Skip to content

Commit fc2e554

Browse files
brendan-kellamlinear-code[bot]
brendan-kellam
and
linear-code[bot]
committed
chore: upgrade markdown-it to ^14.2.0 to address CVE-2026-48988
Generated with [Linear](https://linear.app/sourcebot/issue/SOU-1347/sourcebot-devsourcebot-cve-2026-48988-markdown-it-quadratic-complexity#agent-session-ca36512d) Co-authored-by: linear-code[bot] <222613912+linear-code[bot]@users.noreply.github.com>
1 parent e626691 commit fc2e554

2 files changed

Lines changed: 9 additions & 8 deletions

File tree

CHANGELOG.md

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -10,6 +10,7 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
1010
### Fixed
1111
- Upgraded `@grpc/grpc-js` to `^1.14.4`. [#1315](https://github.com/sourcebot-dev/sourcebot/pull/1315)
1212
- Upgraded `vite` to `^8.0.16`. [#1313](https://github.com/sourcebot-dev/sourcebot/pull/1313)
13+
- Upgraded `markdown-it` to `^14.2.0`. [#1321](https://github.com/sourcebot-dev/sourcebot/pull/1321)
1314

1415
## [5.0.3] - 2026-06-17
1516

yarn.lock

Lines changed: 8 additions & 8 deletions
Original file line numberDiff line numberDiff line change
@@ -16735,12 +16735,12 @@ __metadata:
1673516735
languageName: node
1673616736
linkType: hard
1673716737

16738-
"linkify-it@npm:^5.0.0":
16739-
version: 5.0.0
16740-
resolution: "linkify-it@npm:5.0.0"
16738+
"linkify-it@npm:^5.0.1":
16739+
version: 5.0.1
16740+
resolution: "linkify-it@npm:5.0.1"
1674116741
dependencies:
1674216742
uc.micro: "npm:^2.0.0"
16743-
checksum: 10c0/ff4abbcdfa2003472fc3eb4b8e60905ec97718e11e33cca52059919a4c80cc0e0c2a14d23e23d8c00e5402bc5a885cdba8ca053a11483ab3cc8b3c7a52f88e2d
16743+
checksum: 10c0/d06d04f1ed03be131740fc900a5e74ea1f49886b052213599e306d469d5ffe2303db76dd8f771de9f28e2b0b38852de22ec46ae597d245f8b66439b0ceb19b10
1674416744
languageName: node
1674516745
linkType: hard
1674616746

@@ -17000,18 +17000,18 @@ __metadata:
1700017000
linkType: hard
1700117001

1700217002
"markdown-it@npm:^14.1.1":
17003-
version: 14.1.1
17004-
resolution: "markdown-it@npm:14.1.1"
17003+
version: 14.2.0
17004+
resolution: "markdown-it@npm:14.2.0"
1700517005
dependencies:
1700617006
argparse: "npm:^2.0.1"
1700717007
entities: "npm:^4.4.0"
17008-
linkify-it: "npm:^5.0.0"
17008+
linkify-it: "npm:^5.0.1"
1700917009
mdurl: "npm:^2.0.0"
1701017010
punycode.js: "npm:^2.3.1"
1701117011
uc.micro: "npm:^2.1.0"
1701217012
bin:
1701317013
markdown-it: bin/markdown-it.mjs
17014-
checksum: 10c0/c67f2a4c8069a307c78d8c15104bbcb15a2c6b17f4c904364ca218ec2eccf76a397eba1ea05f5ac5de72c4b67fcf115d422d22df0bfb86a09b663f55b9478d4f
17014+
checksum: 10c0/1d3a50061d2fe4efbcf317aac853dbee6892ed6f5a217570eead723f2ef2dd1c9baaeef5a687cd283480c45c2d20724a73e84a9ed72843cf7b3b719067af40ef
1701517015
languageName: node
1701617016
linkType: hard
1701717017

0 commit comments

Comments
 (0)