[Snyk] Upgrade marked from 17.0.1 to 17.0.6

[nkammah]

Snyk has created this PR to upgrade marked from 17.0.1 to 17.0.6.

ℹ️ Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.

---

• The recommended version is 5 versions ahead of your current version.

• The recommended version was released 24 days ago.

Issues fixed by the recommended upgrade:

	Issue	Score	Exploit Maturity
	Arbitrary Code Injection SNYK-JS-PROTOBUFJS-16094665	868	Proof of Concept
	Arbitrary Code Injection SNYK-JS-PROTOBUFJS-16094665	868	Proof of Concept

Breaking Change Risk

Notice: This assessment is enhanced by AI.

Release notes

Package name: marked

• 17.0.6 - 2026-04-05
  

  17.0.6 (2026-04-05)

  Bug Fixes

  • avoid race condition in async parallel parse/parseInline with hooks (#3924) (6e96fa7)
  • cli: honor positional input file (#3922) (a1c2617)
  • cli: use file URL for config import (#3923) (73e1f3f)
• 17.0.5 - 2026-03-20
  

  17.0.5 (2026-03-20)

  Bug Fixes

  • Fix catastrophic backtracking (ReDoS) in link/reflink label regex (#3918) (4625980)
  • prevent quadratic complexity in emStrongLDelim regex (#3906) (c732dd2)
  • prevent single-tilde strikethrough false positives (#3910) (5e03369)
  • re-assign tokenizer.lexer and renderer.parser at start of each parse call (#3907) (f3a3ec0)
  • trim trailing whitespace from lheading text (#3920) (3ea7e88)
• 17.0.4 - 2026-03-04
  

  17.0.4 (2026-03-04)

  Bug Fixes

  • prevent ReDoS in inline link regex title group (#3902) (46fb9b8)
• 17.0.3 - 2026-02-17
  

  17.0.3 (2026-02-17)

  Bug Fixes

  • escape image alt text (#3896) (909fe44)
• 17.0.2 - 2026-02-11
  

  17.0.2 (2026-02-11)

  Bug Fixes

  • fix blockquote after list (#3888) (2a475a1)
  • fix empty list item (#3890) (3fc6a44)
  • fix list item wrong indent (#3889) (e031175)
  • fix list with tabs (#3891) (9fc4f8e)
  • fix strikethrough flanking rules (#3882) (1a5b124)
• 17.0.1 - 2025-11-20
  

  17.0.1 (2025-11-20)

  Bug Fixes

  • fix block elements in task item (#3828) (921ee22)

from marked GitHub release notes

---

Important

• Check the changes in this PR to ensure they won't cause issues with your project.
• This PR was automatically created by Snyk using the credentials of a real user.
• Max score is 1000. Note that the real score may have changed since the PR was raised.

---

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.

For more information:

• 🧐 View latest project report
• 📜 Customise PR templates
• 🛠 Adjust upgrade PR settings
• 🔕 Ignore this dependency or unsubscribe from future upgrade PRs

[nkammah]

This is a patch version upgrade that includes several bug fixes and security enhancements. There are no breaking changes documented.

Key changes include:

• v17.0.6: Fixes a race condition in async parsing and addresses issues with the command-line interface (CLI).
• v17.0.5: Addresses a regular expression denial-of-service (ReDoS) vulnerability and other parsing correctness fixes.
• v17.0.2 - v17.0.4: Includes various fixes for list items, blockquotes, and strikethrough parsing.

No developer action is required as these changes correct bugs and improve security without altering the public API.

Source: GitHub Releases

Notice 🤖: This content was augmented using artificial intelligence. AI-generated content may contain errors and should be reviewed for accuracy before use.