Vulnerable version because of outdated marked version as transitive dependency

I like docsify but I just got an alert from Dependabot about a security vulnerability from it:

> docsify-cli@4.4.3 requires marked@^1.2.9 via a transitive dependency on docsify@4.12.2

Marked in docsify has to be updated to v4.0.10 to fix its denial of service vulnerability.

