Skip to content

build(deps): bump marked from 7.0.5 to 17.0.4#3255

Open
dependabot[bot] wants to merge 1 commit intomainfrom
dependabot/npm_and_yarn/marked-17.0.4
Open

build(deps): bump marked from 7.0.5 to 17.0.4#3255
dependabot[bot] wants to merge 1 commit intomainfrom
dependabot/npm_and_yarn/marked-17.0.4

Conversation

@dependabot
Copy link
Copy Markdown
Contributor

@dependabot dependabot bot commented on behalf of github Mar 20, 2026
edited
Loading

Bumps marked from 7.0.5 to 17.0.4.

Release notes

Sourced from marked's releases.

v17.0.4

17.0.4 (2026-03-04)

Bug Fixes

  • prevent ReDoS in inline link regex title group (#3902) (46fb9b8)

v17.0.3

17.0.3 (2026-02-17)

Bug Fixes

v17.0.2

17.0.2 (2026-02-11)

Bug Fixes

v17.0.1

17.0.1 (2025-11-20)

Bug Fixes

v17.0.0

17.0.0 (2025-11-07)

Bug Fixes

BREAKING CHANGES

  • Change how consecutive text tokens work in lists
  • Simplify listItem renderer
  • Checkbox token is added in list tokenizer

... (truncated)

Commits
  • 22f0c55 chore(release): 17.0.4 [skip ci]
  • 46fb9b8 fix: prevent ReDoS in inline link regex title group (#3902)
  • 5b6faee chore(deps-dev): Bump eslint from 10.0.1 to 10.0.2 (#3904)
  • bcdaf6a chore(deps-dev): Bump @​semantic-release/npm from 13.1.4 to 13.1.5 (#3905)
  • baa78a5 docs: Add marked-abc to known extensions list (#3903)
  • 1aed9ac chore(deps-dev): Bump eslint from 10.0.0 to 10.0.1 (#3901)
  • 8045055 chore: rename escape helper function (#3900)
  • bced615 chore(release): 17.0.3 [skip ci]
  • 909fe44 fix: escape image alt text (#3896)
  • eb8ba2b chore(deps-dev): Bump @​semantic-release/github from 12.0.5 to 12.0.6 (#3897)
  • Additional commits viewable in compare view
Maintainer changes

This version was pushed to npm by [GitHub Actions](https://www.npmjs.com/~GitHub Actions), a new releaser for marked since your current version.

@dependabot dependabot bot added dependencies Pull requests that update a dependency file javascript Pull requests that update javascript code labels Mar 20, 2026
@dependabot dependabot bot mentioned this pull request Mar 20, 2026
Closed
@github-actions github-actions bot enabled auto-merge (squash) March 20, 2026 00:05
@dependabot dependabot bot force-pushed the dependabot/npm_and_yarn/marked-17.0.4 branch 3 times, most recently from 79ee8f8 to 94c1303 Compare March 26, 2026 23:16
@dependabot dependabot bot force-pushed the dependabot/npm_and_yarn/marked-17.0.4 branch 4 times, most recently from b842fbc to 99354e9 Compare April 2, 2026 12:25
@dependabot dependabot bot force-pushed the dependabot/npm_and_yarn/marked-17.0.4 branch from 99354e9 to b233b09 Compare April 12, 2026 11:20
@dependabot
build(deps): bump marked from 7.0.5 to 17.0.4
b0f42e6 
Bumps [marked](https://github.com/markedjs/marked) from 7.0.5 to 17.0.4.
- [Release notes](https://github.com/markedjs/marked/releases)
- [Commits](markedjs/marked@v7.0.5...v17.0.4)

---
updated-dependencies:
- dependency-name: marked
  dependency-version: 17.0.4
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <[email protected]>
@dependabot dependabot bot force-pushed the dependabot/npm_and_yarn/marked-17.0.4 branch from b233b09 to b0f42e6 Compare April 13, 2026 09:47
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@contentful-automation contentful-automation[bot] contentful-automation[bot] approved these changes

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file javascript Pull requests that update javascript code

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

0 participants