Skip to content

build(deps): bump marked from 4.3.0 to 17.0.5#568

Open
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/npm_and_yarn/marked-17.0.5
Open

build(deps): bump marked from 4.3.0 to 17.0.5#568
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/npm_and_yarn/marked-17.0.5

Conversation

@dependabot
Copy link
Copy Markdown
Contributor

@dependabot dependabot Bot commented on behalf of github Mar 29, 2026
edited
Loading

Bumps marked from 4.3.0 to 17.0.5.

Release notes

Sourced from marked's releases.

v17.0.5

17.0.5 (2026-03-20)

Bug Fixes

  • Fix catastrophic backtracking (ReDoS) in link/reflink label regex (#3918) (4625980)
  • prevent quadratic complexity in emStrongLDelim regex (#3906) (c732dd2)
  • prevent single-tilde strikethrough false positives (#3910) (5e03369)
  • re-assign tokenizer.lexer and renderer.parser at start of each parse call (#3907) (f3a3ec0)
  • trim trailing whitespace from lheading text (#3920) (3ea7e88)

v17.0.4

17.0.4 (2026-03-04)

Bug Fixes

  • prevent ReDoS in inline link regex title group (#3902) (46fb9b8)

v17.0.3

17.0.3 (2026-02-17)

Bug Fixes

v17.0.2

17.0.2 (2026-02-11)

Bug Fixes

v17.0.1

17.0.1 (2025-11-20)

Bug Fixes

v17.0.0

17.0.0 (2025-11-07)

... (truncated)

Commits
  • 811ea59 chore(release): 17.0.5 [skip ci]
  • c732dd2 fix: prevent quadratic complexity in emStrongLDelim regex (#3906)
  • f3a3ec0 fix: re-assign tokenizer.lexer and renderer.parser at start of each parse cal...
  • 4625980 fix: Fix catastrophic backtracking (ReDoS) in link/reflink label regex (#3918)
  • 5e03369 fix: prevent single-tilde strikethrough false positives (#3910)
  • 288349d test: add heading edge case tests (#3919)
  • 3ea7e88 fix: trim trailing whitespace from lheading text (#3920)
  • d4c0fe5 chore(deps-dev): Bump esbuild from 0.27.3 to 0.27.4 (#3915)
  • 30682c1 chore(deps-dev): Bump undici from 6.23.0 to 6.24.0 (#3914)
  • 59752c4 chore(deps-dev): Bump minimatch from 9.0.5 to 9.0.9 (#3913)
  • Additional commits viewable in compare view
Maintainer changes

This version was pushed to npm by [GitHub Actions](https://www.npmjs.com/~GitHub Actions), a new releaser for marked since your current version.


Note
Automatic rebases have been disabled on this pull request as it has been open for over 30 days.

@dependabot dependabot Bot added dependencies Pull requests that update a dependency file javascript Pull requests that update Javascript code labels Mar 29, 2026
@dependabot dependabot Bot requested a review from sebastiaanspeck as a code owner March 29, 2026 18:19
@dependabot dependabot Bot added the dependencies Pull requests that update a dependency file label Mar 29, 2026
@dependabot dependabot Bot requested a review from kbdharun as a code owner March 29, 2026 18:19
@dependabot dependabot Bot added the javascript Pull requests that update Javascript code label Mar 29, 2026
@dependabot dependabot Bot force-pushed the dependabot/npm_and_yarn/marked-17.0.5 branch from 0e60dbf to edd8398 Compare March 30, 2026 04:50
@dependabot
build(deps): bump marked from 4.3.0 to 17.0.5
d03d556 
Bumps [marked](https://github.com/markedjs/marked) from 4.3.0 to 17.0.5.
- [Release notes](https://github.com/markedjs/marked/releases)
- [Commits](markedjs/marked@v4.3.0...v17.0.5)

---
updated-dependencies:
- dependency-name: marked
  dependency-version: 17.0.5
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot force-pushed the dependabot/npm_and_yarn/marked-17.0.5 branch from edd8398 to d03d556 Compare April 10, 2026 03:54
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@sebastiaanspeck sebastiaanspeck Awaiting requested review from sebastiaanspeck sebastiaanspeck is a code owner

@kbdharun kbdharun Awaiting requested review from kbdharun kbdharun is a code owner

At least 1 approving review is required to merge this pull request.

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file javascript Pull requests that update Javascript code

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

0 participants