Skip to content

chore(deps): bump markdown-it, @rocket/cli and markdownlint-cli#2790

Open
dependabot[bot] wants to merge 1 commit into
masterfrom
dependabot/npm_and_yarn/multi-8add70b4dd
Open

chore(deps): bump markdown-it, @rocket/cli and markdownlint-cli#2790
dependabot[bot] wants to merge 1 commit into
masterfrom
dependabot/npm_and_yarn/multi-8add70b4dd

Conversation

@dependabot

@dependabot dependabot Bot commented on behalf of github Jun 18, 2026

Copy link
Copy Markdown
Contributor

Bumps markdown-it to 14.2.0 and updates ancestor dependencies markdown-it, @rocket/cli and markdownlint-cli. These dependencies need to be updated together.

Updates markdown-it from 10.0.0 to 14.2.0

Changelog

Sourced from markdown-it's changelog.

[14.2.0] - 2026-05-24

Added

  • isPunctCharCode to utilities.

Fixed

  • Don't end HTML comment blocks on a blank line, #1155.
  • Properly recognize astral chars (surrogates) in delimiter scans for emphasis-like markers, #1072. Big thanks to @​tats-u for his global efforts with improving CJK support.
  • Preserve unicode whitespaces when trimm headings/paragraphs, #1074.
  • More strict entities decode to avoid false positives ;, #1096.
  • Restore block parser state on fail in lheading rule, #1131.

Security

  • Fixed poor smartquotes perfomance on > 70k quotes in single block
  • Bumped linkify-it to 5.0.1 with fixed potential perfomance issues.

[14.1.1] - 2026-01-11

Security

  • Fixed regression from v13 in linkify inline rule. Specific patterns could cause high CPU use. Thanks to @​ltduc147 for report.

[14.1.0] - 2024-03-19

Changed

  • Updated CM spec compatibility to 0.31.2, #1009.

Fixed

  • Fixed quadratic complexity when parsing references, #996.
  • Fixed quadratic output size with pathological user input in tables, #1000.

[14.0.0] - 2023-12-08

Changed

  • Drop ancient browsers support (use .fromCodePoint and other features).
  • Rewrite to ESM (including all plugins/deps). CJS fallback still available. No signatures changed, except markdown-it-emoji plugin.
  • Dropped dist/ folder from repo, build on package publish.
  • Set punicode.js as external dependency.

Fixed

  • Html tokens inside img alt are now rendered as their original text, #896.
  • Hardbreaks inside img alt are now rendered as newlines.

[13.0.2] - 2023-09-26

Security

  • Fixed crash/infinite loop caused by linkify inline rule, #957.

... (truncated)

Commits

Updates @rocket/cli from 0.10.2 to 0.21.0

Release notes

Sourced from @​rocket/cli's releases.

@​rocket/cli@​0.20.3

Patch Changes

  • a48dcd8: Introducing rocket lint to verify if all your links are correct.

    There are two modes:

    # check existing production build in _site (need to execute "rocket build" before)
    rocket lint
    run a fast html only build and then check it
    rocket lint --build-html

  • Updated dependencies [0ed3d6d]

    • @​rocket/engine@​0.2.7

@​rocket/cli@​0.20.2

Patch Changes

  • 39206a1: rocket start now outputs to _site-dev instead of _site.
  • 39206a1: rocket start clears only its output folder (defaults to _site-dev)
  • cbfb0f9: Add rocket preview command to enable fast checking of the production build

@​rocket/cli@​0.20.0

Minor Changes

  • 5226ab0: BREAKING CHANGE: Complete rewrite introducing @rocket/engine Introduces class based templates, server side rendering of web components and a file based routing.

    For more information see the migration guide.

    The legacy documentation is still available.

Patch Changes

  • Updated dependencies [5226ab0]
    • @​rocket/engine@​0.2.0
Commits
  • b563967 Version Packages
  • 5226ab0 chore: prepare releases & move to main
  • 6c949ee feat: prepare @​rocket/launch release
  • 0f77a8b chore: release packages
  • 0226d08 feat: add progressive hydration support
  • d220d35 feat: add search to page
  • 19f3185 chore: releases
  • cb105c5 fix: optimize font handling via local font with preload and optional display
  • 1968e23 fix(cli): use puppeteer pkg so it works out of the box on netlify
  • bf87645 feat: generate open graph images
  • Additional commits viewable in compare view

Updates markdownlint-cli from 0.42.0 to 0.49.0

Release notes

Sourced from markdownlint-cli's releases.

v0.49.0

  • Update markdownlint dependency to 0.41.0
    • Improve MD022/MD028/MD035/MD042/MD051/MD060
    • Remove handling of inline directive syntax (frequent false positives)
    • Remove support for end-of-life Node version 20
  • Update all dependencies via Dependabot

v0.48.0

  • Update all dependencies via Dependabot

v0.47.0

  • Add output and exit code support for warnings
  • Update markdownlint dependency to 0.40.0
    • Improve MD011/MD013/MD051/MD060
  • Update all dependencies via Dependabot

v0.46.0

  • Replace glob dependency with tinyglobby (smaller and fewer dependencies)
  • Update markdownlint dependency to 0.39.0
    • Add MD060/table-column-style
    • Improve MD001/MD007/MD009/MD010/MD029/MD033/MD037/MD059
  • Update all dependencies via Dependabot

v0.45.0

  • Update markdownlint dependency to 0.38.0
    • Add MD059/descriptive-link-text
    • Improve MD025/MD027/MD036/MD038/MD041/MD043/MD045/MD051/MD052
    • Remove support for end-of-life Node version 18
  • Update all dependencies via Dependabot

v0.44.0

  • Update markdownlint dependency to 0.37.4
    • Convert module to ECMAScript (breaking change)
    • Stop using require, convert to import
    • Improve MD032
  • Update all dependencies via Dependabot

v0.43.0

  • Update markdownlint dependency to 0.36.1
    • Improve MD051
    • Make micromark parser available to custom rules
    • Improve performance
  • Update all dependencies via Dependabot
Commits
  • a4d5d37 Bump version 0.49.0
  • 503f264 Delete and recreate package-lock.json via "npm install".
  • 7a24593 Bump markdownlint from 0.40.0 to 0.41.0
  • c7c1c76 Bump commander from 14.0.3 to 15.0.0
  • 83f5f30 Bump tinyglobby from 0.2.16 to 0.2.17
  • 74b98de Bump js-yaml from 4.1.1 to 4.2.0
  • d368135 Bump markdown-it from 14.1.1 to 14.2.0
  • dd34288 Bump ava from 8.0.0 to 8.0.1
  • 1e363dc Bump brace-expansion from 5.0.5 to 5.0.6
  • 2f092d2 Bump ava from 7.0.0 to 8.0.0
  • Additional commits viewable in compare view

@dependabot dependabot Bot added dependencies Pull requests that update a dependency file javascript Pull requests that update javascript code labels Jun 18, 2026
@dependabot dependabot Bot added dependencies Pull requests that update a dependency file javascript Pull requests that update javascript code labels Jun 18, 2026
@changeset-bot

changeset-bot Bot commented Jun 18, 2026

Copy link
Copy Markdown

⚠️ No Changeset found

Latest commit: 5a547d5

Merging this PR will not cause a version bump for any packages. If these changes should not result in a new version, you're good to go. If these changes should result in a version bump, you need to add a changeset.

This PR includes no changesets

When changesets are added to this PR, you'll see the packages that this PR includes changesets for and the associated semver types

Click here to learn what changesets are, and how to add one.

Click here if you're a maintainer who wants to add a changeset to this PR

Bumps [markdown-it](https://github.com/markdown-it/markdown-it) to 14.2.0 and updates ancestor dependencies [markdown-it](https://github.com/markdown-it/markdown-it), [@rocket/cli](https://github.com/modernweb-dev/rocket/tree/HEAD/packages/cli) and [markdownlint-cli](https://github.com/igorshubovych/markdownlint-cli). These dependencies need to be updated together.


Updates `markdown-it` from 10.0.0 to 14.2.0
- [Changelog](https://github.com/markdown-it/markdown-it/blob/master/CHANGELOG.md)
- [Commits](markdown-it/markdown-it@10.0.0...14.2.0)

Updates `@rocket/cli` from 0.10.2 to 0.21.0
- [Release notes](https://github.com/modernweb-dev/rocket/releases)
- [Commits](https://github.com/modernweb-dev/rocket/commits/@rocket/launch@0.21.0/packages/cli)

Updates `markdownlint-cli` from 0.42.0 to 0.49.0
- [Release notes](https://github.com/igorshubovych/markdownlint-cli/releases)
- [Commits](igorshubovych/markdownlint-cli@v0.42.0...v0.49.0)

---
updated-dependencies:
- dependency-name: "@rocket/cli"
  dependency-version: 0.21.0
  dependency-type: direct:development
- dependency-name: markdown-it
  dependency-version: 14.2.0
  dependency-type: indirect
- dependency-name: markdownlint-cli
  dependency-version: 0.49.0
  dependency-type: direct:development
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot force-pushed the dependabot/npm_and_yarn/multi-8add70b4dd branch from d39d32c to 5a547d5 Compare June 23, 2026 13:41
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

dependencies Pull requests that update a dependency file javascript Pull requests that update javascript code

Projects

None yet

Development

Successfully merging this pull request may close these issues.

0 participants