fix: upgrade marked dependency (#411)

snyk · Dec 13, 2023 · a1c763b · a1c763b
1 parent fb453ca
commit a1c763b
Show file tree

Hide file tree

Showing 3 changed files with 28 additions and 21 deletions.
diff --git a/package-lock.json b/package-lock.json
diff --git a/package.json b/package.json
@@ -401,7 +401,7 @@
     "@types/glob": "^8.1.0",
     "@types/he": "^1.2.3",
     "@types/lodash": "^4.14.161",
-    "@types/marked": "^3.0.0",
+    "@types/marked": "^6.0.0",
     "@types/mocha": "^8.0.3",
     "@types/needle": "^2.5.2",
     "@types/node": "^14.6.2",
@@ -447,7 +447,7 @@
     "http-proxy-agent": "^5.0.0",
     "https-proxy-agent": "^5.0.0",
     "lodash": "^4.17.21",
-    "marked": "^4.0.16",
+    "marked": "^11.1.0",
     "open": "^7.4.2",
     "rxjs": "^7.8.1",
     "string-argv": "^0.3.1",

diff --git a/src/snyk/snykOss/providers/ossIssueCommandHelper.ts b/src/snyk/snykOss/providers/ossIssueCommandHelper.ts
@@ -1,4 +1,4 @@
-import marked from 'marked';
+import { marked } from 'marked';
 import { Issue, OssIssueData } from '../../common/languageServer/types';
 import { OssIssueCommandArg } from '../interfaces';
 
@@ -12,7 +12,7 @@ export function getOssIssueCommandArg(
 
   try {
     // TODO: marked.parse does not sanitize the HTML. See: https://marked.js.org/#usage
-    overviewHtml = marked.parse(vuln.additionalData.description);
+    overviewHtml = marked.parse(vuln.additionalData.description) as string;
   } catch (error) {
     overviewHtml = '<p>There was a problem rendering the vulnerability overview</p>';
   }