Skip to content

⬆️ deps:(deps): bump marked from 15.0.12 to 18.0.0#36

Closed
dependabot[bot] wants to merge 1 commit intomainfrom
dependabot/npm_and_yarn/marked-18.0.0
Closed

⬆️ deps:(deps): bump marked from 15.0.12 to 18.0.0#36
dependabot[bot] wants to merge 1 commit intomainfrom
dependabot/npm_and_yarn/marked-18.0.0

Conversation

@dependabot
Copy link
Copy Markdown

@dependabot dependabot Bot commented on behalf of github Apr 8, 2026
edited
Loading

Bumps marked from 15.0.12 to 18.0.0.

Release notes

Sourced from marked's releases.

v18.0.0

18.0.0 (2026-04-07)

Bug Fixes

  • Bump typescript from 5.9.3 to 6.0.2 (#3934) (e8efc51)
  • prevent GFM table tokens from greedily capturing trailing newlines (#3926) (40f2665)
  • prevent heading and def tokens from greedily capturing multiple newlines (#3925) (b379e3e)
  • trim blank lines from block tokens (#3939) (b70895f)

BREAKING CHANGES

  • trim trailing blank lines from block tokens
  • update Typescript to v6

v17.0.6

17.0.6 (2026-04-05)

Bug Fixes

  • avoid race condition in async parallel parse/parseInline with hooks (#3924) (6e96fa7)
  • cli: honor positional input file (#3922) (a1c2617)
  • cli: use file URL for config import (#3923) (73e1f3f)

v17.0.5

17.0.5 (2026-03-20)

Bug Fixes

  • Fix catastrophic backtracking (ReDoS) in link/reflink label regex (#3918) (4625980)
  • prevent quadratic complexity in emStrongLDelim regex (#3906) (c732dd2)
  • prevent single-tilde strikethrough false positives (#3910) (5e03369)
  • re-assign tokenizer.lexer and renderer.parser at start of each parse call (#3907) (f3a3ec0)
  • trim trailing whitespace from lheading text (#3920) (3ea7e88)

v17.0.4

17.0.4 (2026-03-04)

Bug Fixes

  • prevent ReDoS in inline link regex title group (#3902) (46fb9b8)

v17.0.3

17.0.3 (2026-02-17)

... (truncated)

Commits
  • 28954e0 chore(release): 18.0.0 [skip ci]
  • b70895f fix: trim blank lines from block tokens (#3939)
  • 40f2665 fix: prevent GFM table tokens from greedily capturing trailing newlines (#3926)
  • b379e3e fix: prevent heading and def tokens from greedily capturing multiple newlines...
  • e8efc51 fix: Bump typescript from 5.9.3 to 6.0.2 (#3934)
  • 71e5ae3 chore(deps-dev): Bump esbuild from 0.27.4 to 0.28.0 (#3940)
  • b436e82 chore(deps-dev): Bump eslint from 10.1.0 to 10.2.0 (#3941)
  • e07037e chore(release): 17.0.6 [skip ci]
  • 6e96fa7 fix: avoid race condition in async parallel parse/parseInline with hooks (#3924)
  • 73e1f3f fix(cli): use file URL for config import (#3923)
  • Additional commits viewable in compare view
Maintainer changes

This version was pushed to npm by [GitHub Actions](https://www.npmjs.com/~GitHub Actions), a new releaser for marked since your current version.

@dependabot dependabot Bot added 📦 npm NPM package updates 🔄 dependencies Dependency updates labels Apr 8, 2026
@dependabot dependabot Bot mentioned this pull request Apr 8, 2026
Closed
@dependabot
⬆️ deps:(deps): bump marked from 15.0.12 to 18.0.0
bad0b90 
Bumps [marked](https://github.com/markedjs/marked) from 15.0.12 to 18.0.0.
- [Release notes](https://github.com/markedjs/marked/releases)
- [Commits](markedjs/marked@v15.0.12...v18.0.0)

---
updated-dependencies:
- dependency-name: marked
  dependency-version: 18.0.0
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot force-pushed the dependabot/npm_and_yarn/marked-18.0.0 branch from eda5a2a to bad0b90 Compare April 13, 2026 11:14
@dependabot @github
Copy link
Copy Markdown
Author

dependabot Bot commented on behalf of github Apr 20, 2026

Superseded by #40.

@dependabot dependabot Bot closed this Apr 20, 2026
@dependabot dependabot Bot deleted the dependabot/npm_and_yarn/marked-18.0.0 branch April 20, 2026 01:47
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

🔄 dependencies Dependency updates 📦 npm NPM package updates

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

0 participants