[Snyk] Security upgrade react-markdown from 4.3.1 to 5.0.0

[snyk-bot]

Snyk has created this PR to fix one or more vulnerable packages in the `npm` dependencies of this project.

Changes included in this PR

• Changes to the following files to upgrade the vulnerable dependencies to a fixed version:
  • superset-frontend/package.json
  • superset-frontend/package-lock.json

Vulnerabilities that will be fixed

With an upgrade:

Severity	Priority Score (*)	Issue	Breaking Change	Exploit Maturity
	696/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 7.5	Regular Expression Denial of Service (ReDoS) SNYK-JS-TRIM-1017038	Yes	Proof of Concept

(*) Note that the real score may have changed since the PR was raised.

Commit messages

Package name: react-markdown

The new version differs by 18 commits.

• 45b9977 5.0.0
• eeea3c2 Update `changelog.md`
• 5d6c9f1 Refactor scripts
• d29478f Add type tests
• 4f5dbe2 Add note
• 7a5e3a1 Add `allowDangerousHtml`, preferred over `escapeHtml`
• 2675ae2 Remove docs on `source`
• 34b0883 Change default branch to `main`
• 22a5e49 Refactor and test for 100% coverage
• b3aa6e0 Rewrite readme for unified, more examples
• a9f163d Move demo to `website` branch
• 4f1a407 Change to clean project, update, refactor scripts
• ebebf51 Upgrade remark to version 8, unified to version 9
• e400f6f Upgrade to remark-parse@6
• 3260f57 Run tests on node 12
• 6eff8d1 Pass AST node to all non-tag/non-fragment renderers as prop
• ca25be1 Fix link to demo in readme
• 9b4eb84 Updated remark-parse github link (build(deps-dev): bump @types/node from 18.15.5 to 18.15.7 in /superset-websocket #447)

See the full diff

Check the changes in this PR to ensure they won't cause issues with your project.

---

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information:
🧐 View latest project report

🛠 Adjust project settings

📚 Read more about Snyk's upgrade and patch logic

[codecov-commenter]

Codecov Report

Merging #119 (fa2370f) into master (070fdbe) will increase coverage by 5.22%.
The diff coverage is n/a.

@@            Coverage Diff             @@
##           master     #119      +/-   ##
==========================================
+ Coverage   76.71%   81.93%   +5.22%     
==========================================
  Files        1002      334     -668     
  Lines       53815    27766   -26049     
  Branches     7287        0    -7287     
==========================================
- Hits        41284    22750   -18534     
+ Misses      12291     5016    -7275     
+ Partials      240        0     -240     

Flag	Coverage Δ
hive	81.08% <ø> (-0.04%)	⬇️
javascript	?
mysql	81.50% <ø> (ø)
postgres	81.57% <ø> (ø)
presto	?
python	81.93% <ø> (-0.15%)	⬇️
sqlite	81.17% <ø> (-0.04%)	⬇️

Flags with carried forward coverage won't be shown. Click here to find out more.

Impacted Files	Coverage Δ
superset/db_engine_specs/presto.py	84.51% <0.00%> (-5.86%)	⬇️
superset/connectors/sqla/models.py	88.28% <0.00%> (-1.43%)	⬇️
superset/models/core.py	89.14% <0.00%> (-0.26%)	⬇️
...ontend/src/components/URLShortLinkButton/index.jsx
...et-frontend/src/explore/controlPanels/Separator.js
...rc/explore/components/controls/CheckboxControl.jsx
...et-frontend/src/components/ListView/ActionsBar.tsx
...onalFormattingControl/FormattingPopoverContent.tsx
...uperset-frontend/src/components/FacePile/index.tsx
...nd/src/dashboard/components/FiltersBadge/index.tsx
... and 661 more

---

Continue to review full report at Codecov.

Legend - Click here to learn more
Δ = absolute <relative> (impact), ø = not affected, ? = missing data
Powered by Codecov. Last update 070fdbe...fa2370f. Read the comment docs.