Fixing npm audit #84
Fixing npm audit #84
Conversation
|
I also ran into this issue recently and came here to make a PR. Glad you're ahead of me! It looks like a snapshot file changed. I'm not familiar at all with this repo but that change doesn't look right. |
|
I thought the same until I saw this commit 2e7f73f |
@ndelangen related to the commit above, is the change we see in the snapshots here not the expected behavior? |
|
Indeed, this is why I downgraded exactly |
| @@ -203,11 +203,9 @@ exports[`should be able to compile list 1`] = ` | |||
|
|
|||
| exports[`should be able to compile list with html tag 1`] = ` | |||
| <div> | |||
| <font | |||
There was a problem hiding this comment.
This is not correct, unfortunately 😢
There was a problem hiding this comment.
That is fair. I'll check it out.
|
The snapshot should stay the same. I sunk about 2 hours into this back then, and wasn't able to upgrade without complete breaking the package. |
|
Well, the snapshot for the test |
| @@ -30,7 +30,7 @@ | |||
| "dependencies": { | |||
| "@babel/standalone": "^7.4.5", | |||
| "he": "^1.2.0", | |||
| "marked": "^0.3.12" | |||
| "marked": "^0.7.0" | |||
There was a problem hiding this comment.
marked already has 0.8.0 in 3 months ago
https://www.npmjs.com/package/marked
|
@ndelangen if the fact that there is some cases changing behavior due to the marked upgrade, maybe this could be released as a new major version of that library, if that's an issue for releasing it as a patch. |
| @@ -203,11 +203,9 @@ exports[`should be able to compile list 1`] = ` | |||
|
|
|||
| exports[`should be able to compile list with html tag 1`] = ` | |||
There was a problem hiding this comment.
OK, @stof If we remove this testcase, and upgrade, then release as a new major version, I'm ok with that.
As per as per https://www.npmjs.com/advisories/1076 and #78