chore(deps): bump markdown-it and markdownlint-cli

[dependabot]

Bumps markdown-it to 14.1.1 and updates ancestor dependency markdownlint-cli. These dependencies need to be updated together.

Updates markdown-it from 13.0.1 to 14.1.1

Changelog

Sourced from markdown-it's changelog.

[14.1.1] - 2026-01-11

Security

• Fixed regression from v13 in linkify inline rule. Specific patterns could cause high CPU use. Thanks to @​ltduc147 for report.

[14.1.0] - 2024-03-19

Changed

• Updated CM spec compatibility to 0.31.2, #1009.

Fixed

• Fixed quadratic complexity when parsing references, #996.
• Fixed quadratic output size with pathological user input in tables, #1000.

[14.0.0] - 2023-12-08

Changed

• Drop ancient browsers support (use .fromCodePoint and other features).
• Rewrite to ESM (including all plugins/deps). CJS fallback still available. No signatures changed, except markdown-it-emoji plugin.
• Dropped dist/ folder from repo, build on package publish.
• Set punicode.js as external dependency.

Fixed

• Html tokens inside img alt are now rendered as their original text, #896.
• Hardbreaks inside img alt are now rendered as newlines.

[13.0.2] - 2023-09-26

Security

• Fixed crash/infinite loop caused by linkify inline rule, #957.

Fixed

• Throw an error if 3rd party plugin doesn't increment line or pos counters (previously, markdown-it would likely go into infinite loop instead), #847.

Commits

• b4a9b65 14.1.1 released
• 4b4bbca Fixed perf regression in linkify-it wrapper
• d2782d8 Add supplementary example-driven documentation (#1092)
• 0fe7ccb 14.1.0 released
• a367c44 Fix typo in comments of text.mjs (#1015)
• 7ad8179 add changelog
• 5e90063 simplify logic in scanDelims
• d7ce5ec Merge pull request #1009 from notriddle/spec-0.31.2
• 0bfc57d Update spec to 0.31.2
• cd24778 Update to comply with spec 0.31.2
• Additional commits viewable in compare view

Updates markdownlint-cli from 0.37.0 to 0.47.0

Release notes

Sourced from markdownlint-cli's releases.

v0.47.0

• Add output and exit code support for warnings
• Update markdownlint dependency to 0.40.0
  • Improve MD011/MD013/MD051/MD060
• Update all dependencies via Dependabot

v0.46.0

• Replace glob dependency with tinyglobby (smaller and fewer dependencies)
• Update markdownlint dependency to 0.39.0
  • Add MD060/table-column-style
  • Improve MD001/MD007/MD009/MD010/MD029/MD033/MD037/MD059
• Update all dependencies via Dependabot

v0.45.0

• Update markdownlint dependency to 0.38.0
  • Add MD059/descriptive-link-text
  • Improve MD025/MD027/MD036/MD038/MD041/MD043/MD045/MD051/MD052
  • Remove support for end-of-life Node version 18
• Update all dependencies via Dependabot

v0.44.0

• Update markdownlint dependency to 0.37.4
  • Convert module to ECMAScript (breaking change)
  • Stop using require, convert to import
  • Improve MD032
• Update all dependencies via Dependabot

v0.43.0

• Update markdownlint dependency to 0.36.1
  • Improve MD051
  • Make micromark parser available to custom rules
  • Improve performance
• Update all dependencies via Dependabot

v0.42.0

• Update markdownlint dependency to 0.35.0
  • Add MD058/blanks-around-tables
  • Use micromark in MD001/MD003/MD009/MD010/MD013/MD014/MD019/MD021/MD023/MD024/MD025/MD039/MD042/MD043
  • Improve MD018/MD020/MD031/MD034/MD044
  • markdown-it parser no longer invoked by default
  • Improve performance
• Update all dependencies via Dependabot

0.41.0

• Change TOML parser to smol-toml which supports v1.0.0 of the specification
• Update all dependencies via Dependabot

0.40.0

• Update markdownlint dependency to 0.34.0
  • Use micromark in MD027/MD028/MD036/MD040/MD041/MD046/MD048

... (truncated)

Commits

• 76b3d32 Bump version 0.47.0
• a846347 Return exit code 0 when only warnings are present (fixes #177).
• bea81c4 Update violation summary output to include severity.
• 5174cac Add output test for severity warning.
• dabfdb4 Update JSON output test to include severity warning.
• 7f9da43 Fix outdated workflow status badge.
• 20a2943 Bump markdownlint from 0.39.0 to 0.40.0
• 9b4465e Add explicit versioning to Docker entry points in .pre-commit-hooks.yaml so p...
• 9745464 Bump actions/checkout from 5 to 6
• c8fd500 Bump version 0.46.0
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
  You can disable automated security fix PRs for this repo from the Security Alerts page.

[cursor]

PR Summary

Medium Risk
Dependency-only change, but it upgrades the markdown linting toolchain and increases required Node versions, which can break CI or developer workflows if environments are older.

Overview
Updates the docs tooling dependency markdownlint-cli from 0.37.0 to 0.47.0 (and refreshes package-lock.json accordingly), pulling in the newer markdownlint/markdown-it parsing stack and related transitive dependencies.

This also raises the effective Node engine requirements for the markdown linting toolchain to >=20, which may affect CI/local environments running the lint:docs:* scripts.

^{Written by Cursor Bugbot for commit 09718c8. This will update automatically on new commits. Configure here.}

[cursor]

Cursor Bugbot has reviewed your changes and found 1 potential issue.

^{Bugbot Autofix is OFF. To automatically fix reported issues with Cloud Agents, enable Autofix in the Cursor dashboard.}

[cursor]

Node 18 CI incompatible with new Node >=20 dependency

High Severity

The bumped markdownlint-cli v0.47.0 and its dependency markdownlint v0.40.0 both require node >= 20, but all CI jobs in docs.yml (including lint-docs which runs markdownlint) use node-version: 18. This will cause the lint-docs job to fail at runtime. Several transitive dependencies (minimatch 10.x, balanced-match 4.x, jackspeak 4.x, string-width 8.x) also require Node 20+.