Skip to content

refactor: Bump marked from 17.0.3 to 17.0.5#3300

Closed
dependabot[bot] wants to merge 1 commit intoalphafrom
dependabot/npm_and_yarn/marked-17.0.5
Closed

refactor: Bump marked from 17.0.3 to 17.0.5#3300
dependabot[bot] wants to merge 1 commit intoalphafrom
dependabot/npm_and_yarn/marked-17.0.5

Conversation

@dependabot
Copy link
Copy Markdown
Contributor

@dependabot dependabot Bot commented on behalf of github Apr 1, 2026
edited
Loading

Bumps marked from 17.0.3 to 17.0.5.

Release notes

Sourced from marked's releases.

v17.0.5

17.0.5 (2026-03-20)

Bug Fixes

  • Fix catastrophic backtracking (ReDoS) in link/reflink label regex (#3918) (4625980)
  • prevent quadratic complexity in emStrongLDelim regex (#3906) (c732dd2)
  • prevent single-tilde strikethrough false positives (#3910) (5e03369)
  • re-assign tokenizer.lexer and renderer.parser at start of each parse call (#3907) (f3a3ec0)
  • trim trailing whitespace from lheading text (#3920) (3ea7e88)

v17.0.4

17.0.4 (2026-03-04)

Bug Fixes

  • prevent ReDoS in inline link regex title group (#3902) (46fb9b8)
Commits
  • 811ea59 chore(release): 17.0.5 [skip ci]
  • c732dd2 fix: prevent quadratic complexity in emStrongLDelim regex (#3906)
  • f3a3ec0 fix: re-assign tokenizer.lexer and renderer.parser at start of each parse cal...
  • 4625980 fix: Fix catastrophic backtracking (ReDoS) in link/reflink label regex (#3918)
  • 5e03369 fix: prevent single-tilde strikethrough false positives (#3910)
  • 288349d test: add heading edge case tests (#3919)
  • 3ea7e88 fix: trim trailing whitespace from lheading text (#3920)
  • d4c0fe5 chore(deps-dev): Bump esbuild from 0.27.3 to 0.27.4 (#3915)
  • 30682c1 chore(deps-dev): Bump undici from 6.23.0 to 6.24.0 (#3914)
  • 59752c4 chore(deps-dev): Bump minimatch from 9.0.5 to 9.0.9 (#3913)
  • Additional commits viewable in compare view

@dependabot dependabot Bot added dependencies Bot label; pull requests that updates a dependency file javascript Pull requests that update javascript code labels Apr 1, 2026
@parse-github-assistant
Copy link
Copy Markdown

parse-github-assistant Bot commented Apr 1, 2026

I will reformat the title to use the proper commit message syntax.

@parse-github-assistant parse-github-assistant Bot changed the title refactor: bump marked from 17.0.3 to 17.0.5 refactor: Bump marked from 17.0.3 to 17.0.5 Apr 1, 2026
@dependabot dependabot Bot changed the title refactor: Bump marked from 17.0.3 to 17.0.5 refactor: bump marked from 17.0.3 to 17.0.5 Apr 1, 2026
@dependabot dependabot Bot force-pushed the dependabot/npm_and_yarn/marked-17.0.5 branch from cb83542 to 4f0a7dc Compare April 1, 2026 14:11
@parse-github-assistant
Copy link
Copy Markdown

parse-github-assistant Bot commented Apr 1, 2026

I will reformat the title to use the proper commit message syntax.

@parse-github-assistant parse-github-assistant Bot changed the title refactor: bump marked from 17.0.3 to 17.0.5 refactor: Bump marked from 17.0.3 to 17.0.5 Apr 1, 2026
@parse-github-assistant
Copy link
Copy Markdown

parse-github-assistant Bot commented Apr 1, 2026

I will reformat the title to use the proper commit message syntax.

@dependabot
refactor: bump marked from 17.0.3 to 17.0.5
efcc090 
Bumps [marked](https://github.com/markedjs/marked) from 17.0.3 to 17.0.5.
- [Release notes](https://github.com/markedjs/marked/releases)
- [Commits](markedjs/marked@v17.0.3...v17.0.5)

---
updated-dependencies:
- dependency-name: marked
  dependency-version: 17.0.5
  dependency-type: direct:development
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot changed the title refactor: Bump marked from 17.0.3 to 17.0.5 refactor: bump marked from 17.0.3 to 17.0.5 Apr 1, 2026
@dependabot dependabot Bot force-pushed the dependabot/npm_and_yarn/marked-17.0.5 branch from 4f0a7dc to efcc090 Compare April 1, 2026 14:26
@parse-github-assistant
Copy link
Copy Markdown

parse-github-assistant Bot commented Apr 1, 2026

I will reformat the title to use the proper commit message syntax.

@parse-github-assistant parse-github-assistant Bot changed the title refactor: bump marked from 17.0.3 to 17.0.5 refactor: Bump marked from 17.0.3 to 17.0.5 Apr 1, 2026
@parse-github-assistant
Copy link
Copy Markdown

parse-github-assistant Bot commented Apr 1, 2026

I will reformat the title to use the proper commit message syntax.

@mtrezza mtrezza mentioned this pull request Apr 1, 2026
Merged
@mtrezza mtrezza closed this in #3306 Apr 1, 2026
@dependabot @github
Copy link
Copy Markdown
Contributor Author

dependabot Bot commented on behalf of github Apr 1, 2026

OK, I won't notify you again about this release, but will get in touch when a new version is available. If you'd rather skip all updates until the next major or minor version, let me know by commenting @dependabot ignore this major version or @dependabot ignore this minor version. You can also ignore all major, minor, or patch releases for a dependency by adding an ignore condition with the desired update_types to your config file.

If you change your mind, just re-open this PR and I'll resolve any conflicts on it.

@dependabot dependabot Bot deleted the dependabot/npm_and_yarn/marked-17.0.5 branch April 1, 2026 15:35
@parseplatformorg
Copy link
Copy Markdown
Contributor

parseplatformorg commented Apr 7, 2026

🎉 This change has been released in version 9.1.0-alpha.12

@parseplatformorg parseplatformorg added the state:released-alpha Released as alpha version label Apr 7, 2026
@parseplatformorg
Copy link
Copy Markdown
Contributor

parseplatformorg commented Apr 7, 2026

🎉 This change has been released in version 9.1.0

@parseplatformorg parseplatformorg added the state:released Released as stable version label Apr 7, 2026
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

dependencies Bot label; pull requests that updates a dependency file javascript Pull requests that update javascript code state:released Released as stable version state:released-alpha Released as alpha version

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@parseplatformorg