deps(extension)(deps): bump marked from 15.0.11 to 17.0.3 in /chartsmith-extension#228
Conversation
Bumps [marked](https://github.com/markedjs/marked) from 15.0.11 to 17.0.3. - [Release notes](https://github.com/markedjs/marked/releases) - [Commits](markedjs/marked@v15.0.11...v17.0.3) --- updated-dependencies: - dependency-name: marked dependency-version: 17.0.3 dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com>
dependabot
bot
added
chartsmith-extension
dependencies
![cursor[bot]](https://avatars.githubusercontent.com/in/1210556?s=60&v=4){kind=small}
There was a problem hiding this comment.
Cursor Bugbot has reviewed your changes and found 2 potential issues.
Bugbot Autofix is OFF. To automatically fix reported issues with Cloud Agents, enable Autofix in the Cursor dashboard.
| }, | ||
| "engines": { | ||
| "node": ">= 18" | ||
| "node": ">= 20" |
There was a problem hiding this comment.
Marked now requires Node 20+
High Severity
Upgrading marked to 17.0.3 raises its engines.node requirement to >= 20, which can break installs or runtime execution in environments still on Node 18 (including some VS Code extension hosts/CI setups), causing markdown rendering features to fail or the extension to not load.
| "centrifuge": "^3.1.0", | ||
| "jotai": "^2.16.2", | ||
| "marked": "^15.0.11", | ||
| "marked": "^17.0.3", |
There was a problem hiding this comment.
Marked types package likely incompatible
Medium Severity
marked was bumped to ^17.0.3 but @types/marked remains on ^5.0.2, which can lead to compiling against stale typings and shipping calls that no longer match marked’s runtime API.
Bumps marked from 15.0.11 to 17.0.3.
Release notes
Sourced from marked's releases.
... (truncated)
Commits
bced615chore(release): 17.0.3 [skip ci]909fe44fix: escape image alt text (#3896)eb8ba2bchore(deps-dev): Bump@semantic-release/githubfrom 12.0.5 to 12.0.6 (#3897)b7682a8chore(deps-dev): Bump markdown-it from 14.1.0 to 14.1.1 (#3898)3d615d9chore(deps-dev): Bump rimraf from 6.1.2 to 6.1.3 (#3899)e824620chore(release): 17.0.2 [skip ci]e031175fix: fix list item wrong indent (#3889)9fc4f8efix: fix list with tabs (#3891)3fc6a44fix: fix empty list item (#3890)2a475a1fix: fix blockquote after list (#3888)Maintainer changes
This version was pushed to npm by [GitHub Actions](https://www.npmjs.com/~GitHub Actions), a new releaser for marked since your current version.
Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting
@dependabot rebase.Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR:
@dependabot rebasewill rebase this PR@dependabot recreatewill recreate this PR, overwriting any edits that have been made to it@dependabot show <dependency name> ignore conditionswill show all of the ignore conditions of the specified dependency@dependabot ignore this major versionwill close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this minor versionwill close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this dependencywill close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)