Skip to content
New issue

Have a question about this project? # for a free GitHub account to open an issue and contact its maintainers and the community.

#

By clicking “#”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? # to your account

Jump to bottom

Replace marked library with 8fold-marked #82

Closed
ankon opened this issue Nov 28, 2017 · 4 comments
Closed

Replace marked library with 8fold-marked #82

ankon opened this issue Nov 28, 2017 · 4 comments

Comments

@ankon
Copy link

ankon commented Nov 28, 2017

Description

The https://github.com/chjj/marked project seems to be unmaintained right now, and instead there is https://github.com/8fold/marked. This contains at least one additional XSS fix, which this element should pick up.

Expected outcome

8fold-marked is used.

Actual outcome

marked is used.
@ankon
Copy link
Author

ankon commented Nov 28, 2017

XSS fix: markedjs/marked#844, applied at https://github.com/8fold/marked/commit/8f9d0b72f5606ed32057049f387161dd41c36ade

Note also #40 exists since a while, asking for better defaults.

@ankon ankon mentioned this issue Nov 28, 2017
Closed
@stramel
Copy link
Collaborator

stramel commented Dec 25, 2017

marked library was updated to cover the XSS issues and tagged as 0.3.9

@stramel stramel closed this as completed Dec 25, 2017
@ankon
Copy link
Author

ankon commented Jan 2, 2018

@stramel thanks.

For being horribly paranoid: could this project explicitly bump the library requirement to 0.3.9?

@stramel
Copy link
Collaborator

stramel commented Jan 4, 2018
edited
Loading

@ankon I put out #84 for review, we'll see what they think.

# for free to join this conversation on GitHub. Already have an account? # to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@stramel @ankon