Mdast-util-to-hast is a utility that transforms Markdown Abstract Syntax Tree (mdast) into Hypertext Abstract Syntax Tree (hast). Version 5.0.0 was released on April 28, 2019, succeeding version 4.0.0, which was released on November 11, 2018. Both versions share the same core purpose and retain identical dependencies, including packages like trim, detab, mdurl, xtend, trim-lines, unist-builder, unist-util-visit, unist-util-position, collapse-white-space, unist-util-generated, and mdast-util-definitions. This suggests that the core functionality and underlying architecture remained consistent between releases.
However, the primary differences lie in the development dependencies and the distribution details. Version 5.0.0 upgrades xo from version 0.23.0 to 0.24.0 and nyc from version 13.0.0 to 14.0.0 indicating updates to the linting and code coverage tools used in development. The dist object also reveals changes in file size, with version 5.0.0 having an unpackedSize of 25603 bytes compared to version 4.0.0's 25225 bytes, implying minor additions or modifications to the codebase. For developers, the upgrade likely involves refinements in code style enforcement and improved testing, without significantly altering the API or core functionality of the mdast-to-hast transformation process. Consider upgrading for the newest tooling.
All the vulnerabilities related to the version 5.0.0 of the package
Regular Expression Denial of Service in trim
All versions of package trim lower than 0.0.3 are vulnerable to Regular Expression Denial of Service (ReDoS) via trim().
