chore(deps): bump tinymce from 8.4.0 to 8.5.0

[dependabot]

Bumps tinymce from 8.4.0 to 8.5.0.

Changelog

Sourced from tinymce's changelog.

8.5.0 - 2026-04-29

Added

• New content_language option to set the lang attribute on the iframe's html element or the inline editor's target element. #TINY-11214

Improved

• Improved visual styling of inline diff highlights in Suggested Edits and TinyMCE AI plugin. #TINY-13958

Fixed

• Script and style elements would incorrectly be removed by DomPurify when considered valid in the schema. #TINY-9655
• Iframe elements with children would incorrectly be removed by DomPurify. #TINY-9655
• Certain combinations of divs inside of lists would cause issues turning off lists. #TINY-14070
• Certain selections would delete the editor body, causing issues. #TINY-14149
• URIs with non-Latin1 characters were returning an error. #TINY-13938
• Alert and confirm dialogs were not announced properly by some screen readers. #TINY-13812

Commits

• 8d946f0 TINY-13649: Create changelog for TinyMCE 8.5 release (#11071)
• 5b4bb51 TINY-13812: Improve accesibility in alert/confirm dialogs (#11055)
• 1edee2a TINY-14070: Prevent lists from detecting hosts too early. (#11027)
• 47101c8 TINY-13938: manage data uri with BOM (#11056)
• cf4d229 TINY-11214: New content_language option to set default language of the edit...
• f1914a9 Merge remote-tracking branch 'origin/release/8'
• ec70f96 TINY-9655: Prevent valid iframe, script, and style elements from being remove...
• c885cd2 TINY-14149: Prevent deleting the editor body. (#11042)
• 09ade46 TINY-12499: Bump version for next patch release
• 4e3c7b4 Merge remote-tracking branch 'origin/release/8'
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

[codecov]

Codecov Report

✅ All modified and coverable lines are covered by tests.
✅ Project coverage is 98.07%. Comparing base (effa975) to head (797f187).
⚠️ Report is 4 commits behind head on main.

Additional details and impacted files

@@           Coverage Diff           @@
##             main    #3868   +/-   ##
=======================================
  Coverage   98.07%   98.07%           
=======================================
  Files         323      323           
  Lines        8582     8582           
=======================================
  Hits         8417     8417           
  Misses        165      165           

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

🚀 New features to boost your workflow:

• ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.
• 📦 JS Bundle Analysis: Save yourself from yourself by tracking and limiting bundle sizes in JS merges.