Updated markdown santizing because the old implementation was deprecated

app/imports/ui/components/MarkdownText.vue

@@ -1,22 +1,27 @@
 <template lang="html">
-  <div v-html="compiledMarkdown">
-	</div>
+  <!-- eslint-disable-next-line vue/no-v-html -->
+  <div v-html="compiledMarkdown" />
 </template>
 
 <script>
 	import marked from 'marked';
+  import DOMPurify from 'dompurify';
 
 	export default {
 		props: {
-			markdown: String,
+			markdown: {
+        type: String,
+        default: undefined,
+      },
 		},
 		computed: {
-	    compiledMarkdown() {
+      compiledMarkdown() {
 				if (!this.markdown) return;
-				//TODO sanitizing by marked is deprecated
 				//TODO Markdown <hr> need to be styled to match their vue components
-				return marked(this.markdown, { sanitize: true });
-	    },
-	  },
+        let html = marked(this.markdown);
+        let cleanHtml = DOMPurify.sanitize(html);
+				return cleanHtml;
+      },
+    },
 	}
 </script>

app/package.json

@@ -23,6 +23,7 @@
     "core-js": "^2.6.11",
     "css-box-shadow": "^1.0.0-3",
     "date-fns": "^1.30.1",
+    "dompurify": "^2.0.10",
     "lodash": "^4.17.15",
     "marked": "^0.8.2",
     "mathjs": "^6.6.4",