mirror of
https://github.com/Ionaru/easy-markdown-editor
synced 2025-07-23 01:44:31 -06:00
Update marked to resolve security vulnerability
This commit is contained in:
parent
a56badd0dc
commit
6159ed1383
@ -7,6 +7,7 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
|
||||
## [Unreleased]
|
||||
### Fixed
|
||||
- Incorrect initial line and column count in status bar.
|
||||
- Security issue in `marked` dependency.
|
||||
|
||||
## [2.16.0] - 2022-01-11
|
||||
### Added
|
||||
|
30
package-lock.json
generated
30
package-lock.json
generated
@ -10,10 +10,10 @@
|
||||
"license": "MIT",
|
||||
"dependencies": {
|
||||
"@types/codemirror": "^5.60.4",
|
||||
"@types/marked": "^3.0.1",
|
||||
"@types/marked": "^4.0.1",
|
||||
"codemirror": "^5.63.1",
|
||||
"codemirror-spell-checker": "1.1.2",
|
||||
"marked": "^3.0.4"
|
||||
"marked": "^4.0.10"
|
||||
},
|
||||
"devDependencies": {
|
||||
"browserify": "^17.0.0",
|
||||
@ -192,9 +192,9 @@
|
||||
"integrity": "sha512-C6N5s2ZFtuZRj54k2/zyRhNDjJwwcViAM3Nbm8zjBpbqAdZ00mr0CFxvSKeO8Y/e03WVFLpQMdHYVfUd6SB+Hw=="
|
||||
},
|
||||
"node_modules/@types/marked": {
|
||||
"version": "3.0.3",
|
||||
"resolved": "https://registry.npmjs.org/@types/marked/-/marked-3.0.3.tgz",
|
||||
"integrity": "sha512-ZgAr847Wl68W+B0sWH7F4fDPxTzerLnRuUXjUpp1n4NjGSs8hgPAjAp7NQIXblG34MXTrf5wWkAK8PVJ2LIlVg=="
|
||||
"version": "4.0.1",
|
||||
"resolved": "https://registry.npmjs.org/@types/marked/-/marked-4.0.1.tgz",
|
||||
"integrity": "sha512-ZigEmCWdNUU7IjZEuQ/iaimYdDHWHfTe3kg8ORfKjyGYd9RWumPoOJRQXB0bO+XLkNwzCthW3wUIQtANaEZ1ag=="
|
||||
},
|
||||
"node_modules/@types/node": {
|
||||
"version": "14.18.5",
|
||||
@ -5328,11 +5328,11 @@
|
||||
}
|
||||
},
|
||||
"node_modules/marked": {
|
||||
"version": "3.0.8",
|
||||
"resolved": "https://registry.npmjs.org/marked/-/marked-3.0.8.tgz",
|
||||
"integrity": "sha512-0gVrAjo5m0VZSJb4rpL59K1unJAMb/hm8HRXqasD8VeC8m91ytDPMritgFSlKonfdt+rRYYpP/JfLxgIX8yoSw==",
|
||||
"version": "4.0.10",
|
||||
"resolved": "https://registry.npmjs.org/marked/-/marked-4.0.10.tgz",
|
||||
"integrity": "sha512-+QvuFj0nGgO970fySghXGmuw+Fd0gD2x3+MqCWLIPf5oxdv1Ka6b2q+z9RP01P/IaKPMEramy+7cNy/Lw8c3hw==",
|
||||
"bin": {
|
||||
"marked": "bin/marked"
|
||||
"marked": "bin/marked.js"
|
||||
},
|
||||
"engines": {
|
||||
"node": ">= 12"
|
||||
@ -9060,9 +9060,9 @@
|
||||
"integrity": "sha512-C6N5s2ZFtuZRj54k2/zyRhNDjJwwcViAM3Nbm8zjBpbqAdZ00mr0CFxvSKeO8Y/e03WVFLpQMdHYVfUd6SB+Hw=="
|
||||
},
|
||||
"@types/marked": {
|
||||
"version": "3.0.3",
|
||||
"resolved": "https://registry.npmjs.org/@types/marked/-/marked-3.0.3.tgz",
|
||||
"integrity": "sha512-ZgAr847Wl68W+B0sWH7F4fDPxTzerLnRuUXjUpp1n4NjGSs8hgPAjAp7NQIXblG34MXTrf5wWkAK8PVJ2LIlVg=="
|
||||
"version": "4.0.1",
|
||||
"resolved": "https://registry.npmjs.org/@types/marked/-/marked-4.0.1.tgz",
|
||||
"integrity": "sha512-ZigEmCWdNUU7IjZEuQ/iaimYdDHWHfTe3kg8ORfKjyGYd9RWumPoOJRQXB0bO+XLkNwzCthW3wUIQtANaEZ1ag=="
|
||||
},
|
||||
"@types/node": {
|
||||
"version": "14.18.5",
|
||||
@ -13192,9 +13192,9 @@
|
||||
}
|
||||
},
|
||||
"marked": {
|
||||
"version": "3.0.8",
|
||||
"resolved": "https://registry.npmjs.org/marked/-/marked-3.0.8.tgz",
|
||||
"integrity": "sha512-0gVrAjo5m0VZSJb4rpL59K1unJAMb/hm8HRXqasD8VeC8m91ytDPMritgFSlKonfdt+rRYYpP/JfLxgIX8yoSw=="
|
||||
"version": "4.0.10",
|
||||
"resolved": "https://registry.npmjs.org/marked/-/marked-4.0.10.tgz",
|
||||
"integrity": "sha512-+QvuFj0nGgO970fySghXGmuw+Fd0gD2x3+MqCWLIPf5oxdv1Ka6b2q+z9RP01P/IaKPMEramy+7cNy/Lw8c3hw=="
|
||||
},
|
||||
"matchdep": {
|
||||
"version": "2.0.0",
|
||||
|
@ -20,10 +20,10 @@
|
||||
"author": "Jeroen Akkerman",
|
||||
"dependencies": {
|
||||
"@types/codemirror": "^5.60.4",
|
||||
"@types/marked": "^3.0.1",
|
||||
"@types/marked": "^4.0.1",
|
||||
"codemirror": "^5.63.1",
|
||||
"codemirror-spell-checker": "1.1.2",
|
||||
"marked": "^3.0.4"
|
||||
"marked": "^4.0.10"
|
||||
},
|
||||
"devDependencies": {
|
||||
"browserify": "^17.0.0",
|
||||
|
@ -12,7 +12,7 @@ require('codemirror/addon/search/searchcursor.js');
|
||||
require('codemirror/mode/gfm/gfm.js');
|
||||
require('codemirror/mode/xml/xml.js');
|
||||
var CodeMirrorSpellChecker = require('codemirror-spell-checker');
|
||||
var marked = require('marked/lib/marked');
|
||||
var marked = require('marked').marked;
|
||||
|
||||
|
||||
// Some variables
|
||||
@ -1986,7 +1986,7 @@ EasyMDE.prototype.markdown = function (text) {
|
||||
marked.setOptions(markedOptions);
|
||||
|
||||
// Convert the markdown to HTML
|
||||
var htmlText = marked(text);
|
||||
var htmlText = marked.parse(text);
|
||||
|
||||
// Sanitize HTML
|
||||
if (this.options.renderingConfig && typeof this.options.renderingConfig.sanitizerFunction === 'function') {
|
||||
|
5
types/easymde.d.ts
vendored
5
types/easymde.d.ts
vendored
@ -20,7 +20,8 @@
|
||||
// SOFTWARE.
|
||||
|
||||
/// <reference types="codemirror"/>
|
||||
/// <reference types="marked"/>
|
||||
|
||||
import { marked } from 'marked';
|
||||
|
||||
interface ArrayOneOrMore<T> extends Array<T> {
|
||||
0: T;
|
||||
@ -178,7 +179,7 @@ declare namespace EasyMDE {
|
||||
autoDownloadFontAwesome?: boolean;
|
||||
autofocus?: boolean;
|
||||
autosave?: AutoSaveOptions;
|
||||
autoRefresh?: boolean | { delay: number };
|
||||
autoRefresh?: boolean | { delay: number; };
|
||||
blockStyles?: BlockStyleOptions;
|
||||
element?: HTMLElement;
|
||||
forceSync?: boolean;
|
||||
|
Loading…
x
Reference in New Issue
Block a user