Update markdown-it to >=13.0.2 #1916
Assignees
Labels
status:fixed-next-drop
Issue will be fixed in upcoming release.
type:enhancement
New feature or enhancement of existing capability
Milestone
Comments
brianpmccullough
pushed a commit
to brianpmccullough/sp-dev-fx-controls-react
that referenced
this issue
Dec 10, 2024
This was referenced Dec 10, 2024
|
I am also waiting on this one. I am facing issues with vulnerability scans in my repository due to the current version (12.3.2) of Thanks in advance! cc: @AJIXuMuK |
|
We are also getting this flagged in our repository due to "markdown-it" package version. Please share any updates on this. cc: @AJIXuMuK Thanks in advance! |
michaelmaillot
added
status:working-on-it
|
@michaelmaillot if you have questions or need any help with anything, please let me know. |
|
Any updates on this or next release of the controls? |
AJIXuMuK
added a commit
that referenced
this issue
Mar 2, 2025
#1916 - Update markdown-it to >=13.0.2
AJIXuMuK
added
status:fixed-next-drop
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Thank you for reporting an issue, suggesting an enhancement, or asking a question. We appreciate your feedback - to help the team understand your
needs please complete the below template to ensure we have the details to help. Thanks!
Please check out the documentation to see if your question is already addressed there. This will help us ensure our documentation is up to date.
Category
[ X] Enhancement
[ ] Bug
[ ] Question
Version
Please specify what version of the library you are using: [ 3.20 ]
If you are not using the latest release, please update and see if the issue is resolved before submitting an issue.
Expected / Desired Behavior / Question
If you are reporting an issue please describe the expected behavior. If you are suggesting an enhancement please
describe thoroughly the enhancement, how it can be achieved, and expected benefit. If you are asking a question, ask away!
Update markdown-it package dependency to a more recent version (>= 13.0.2) to avoid vulnerability found in currently referenced version.
https://github.com/pnp/sp-dev-fx-controls-react/blob/873aa00689eaeba8c2dc85c25c5bdcb6b03f3f00/package.json#L75C6-L75C17
https://security.snyk.io/vuln/SNYK-JS-MARKDOWNIT-6483324
Observed Behavior
If you are reporting an issue please describe the behavior you expected to occur when performing the action. If you are making a
suggestion or asking a question delete this section.
N/A
Steps to Reproduce
If you are reporting an issue please describe the steps to reproduce the bug in sufficient detail to allow testing. If you are making
a suggestion or asking a question delete this section.
N/A
The text was updated successfully, but these errors were encountered: