chore(deps): bump the npm_and_yarn group across 2 directories with 3 updates

[dependabot]

Bumps the npm_and_yarn group with 1 update in the /examples/marketplace/output directory: ws.
Bumps the npm_and_yarn group with 2 updates in the /vscode-ext directory: markdown-it and undici.

Updates ws from 8.20.1 to 8.21.0

Release notes

Sourced from ws's releases.

8.21.0

Features

• Introduced the maxBufferedChunks and maxFragments options (2b2abd45).

Bug fixes

• Fixed a remote memory exhaustion DoS vulnerability (2b2abd45).

A high volume of tiny fragments and data chunks could be sent by a peer, using modest network traffic, to crash a ws server or client due to OOM.

import { WebSocket, WebSocketServer } from 'ws';
const wss = new WebSocketServer({ port: 0 }, function () {
const data = Buffer.alloc(1);
const options = { fin: false };
const { port } = wss.address();
const ws = new WebSocket(ws://localhost:${port});
ws.on('open', function () {
(function send() {
ws.send(data, options, function (err) {
if (err) return;
send();
});
})();
});
ws.on('error', console.error);
ws.on('close', function (code, reason) {
console.log(client close - code: ${code} reason: ${reason.toString()});
});
});
wss.on('connection', function (ws) {
ws.on('error', console.error);
ws.on('close', function (code, reason) {
console.log(server close - code: ${code} reason: ${reason.toString()});
});
});

The vulnerability was responsibly disclosed and fixed by Nadav Magier.

In vulnerable versions, the issue can be mitigated by lowering the value of the maxPayload option if possible.

Commits

• bca91ad [dist] 8.21.0
• 2b2abd4 [security] Limit retained message parts
• 78eabe2 [security] Add latest vulnerability to SECURITY.md
• See full diff in compare view

Updates markdown-it from 12.3.2 to 14.2.0

Changelog

Sourced from markdown-it's changelog.

[14.2.0] - 2026-05-24

Added

• isPunctCharCode to utilities.

Fixed

• Don't end HTML comment blocks on a blank line, #1155.
• Properly recognize astral chars (surrogates) in delimiter scans for emphasis-like markers, #1072. Big thanks to @​tats-u for his global efforts with improving CJK support.
• Preserve unicode whitespaces when trimm headings/paragraphs, #1074.
• More strict entities decode to avoid false positives ;, #1096.
• Restore block parser state on fail in lheading rule, #1131.

Security

• Fixed poor smartquotes perfomance on > 70k quotes in single block
• Bumped linkify-it to 5.0.1 with fixed potential perfomance issues.

[14.1.1] - 2026-01-11

Security

• Fixed regression from v13 in linkify inline rule. Specific patterns could cause high CPU use. Thanks to @​ltduc147 for report.

[14.1.0] - 2024-03-19

Changed

• Updated CM spec compatibility to 0.31.2, #1009.

Fixed

• Fixed quadratic complexity when parsing references, #996.
• Fixed quadratic output size with pathological user input in tables, #1000.

[14.0.0] - 2023-12-08

Changed

• Drop ancient browsers support (use .fromCodePoint and other features).
• Rewrite to ESM (including all plugins/deps). CJS fallback still available. No signatures changed, except markdown-it-emoji plugin.
• Dropped dist/ folder from repo, build on package publish.
• Set punicode.js as external dependency.

Fixed

• Html tokens inside img alt are now rendered as their original text, #896.
• Hardbreaks inside img alt are now rendered as newlines.

[13.0.2] - 2023-09-26

Security

• Fixed crash/infinite loop caused by linkify inline rule, #957.

... (truncated)

Commits

• 829797a 14.2.0 released
• 9ce2087 Fix smartquotes perfomance
• 02e73b8 linkify-it bump
• 68cfb8c fix: don't end HTML comment blocks on a blank line (#1155)
• 1083137 Readme cleanup
• 97c7ca2 Update funding info
• c471b55 Changelog update
• 7769621 isPunctChar => isPunctCharCode
• aa2aa70 fix: always reset parentType in lheading rule (#1131)
• 59955f2 Polish PRs #1072, #1074
• Additional commits viewable in compare view

Updates undici from 7.25.0 to 7.28.0

Release notes

Sourced from undici's releases.

v7.28.0

⚠️ Security Release

This release line addresses 7 security advisories, all shipped in v7.28.0.

Action required: Upgrade to undici 7.28.0 or later.

npm install undici@^7.28.0

The v7 line is not affected by GHSA-38rv-x7px-6hhq (CVE-2026-9675), which is an 8.x-only regression.

Note on GHSA-hm92-r4w5-c3mj: this fix shipped in v7.28.0, not the earlier 7.2x line — the vulnerable single-pool code was still present through v7.27.2. The per-origin pool fix is 3805b8f8 (#5041).

Summary

Advisory	CVE	Severity (CVSS)	Fixed in	Fix commit
GHSA-vxpw-j846-p89q	CVE-2026-12151	High (7.5)	7.28.0	8cb10f98
GHSA-vmh5-mc38-953g	CVE-2026-9697	High (7.4)	7.28.0	04201f89
GHSA-hm92-r4w5-c3mj	CVE-2026-6734	High (7.5)	7.28.0	3805b8f8
GHSA-pr7r-676h-xcf6	CVE-2026-9678	Moderate (5.9)	7.28.0	85a24055
GHSA-p88m-4jfj-68fv	CVE-2026-9679	Moderate (5.9)	7.28.0	d0574cc4
GHSA-g8m3-5g58-fq7m	CVE-2026-11525	Low (3.7)	7.28.0	d0574cc4
GHSA-35p6-xmwp-9g52	CVE-2026-6733	Low (3.7)	7.28.0	ea8930cf

---

High severity

WebSocket DoS via fragment count bypass — CVE-2026-12151

GHSA-vxpw-j846-p89q · CWE-400, CWE-770 Fix: 8cb10f98 websocket: limit the number of fragments in a message (part of backport a027a4a0 Backport WebSocket maxPayloadSize fixes to v7.x, #5423)

A malicious WebSocket server can stream a large number of small or empty continuation frames. Undici enforced a limit on cumulative payload size but did not limit the number of fragments per message, leading to unbounded memory growth and denial of service.

• Affected: applications using new WebSocket(...) or WebSocketStream against untrusted endpoints.
• Workaround: none — upgrade is required.

TLS certificate validation bypass in SOCKS5 ProxyAgent — CVE-2026-9697

GHSA-vmh5-mc38-953g · CWE-295

... (truncated)

Commits

• f9eba0a Bumped v7.28.0 (#5430)
• a027a4a Backport WebSocket maxPayloadSize fixes to v7.x (#5423)
• 8cb10f9 websocket: limit the number of fragments in a message
• 04201f8 fix: honor requestTls when proxy is SOCKS5
• fcd642f fix(socks5): preserve dispatch backpressure return value (#5166)
• bc98c97 fix(socks5): use configured connector in Socks5ProxyAgent (#5168)
• 9e1c743 fix(socks5): encode embedded IPv4 tails in IPv6 literals correctly (#5099)
• 376c8be fix(socks5): enforce authenticated state before CONNECT (#5097)
• 3805b8f fix(socks5-proxy-agent): use per-origin pools to prevent cross-origin routing...
• 85a2405 fix(cache): trim qualified field names
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions
  You can disable automated security fix PRs for this repo from the Security Alerts page.

[socket-security]

Review the following changes in direct dependencies. Learn more about Socket for GitHub.

Diff	Package	Supply Chain Security	Vulnerability	Quality	Maintenance	License
	npm/​ws@​8.20.1 ⏵ 8.21.0	+1	+16
	npm/​@​vscode/​vsce@​2.22.0 ⏵ 3.9.2			-4	+2

View full report

[socket-security]

Warning

Review the following alerts detected in dependencies.

According to your organization's Security Policy, it is recommended to resolve "Warn" alerts. Learn more about Socket for GitHub.

Action	Severity	Alert  (click "▶" to expand/collapse)
Warn		Obfuscated code: npm js-yaml is 90.0% likely obfuscated Confidence: 0.90 Location: Package overview From: vscode-ext/package-lock.json → npm/@vscode/vsce@3.9.2 → npm/js-yaml@4.2.0 ℹ Read more on: This package | This alert | What is obfuscated code? Next steps: Take a moment to review the security alert above. Review the linked package source code to understand the potential risk. Ensure the package is not malicious before proceeding. If you're unsure how to proceed, reach out to your security team or ask the Socket team for help at support@socket.dev. Suggestion: Packages should not obfuscate their code. Consider not using packages with obfuscated code. Mark the package as acceptable risk. To ignore this alert only in this pull request, reply with the comment @SocketSecurity ignore npm/js-yaml@4.2.0. You can also ignore all packages with @SocketSecurity ignore-all. To ignore an alert for all future pull requests, use Socket's Dashboard to change the triage state of this alert.
Warn		Obfuscated code: npm markdown-it is 91.0% likely obfuscated Confidence: 0.91 Location: Package overview From: vscode-ext/package-lock.json → npm/@vscode/vsce@3.9.2 → npm/markdown-it@14.2.0 ℹ Read more on: This package | This alert | What is obfuscated code? Next steps: Take a moment to review the security alert above. Review the linked package source code to understand the potential risk. Ensure the package is not malicious before proceeding. If you're unsure how to proceed, reach out to your security team or ask the Socket team for help at support@socket.dev. Suggestion: Packages should not obfuscate their code. Consider not using packages with obfuscated code. Mark the package as acceptable risk. To ignore this alert only in this pull request, reply with the comment @SocketSecurity ignore npm/markdown-it@14.2.0. You can also ignore all packages with @SocketSecurity ignore-all. To ignore an alert for all future pull requests, use Socket's Dashboard to change the triage state of this alert.

View full report