9033 / vue-front

0 stars 0 forks source link

Bump highlight.js from 9.18.1 to 9.18.5 #8

Closed dependabot[bot] closed 4 years ago

dependabot[bot] commented 4 years ago

Bumps highlight.js from 9.18.1 to 9.18.5.

Changelog

Sourced from highlight.js's changelog.

Release v9.18.5

Version 9 has reached end-of-support and will not receive future updates or fixes.

Please see VERSION_10_UPGRADE.md and perhaps SECURITY.md.

  • enh: Post-install script can be disabled with HLJS_HIDE_UPGRADE_WARNING=yes
  • fix: Deprecation notice logged at library startup a console.log vs console.warn.
    • Notice only shown if actually highlighting code, not just requiring the library.
    • Node.js treats warn the same as error and that was problematic.
    • You (or perhaps your indirect dependency) may disable the notice with the hideUpgradeWarningAcceptNoSupportOrSecurityUpdates option
    • You can also set HLJS_HIDE_UPGRADE_WARNING=yes in your envionment to disable the warning

Example:

hljs.configure({
  hideUpgradeWarningAcceptNoSupportOrSecurityUpdates: true
})

Reference: highlightjs/highlight.js#2877

Release v9.18.4

Version 9 has reached end-of-support and will not receive future updates or fixes.

Please see VERSION_10_UPGRADE.md and perhaps SECURITY.md.

  • fix(livescript) fix potential catastrophic backtracking (#2852) [commit]

Version 9.18.3

  • fix(parser) Freezing issue with illegal 0 width illegals (#2524)
    • backported from v10.x

Version 9.18.2

Fixes:

  • fix(night) Prevent object prototype values from being returned by getLanguage (#2636) night
Commits


Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) - `@dependabot use these labels` will set the current labels as the default for future PRs for this repo and language - `@dependabot use these reviewers` will set the current reviewers as the default for future PRs for this repo and language - `@dependabot use these assignees` will set the current assignees as the default for future PRs for this repo and language - `@dependabot use this milestone` will set the current milestone as the default for future PRs for this repo and language You can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/9033/vue-front/network/alerts).