Skip to content

chore(deps): bump markdown-it and @vscode/vsce in /workshop-images/base-environment/opt/helper#1072

Closed
dependabot[bot] wants to merge 1 commit into
developfrom
dependabot/npm_and_yarn/workshop-images/base-environment/opt/helper/multi-991d023308
Closed

chore(deps): bump markdown-it and @vscode/vsce in /workshop-images/base-environment/opt/helper#1072
dependabot[bot] wants to merge 1 commit into
developfrom
dependabot/npm_and_yarn/workshop-images/base-environment/opt/helper/multi-991d023308

Conversation

@dependabot

@dependabot dependabot Bot commented on behalf of github Jun 16, 2026

Copy link
Copy Markdown
Contributor

Bumps markdown-it to 14.3.0 and updates ancestor dependency @vscode/vsce. These dependencies need to be updated together.

Updates markdown-it from 12.3.2 to 14.3.0

Changelog

Sourced from markdown-it's changelog.

[14.3.0] - 2026-07-02

Changed

  • Reworked build pipeline & tools.
  • Added source maps.
  • Bumped linkify-it to 5.0.2.

Fixed

  • Preserve backslash-space hard line breaks, matching CommonMark 6.7, #1185.

[14.2.0] - 2026-05-24

Added

  • isPunctCharCode to utilities.

Fixed

  • Don't end HTML comment blocks on a blank line, #1155.
  • Properly recognize astral chars (surrogates) in delimiter scans for emphasis-like markers, #1072. Big thanks to @​tats-u for his global efforts with improving CJK support.
  • Preserve unicode whitespaces when trimm headings/paragraphs, #1074.
  • More strict entities decode to avoid false positives ;, #1096.
  • Restore block parser state on fail in lheading rule, #1131.

Security

  • Fixed poor smartquotes perfomance on > 70k quotes in single block
  • Bumped linkify-it to 5.0.1 with fixed potential perfomance issues.

[14.1.1] - 2026-01-11

Security

  • Fixed regression from v13 in linkify inline rule. Specific patterns could cause high CPU use. Thanks to @​ltduc147 for report.

[14.1.0] - 2024-03-19

Changed

  • Updated CM spec compatibility to 0.31.2, #1009.

Fixed

  • Fixed quadratic complexity when parsing references, #996.
  • Fixed quadratic output size with pathological user input in tables, #1000.

[14.0.0] - 2023-12-08

Changed

  • Drop ancient browsers support (use .fromCodePoint and other features).
  • Rewrite to ESM (including all plugins/deps). CJS fallback still available. No signatures changed, except markdown-it-emoji plugin.
  • Dropped dist/ folder from repo, build on package publish.

... (truncated)

Commits
  • ff0ee08 14.3.0 released
  • 52e2749 Bump linkify-it / vite deps
  • 56c2404 fix: keep backslash-space hard line break (CommonMark 6.7) (#1185)
  • 0fbb18b Bump vite from 8.0.14 to 8.0.16 (#1181)
  • 83450e2 Rework benchmark deps and bump versions
  • 57a6863 benchmark => tinybench
  • 7608db1 Update CI config
  • 9d8eb42 Added package-lock and updated versions to latest possible
  • 0aee70d lint: enable @​stylistic/no-multi-spaces rule
  • 8878985 lint => neostandard
  • Additional commits viewable in compare view

Updates @vscode/vsce from 2.32.0 to 3.9.2

Release notes

Sourced from @​vscode/vsce's releases.

v3.9.2

Changes:

  • #1283: fix: skip APIScan
  • #1282: chore: bump CI to Node 22 and fix build
  • #1279: Bump the uuid test fixture version to 100.0.0
  • #1278: Bump tmp from 0.2.4 to 0.2.6
  • #1277: Bump qs from 6.14.2 to 6.15.2
  • #1276: Bump uuid and @​azure/msal-node
  • #1274: Run npm audit fix
  • #1272: Bump fast-uri from 3.0.6 to 3.1.2
  • #1267: Bump minimatch from 10.2.2 to 10.2.3
  • #1247: Update minimatch dependency to v10

This list of changes was auto generated.

v3.9.2-4

Changes:

  • #1283: fix: skip APIScan
  • #1282: chore: bump CI to Node 22 and fix build
  • #1279: Bump the uuid test fixture version to 100.0.0
  • #1278: Bump tmp from 0.2.4 to 0.2.6
  • #1277: Bump qs from 6.14.2 to 6.15.2
  • #1276: Bump uuid and @​azure/msal-node

This list of changes was auto generated.

v3.9.2-3

Changes:

  • #1274: Run npm audit fix

This list of changes was auto generated.

v3.9.2-2

Changes:

  • #1272: Bump fast-uri from 3.0.6 to 3.1.2

This list of changes was auto generated.

... (truncated)

Commits
Maintainer changes

This version was pushed to npm by microsoft1es, a new releaser for @​vscode/vsce since your current version.


@dependabot dependabot Bot added dependencies Pull requests that update a dependency file javascript Pull requests that update Javascript code labels Jun 16, 2026
Bumps [markdown-it](https://github.com/markdown-it/markdown-it) to 14.3.0 and updates ancestor dependency [@vscode/vsce](https://github.com/Microsoft/vsce). These dependencies need to be updated together.


Updates `markdown-it` from 12.3.2 to 14.3.0
- [Changelog](https://github.com/markdown-it/markdown-it/blob/master/CHANGELOG.md)
- [Commits](markdown-it/markdown-it@12.3.2...14.3.0)

Updates `@vscode/vsce` from 2.32.0 to 3.9.2
- [Release notes](https://github.com/Microsoft/vsce/releases)
- [Commits](microsoft/vscode-vsce@v2.32.0...v3.9.2)

---
updated-dependencies:
- dependency-name: "@vscode/vsce"
  dependency-version: 3.9.2
  dependency-type: direct:development
- dependency-name: markdown-it
  dependency-version: 14.2.0
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot changed the title Bump markdown-it and @vscode/vsce in /workshop-images/base-environment/opt/helper chore(deps): bump markdown-it and @vscode/vsce in /workshop-images/base-environment/opt/helper Jul 13, 2026
@dependabot dependabot Bot force-pushed the dependabot/npm_and_yarn/workshop-images/base-environment/opt/helper/multi-991d023308 branch from 15012c6 to 9d7f58c Compare July 13, 2026 08:50
@dependabot @github

dependabot Bot commented on behalf of github Jul 13, 2026

Copy link
Copy Markdown
Contributor Author

Looks like these dependencies are up-to-date now, so this is no longer needed.

@dependabot dependabot Bot closed this Jul 13, 2026
@dependabot dependabot Bot deleted the dependabot/npm_and_yarn/workshop-images/base-environment/opt/helper/multi-991d023308 branch July 13, 2026 10:22
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

dependencies Pull requests that update a dependency file javascript Pull requests that update Javascript code

Projects

None yet

Development

Successfully merging this pull request may close these issues.

0 participants