markdown-toc
markdown-toc copied to clipboard
Published
20 hours ago •
jonschlinkert
jonschlinkert
fixes: #156, osv/GHSA-35jh-r3h4-6jhm: override autolinker
Fixes #156
Overrides the version of autolinker used to fix a vulnerability.
I understand this solution may seem hacky, but npm's docs suggest overrides for fixing security issues.
- https://docs.npmjs.com/cli/v8/configuring-npm/package-json#overrides
Testing process
- npm audit now finds no vulnerabilities
@ramonpetgrave64 ➜ /workspaces/markdown-toc (master) $ npm audit
found 0 vulnerabilities
- unit tests still pass
@ramonpetgrave64 ➜ /workspaces/markdown-toc (master) $ npm install && npm test
npm WARN deprecated [email protected]: This module is not supported, and leaks memory. Do not use it. Check out lru-cache if you want a good and tested way to coalesce async requests by a key value, which is much more comprehensive and powerful.
npm WARN deprecated [email protected]: Glob versions prior to v9 are no longer supported
added 135 packages, and audited 136 packages in 2s
20 packages are looking for funding
run `npm fund` for details
found 0 vulnerabilities
> [email protected] test
> mocha
plugin
✔ should work as a remarkable plugin (61ms)
options: custom functions:
✔ should allow a custom `strip` function to strip words from heading text:
✔ should allow a custom slugify function to be passed:
✔ should strip forward slashes in slugs
✔ should strip backticks in slugs
✔ should strip CJK punctuations in slugs
✔ should strip & in slugs
✔ should escape the CJK characters in linkify
✔ should strip HTML tags from headings
✔ should not strip HTML tags from headings when `stripHeadingTags` is false
✔ should condense spaces in the heading text
✔ should replace spaces in links with dashes
✔ should allow a `filter` function to filter out unwanted bullets:
toc
✔ should generate a TOC from markdown headings:
✔ should allow duplicate headings:
✔ should increment duplicate headings:
✔ should allow and ignore empty headings:
✔ should handle dots, colons dashes and underscores correctly:
✔ should use a different bullet for each level
✔ should use a different bullet for each level
✔ should handle mixed heading levels:
✔ should ignore headings in fenced code blocks.
✔ should allow `maxdepth` to limit heading levels:
✔ should remove the first H1 when `firsth1` is false:
- should correctly calculate `maxdepth` when `firsth1` is false:
✔ should allow custom bullet points to be defined:
✔ should rotate bullets when there are more levels than bullets defined:
✔ should rotate bullets when there are more levels than bullets defined:
✔ should wrap around the bullet point array
✔ should allow custom bullet points at different depths
✔ should remove diacritics from the links
✔ should strip words from heading text, but not from urls:
toc tokens
✔ should return an object for customizing a toc:
✔ should return the `highest` heading level in the TOC:
✔ should return an array of tokens:
✔ should expose the `lvl` property on headings tokens:
json property
✔ should expose a `json` property:
✔ should return the `content` property for a heading:
toc.insert
✔ should retain trailing newlines in the given string
✔ should insert a markdown TOC beneath a `<!-- toc -->` comment. (39ms)
✔ should replace an old TOC between `<!-- toc -->...<!-- tocstop -->` comments.
✔ should insert the toc passed on the options.
✔ should accept options
✔ should accept no links option
43 passing (159ms)
1 pending
