Metadata
- Source
- FLUID-6205
- Type
- Improvement
- Priority
- Minor
- Status
- Closed
- Resolution
- Fixed
- Assignee
- Justin Obara
- Reporter
- Tony Atkins [RtF]
- Created
2017-10-02T05:36:00.208-0400 - Updated
2018-05-24T03:56:29.813-0400 - Versions
- N/A
- Fixed Versions
- N/A
- Component
-
- Docs platform
Description
As mentioned recently on the mailing list and on our wiki, other projects that use markdown are inheriting vulnerabilities via the "marked" library. I have already replaced "marked" with "markdown-it" in gpii-handlebars.
Although there are fewer security concerns with the fluid-docs repo, ideally we would like:
- To depend on and potentially contribute to only one markdown rendering library
- To be able to write using the same markdown across all our projects.
There is a docpad plugin that uses "markdown-it". This ticket covers updating the fluid-docs repo to use that plugin.
Comments
-
Tony Atkins [RtF] commented
2017-10-02T05:52:55.996-0400 Assigning to @@Justin Obara for now, if @@Antranig Basman or anyone else wants to pick this up, feel free.