build(deps): bump markdown from 3.5.2 to 3.8.1

[dependabot]

Bumps markdown from 3.5.2 to 3.8.1.

Release notes

Sourced from markdown's releases.

Release 3.8.1

Fixed

• Ensure incomplete markup declaration in raw HTML doesn't crash parser (#1534).
• Fixed dropped content in md_in_html (#1526).
• Fixed HTML handling corner case that prevented some content from not being rendered (#1528).

Release 3.8

Changed

• DRY fix in abbr extension by introducing method create_element (#1483).
• Clean up test directory by removing some redundant tests and port non-redundant cases to the newer test framework.
• Improved performance of the raw HTML post-processor (#1510).

Fixed

• Backslash Unescape IDs set via attr_list on toc (#1493).
• Ensure md_in_html processes content inside "markdown" blocks as they are parsed outside of "markdown" blocks to keep things more consistent for third-party extensions (#1503).
• md_in_html handle tags within inline code blocks better (#1075).
• md_in_html fix handling of one-liner block HTML handling (#1074).
• Ensure <center> is treated like a block-level element (#1481).
• Ensure that abbr extension respects AtomicString and does not process perceived abbreviations in these strings (#1512).
• Ensure smarty extension correctly renders nested closing quotes (#1514).

Release 3.7

Changed

Refactor abbr Extension

A new AbbrTreeprocessor has been introduced, which replaces the now deprecated AbbrInlineProcessor. Abbreviation processing now happens after Attribute Lists, avoiding a conflict between the two extensions (#1460).

The AbbrPreprocessor class has been renamed to AbbrBlockprocessor, which better reflects what it is. AbbrPreprocessor has been deprecated.

A call to Markdown.reset() now clears all previously defined abbreviations.

Abbreviations are now sorted by length before executing AbbrTreeprocessor to ensure that multi-word abbreviations are implemented even if an abbreviation exists for one of those component words. (#1465)

Abbreviations without a definition are now ignored. This avoids applying abbr tags to text without a title value.

Added an optional glossary configuration option to the abbreviations extension.

... (truncated)

Changelog

Sourced from markdown's changelog.

[3.8.1] - 2025-06-18

Fixed

• Ensure incomplete markup declaration in raw HTML doesn't crash parser (#1534).
• Fixed dropped content in md_in_html (#1526).
• Fixed HTML handling corner case that prevented some content from not being rendered (#1528).

[3.8.0] - 2025-04-09

Changed

• DRY fix in abbr extension by introducing method create_element (#1483).
• Clean up test directory by removing some redundant tests and port non-redundant cases to the newer test framework.
• Improved performance of the raw HTML post-processor (#1510).

Fixed

• Backslash Unescape IDs set via attr_list on toc (#1493).
• Ensure md_in_html processes content inside "markdown" blocks as they are parsed outside of "markdown" blocks to keep things more consistent for third-party extensions (#1503).
• md_in_html handle tags within inline code blocks better (#1075).
• md_in_html fix handling of one-liner block HTML handling (#1074).
• Ensure <center> is treated like a block-level element (#1481).
• Ensure that abbr extension respects AtomicString and does not process perceived abbreviations in these strings (#1512).
• Ensure smarty extension correctly renders nested closing quotes (#1514).

[3.7.0] - 2024-08-16

Changed

• Refactor abbr Extension

  A new AbbrTreeprocessor has been introduced, which replaces the now deprecated AbbrInlineProcessor. Abbreviation processing now happens after Attribute Lists, avoiding a conflict between the two extensions (#1460).

  The AbbrPreprocessor class has been renamed to AbbrBlockprocessor, which better reflects what it is. AbbrPreprocessor has been deprecated.

  A call to Markdown.reset() now clears all previously defined abbreviations.

  Abbreviations are now sorted by length before executing AbbrTreeprocessor to ensure that multi-word abbreviations are implemented even if an abbreviation exists for one of those component words. (#1465)

  Abbreviations without a definition are now ignored. This avoids applying

... (truncated)

Commits

• 3870f20 Bump version to 3.8.1
• 8207214 Ensure incomplete markup declaration in raw HTML doesn't crash parser.
• 64a3c0f Fix HTML handling of \</>
• f2b9fd1 Ensure md_in_html does not drop content
• 513de8a Update pypa/gh-action-pypi-publish to v1.12.4
• b34e1d0 Bump version to 3.8
• e6b7163 Update deploy workflow to normalize version
• bd67d48 Improve changelog validation
• e912575 Fix incorrect TOC list structure in docs
• 42d4b43 Fix CI badge in README
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
  You can disable automated security fix PRs for this repo from the Security Alerts page.

---

Note

Low Risk
Low risk dependency bump limited to documentation tooling, but it could slightly change Markdown rendering/output in the generated docs.

Overview
Updates the pinned Markdown dependency in requirements.txt from 3.5.2 to 3.8.1 for the docs build toolchain.

^{Written by Cursor Bugbot for commit cfc083c. This will update automatically on new commits. Configure here.}

[vercel]

The latest updates on your projects. Learn more about Vercel for GitHub.

Project	Deployment	Actions	Updated (UTC)
docs	Ready	Preview, Comment	Mar 6, 2026 2:43am

[cursor]

Cursor Bugbot has reviewed your changes and found 1 potential issue.

^{Bugbot Autofix is OFF. To automatically fix reported issues with cloud agents, enable autofix in the Cursor dashboard.}

[cursor]

Lock file not updated with new Markdown version

Low Severity

requirements.txt bumps Markdown to 3.8.1 but requirements.lock still pins Markdown==3.5.2. This introduces a version discrepancy between the two files that previously didn't exist, making the lock file misleading for anyone using it as a reference for the resolved dependency set.