Skip to content

chore(deps): bump marked from 17.0.4 to 18.0.5#570

Merged
tmustier merged 1 commit into
mainfrom
dependabot/npm_and_yarn/marked-18.0.5
Jul 4, 2026
Merged

chore(deps): bump marked from 17.0.4 to 18.0.5#570
tmustier merged 1 commit into
mainfrom
dependabot/npm_and_yarn/marked-18.0.5

Conversation

@dependabot

@dependabot dependabot Bot commented on behalf of github Jun 10, 2026

Copy link
Copy Markdown
Contributor

Bumps marked from 17.0.4 to 18.0.5.

Release notes

Sourced from marked's releases.

v18.0.5

18.0.5 (2026-06-04)

Bug Fixes

  • parse empty list item with trailing space (#3984) (b55410f)

v18.0.4

18.0.4 (2026-05-19)

Bug Fixes

v18.0.3

18.0.3 (2026-05-01)

Bug Fixes

  • avoid task checkbox for setext heading text (#3960) (2608e81)

v18.0.2

18.0.2 (2026-04-18)

Bug Fixes

  • fix infinite loop for indented code blank line (#3947) (58a52e8)

v18.0.1

18.0.1 (2026-04-17)

Bug Fixes

  • rules: ensure lookbehind regex is evaluated correctly by minifiers (#3945) (abd907a)

v18.0.0

18.0.0 (2026-04-07)

Bug Fixes

  • Bump typescript from 5.9.3 to 6.0.2 (#3934) (e8efc51)
  • prevent GFM table tokens from greedily capturing trailing newlines (#3926) (40f2665)
  • prevent heading and def tokens from greedily capturing multiple newlines (#3925) (b379e3e)

... (truncated)

Commits
  • 4063c63 chore(release): 18.0.5 [skip ci]
  • b55410f fix: parse empty list item with trailing space (#3984)
  • c6e667b chore(deps-dev): bump eslint from 10.4.0 to 10.4.1 (#3986)
  • 95f98ec chore(deps-dev): bump @​arethetypeswrong/cli from 0.18.2 to 0.18.3 (#3985)
  • c1a86f0 Add Node.js usage example to README (#3983)
  • 763f729 chore(deps-dev): bump marked-man from 2.1.0 to 2.1.1 (#3978)
  • 2cf1fd0 chore(deps-dev): bump markdown-it from 14.1.1 to 14.2.0 (#3977)
  • 0a2cd54 chore(release): 18.0.4 [skip ci]
  • 11adb69 fix: fix cli not reading stdin (#3967)
  • a37983f fix: cache list indentation regexes (#3969)
  • Additional commits viewable in compare view

@dependabot dependabot Bot added dependencies Pull requests that update a dependency file javascript Pull requests that update javascript code labels Jun 10, 2026
@vercel

vercel Bot commented Jun 10, 2026

Copy link
Copy Markdown

The latest updates on your projects. Learn more about Vercel for GitHub.

Project Deployment Actions Updated (UTC)
pi-for-excel Ready Ready Preview, Comment Jul 4, 2026 2:06pm

Bumps [marked](https://github.com/markedjs/marked) from 17.0.4 to 18.0.5.
- [Release notes](https://github.com/markedjs/marked/releases)
- [Commits](markedjs/marked@v17.0.4...v18.0.5)

---
updated-dependencies:
- dependency-name: marked
  dependency-version: 18.0.5
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot force-pushed the dependabot/npm_and_yarn/marked-18.0.5 branch from ae3170d to ab98434 Compare July 4, 2026 14:05
@tmustier

tmustier commented Jul 4, 2026

Copy link
Copy Markdown
Owner

Verified against the marked-safety hardening before merge: installMarkedSafetyPatch() hooks (marked.use filter + Renderer.prototype.link/image) are API-compatible with v18 (breaking changes are block-token blank-line trimming + TS6 tooling only). resolve.dedupe still forces one marked instance bundle-wide. Local runs: check, build, test:security (47), test:context (665), test:models (47) all green, plus a visual check of the UI-gallery markdown section.

@tmustier tmustier merged commit 979aafc into main Jul 4, 2026
7 checks passed
@dependabot dependabot Bot deleted the dependabot/npm_and_yarn/marked-18.0.5 branch July 4, 2026 14:16
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

dependencies Pull requests that update a dependency file javascript Pull requests that update javascript code

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant