[Snyk] Upgrade prismjs from 1.20.0 to 1.27.0

[david-mears-2]

Snyk has created this PR to upgrade prismjs from 1.20.0 to 1.27.0.

As this is a private repository, Snyk-bot does not have access. Therefore, this PR has been created automatically, but appears to have been created by a real user.

ℹ️ Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.

---

• The recommended version is 8 versions ahead of your current version.
• The recommended version was released 2 months ago, on 2022-02-17.

The recommended version fixes:

Severity	Issue	PriorityScore (*)	Exploit Maturity
	Cross-site Scripting (XSS) SNYK-JS-PRISMJS-597628	629/1000 Why? Has a fix available, CVSS 8.3	No Known Exploit
	Regular Expression Denial of Service (ReDoS) SNYK-JS-PRISMJS-1585202	629/1000 Why? Has a fix available, CVSS 8.3	Proof of Concept
	Regular Expression Denial of Service (ReDoS) SNYK-JS-PRISMJS-1314893	629/1000 Why? Has a fix available, CVSS 8.3	No Known Exploit
	Regular Expression Denial of Service (ReDoS) SNYK-JS-PRISMJS-1076581	629/1000 Why? Has a fix available, CVSS 8.3	Proof of Concept
	Cross-site Scripting (XSS) SNYK-JS-PRISMJS-2404333	629/1000 Why? Has a fix available, CVSS 8.3	No Known Exploit

(*) Note that the real score may have changed since the PR was raised.

Release notes

Package name: prismjs

• 1.27.0 - 2022-02-17
  

  Release 1.27.0

• 1.26.0 - 2022-01-06
  

  Release 1.26.0

• 1.25.0 - 2021-09-16
  

  Release 1.25.0

• 1.24.1 - 2021-07-03
  

  Release 1.24.1

• 1.24.0 - 2021-06-27
  

  Release 1.24.0

• 1.23.0 - 2020-12-31
  

  Release 1.23.0

• 1.22.0 - 2020-10-10
  

  Release 1.22.0

• 1.21.0 - 2020-08-06
  

  Release 1.21.0

• 1.20.0 - 2020-04-04
  

  Release 1.20.0

from prismjs GitHub release notes

Commit messages

Package name: prismjs

• 703881e 1.27.0
• 7ac1373 Updated changelog for v1.27.0 (#3342)
• e002e78 Command Line: Escape markup in command line output (#3341)
• 13b56a9 Bump follow-redirects from 1.14.7 to 1.14.8 (#3338)
• f094c4a Bump yargs-parser from 5.0.0 to 5.0.1 (#3334)
• 9fd4c74 Bump ajv from 6.10.0 to 6.12.6 (#3333)
• 3fcca6b Bump pathval from 1.1.0 to 1.1.1 (#3331)
• 1784b17 Command Line: Add support for line continuation and improved colors (#3326)
• f545843 ESLint: Allow `Map` and `Set` in ES5 code (#3328)
• d6c5372 PureBasic: Added missing keyword and fixed constants ending with `$` (#3320)
• 82d0ca1 Command Line: Added span around command and output (#3312)
• 2cc4660 Core: Added better error message for missing grammars (#3311)
• 3f8cc5a Added UO Razor Script (#3309)
• bcb2e2c AutoIt: Allow hyphen in directive (#3308)
• deb3a97 INI: Swap out `header` for `section` (#3304)
• e46501b editorconfig: Change alias of `section` from `keyword` to `selector` (#3305)
• 2eb89e1 Swap out `operator` for `punctuation` (#3306)
• 3a20bdc Bump node-fetch from 2.6.1 to 3.1.1 (#3307)
• 081d515 Bump copy-props from 2.0.4 to 2.0.5 (#3300)
• b90e97c Bump follow-redirects from 1.13.1 to 1.14.7 (#3299)
• 8458c41 MongoDB: Added v5 support (#3297)
• 441a142 Scala: Added support for interpolated strings (#3293)
• 0b6b1e2 1.26.0
• 3ae61a8 Updated changelog for v1.26.0 (#3292)

Compare

---

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.

For more information:

🧐 View latest project report

🛠 Adjust upgrade PR settings

🔕 Ignore this dependency or unsubscribe from future upgrade PRs