[Snyk] Upgrade markdown-to-jsx from 7.5.0 to 7.6.0

[andaaron]

Snyk has created this PR to upgrade markdown-to-jsx from 7.5.0 to 7.6.0.

ℹ️ Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.

---

• The recommended version is 2 versions ahead of your current version.

• The recommended version was released on 21 days ago.

Release notes

Package name: markdown-to-jsx

• 7.6.0 - 2024-11-12
  

  Minor Changes

  • 2281a4d: Add options.disableAutoLink to customize bare URL handling behavior.

    By default, bare URLs in the markdown document will be converted into an anchor tag. This behavior can be disabled if desired.

    https://quantizor.dev will not be rendered as an anchor tag.',
    { disableAutoLink: true }
    )

    // renders:

    <span>
    The URL https://quantizor.dev will not be rendered as an anchor tag.
    </span>">

    <Markdown options={{ disableAutoLink: true }}>
    
    The URL https://quantizor.dev will not be rendered as an anchor tag.
    
    </Markdown>
    
    // or
    compiler(
    
    'The URL https://quantizor.dev will not be rendered as an anchor tag.',
    
    { disableAutoLink: true }
    
    )
    // renders:
    <span>
    
    The URL https://quantizor.dev will not be rendered as an anchor tag.
    
    </span>

  Patch Changes

  • fb3d716: Simplify handling of fallback scenario if a link reference is missing its corresponding footnote.
• 7.5.1 - 2024-11-12
  

  Patch Changes

  • b16f668: Fix issue with lookback cache resulting in false detection of lists inside lists in some scenarios
  • 58b96d3: fix: handle empty HTML tags more consistently #597
• 7.5.0 - 2024-08-18
  

  Minor Changes

  • 62a16f3: Allow modifying HTML attribute sanitization when options.sanitizer is passed by the composer.

    By default a lightweight URL sanitizer function is provided to avoid common attack vectors that might be placed into the href of an anchor tag, for example. The sanitizer receives the input, the HTML tag being targeted, and the attribute name. The original function is available as a library export called sanitizer.

    This can be overridden and replaced with a custom sanitizer if desired via options.sanitizer:

    foo', {
    sanitizer: (value, tag, attribute) => value,
    })">

    // sanitizer in this situation would receive:
    
    // ('javascript:alert("foo")', 'a', 'href')
    
    <Markdown options={{ sanitizer: (value, tag, attribute) => value }}>
    
    {[foo](javascript:alert("foo"))}
    
    </Markdown>
    // or
    compiler('foo', {
    
    sanitizer: (value, tag, attribute) => value,
    
    })

  Patch Changes

  • 553a175: Replace RuleType enum with an object

from markdown-to-jsx GitHub release notes

---

Important

• Check the changes in this PR to ensure they won't cause issues with your project.
• This PR was automatically created by Snyk using the credentials of a real user.

---

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.

For more information:

• 🧐 View latest project report
• 📜 Customise PR templates
• 🛠 Adjust upgrade PR settings
• 🔕 Ignore this dependency or unsubscribe from future upgrade PRs