Bump marked from 3.0.7 to 4.0.0

[dependabot]

Bumps marked from 3.0.7 to 4.0.0.

Release notes

Sourced from marked's releases.

v4.0.0

4.0.0 (2021-11-02)

Bug Fixes

• Convert to ESM (#2227) (4afb228)

BREAKING CHANGES

• Default export removed. Use import { marked } from 'marked' or const { marked } = require('marked') instead.
• /lib/marked.js removed. Use /marked.min.js in script tag instead.
• When using marked in a script tag use marked.parse(...) instead of marked(...)

v3.0.8

3.0.8 (2021-10-24)

Bug Fixes

• walkTokens uses marked as this (#2251) (2da5885)

Commits

• 7c09bb0 chore(release): 4.0.0 [skip ci]
• 1d5966f 🗜️ build [skip ci]
• eb84a28 chore: rename release config
• 4afb228 fix: Convert to ESM (#2227)
• 911dc9c chore(deps-dev): Bump @​babel/preset-env from 7.15.8 to 7.16.0 (#2263)
• 19466ff chore(deps-dev): Bump rollup from 2.58.3 to 2.59.0 (#2262)
• 49ad2ea chore(deps-dev): Bump @​babel/core from 7.15.8 to 7.16.0 (#2261)
• a702a8f chore(deps-dev): Bump @​semantic-release/git from 10.0.0 to 10.0.1 (#2260)
• e93f800 chore(deps-dev): Bump rollup from 2.58.0 to 2.58.3 (#2258)
• d23f94f chore(deps-dev): Bump @​semantic-release/npm from 8.0.1 to 8.0.2 (#2254)
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

[MichaIng]

BREAKING CHANGES

• Default export removed. Use import { marked } from 'marked' or const { marked } = require('marked') instead.
• /lib/marked.js removed. Use /marked.min.js in script tag instead.
• When using marked in a script tag use marked.parse(...) instead of marked(...)

There is no way an external app can rely on this, is it?

Setting on hold just in case this may cause issues when auto-merged to master/Nextcloud 23 branch.

[MichaIng]

/compile amend /

[MichaIng]

And Drone keeps ignoring marked update PRs:

• Bump marked from 3.0.7 to 3.0.8 #29488 (comment)
• Bump marked from 3.0.4 to 3.0.7 #29151 (comment)
• Bump marked from 3.0.2 to 3.0.4 #28861 (comment)
• Bump marked from 3.0.0 to 3.0.2 #28624 (comment)
• ...

Usually merging and reviewing afterwards is fine, but here we have a major version bump 🤔.

[artonge]

@skjnldsv see above comment, should we wait after 23 release?

[dependabot]

A newer version of marked exists, but since this PR has been edited by someone other than Dependabot I haven't updated it. You'll get a PR for the updated version as normal once this PR is merged.

[MichaIng]

@dependabot recreate

[dependabot]

Superseded by #29665.