chore(deps): bump highlight.js and react-syntax-highlighter

[dependabot]

Bumps highlight.js to 11.11.1 and updates ancestor dependency react-syntax-highlighter. These dependencies need to be updated together.

Updates highlight.js from 9.12.0 to 11.11.1

Release notes

Sourced from highlight.js's releases.

v11.11.1 - Merry Christmas!

Version 11.11.1

• Fixes regressions with Rust grammar in 11.11.0 release.

v11.11.0 - Happy Holidays

Version 11.11.0

CAVEATS / POTENTIALLY BREAKING CHANGES

• Nothing.

Core Grammars:

• fix(rust) - adds emoji support in single quote strings [joshgoebel][]
• fix(apache) - support line continuation via \ [Josh Goebel][]
• fix(makefile) - allow strings inside $() expressions [aneesh98][]
• enh(arcade) updated to ArcGIS Arcade version 1.29 [Kristian Ekenes][]
• enh(css) add all properties listed on MDN (96 additions including anchor-name, aspect-ratio, backdrop-filter, container, margin-trim, place-content, scroll-timeline, ...) [BaliBalo][]
• enh(excel) add built-in functions for Excel 365 release to 2024 [Danny Winrow][]
• enh(erlang) OTP 27 triple-quoted strings [nixxquality][]
• enh(erlang) OTP 27 doc attribute [nixxquality][]
• enh(erlang) OTP 27 Sigil type [nixxquality][]
• enh(erlang) OTP25/27 maybe statement [nixxquality][]
• enh(dart) Support digit-separators in number literals [Sam Rawlins][]
• enh(csharp) add Contextual keywords file, args, dynamic, record, required and scoped [Alvin Joy][]
• enh(lua) add 'pluto' as an alias [Sainan]
• enh(bash) add reserved keywords time and coproc [Álvaro Mondéjar][]
• enh(nix) update keywords [h7x4][]
• enh(nix) support paths [h7x4][]
• enh(nix) support lookup paths [h7x4][]
• enh(nix) support operators [h7x4][]
• enh(nix) support REPL keywords [h7x4][]
• enh(nix) support markdown comments [h7x4][]
• enh(nix) support basic function params [h7x4][]
• enh(nix) better parsing of attrsets [h7x4][]
• fix(c) - Fixed hex numbers with decimals [Dxuian]
• fix(typescript) - Fixedoptional property not highlighted correctly [Dxuian]
• fix(ruby) - fix |= operator false positives (as block arguments) [Aboobacker MK]
• enh(gcode) rewrote language for modern gcode support [Barthélémy Bonhomme][]
• fix(sql) - Fixed sql primary key and foreign key spacing issue [Dxuian]
• fix(cpp) added flat_set and flat_map as a part of cpp 23 version [Lavan]
• fix(yaml) - Fixed special chars in yaml [Dxuian]
• fix(basic) - Fixed closing quotation marks not required for a PRINT statement [Somya]
• fix(nix) remove add builtin [h7x4][]
• fix(nix) mark or as builtin instead of literal [h7x4][]
• fix(nix) handle ''' string escapes [h7x4][]
• fix(nix) handle backslash string escapes [h7x4][]
• fix(nix) don't mix escapes for " and '' strings [h7x4][]

... (truncated)

Changelog

Sourced from highlight.js's changelog.

Version 11.11.1

• Fixes regression with Rust grammar.

Version 11.11.0

CAVEATS / POTENTIALLY BREAKING CHANGES

• Nothing yet.

Core Grammars:

• fix(rust) - adds emoji support in single quote strings [joshgoebel][]
• fix(apache) - support line continuation via \ [Josh Goebel][]
• fix(makefile) - allow strings inside $() expressions [aneesh98][]
• enh(arcade) updated to ArcGIS Arcade version 1.29 [Kristian Ekenes][]
• enh(css) add all properties listed on MDN (96 additions including anchor-name, aspect-ratio, backdrop-filter, container, margin-trim, place-content, scroll-timeline, ...) [BaliBalo][]
• enh(excel) add built-in functions for Excel 365 release to 2024 [Danny Winrow][]
• enh(erlang) OTP 27 triple-quoted strings [nixxquality][]
• enh(erlang) OTP 27 doc attribute [nixxquality][]
• enh(erlang) OTP 27 Sigil type [nixxquality][]
• enh(erlang) OTP25/27 maybe statement [nixxquality][]
• enh(dart) Support digit-separators in number literals [Sam Rawlins][]
• enh(csharp) add Contextual keywords file, args, dynamic, record, required and scoped [Alvin Joy][]
• enh(lua) add 'pluto' as an alias [Sainan]
• enh(bash) add reserved keywords time and coproc [Álvaro Mondéjar][]
• enh(nix) update keywords [h7x4][]
• enh(nix) support paths [h7x4][]
• enh(nix) support lookup paths [h7x4][]
• enh(nix) support operators [h7x4][]
• enh(nix) support REPL keywords [h7x4][]
• enh(nix) support markdown comments [h7x4][]
• enh(nix) support basic function params [h7x4][]
• enh(nix) better parsing of attrsets [h7x4][]
• fix(c) - Fixed hex numbers with decimals [Dxuian]
• fix(typescript) - Fixedoptional property not highlighted correctly [Dxuian]
• fix(ruby) - fix |= operator false positives (as block arguments) [Aboobacker MK]
• enh(gcode) rewrote language for modern gcode support [Barthélémy Bonhomme][]
• fix(sql) - Fixed sql primary key and foreign key spacing issue [Dxuian]
• fix(cpp) added flat_set and flat_map as a part of cpp 23 version [Lavan]
• fix(yaml) - Fixed special chars in yaml [Dxuian]
• fix(basic) - Fixed closing quotation marks not required for a PRINT statement [Somya]
• fix(nix) remove add builtin [h7x4][]
• fix(nix) mark or as builtin instead of literal [h7x4][]
• fix(nix) handle ''' string escapes [h7x4][]
• fix(nix) handle backslash string escapes [h7x4][]
• fix(nix) don't mix escapes for " and '' strings [h7x4][]
• fix(swift) - Fixed syntax highlighting for class func/var declarations [guuido]

... (truncated)

Commits

• 08cb242 (release) 11.1.1
• 048ba65 bump versions to 11.11.1
• c5b6ad5 fix - ignored .DS_Store files
• d020e48 enh(rust) can also escape a singe quote
• 2db4c16 fix(rust) prevent symbol from gobbling strings
• 93e6358 fix(rust) fix regression with string matching
• 40883e1 (release) version 11.11.0 with npm bumps (#4185)
• a667cde fix(rust) emoji supported in single quote strings (#4156)
• 55b0deb enh(apache) support line continuation with \ (#4158)
• 3e06867 fix(parser) prevent gobbling of illegal newlines (#4142)
• Additional commits viewable in compare view

Maintainer changes

This version was pushed to npm by highlightjs_bot, a new releaser for highlight.js since your current version.

Updates react-syntax-highlighter from 5.8.0 to 15.6.1

Release notes

Sourced from react-syntax-highlighter's releases.

v15.6.1

• Fix: #487 Fix: Allow override of display: styles when wrapLongLines is true

v15.6.0

Been awhile! 😰

• Feat: #555 Add Vue language support
• Feat: #534 Add a11yOneLight theme
• Bugfix: #561 Fix bug with wrapLines that butchers highlighting
• Docs: #559 Adding languages

15.5.0

• react-syntax-highlighter/react-syntax-highlighter#466: updated prismjs to 1.27.0, fixing the XSS vuln mentioned in react-syntax-highlighter/react-syntax-highlighter#461

As noted in the PR, updating prism usually brings along a few surprises; this one gave us a new programming language named false, which as you can imagine is fun to import and parse within Javascript.

Thanks to everyone for your patience. We'll be getting back in the groove of regular releases here.

15.4.3

Fixed a version-pin regression for highlight: we're now at highlight 10.4.1 and lowlight 1.17.0 as intended.

Thanks for @​tu4mo for catching this one!

15.4.2

Updates

• bumped lowlight to 1.17.0 to resolve highlight dependency version mismatches: react-syntax-highlighter/react-syntax-highlighter#344

Thanks to @​aurelien-reeves for his first PR here!

15.4.1

Bugfixes

• prevented an inadvertent last-line line number from appearing: react-syntax-highlighter/react-syntax-highlighter#341
• increased inline line number minwidth by .25em to avoid code misalignments: react-syntax-highlighter/react-syntax-highlighter#342

15.4.0

Updates

Bumped highlight.js to 10.4.1, fixing a security vulnerability. This brought along a few additions:

New highlight languages

• nodeRepl (node-repl)

New highlight styles

• gradientLight
• stackoverflowDark
• stackoverflowLight

15.3.1

Bugfix

... (truncated)

Changelog

Sourced from react-syntax-highlighter's changelog.

15.6.1

• Fix: Allow override of display: styles when wrapLongLines is true

15.6.0

• Fix: #561 Fix bug with wrapLines that butchers highlighting
• Docs: #559 Adding languages
• Feat: #555 Add Vue language support
• Feat: #534 Add a11yOneLight theme

[ gap in documentation ]

15.4.3 / 2020-12-07

• Fixed highlight version regression

15.4.2 / 2020-12-07

• Updated lowlight to 1.17.0 to match highlight dependency version

15.4.1 / 2020-12-07

• Bugfix: increased minwidth to avoid unequal line number widths
• Bugfix: prevent last line of file from rendering an unwanted line number

15.4.0 / 2020-12-07

• Security fix: updated highlight.js to 10.4.1

15.3.1 / 2020-11-24

• Bugfix: styling correctly applied to interpolation punctuation

15.3.0 / 2020-10-29

• Updated prismjs (1.22.0) and refractor (3.2.0)
• Updated prism-themes (1.5.0)
• Fixed a broken readme link

15.2.1 / 2020-10-08

• Bugfix: use string templating in language-specific theming code

15.2.0 / 2020-10-07

• Allow language-specific theme styles to override default theme styles

15.1.0 / 2020-10-05

• Updated to prism-themes 1.4.1

15.0.1 / 2020-10-03

• Regenerate Prism themes containing nested tokens

15.0.0 / 2020-10-03

• Breaking change: Allow styling nested tokens with classes in styles (probably not practically breaking for most, since this is a change that fixes a previously non-working feature)

14.0.2 / 2020-10-03

• updated test snapshots after 14.0.1 fix

... (truncated)

Commits

• 842b45b bump to 15.6.1, build
• ade425c Fix not being able to override code tag styles and line styles when wrapLongL...
• 83da2fb Prerelease cleanup, get tests passing (#567)
• 45ff20e add languages (#559)
• 7575068 Bump json5 from 1.0.1 to 1.0.2 (#505)
• f12818d README (#531)
• b2a68e9 fix: lowlight is a named import (#526)
• 9268130 Added theme a11yOneLight (#534)
• 930d544 Add to Built with React Syntax Highlighter (#546)
• 90d0343 Fix bug with wrapLines that butchers highlighting (#561)
• Additional commits viewable in compare view

Maintainer changes

This version was pushed to npm by simmerer, a new releaser for react-syntax-highlighter since your current version.

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
  You can disable automated security fix PRs for this repo from the Security Alerts page.

[vercel]

The latest updates on your projects. Learn more about Vercel for Git ↗︎

Name	Status	Preview	Comments	Updated (UTC)
pro-react-admin	✅ Ready (Inspect)	Visit Preview	💬 Add feedback	May 24, 2025 7:03am

[what-the-diff]

PR 总结

• 更新了“react-syntax-highlighter”的版本
  将 package.json 中的 "react-syntax-highlighter" 的版本从 "^5.8.0" 更新至 "^15.6.1"。这将帮助我们利用该工具包最新的功能和性能优化。

[sonarqubecloud]

Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarQube Cloud

[dependabot]

Looks like these dependencies are up-to-date now, so this is no longer needed.