Commit 63540bd
fix(deps): bump markdownlint-cli from ^0.31.1 to ^0.48.0 (#284)
## Summary
- Bumps `markdownlint-cli` from `^0.31.1` to `^0.48.0`
- Also bumps `markdownlint` lib from `^0.25.1` to `^0.40.0` to match
- Replaces `glob` with `tinyglobby` (no more vulnerable glob dep)
- Uses `minimatch@10.2.5` (patched, replaces vulnerable 10.0.3)
## Breaking changes in markdownlint-cli 0.31 -> 0.48
- **Node.js >=20 required** (was >=12) — we use Node 20, not affected
- **`glob` replaced by `tinyglobby`** — internal dep swap, CLI interface
unchanged, not affected
- **`markdownlint` lib 0.25 -> 0.40** — internal engine upgrade,
switched to `markdown-it` parser. Some rules renamed/added. We only run
`markdownlint docs` with default config, existing warnings are
pre-existing, not affected
- **New/updated lint rules** — some rules added or tightened across
versions. Output now labels findings as "error" instead of bare rule
names. Cosmetic only, not affected
- **Config format additions** (TOML support added) — our config is
unchanged, not affected
## Dependabot alerts resolved
- Resolves glob command injection (high) — `glob` removed entirely,
replaced by `tinyglobby`
- Resolves minimatch ReDoS alerts via `minimatch@10.2.5`:
[#213](https://github.com/getsentry/rrweb/security/dependabot/213),
[#212](https://github.com/getsentry/rrweb/security/dependabot/212),
[#208](https://github.com/getsentry/rrweb/security/dependabot/208),
[#201](https://github.com/getsentry/rrweb/security/dependabot/201)
- Partially resolves brace-expansion alerts:
[#238](https://github.com/getsentry/rrweb/security/dependabot/238),
[#134](https://github.com/getsentry/rrweb/security/dependabot/134)
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-authored-by: Claude Opus 4.6 (1M context) <noreply@anthropic.com>1 parent b22a8f4 commit 63540bd
2 files changed
Lines changed: 492 additions & 92 deletions
| Original file line number | Diff line number | Diff line change | |
|---|---|---|---|
| |||
36 | 36 | | |
37 | 37 | | |
38 | 38 | | |
39 | | - | |
40 | | - | |
| 39 | + | |
| 40 | + | |
41 | 41 | | |
42 | 42 | | |
43 | 43 | | |
| |||
0 commit comments