Fix unsafe heading regex (#​1224)
• Fix unsafe link regex (#​1223, #​1227)

New Features

• Add option to disable heading ids (#​1190)
• Add support for GFM Task Lists to comply with the GFM spec (#​1250)

Breaking Changes

• Fix escaping pipes in tables (#​1239)
• Fix html output for tables to match GFM spec (#​1245)
• Fix many bugs to reach parity with CommonMark spec (#​1135)
• Fix new Renderer() so it uses default options (#​1203)
• Fix text and paragraph return types (#​1248) (#​1249)
• Fix <em> less than 3 chars (#​1181)
• Fix <pre> code blocks so there is no more trailing \n (#​1266)
• Fix default langPrefix to follow CommonMark standard language- (#​1265)

CLI Changes

• Add string argument to CLI (#​1182)
• Change CLI stdio to remove warning (#​994)

Other changes

• Lint all the things (#​1185)
• Improved testing and DevOps (#​1160, #​1210, #​1220, #​1228, #​1219, #​1256)
• Update documentation and demos (#​1196, #​1197, #​1204, #​1207, #​1221, #​1233, #​1217, #​1240, #​1244, #​1253)

---

• If you want to rebase/retry this PR, check this box