Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Replace marked library with 8fold-marked #82

Closed
ankon opened this issue Nov 28, 2017 · 4 comments
Closed

Replace marked library with 8fold-marked #82

ankon opened this issue Nov 28, 2017 · 4 comments

Comments

@ankon
Copy link

ankon commented Nov 28, 2017

Description

The https://github.com/chjj/marked project seems to be unmaintained right now, and instead there is https://github.com/8fold/marked. This contains at least one additional XSS fix, which this element should pick up.

Expected outcome

8fold-marked is used.

Actual outcome

marked is used.
@ankon
Copy link
Author

ankon commented Nov 28, 2017

XSS fix: markedjs/marked#844, applied at https://github.com/8fold/marked/commit/8f9d0b72f5606ed32057049f387161dd41c36ade

Note also #40 exists since a while, asking for better defaults.

@ankon ankon mentioned this issue Nov 28, 2017
Closed
@stramel
Copy link
Collaborator

stramel commented Dec 25, 2017

marked library was updated to cover the XSS issues and tagged as 0.3.9

@stramel stramel closed this as completed Dec 25, 2017
@ankon
Copy link
Author

ankon commented Jan 2, 2018

@stramel thanks.

For being horribly paranoid: could this project explicitly bump the library requirement to 0.3.9?

@stramel
Copy link
Collaborator

stramel commented Jan 4, 2018
edited
Loading

@ankon I put out #84 for review, we'll see what they think.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@stramel @ankon