onokatio / blog.katio.net

my blog script
1 stars 1 forks source link

[Snyk] Upgrade highlight.js from 9.18.5 to 11.7.0 #163

Open snyk-bot opened 1 year ago

snyk-bot commented 1 year ago

Snyk has created this PR to upgrade highlight.js from 9.18.5 to 11.7.0.

:information_source: Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.


Warning: This is a major version upgrade, and may be a breaking change.

The recommended version fixes:

Severity Issue PriorityScore (*) Exploit Maturity
Regular Expression Denial of Service (ReDoS)
SNYK-JS-HIGHLIGHTJS-1048676
479/1000
Why? Has a fix available, CVSS 5.3
No Known Exploit

(*) Note that the real score may have changed since the PR was raised.

Release notes
Package name: highlight.js
  • 11.7.0 - 2022-11-23

    Version 11.7.0

    New Grammars:

    • added 3rd party LookML grammar to SUPPORTED_LANGUAGES Josh Temple
    • added 3rd party FunC grammar to SUPPORTED_LANGUAGES [Nikita Sobolev][]
    • Added 3rd party Flix grammar to SUPPORTED_LANGUAGES The Flix Organisation
    • Added 3rd party RVT grammar to SUPPORTED_LANGUAGES Sopitive

    Grammars:

    • enh(scheme) add scm alias for Scheme matyklug18
    • fix(typescript) patterns like <T = are not JSX Josh Goebel
    • fix(bash) recognize the (( keyword Nick Chambers
    • enh(Ruby) misc improvements (kws, class names, etc) Josh Goebel
    • fix(js) do not flag import() as a function, rather a keyword nathnolt
    • fix(bash) recognize the (( keyword Nick Chambers
    • fix(nix) support escaped dollar signs in strings h7x4
    • enh(cmake) support bracket comments Hirse
    • enh(java) add yield keyword to java MBoegers
    • enh(java) add permits keyword to java MBoegers
    • fix(javascript/typescript) correct identifier matching when using numbers Lachlan Heywood

    Improvements:

  • 11.6.0 - 2022-07-13

    Version 11.6.0

    Supported Node.js versions:

    • (chore) Drops support for Node 12.x, which is no longer supported by Node.js.

    Default build changes:

    • add wasm to default :common build (#3526) [Josh Goebel][]
    • add graphql to default :common build (#3526) [Josh Goebel][]

    Grammars:

    • fix(json) changed null/booleans from keyword to literal shikhar13012001
    • enh(gml) reorganized and added additional keywords Bluecoreg
    • enh(csharp) Added support for the new scoped keyword in C# (#3571) [David Pine][]
    • enh(scala) add transparent keyword Matt Bovel
    • fix(rust) highlight types immediately preceeding :: (#3540) [Josh Goebel][]
    • Added 3rd party Apex grammar to SUPPORTED_LANGUAGES (#3546) David Schach
    • fix(rust) recognize include_bytes! macro (#3541) Serial-ATA
    • fix(java) do not intepret == as a variable declaration Mousetail
    • enh(swift) add SE-0335 existential any keyword (#3515) Bradley Mackey
    • enh(swift) add support for distributed keyword Marcus Ortiz
    • enh(xml) recognize Unicode letters instead of only ASCII letters in XML element and attribute names (#3256)Martin Honnen
    • Added 3rd party Toit grammar to SUPPORTED_LANGUAGES Serzhan Nasredin
    • Use substring() instead of deprecated substr() Tobias Buschor
    • Added 3rd party Oak grammar to SUPPORTED_LANGUAGES Tim Smith
    • enh(python) add match and case keywords Avrumy Lunger
  • 11.5.1 - 2022-04-11

    Just a tiny release to hopefully fix the issues some are having with CSS not seen as having side effects with web pack, etc...


    Packaging:

    • (chore) explicitly set sideEffect for css and scss files, fixes #3504
  • 11.5.0 - 2022-03-12

    Changes from CHANGELOG:

    Themes:

    New Grammars:

    Grammars:

    • enh(ruby) lots of small Ruby cleanups/improvements Josh Goebel
    • enh(objectivec) add type and variable.language scopes Josh Goebel
    • enh(xml) support processing instructions (#3492) Josh Goebel
    • enh(ruby ) better support multi-line IRB prompts
    • enh(bash) improved keyword $pattern (numbers allowed in command names) Martin Mattel
    • add meta.prompt scope for REPL prompts, etc Josh Goebel
    • fix(markdown) Handle ***Hello world*** without breaking Josh Goebel
    • enh(php) add support for PHP Attributes Wojciech Kania
    • fix(java) prevent false positive variable init on else Josh Goebel
    • enh(php) named arguments Wojciech Kania
    • fix(php) PHP constants Wojciech Kania
    • fix(angelscript) incomplete int8, int16, int32, int64 highlighting Melissa Geels
    • enh(ts) modify TypeScript-specific keywords and types list anydonym
    • fix(brainfuck) fix highlighting of initial ++/-- Christina Hanson
    • fix(llvm) escaping in strings and number formats Flakebi
    • enh(elixir) recognize references to modules Mark Ericksen
    • enh(css): add support for more properties Nicolaos Skimas
  • 11.4.0 - 2022-01-06
    Read more
  • 11.3.1 - 2021-10-17
    Read more
  • 11.3.0 - 2021-10-17
    Read more
  • 11.2.0 - 2021-08-02

    Version 11.2.0

    Build:

    Parser:

    Grammars:

    New Languages:

  • 11.1.0 - 2021-07-08

    Grammars:

  • 11.0.1 - 2021-06-04
  • 11.0.0 - 2021-05-30
  • 11.0.0-beta1 - 2021-05-16
  • 11.0.0-beta0 - 2021-05-04
  • 11.0.0-alpha1 - 2021-04-22
  • 11.0.0-alpha0 - 2021-04-13
  • 10.7.3 - 2021-06-04
  • 10.7.2 - 2021-04-04
  • 10.7.1 - 2021-03-21
  • 10.7.0 - 2021-03-20
  • 10.6.0 - 2021-02-08
  • 10.5.0 - 2020-12-23
  • 10.4.1 - 2020-12-03
  • 10.4.0 - 2020-11-18
  • 10.4.0-beta1 - 2020-11-15
  • 10.4.0-beta0 - 2020-11-13
  • 10.3.2 - 2020-10-29
  • 10.3.1 - 2020-10-17
  • 10.3.0 - 2020-10-17
  • 10.2.1 - 2020-10-01
  • 10.2.0 - 2020-09-07
  • 10.1.2 - 2020-07-23
  • 10.1.1 - 2020-06-16
  • 10.1.0 - 2020-06-11
  • 10.0.3 - 2020-05-12
  • 10.0.2 - 2020-05-03
  • 10.0.1 - 2020-04-26
  • 10.0.0 - 2020-04-21
  • 10.0.0-beta.0 - 2020-03-10
  • 9.18.5 - 2020-11-19
from highlight.js GitHub release notes

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.

For more information:

🧐 View latest project report

πŸ›  Adjust upgrade PR settings

πŸ”• Ignore this dependency or unsubscribe from future upgrade PRs

cloudflare-workers-and-pages[bot] commented 1 year ago

Deploying with  Cloudflare Pages  Cloudflare Pages

Latest commit: 77b7f78
Status:🚫  Build failed.

View logs

what-the-diff[bot] commented 1 year ago

PR Summary