Skip to content

Bump the runtime group across 1 directory with 3 updates#348

Closed
dependabot[bot] wants to merge 1 commit intomainfrom
dependabot/npm_and_yarn/runtime-5bb121c8d4
Closed

Bump the runtime group across 1 directory with 3 updates#348
dependabot[bot] wants to merge 1 commit intomainfrom
dependabot/npm_and_yarn/runtime-5bb121c8d4

Conversation

@dependabot
Copy link
Copy Markdown
Contributor

@dependabot dependabot Bot commented on behalf of github Mar 27, 2026
edited
Loading

Bumps the runtime group with 3 updates in the / directory: ioredis, marked and yaml.

Updates ioredis from 5.10.0 to 5.10.1

Release notes

Sourced from ioredis's releases.

v5.10.1

5.10.1 (2026-03-19)

Bug Fixes

  • cluster: lazily start sharded subscribers (#2090) (4f167bb)
Changelog

Sourced from ioredis's changelog.

5.10.1 (2026-03-19)

Bug Fixes

  • cluster: lazily start sharded subscribers (#2090) (4f167bb)
Commits

Updates marked from 15.0.12 to 17.0.5

Release notes

Sourced from marked's releases.

v17.0.5

17.0.5 (2026-03-20)

Bug Fixes

  • Fix catastrophic backtracking (ReDoS) in link/reflink label regex (#3918) (4625980)
  • prevent quadratic complexity in emStrongLDelim regex (#3906) (c732dd2)
  • prevent single-tilde strikethrough false positives (#3910) (5e03369)
  • re-assign tokenizer.lexer and renderer.parser at start of each parse call (#3907) (f3a3ec0)
  • trim trailing whitespace from lheading text (#3920) (3ea7e88)

v17.0.4

17.0.4 (2026-03-04)

Bug Fixes

  • prevent ReDoS in inline link regex title group (#3902) (46fb9b8)

v17.0.3

17.0.3 (2026-02-17)

Bug Fixes

v17.0.2

17.0.2 (2026-02-11)

Bug Fixes

v17.0.1

17.0.1 (2025-11-20)

Bug Fixes

v17.0.0

17.0.0 (2025-11-07)

... (truncated)

Commits
  • 811ea59 chore(release): 17.0.5 [skip ci]
  • c732dd2 fix: prevent quadratic complexity in emStrongLDelim regex (#3906)
  • f3a3ec0 fix: re-assign tokenizer.lexer and renderer.parser at start of each parse cal...
  • 4625980 fix: Fix catastrophic backtracking (ReDoS) in link/reflink label regex (#3918)
  • 5e03369 fix: prevent single-tilde strikethrough false positives (#3910)
  • 288349d test: add heading edge case tests (#3919)
  • 3ea7e88 fix: trim trailing whitespace from lheading text (#3920)
  • d4c0fe5 chore(deps-dev): Bump esbuild from 0.27.3 to 0.27.4 (#3915)
  • 30682c1 chore(deps-dev): Bump undici from 6.23.0 to 6.24.0 (#3914)
  • 59752c4 chore(deps-dev): Bump minimatch from 9.0.5 to 9.0.9 (#3913)
  • Additional commits viewable in compare view
Maintainer changes

This version was pushed to npm by [GitHub Actions](https://www.npmjs.com/~GitHub Actions), a new releaser for marked since your current version.


Updates yaml from 2.8.2 to 2.8.3

Release notes

Sourced from yaml's releases.

v2.8.3

  • Add trailingComma ToString option for multiline flow formatting (#670)
  • Catch stack overflow during node composition (1e84ebb)
Commits
  • ce14587 2.8.3
  • 1e84ebb fix: Catch stack overflow during node composition
  • 6b24090 ci: Include Prettier check in lint action
  • 9424dee chore: Refresh lockfile
  • d1aca82 Add trailingComma ToString option for multiline flow formatting (#670)
  • 4321509 ci: Drop the branch filter from GitHub PR actions
  • 47207d0 chore: Update docs-slate
  • 5212fae chore: Update docs-slate
  • See full diff in compare view

@dependabot dependabot Bot added dependencies Pull requests that update a dependency file javascript Pull requests that update javascript code labels Mar 27, 2026
This was referenced Mar 27, 2026
Closed
Closed
@dependabot
Bump the runtime group with 3 updates
c7ba4df 
Bumps the runtime group with 3 updates: [ioredis](https://github.com/luin/ioredis), [marked](https://github.com/markedjs/marked) and [yaml](https://github.com/eemeli/yaml).


Updates `ioredis` from 5.10.0 to 5.10.1
- [Release notes](https://github.com/luin/ioredis/releases)
- [Changelog](https://github.com/redis/ioredis/blob/main/CHANGELOG.md)
- [Commits](redis/ioredis@v5.10.0...v5.10.1)

Updates `marked` from 15.0.12 to 17.0.5
- [Release notes](https://github.com/markedjs/marked/releases)
- [Commits](markedjs/marked@v15.0.12...v17.0.5)

Updates `yaml` from 2.8.2 to 2.8.3
- [Release notes](https://github.com/eemeli/yaml/releases)
- [Commits](eemeli/yaml@v2.8.2...v2.8.3)

---
updated-dependencies:
- dependency-name: ioredis
  dependency-version: 5.10.1
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: runtime
- dependency-name: marked
  dependency-version: 17.0.5
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: runtime
- dependency-name: yaml
  dependency-version: 2.8.3
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: runtime
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot changed the title Bump the runtime group with 3 updates Bump the runtime group across 1 directory with 3 updates Mar 30, 2026
@dependabot dependabot Bot force-pushed the dependabot/npm_and_yarn/runtime-5bb121c8d4 branch from 7f8ce3f to c7ba4df Compare March 30, 2026 13:44
@dependabot @github
Copy link
Copy Markdown
Contributor Author

dependabot Bot commented on behalf of github Apr 7, 2026

Looks like these dependencies are updatable in another way, so this is no longer needed.

@dependabot dependabot Bot closed this Apr 7, 2026
@dependabot dependabot Bot deleted the dependabot/npm_and_yarn/runtime-5bb121c8d4 branch April 7, 2026 09:35
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file javascript Pull requests that update javascript code

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

0 participants