Update from to-markdown to turndown

We got a security alert for a regular expression DoS attack on our used library `to-markdown`. After checking `to-markdown` to be maintained or not, it turned out they renamed the library to `turndown`. So upgrading to `turndown` should fix this vulnerbility. References: https://www.npmjs.com/package/to-markdown https://github.com/domchristie/turndown/wiki/Migrating-from-to-markdown-to-Turndown Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>
2018-11-21 11:11:47 +01:00
parent 2323d203b4
commit 33774c11b9
2 changed files with 8 additions and 3 deletions
--- a/package.json
+++ b/package.json
@@ -123,8 +123,8 @@
    "store": "^2.0.12",
    "string": "^3.3.3",
    "tedious": "^1.14.0",
-    "to-markdown": "^3.0.3",
    "toobusy-js": "^0.5.1",
+    "turndown": "^5.0.1",
    "uuid": "^3.1.0",
    "validator": "^10.4.0",
    "velocity-animate": "^1.4.0",