[1.3][CVE-2022-21670] Bump markdown-it from 10.0.0 to 12.3.2

[ananzh]

Backport from #1140.
With the SemVer philosophy, when releasing a patch version, it should not introduce breaking changes, which includes bumping a dependency to its major version. This markdown-it is a devDependency and the two major bump doesn't include breaking changes affecting OSD usages. Meanwhile, it is not included in release artifact.

Issues Resolved

CVE-2022-21670

Check List

• All tests pass
  • yarn test:jest
  • yarn test:jest_integration
  • yarn test:ftr
• New functionality includes testing.
• New functionality has been documented.
• Update CHANGELOG.md
• Commits are signed per the DCO using --signoff

[codecov]

Codecov Report

Merging #5016 (7633384) into 1.3 (7b922e8) will increase coverage by 0.04%.
The diff coverage is n/a.

❗ Current head 7633384 differs from pull request most recent head d06e7e8. Consider uploading reports for the commit d06e7e8 to get more accurate results

@@            Coverage Diff             @@
##              1.3    #5016      +/-   ##
==========================================
+ Coverage   67.46%   67.50%   +0.04%     
==========================================
  Files        3044     3044              
  Lines       58692    58692              
  Branches     8902     8902              
==========================================
+ Hits        39595    39619      +24     
+ Misses      16945    16925      -20     
+ Partials     2152     2148       -4     

Flag	Coverage Δ
Linux	67.45% <ø> (-0.01%)	⬇️
Windows	67.45% <ø> (?)

Flags with carried forward coverage won't be shown. Click here to find out more.

see 5 files with indirect coverage changes