fix: bump marked from 2.0.1 to 4.0.10

This addresses GHSA-rrrm-qjm4-v8hf. GHSA-rrrm-qjm4-v8hf Accommodate breaking change in index.js. (Use marked.parse() instead of marked().) Bumps [marked](https://github.com/markedjs/marked) from 2.0.1 to 4.0.10. - [Release notes](https://github.com/markedjs/marked/releases) - [Changelog](https://github.com/markedjs/marked/blob/master/.releaserc.json) - [Commits](markedjs/marked@v2.0.1...v4.0.10) --- updated-dependencies: - dependency-name: marked dependency-type: direct:production ...
semantic-release · Jan 15, 2022 · bba42d4 · bba42d4
1 parent dd7d664
commit bba42d4
Show file tree

Hide file tree

Showing 3 changed files with 32 additions and 12 deletions.
diff --git a/index.js b/index.js
@@ -207,7 +207,7 @@ async function run(context, plugins) {
   if (options.dryRun) {
     logger.log(`Release note for version ${nextRelease.version}:`);
     if (nextRelease.notes) {
-      context.stdout.write(marked(nextRelease.notes));
+      context.stdout.write(marked.parse(nextRelease.notes));
     }
   }
 
@@ -220,7 +220,7 @@ function logErrors({logger, stderr}, err) {
     if (error.semanticRelease) {
       logger.error(`${error.code} ${error.message}`);
       if (error.details) {
-        stderr.write(marked(error.details));
+        stderr.write(marked.parse(error.details));
       }
     } else {
       logger.error('An error occurred while running semantic-release: %O', error);

diff --git a/package-lock.json b/package-lock.json
diff --git a/package.json b/package.json
@@ -37,7 +37,7 @@
     "hook-std": "^2.0.0",
     "hosted-git-info": "^4.0.0",
     "lodash": "^4.17.21",
-    "marked": "^2.0.0",
+    "marked": "^4.0.10",
     "marked-terminal": "^4.1.1",
     "micromatch": "^4.0.2",
     "p-each-series": "^2.1.0",