markdown-it-include

markdown-it-include copied to clipboard

Bumps [terser](https://github.com/terser/terser) from 4.8.0 to 4.8.1. Changelog Sourced from terser's changelog. v4.8.1 (backport) Security fix for RegExps that should not be evaluated (regexp DDOS) Commits See full diff in compare...

dependabot[bot]

Bumps [minimist](https://github.com/substack/minimist) from 1.2.5 to 1.2.6. Commits 7efb22a 1.2.6 ef88b93 security notice for additional prototype pollution issue c2b9819 isConstructorOrProto adapted from PR bc8ecee test from prototype pollution PR See full...

dependabot[bot]

Bumps [pathval](https://github.com/chaijs/pathval) from 1.1.0 to 1.1.1. Release notes Sourced from pathval's releases. v1.1.1 Fixes a security issue around prototype pollution. Commits db6c3e3 chore: v1.1.1 7859e0e Merge pull request #60 from...

dependabot[bot]

Bumps [markdown-it](https://github.com/markdown-it/markdown-it) from 11.0.0 to 12.3.2. Changelog Sourced from markdown-it's changelog. [12.3.2] - 2022-01-08 Security Fix possible ReDOS in newline rule. Thanks to @​MakeNowJust. [12.3.1] - 2022-01-07 Fixed Fix corner...

dependabot[bot]

Rewriting paths

4

Assuming you're in `/opt/doc/file.md` and you include `./included/first.md`, but that file has an inline image referencing `./img/logo.gif`, the resulting Markdown would be looking for `/opt/doc/img/logo.gif`, while the image is actually...

BrekiTomasson

Add support for "absolute" root syntax

4

This PR introduces support with the "absolute" path syntax: - if the include path is specified in a relative syntax (e.g. `./L1/foo.md`) or without any leading path (e.g. `L1/foo.md`), then...

m4dz

Add a root scope protection option to increase module security.

10

Using this awesome module, I was able to leak a system file using the inclusion tag inside a MD file. I consider this as a security breach. However it's not...

riegelTech

Rewriting header levels

1

Assuming you've got your `# Introduction` down already, and you're down in `## Theory` or something, then you include a file that contains a `# Supposition`, then the resulting output...

BrekiTomasson

Bump glob-parent from 5.1.1 to 5.1.2

1

Bumps [glob-parent](https://github.com/gulpjs/glob-parent) from 5.1.1 to 5.1.2. Release notes Sourced from glob-parent's releases. v5.1.2 Bug Fixes eliminate ReDoS (#36) (f923116) Changelog Sourced from glob-parent's changelog. 5.1.2 (2021-03-06) Bug Fixes eliminate ReDoS...

dependabot[bot]

Bump browserslist from 4.14.1 to 4.16.6

1

Bumps [browserslist](https://github.com/browserslist/browserslist) from 4.14.1 to 4.16.6. Changelog Sourced from browserslist's changelog. 4.16.6 Fixed npm-shrinkwrap.json support in --update-db (by Geoff Newman). 4.16.5 Fixed unsafe RegExp (by Yeting Li). 4.16.4 Fixed unsafe...

dependabot[bot]