[Snyk] Upgrade ecmarkup from 3.16.0 to 3.25.3

[snyk-bot]

Snyk has created this PR to upgrade ecmarkup from 3.16.0 to 3.25.3.

ℹ️ Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.

---

• The recommended version is 17 versions ahead of your current version.
• The recommended version was released a year ago, on 2020-06-29.

The recommended version fixes:

Severity	Issue	PriorityScore (*)	Exploit Maturity
	Prototype Pollution SNYK-JS-LODASH-608086	472/1000 Why? Proof of Concept exploit, CVSS 7.3	Proof of Concept
	Prototype Pollution SNYK-JS-LODASH-590103	472/1000 Why? Proof of Concept exploit, CVSS 7.3	No Known Exploit
	Command Injection SNYK-JS-LODASH-1040724	472/1000 Why? Proof of Concept exploit, CVSS 7.3	Proof of Concept
	Prototype Pollution SNYK-JS-AJV-584908	472/1000 Why? Proof of Concept exploit, CVSS 7.3	No Known Exploit
	Regular Expression Denial of Service (ReDoS) SNYK-JS-ACORN-559469	472/1000 Why? Proof of Concept exploit, CVSS 7.3	No Known Exploit
	Regular Expression Denial of Service (ReDoS) SNYK-JS-ACORN-559469	472/1000 Why? Proof of Concept exploit, CVSS 7.3	No Known Exploit
	Prototype Pollution SNYK-JS-MINIMIST-559764	472/1000 Why? Proof of Concept exploit, CVSS 7.3	Proof of Concept
	Prototype Pollution SNYK-JS-LODASH-567746	472/1000 Why? Proof of Concept exploit, CVSS 7.3	Proof of Concept
	Regular Expression Denial of Service (ReDoS) SNYK-JS-LODASH-1018905	472/1000 Why? Proof of Concept exploit, CVSS 7.3	Proof of Concept
	Prototype Pollution SNYK-JS-HIGHLIGHTJS-1045326	472/1000 Why? Proof of Concept exploit, CVSS 7.3	No Known Exploit

(*) Note that the real score may have changed since the PR was raised.

Release notes

Package name: ecmarkup

• 3.25.3 - 2020-06-29
• 3.25.2 - 2020-06-28
• 3.25.1 - 2020-06-18
  

  Version 3.25.1

• 3.25.0 - 2020-06-17
  

  Version 3.25.0

• 3.24.0 - 2020-06-15
  

  Version 3.24.0

• 3.23.0 - 2020-06-03
  

  Version 3.23.0

• 3.22.0 - 2020-05-27
  

  Version 3.22.0

• 3.21.1 - 2020-05-20
  

  Version 3.21.1

• 3.21.0 - 2020-05-19
  

  Version 3.21.0

• 3.20.0 - 2020-05-16
  

  Version 3.20.0 (#200)

• 3.19.1 - 2020-03-27
  

  v3.19.1

• 3.19.0 - 2020-03-12
  

  v3.19.0

• 3.18.3 - 2020-02-28
• 3.18.2 - 2020-02-28
• 3.18.1 - 2020-02-28
• 3.18.0 - 2020-02-28
• 3.17.0 - 2020-01-17
• 3.16.0 - 2018-06-13

from ecmarkup GitHub release notes

Commit messages

Package name: ecmarkup

• 3f3746a Version 3.25.3
• 57285c2 Emit HTML element when it has attributes
• afc7d43 [meta] add "engines" (#223)
• 09382ec Version 3.25.2
• 8b93bb8 lint: allow *0*_ℤ
• a5ae0d1 Fix <emu‑biblio> documentation (Will heldValue be GC, after cleanupCallback executed? tc39/proposal-weakrefs#220)
• 1d2e21d Version 3.25.1
• 5212e69 use id rather than label
• 2eff3a4 Version 3.25.0
• 58463e0 lint: require use of labeled steps
• 048559b support for xrefs to steps and labeled algorithms
• de7431f Version 3.24.0
• 65ba29b lint: add lint for algorithm line numbers
• 0490249 better errors for unclosed emu-alg/emu-grammar tags (WeakRefs is at Stage 4 tc39/proposal-weakrefs#215)
• 4e7f86f Version 3.23.0
• a90246a bump ecmarkdown
• 688241f lint: add some rules about linebreaks (Bump lodash from 4.17.15 to 4.17.19 tc39/proposal-weakrefs#210)
• 2c24b3f Version 3.22.0
• 45eaf0e lint: allow lines to end in <pre> tags
• e8c185a lint: forbid trailing whitespace (move cleanup some into own proposal -- pending tc39 consensus tc39/proposal-weakrefs#209)
• 25809b0 lint: enforce some spelling conventions (Normative optional cleanupSome markup update tc39/proposal-weakrefs#207)
• edf571a Let code wrap in tables. (Rename to FinalizationRegistry in the README tc39/proposal-weakrefs#186)
• a2b37df add lint for header format (WeakRef.prototype.deref() is misnamed tc39/proposal-weakrefs#205)
• 6738bbe Version 3.21.1

Compare

---

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.

For more information:

🧐 View latest project report

🛠 Adjust upgrade PR settings

🔕 Ignore this dependency or unsubscribe from future upgrade PRs