[SECURITY FIX] CWE-1333: Inefficient Regular Expression Complexity #13

Update dependencies.
Update MarkdownDemo and LinterAndCrossBindingDemo.

Author: logue

package.json

@@ -1,7 +1,7 @@
 {
   "$schema": "https://json.schemastore.org/package.json",
   "name": "vue-codemirror6",
-  "version": "1.1.10",
+  "version": "1.1.11",
   "license": "MIT",
   "description": "CodeMirror6 Component for vue2 and vue3.",
   "keywords": [
@@ -88,17 +88,17 @@
     }
   },
   "devDependencies": {
-    "@codemirror/lang-javascript": "^6.1.2",
+    "@codemirror/lang-javascript": "^6.1.3",
     "@codemirror/lang-json": "^6.0.1",
     "@codemirror/lang-markdown": "^6.0.5",
     "@types/lodash": "^4.14.191",
     "@types/node": "^18.11.18",
-    "@typescript-eslint/eslint-plugin": "^5.49.0",
-    "@typescript-eslint/parser": "^5.49.0",
+    "@typescript-eslint/eslint-plugin": "^5.50.0",
+    "@typescript-eslint/parser": "^5.50.0",
     "@vitejs/plugin-vue": "^4.0.0",
     "@vue/eslint-config-prettier": "^7.0.0",
     "@vue/tsconfig": "^0.1.3",
-    "@vueuse/core": "^9.11.1",
+    "@vueuse/core": "^9.12.0",
     "eslint": "^8.33.0",
     "eslint-config-google": "^0.14.0",
     "eslint-config-prettier": "^8.6.0",
@@ -107,7 +107,7 @@
     "eslint-linter-browserify": "^8.33.0",
     "eslint-plugin-html": "^7.1.0",
     "eslint-plugin-import": "^2.27.5",
-    "eslint-plugin-jsdoc": "^39.7.0",
+    "eslint-plugin-jsdoc": "^39.8.0",
     "eslint-plugin-prettier": "^4.2.1",
     "eslint-plugin-tsdoc": "^0.2.17",
     "eslint-plugin-vue": "^9.9.0",
@@ -119,13 +119,15 @@
     "prettier": "^2.8.3",
     "rimraf": "^4.1.2",
     "rollup-plugin-visualizer": "^5.9.0",
-    "typescript": "^4.9.4",
-    "vite": "^4.0.4",
+    "sass": "^1.58.0",
+    "sass-loader": "^13.2.0",
+    "typescript": "^4.9.5",
+    "vite": "^4.1.1",
     "vite-plugin-banner": "^0.7.0",
     "vite-plugin-checker": "^0.5.5",
-    "vue": "^3.2.45",
+    "vue": "3.2.45",
     "vue-eslint-parser": "^9.1.0",
-    "vue-markdown-wasm": "^0.3.1",
+    "vue-markdown-wasm": "^0.3.2",
     "vue-tsc": "^1.0.24"
   },
   "husky": {
@@ -138,6 +140,7 @@
     "*": "prettier -w -u"
   },
   "resolutions": {
-    "json5": "^2.2.3"
+    "json5": "^2.2.3",
+    "http-cache-semantics": "^4.1.1"
   }
 }

src-docs/DemoPage.vue

@@ -78,7 +78,8 @@ const linterAndCrossBindingDemoSrc = LinterAndCrossBindingDemoSrc.trim();
         In this sample, the text is put directly inside the
         <code>&lt;code-mirror&gt;</code>
         tag to make it the initial string. On the Vue side, it is evaluated as a
-        DOM node and only the text node is used as the value.
+        DOM node and only the text node is used as the value. In addition, it
+        does not work with Vue2.7.
       </p>
       <p>
         It's just for simple syntax highlighting. Do not use with

src-docs/components/LinterAndCrossBindingDemo.vue

@@ -48,8 +48,6 @@ const onUpdate = update => {
 </script>
 
 <template>
-  <!-- eslint-disable vuejs-accessibility/form-control-has-label -->
-  <!-- eslint-disable vuejs-accessibility/label-has-for -->
   <div class="row">
     <div class="col-6 mb-3">
       <code-mirror
@@ -64,9 +62,11 @@ const onUpdate = update => {
       />
     </div>
     <div class="col-6 mb-3">
-      <textarea v-model="value" rows="4" class="form-control" />
+      <!-- eslint-disable-next-line vuejs-accessibility/form-control-has-label, vue/html-self-closing -->
+      <textarea v-model="value" rows="4" class="form-control"></textarea>
     </div>
     <div class="col-12 mb-3">
+      <!-- eslint-disable-next-line vuejs-accessibility/label-has-for -->
       <label for="count" class="visually-hidden">Linter Error Count</label>
       <div class="input-group">
         <div class="input-group-text">Linter Error Count</div>

src-docs/components/MarkdownDemo.vue

@@ -30,7 +30,61 @@ defineProps({ dark: Boolean });
       />
     </div>
     <div class="col-6">
-      <vue-markdown v-model="input" />
+      <vue-markdown v-model="input" class="markdown-body" />
     </div>
   </div>
 </template>
+
+<style lang="scss">
+@import url(https://cdn.jsdelivr.net/npm/[email protected]/github-markdown.min.css);
+
+.markdown-body {
+  h1 > a.anchor,
+  h2 > a.anchor,
+  h3 > a.anchor,
+  h4 > a.anchor,
+  h5 > a.anchor,
+  h6 > a.anchor {
+    display: block;
+    float: left;
+    height: 1.2em;
+    width: 1em;
+    margin-left: -1em;
+    position: relative;
+    outline: none;
+  }
+  /*.anchor:target { background: yellow; }*/
+  h1 > a.anchor:before,
+  h2 > a.anchor:before,
+  h3 > a.anchor:before,
+  h4 > a.anchor:before,
+  h5 > a.anchor:before,
+  h6 > a.anchor:before {
+    visibility: hidden;
+    position: absolute;
+    opacity: 0.2;
+    right: 0;
+    top: 0;
+    width: 1.2em;
+    line-height: inherit;
+    content: '🔗';
+  }
+  h1 > a.anchor:hover:before,
+  h2 > a.anchor:hover:before,
+  h3 > a.anchor:hover:before,
+  h4 > a.anchor:hover:before,
+  h5 > a.anchor:hover:before,
+  h6 > a.anchor:hover:before {
+    visibility: visible;
+    opacity: 0.8;
+  }
+  h1:hover .anchor:before,
+  h2:hover .anchor:before,
+  h3:hover .anchor:before,
+  h4:hover .anchor:before,
+  h5:hover .anchor:before,
+  h6:hover .anchor:before {
+    visibility: visible;
+  }
+}
+</style>