Skip to content

build(deps): bump linkify-it from 5.0.0 to 5.0.2#374

Open
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/npm_and_yarn/linkify-it-5.0.1
Open

build(deps): bump linkify-it from 5.0.0 to 5.0.2#374
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/npm_and_yarn/linkify-it-5.0.1

Conversation

@dependabot

@dependabot dependabot Bot commented on behalf of github Jun 30, 2026

Copy link
Copy Markdown
Contributor

Bumps linkify-it from 5.0.0 to 5.0.2.

Changelog

Sourced from linkify-it's changelog.

5.0.2 / 2026-07-02

  • Fixed DoS in mailto: links (restrict user name to 64 chars).
  • Restricted user/pass part length in links.

5.0.1 / 2026-05-23

  • Fixed DoS in fuzzy links/emails search.
  • Reworked search logic - check each pattern separate, use g regexes instead of slice.
  • Removed internal cache - useless overcomplication.
Commits

@dependabot dependabot Bot added dependencies Pull requests that update a dependency file javascript Pull requests that update Javascript code labels Jun 30, 2026
Bumps [linkify-it](https://github.com/markdown-it/linkify-it) from 5.0.0 to 5.0.2.
- [Changelog](https://github.com/markdown-it/linkify-it/blob/master/CHANGELOG.md)
- [Commits](markdown-it/linkify-it@5.0.0...5.0.2)

---
updated-dependencies:
- dependency-name: linkify-it
  dependency-version: 5.0.1
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot changed the title build(deps): bump linkify-it from 5.0.0 to 5.0.1 build(deps): bump linkify-it from 5.0.0 to 5.0.2 Jul 14, 2026
@dependabot dependabot Bot force-pushed the dependabot/npm_and_yarn/linkify-it-5.0.1 branch from d8c2598 to b49eefc Compare July 14, 2026 05:12
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

dependencies Pull requests that update a dependency file javascript Pull requests that update Javascript code

Projects

None yet

Development

Successfully merging this pull request may close these issues.

0 participants