fix(dependencies): Update "markdown-to-jsx" to "^7.4.0"

[brianpmccullough]

Q	A
Bug fix?	[ ]
New feature?	[ ]
New sample?	[ ]
Related issues?	fixes #634

What's in this Pull Request?

Version bump of markdown-to-jsx from 6.x.x to version 7.4.0

[vishalshitole]

It would be great if this gets in the next drop along with the controls react. This is being flagged by the vulnerability scan utility.

[michaelmaillot]

Hi @brianpmccullough,

I didn't check deeply, but I was wondering if there was a reason bumping to 7.4.0 instead of latest version (7.7.4)?

[AJIXuMuK]

updated the target branch to dev

[brianpmccullough]

@michaelmaillot I latest should be fine, but at least 7.4 as that looks like the version where vulnerabilities are addressed: https://security.snyk.io/package/npm/markdown-to-jsx

I can update the PR to be the latest version?

[michaelmaillot]

Ok, just ensure that latest version doesn't trigger regressions on the PropertyPaneMarkdownContent.

[brianpmccullough]

Good catch @michaelmaillot . Updated to latest markdown-to-jsx version (7.7.10) and updated IMarkdownProps to MarkdownToJsx.Options.

As is, the sample webpart will work.

An interesting one here, however, given the markdown-to-jsx options are directly exposed as props for the control. So if IMarkdownProps -> MardownToJsx.Options change in a breaking way, from a semver perspective might be a need to bump major version on the spfx property controls.

Does this warrant a more thorough evaluation of IMarkdownProps -> MarkdownToJsx.Options or could be covered with a note in Release Notes?