chore(deps): bump hexo-renderer-marked from 2.0.0 to 3.0.0

[dependabot-preview]

Bumps hexo-renderer-marked from 2.0.0 to 3.0.0.

Release notes

Sourced from hexo-renderer-marked's releases.

3.0.0

Breaking change

• Remove codeblock highlight. #134
  • This plugin is now neutral to the code highlight library used
• Drop support of Node 8 #155

Feature

• prependRoot option to prepend root: value to image path. #111
  • This is useful when you have custom root: value.
  • Example:

  root: /blog/
  marked:
    prependRoot: true # disabled by default

  • When embedding an internal image, instead of using ![image-title](https://github.com/hexojs/hexo-renderer-marked/blob/HEAD/blog/foo/bar.jpg), you can save some typing by using ![image-title](https://github.com/hexojs/hexo-renderer-marked/blob/HEAD/foo/bar.jpg) instead. When this feature is enabled, /blog will be automatically prepended to /foo/bar.jpg.
• external_link option to open links in new tab. #116 #119
  • Usage:

  external_link:
    enable: false
    exclude: []
    nofollow: false

  • exclude: ['foo.com', 'bar.net'] skips over links that start with foo.com or bar.net, e.g. https://foo.com/post-a/ & https://bar.net/post-b/. Subdomains need to be specified when applicable, including "www"; the example given here doesn't apply to http://www.bar.com/post-c.
  • nofollow: true adds rel="noopener external nofollow noreferrer" for SEO, otherwise it's just rel="noopener" if external_link: is enabled.
• Support title attribute in image link #122
  • ![caption](http://bar.com/b.jpg "a-title") -> <img src="http://bar.com/b.jpg" alt="caption" title="a-title">
• Ability to override the default rendering functions. Refer to the docs for instruction. #129
  • Example usage include adding a custom class name to a link or an image embed.

Fix

• For safety, all links and image links are now encoded by default. #112
  • Example: /foo/bár.jpg -> /foo/b%C3%A1r.jpg

Refactor

• Utilize existing isExternalLink of hexo-util to simplify codebase. #124

Dependency

• Upgrade marked from 0.7.0 to 1.0.0 #128 #144

Commits

• c742ef2 Merge pull request #155 from curbengh/v3.0.0
• bfa348b release: 3.0.0
• 411bfd6 chore: requires Node 10+
• 2aaaba7 ci(travis): drop deprecated Node 13
• a2cf33e Merge pull request #152 from hexojs/dependabot/npm_and_yarn/mocha-8.0.1
• 27a9820 chore(deps-dev): bump mocha from 7.2.0 to 8.0.1
• 3f5c08f Merge pull request #154 from curbengh/fix-test
• b6dd143 test: fix failing test after deps update
• 75956a0 chore(deps): bump hexo-util from 1.9.0 to 2.1.0 (#148)
• dc20bdb chore(deps-dev): bump eslint from 6.8.0 to 7.2.0 (#151)
• Additional commits viewable in compare view

Maintainer changes

This version was pushed to npm by curben, a new releaser for hexo-renderer-marked since your current version.

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
• @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
• @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
• @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
• @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language
• @dependabot badge me will comment on this PR with code to add a "Dependabot enabled" badge to your readme

Additionally, you can set the following in your Dependabot dashboard:

• Update frequency (including time of day and day of week)
• Pull request limits (per update run and/or open at any time)
• Automerge options (never/patch/minor, and dev/runtime dependencies)
• Out-of-range updates (receive only lockfile updates, if desired)
• Security updates (receive only security updates, if desired)

[dependabot-preview]

Superseded by #34.