[Snyk] Upgrade marked from 13.0.2 to 16.4.0 by snyk-io[bot] · Pull Request #20 · hashim21223445/docsify

snyk-io · 2025-10-31T10:17:13Z

Snyk has created this PR to upgrade marked from 13.0.2 to 16.4.0.

ℹ️ Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.

The recommended version is 28 versions ahead of your current version.
The recommended version was released 24 days ago.

⚠️ Warning: This PR contains major version upgrade(s), and may be a breaking change.

Issues fixed by the recommended upgrade:

Issue	Score	Exploit Maturity
Regular Expression Denial of Service (ReDoS) SNYK-JS-CROSSSPAWN-8303230	140	Proof of Concept
Regular Expression Denial of Service (ReDoS) SNYK-JS-CROSSSPAWN-8303230	140	Proof of Concept
Regular Expression Denial of Service (ReDoS) SNYK-JS-BABELHELPERS-9397697	140	Proof of Concept
Regular Expression Denial of Service (ReDoS) SNYK-JS-BABELRUNTIME-10044504	140	Proof of Concept
Improper Input Validation SNYK-JS-NANOID-8492085	140	No Known Exploit
Regular Expression Denial of Service (ReDoS) SNYK-JS-BRACEEXPANSION-9789073	140	Proof of Concept
Regular Expression Denial of Service (ReDoS) SNYK-JS-BRACEEXPANSION-9789073	140	Proof of Concept

Release notes

Package name: marked

16.4.0 - 2025-10-07
16.4.0 (2025-10-07)

Bug Fixes
- Fix backtick and code rendering in links (#3783) (302ee59)
- fix links with square brackets in inline code break wrapping italics (#3785) (e3c0d3e)
- Make www case-sensitive when detecting link starts (#3770) (626d961)
Features
- Add async provideParser provideLexer (#3756) (09577e5)
16.3.0 - 2025-09-14
16.3.0 (2025-09-14)

Features
- add emStrongMask hook (#3749) (cd2b5f4)
16.2.1 - 2025-08-27
16.2.1 (2025-08-27)

Bug Fixes
- allow escaped newline in link text (#3752) (30c6630)
16.2.0 - 2025-08-18
16.2.0 (2025-08-18)

Features
- add def token in tokens and renderer (#3745) (0769124)
16.1.2 - 2025-08-04
16.1.2 (2025-08-04)

Bug Fixes
- fix multiline list item adds extra newline to raw (#3735) (e76453e)
16.1.1 - 2025-07-18
16.1.1 (2025-07-18)

Bug Fixes
- fix stong and em tokens in angle brackets (#3731) (ad8535c)
16.1.0 - 2025-07-17
16.1.0 (2025-07-17)

Features
- add generic types for parser and renderer output (#3722) (39a0ee3)
16.0.0 - 2025-06-27
16.0.0 (2025-06-27)

Bug Fixes
- remove cjs build & update min node to 20 (#3687) (0a35d8f)
BREAKING CHANGES
- minify ./lib/marked.esm.js and ./lib/marked.umd.js
- remove ./marked.min.js use ./lib/marked.umd.js instead
- remove ./lib/marked.cjs
- update minimum supported node version to 20 to support require('marked.esm.js'). see https://nodejs.org/docs/latest-v20.x/api/modules.html#loading-ecmascript-modules-using-require
- This seems to break Jest since it doesn't work with esm by default.
  
  You need to transform marked with:
```
transformIgnorePatterns: ['/node_modules/(?!(marked)/)'],
```
  see Jest docs for more info
15.0.12 - 2025-05-20
15.0.12 (2025-05-20)

Bug Fixes
- use esbuild for accurate sourcemaps (#3670) (7a6b2d7)
15.0.11 - 2025-04-25
15.0.11 (2025-04-25)

Bug Fixes
- fix image alt text rendered to match common mark (#3668) (2c0e47a)
15.0.10 - 2025-04-23
15.0.9 - 2025-04-21
15.0.8 - 2025-04-07
15.0.7 - 2025-02-10
15.0.6 - 2025-01-06
15.0.5 - 2025-01-02
15.0.4 - 2024-12-15
15.0.3 - 2024-11-29
15.0.2 - 2024-11-20
15.0.1 - 2024-11-18
15.0.0 - 2024-11-09
14.1.4 - 2024-11-07
14.1.3 - 2024-10-15
14.1.2 - 2024-09-08
14.1.1 - 2024-09-04
14.1.0 - 2024-08-26
14.0.0 - 2024-08-07
13.0.3 - 2024-07-28
13.0.2 - 2024-07-04

from marked GitHub release notes

Important

Warning: This PR contains a major version upgrade, and may be a breaking change.
Check the changes in this PR to ensure they won't cause issues with your project.
This PR was automatically created by Snyk using the credentials of a real user.
Max score is 1000. Note that the real score may have changed since the PR was raised.

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.

For more information:

🧐 View latest project report

📜 Customise PR templates

🛠 Adjust upgrade PR settings

🔕 Ignore this dependency or unsubscribe from future upgrade PRs

Snyk has created this PR to upgrade marked from 13.0.2 to 16.4.0. See this package in npm: marked See this project in Snyk: https://app.snyk.io/org/hashimmohammad881-TrGTrpdUyGorMuF38nmW8P/project/b228fbce-ddd2-4210-a542-723aced26d70?utm_source=github-cloud-app&utm_medium=referral&page=upgrade-pr

semanticdiff-com · 2025-10-31T10:17:16Z

Review changes with

Changed Files

File	Status
package.json	0% smaller

snyk-io · 2025-10-31T10:17:22Z

✅ Snyk checks have passed. No issues have been found so far.

Status	Scanner	Critical	High	Medium	Low	Total (0)
✅	Open Source Security	0	0	0	0	0 issues

💻 Catch issues earlier using the plugins for VS Code, JetBrains IDEs, Visual Studio, and Eclipse.

Conversation

snyk-io bot commented Oct 31, 2025

Snyk has created this PR to upgrade marked from 13.0.2 to 16.4.0.

Issues fixed by the recommended upgrade:

16.4.0 (2025-10-07)

Bug Fixes

Features

16.3.0 (2025-09-14)

Features

16.2.1 (2025-08-27)

Bug Fixes

16.2.0 (2025-08-18)

Features

16.1.2 (2025-08-04)

Bug Fixes

16.1.1 (2025-07-18)

Bug Fixes

16.1.0 (2025-07-17)

Features

16.0.0 (2025-06-27)

Bug Fixes

BREAKING CHANGES

15.0.12 (2025-05-20)

Bug Fixes

15.0.11 (2025-04-25)

Bug Fixes

Uh oh!

semanticdiff-com bot commented Oct 31, 2025 • edited Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

Uh oh!

snyk-io bot commented Oct 31, 2025

✅ Snyk checks have passed. No issues have been found so far.

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

0 participants

semanticdiff-com bot commented Oct 31, 2025 •

edited

Loading