Force the "marked" library to 4.x to remove a vulnerability

Author: tomfaulhaber

labextension/package.json

@@ -45,7 +45,8 @@
     "react": "~16.9.0",
     "react-router-dom": "^5.1.2",
     "sanitize-html": "2.3.2",
-    "url-parse": "1.5.9"
+    "url-parse": "1.5.9",
+    "marked": "^4.0.17"
   },
   "devDependencies": {
     "@types/classnames": "^2.2.9",
@@ -69,7 +70,8 @@
     "codemirror": "5.63",
     "sanitize-html": "2.3.2",
     "strip-ansi": "6.0.1",
-    "url-parse": "1.5.9"
+    "url-parse": "1.5.9",
+    "marked": "^4.0.17"    
   },
   "sideEffects": [
     "style/*.css"

labextension/yarn.lock

@@ -1947,10 +1947,10 @@ lru-cache@^6.0.0:
   dependencies:
     yallist "^4.0.0"
 
-marked@^0.8.0:
-  version "0.8.2"
-  resolved "https://registry.yarnpkg.com/marked/-/marked-0.8.2.tgz#4faad28d26ede351a7a1aaa5fec67915c869e355"
-  integrity sha512-EGwzEeCcLniFX51DhTpmTom+dSA/MG/OBUDjnWtHbEnjAH180VzUeAw+oE4+Zv+CoYBWyRlYOTR0N8SO9R1PVw==
+marked@^0.8.0, marked@^4.0.17:
+  version "4.1.1"
+  resolved "https://registry.yarnpkg.com/marked/-/marked-4.1.1.tgz#2f709a4462abf65a283f2453dc1c42ab177d302e"
+  integrity sha512-0cNMnTcUJPxbA6uWmCmjWz4NJRe/0Xfk2NhXCUHjew9qJzFN20krFnsUe7QynwqOwa5m1fZ4UDg0ycKFVC0ccw==
 
 merge2@^1.3.0:
   version "1.4.1"