Commit 7da39f1
authored
chore(deps): bump markdown-it and @vscode/vsce (#1588)
Bumps [markdown-it](https://github.com/markdown-it/markdown-it) to
14.2.0 and updates ancestor dependency
[@vscode/vsce](https://github.com/Microsoft/vsce). These dependencies
need to be updated together.
Updates `markdown-it` from 12.3.2 to 14.2.0
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/markdown-it/markdown-it/blob/master/CHANGELOG.md">markdown-it's
changelog</a>.</em></p>
<blockquote>
<h2>[14.2.0] - 2026-05-24</h2>
<h3>Added</h3>
<ul>
<li><code>isPunctCharCode</code> to utilities.</li>
</ul>
<h3>Fixed</h3>
<ul>
<li>Don't end HTML comment blocks on a blank line, <a
href="https://redirect.github.com/markdown-it/markdown-it/issues/1155">#1155</a>.</li>
<li>Properly recognize astral chars (surrogates) in delimiter scans for
emphasis-like markers, <a
href="https://redirect.github.com/markdown-it/markdown-it/issues/1072">#1072</a>.
Big thanks to <a
href="https://github.com/tats-u"><code>@tats-u</code></a> for his
global efforts
with improving CJK support.</li>
<li>Preserve unicode whitespaces when trimm headings/paragraphs, <a
href="https://redirect.github.com/markdown-it/markdown-it/issues/1074">#1074</a>.</li>
<li>More strict entities decode to avoid false positives <code>;</code>,
<a
href="https://redirect.github.com/markdown-it/markdown-it/issues/1096">#1096</a>.</li>
<li>Restore block parser state on fail in <code>lheading</code> rule, <a
href="https://redirect.github.com/markdown-it/markdown-it/issues/1131">#1131</a>.</li>
</ul>
<h3>Security</h3>
<ul>
<li>Fixed poor smartquotes perfomance on > 70k quotes in single
block</li>
<li>Bumped linkify-it to 5.0.1 with fixed potential perfomance
issues.</li>
</ul>
<h2>[14.1.1] - 2026-01-11</h2>
<h3>Security</h3>
<ul>
<li>Fixed regression from v13 in linkify inline rule. Specific patterns
could
cause high CPU use. Thanks to <a
href="https://github.com/ltduc147"><code>@ltduc147</code></a> for
report.</li>
</ul>
<h2>[14.1.0] - 2024-03-19</h2>
<h3>Changed</h3>
<ul>
<li>Updated CM spec compatibility to 0.31.2, <a
href="https://redirect.github.com/markdown-it/markdown-it/issues/1009">#1009</a>.</li>
</ul>
<h3>Fixed</h3>
<ul>
<li>Fixed quadratic complexity when parsing references, <a
href="https://redirect.github.com/markdown-it/markdown-it/issues/996">#996</a>.</li>
<li>Fixed quadratic output size with pathological user input in tables,
<a
href="https://redirect.github.com/markdown-it/markdown-it/issues/1000">#1000</a>.</li>
</ul>
<h2>[14.0.0] - 2023-12-08</h2>
<h3>Changed</h3>
<ul>
<li>Drop ancient browsers support (use <code>.fromCodePoint</code> and
other features).</li>
<li>Rewrite to ESM (including all plugins/deps). CJS fallback still
available.
No signatures changed, except <code>markdown-it-emoji</code>
plugin.</li>
<li>Dropped <code>dist/</code> folder from repo, build on package
publish.</li>
<li>Set <code>punicode.js</code> as external dependency.</li>
</ul>
<h3>Fixed</h3>
<ul>
<li>Html tokens inside img alt are now rendered as their original text,
<a
href="https://redirect.github.com/markdown-it/markdown-it/issues/896">#896</a>.</li>
<li>Hardbreaks inside img alt are now rendered as newlines.</li>
</ul>
<h2>[13.0.2] - 2023-09-26</h2>
<h3>Security</h3>
<ul>
<li>Fixed crash/infinite loop caused by linkify inline rule, <a
href="https://redirect.github.com/markdown-it/markdown-it/issues/957">#957</a>.</li>
</ul>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/markdown-it/markdown-it/commit/829797aa00353ce0b62ddeb9b4583b837b1ffd9b"><code>829797a</code></a>
14.2.0 released</li>
<li><a
href="https://github.com/markdown-it/markdown-it/commit/9ce2087562c45d1e5ddd9f76b990f4b3fbe040e5"><code>9ce2087</code></a>
Fix smartquotes perfomance</li>
<li><a
href="https://github.com/markdown-it/markdown-it/commit/02e73b88fdbaddf7ecee7e567a3da62b98e57a4d"><code>02e73b8</code></a>
linkify-it bump</li>
<li><a
href="https://github.com/markdown-it/markdown-it/commit/68cfb8c0792ba87992d21ffb4d22ee6cf635afb7"><code>68cfb8c</code></a>
fix: don't end HTML comment blocks on a blank line (<a
href="https://redirect.github.com/markdown-it/markdown-it/issues/1155">#1155</a>)</li>
<li><a
href="https://github.com/markdown-it/markdown-it/commit/108313756cfffba31166df0140e27dd58e4da115"><code>1083137</code></a>
Readme cleanup</li>
<li><a
href="https://github.com/markdown-it/markdown-it/commit/97c7ca2571f4255ff1d0f465958dda5293d20fe8"><code>97c7ca2</code></a>
Update funding info</li>
<li><a
href="https://github.com/markdown-it/markdown-it/commit/c471b55c10501aba7b62817df613adc5f451da43"><code>c471b55</code></a>
Changelog update</li>
<li><a
href="https://github.com/markdown-it/markdown-it/commit/77696210d1c7c56e4ffd49ff28ba15b460cb01e4"><code>7769621</code></a>
isPunctChar => isPunctCharCode</li>
<li><a
href="https://github.com/markdown-it/markdown-it/commit/aa2aa70b3001ed6aea67c22f1ff52e1ca158d2e1"><code>aa2aa70</code></a>
fix: always reset parentType in lheading rule (<a
href="https://redirect.github.com/markdown-it/markdown-it/issues/1131">#1131</a>)</li>
<li><a
href="https://github.com/markdown-it/markdown-it/commit/59955f2ad35cbb0e3f41ad779c7363a94b4bf38e"><code>59955f2</code></a>
Polish PRs <a
href="https://redirect.github.com/markdown-it/markdown-it/issues/1072">#1072</a>,
<a
href="https://redirect.github.com/markdown-it/markdown-it/issues/1074">#1074</a></li>
<li>Additional commits viewable in <a
href="https://github.com/markdown-it/markdown-it/compare/12.3.2...14.2.0">compare
view</a></li>
</ul>
</details>
<br />
Updates `@vscode/vsce` from 2.24.0 to 3.9.2
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/Microsoft/vsce/releases">@vscode/vsce's
releases</a>.</em></p>
<blockquote>
<h2>v3.9.2</h2>
<h2>Changes:</h2>
<ul>
<li><a
href="https://redirect.github.com/Microsoft/vsce/issues/1283">#1283</a>:
fix: skip APIScan</li>
<li><a
href="https://redirect.github.com/Microsoft/vsce/issues/1282">#1282</a>:
chore: bump CI to Node 22 and fix build</li>
<li><a
href="https://redirect.github.com/Microsoft/vsce/issues/1279">#1279</a>:
Bump the <code>uuid</code> test fixture version to
<code>100.0.0</code></li>
<li><a
href="https://redirect.github.com/Microsoft/vsce/issues/1278">#1278</a>:
Bump tmp from 0.2.4 to 0.2.6</li>
<li><a
href="https://redirect.github.com/Microsoft/vsce/issues/1277">#1277</a>:
Bump qs from 6.14.2 to 6.15.2</li>
<li><a
href="https://redirect.github.com/Microsoft/vsce/issues/1276">#1276</a>:
Bump uuid and <code>@azure/msal-node</code></li>
<li><a
href="https://redirect.github.com/Microsoft/vsce/issues/1274">#1274</a>:
Run npm audit fix</li>
<li><a
href="https://redirect.github.com/Microsoft/vsce/issues/1272">#1272</a>:
Bump fast-uri from 3.0.6 to 3.1.2</li>
<li><a
href="https://redirect.github.com/Microsoft/vsce/issues/1267">#1267</a>:
Bump minimatch from 10.2.2 to 10.2.3</li>
<li><a
href="https://redirect.github.com/Microsoft/vsce/issues/1247">#1247</a>:
Update minimatch dependency to v10</li>
</ul>
<p>This list of changes was <a
href="https://dev.azure.com/monacotools/Monaco/_build/results?buildId=444641&view=logs">auto
generated</a>.</p>
<h2>v3.9.2-4</h2>
<h2>Changes:</h2>
<ul>
<li><a
href="https://redirect.github.com/Microsoft/vsce/issues/1283">#1283</a>:
fix: skip APIScan</li>
<li><a
href="https://redirect.github.com/Microsoft/vsce/issues/1282">#1282</a>:
chore: bump CI to Node 22 and fix build</li>
<li><a
href="https://redirect.github.com/Microsoft/vsce/issues/1279">#1279</a>:
Bump the <code>uuid</code> test fixture version to
<code>100.0.0</code></li>
<li><a
href="https://redirect.github.com/Microsoft/vsce/issues/1278">#1278</a>:
Bump tmp from 0.2.4 to 0.2.6</li>
<li><a
href="https://redirect.github.com/Microsoft/vsce/issues/1277">#1277</a>:
Bump qs from 6.14.2 to 6.15.2</li>
<li><a
href="https://redirect.github.com/Microsoft/vsce/issues/1276">#1276</a>:
Bump uuid and <code>@azure/msal-node</code></li>
</ul>
<p>This list of changes was <a
href="https://dev.azure.com/monacotools/Monaco/_build/results?buildId=444633&view=logs">auto
generated</a>.</p>
<h2>v3.9.2-3</h2>
<h2>Changes:</h2>
<ul>
<li><a
href="https://redirect.github.com/Microsoft/vsce/issues/1274">#1274</a>:
Run npm audit fix</li>
</ul>
<p>This list of changes was <a
href="https://dev.azure.com/monacotools/Monaco/_build/results?buildId=439213&view=logs">auto
generated</a>.</p>
<h2>v3.9.2-2</h2>
<h2>Changes:</h2>
<ul>
<li><a
href="https://redirect.github.com/Microsoft/vsce/issues/1272">#1272</a>:
Bump fast-uri from 3.0.6 to 3.1.2</li>
</ul>
<p>This list of changes was <a
href="https://dev.azure.com/monacotools/Monaco/_build/results?buildId=437853&view=logs">auto
generated</a>.</p>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/microsoft/vscode-vsce/commit/f7501f20f101efe79aaf8e3dd2831c17313866d1"><code>f7501f2</code></a>
fix: skip APIScan (<a
href="https://redirect.github.com/Microsoft/vsce/issues/1283">#1283</a>)</li>
<li><a
href="https://github.com/microsoft/vscode-vsce/commit/7cd3244a20fddd6bc4e27de95bf1a25e31c7e5ac"><code>7cd3244</code></a>
chore: bump CI to Node 22 and fix build (<a
href="https://redirect.github.com/Microsoft/vsce/issues/1282">#1282</a>)</li>
<li><a
href="https://github.com/microsoft/vscode-vsce/commit/df1a68ebee505a6689482194d9e45a3b71bdcc66"><code>df1a68e</code></a>
Bump the <code>uuid</code> test fixture version to <code>100.0.0</code>
(<a
href="https://redirect.github.com/Microsoft/vsce/issues/1279">#1279</a>)</li>
<li><a
href="https://github.com/microsoft/vscode-vsce/commit/3a5786ecd97f48696705e84b869599278596a1b0"><code>3a5786e</code></a>
Merge pull request <a
href="https://redirect.github.com/Microsoft/vsce/issues/1278">#1278</a>
from microsoft/dependabot/npm_and_yarn/tmp-0.2.6</li>
<li><a
href="https://github.com/microsoft/vscode-vsce/commit/4954e081efa832d254601bd560a1b8bb65059a77"><code>4954e08</code></a>
Bump tmp from 0.2.4 to 0.2.6</li>
<li><a
href="https://github.com/microsoft/vscode-vsce/commit/54dce879966ddfa8b4c2d2b7f67d2019f0b02096"><code>54dce87</code></a>
Bump qs from 6.14.2 to 6.15.2 (<a
href="https://redirect.github.com/Microsoft/vsce/issues/1277">#1277</a>)</li>
<li><a
href="https://github.com/microsoft/vscode-vsce/commit/86fc2d6153161663acbe0c7a059dea8291e2ce7c"><code>86fc2d6</code></a>
Bump uuid and <code>@azure/msal-node</code> (<a
href="https://redirect.github.com/Microsoft/vsce/issues/1276">#1276</a>)</li>
<li><a
href="https://github.com/microsoft/vscode-vsce/commit/4699582ee0950c9c614aa54888811aa108c1ab1a"><code>4699582</code></a>
Run npm audit fix and update lockfile (<a
href="https://redirect.github.com/Microsoft/vsce/issues/1274">#1274</a>)</li>
<li><a
href="https://github.com/microsoft/vscode-vsce/commit/e003a0aec0e116b1b500ab3585535613c8f65a32"><code>e003a0a</code></a>
Merge pull request <a
href="https://redirect.github.com/Microsoft/vsce/issues/1272">#1272</a>
from microsoft/dependabot/npm_and_yarn/fast-uri-3.1.2</li>
<li><a
href="https://github.com/microsoft/vscode-vsce/commit/74ab7a9049c9881e74cbc9966c83f90743434cd6"><code>74ab7a9</code></a>
Bump fast-uri from 3.0.6 to 3.1.2</li>
<li>Additional commits viewable in <a
href="https://github.com/Microsoft/vsce/compare/v2.24.0...v3.9.2">compare
view</a></li>
</ul>
</details>
<details>
<summary>Maintainer changes</summary>
<p>This version was pushed to npm by <a
href="https://www.npmjs.com/~microsoft1es">microsoft1es</a>, a new
releaser for <code>@vscode/vsce</code> since your current version.</p>
</details>
<br />
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
You can disable automated security fix PRs for this repo from the
[Security Alerts
page](https://github.com/microsoft/vscode-python-environments/network/alerts).
</details>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>1 parent ac47640 commit 7da39f1
2 files changed
Lines changed: 2929 additions & 364 deletions
0 commit comments