chore(deps): update dependency prismjs to v1.30.0 [security]

[renovate]

This PR contains the following updates:

Package	Change	Age	Adoption	Passing	Confidence
prismjs	1.27.0 -> 1.30.0

GitHub Vulnerability Alerts

CVE-2024-53382

Prism (aka PrismJS) through 1.29.0 allows DOM Clobbering (with resultant XSS for untrusted input that contains HTML but does not directly contain JavaScript), because document.currentScript lookup can be shadowed by attacker-injected HTML elements.

---

Release Notes

PrismJS/prism (prismjs)

v1.30.0

Compare Source

What's Changed

• check that currentScript is set by a script tag by @​lkuechler in https://github.com/PrismJS/prism/pull/3863

New Contributors

• @​lkuechler made their first contribution in https://github.com/PrismJS/prism/pull/3863

Full Changelog: PrismJS/prism@v1.29.0...v1.30.0

v1.29.0

Compare Source

New components

• BBj (#​3511) 1134bdfc
• BQN (#​3515) 859f99a0
• Cilk/C & Cilk/C++ (#​3522) c8462a29
• Gradle (#​3443) 32119823
• METAFONT (#​3465) 2815f699
• WGSL (#​3455) 4c87d418

Updated components

• AsciiDoc
  • Some regexes are too greedy (#​3481) c4cbeeaa
• Bash
  • Added "sh" alias (#​3509) 6b824d47
  • Added support for parameters and the java and sysctl commands. (#​3505) b9512b22
  • Added cargo command (#​3488) 3e937137
• BBj
  • Improve regexes (#​3512) 0cad9ae5
• CSS
  • Fixed @​-rules not accounting for strings (#​3438) 0d4b6cb6
• CSS Extras
  • Added support for RebeccaPurple color (#​3448) 646b2e0a
• Hoon
  • Fixed escaped strings (#​3473) 64642716
• Java
  • Added support for constants (#​3507) 342a0039
• Markup
  • Fixed quotes in HTML attribute values (#​3442) ca8eaeee
• NSIS
  • Added missing commands (#​3504) b0c2a9b4
• Scala
  • Updated keywords to support Scala 3 (#​3506) a090d063
• SCSS
  • Fix casing in title of the scss lang (#​3501) 2aed9ce7

Updated plugins

• Line Highlight
  • Account for offset when clamping ranges (#​3518) 098e3000
  • Ignore ranges outside of actual lines (#​3475) 9a4e725b
• Normalize Whitespace
  • Add configuration via attributes (#​3467) 91dea0c8

Other

• Added security policy (#​3070) 05ee042a
• Added list of maintainers (#​3410) 866b302e
• Included githubactions in the dependabot config (#​3470) 9561a9ab
• Set permissions for GitHub actions (#​3468) b85e1ada
• Website
  • Website: Added third-party tutorial for Pug template (#​3459) 15272f76
  • Docs: Add missing word (#​3489) 9d603ef4

v1.28.0

Compare Source

New components

• Ado & Mata (Stata) (#​3383) 63806d57
• ARM Assembly (#​3376) 554ff324
• Arturo (#​3403) e2fe1f79
• AWK & GAWK (#​3374) ea8a0f40
• Cooklang (#​3337) 4eb928c3
• CUE (#​3375) a1340666
• gettext (#​3369) dfef9b61
• GNU Linker Script (#​3373) 33f2cf95
• Odin (#​3424) 8a3fef6d
• PlantUML (#​3372) 0d49553c
• ReScript (#​3435) cbef9af7
• SuperCollider (#​3371) 1b1d6731

Updated components

• .properties
  • Use key, value for token names; attr-name, attr-value as aliases (#​3377) b94a664d
• ABAP
  • Sorted keyword list (#​3368) 7bda2bf1
• Ada
  • Changed attr-name to attribute; Use attr-name as alias (#​3381) cde0b5b2
  • Added or keyword (#​3380) c30b736f
• Atmel AVR Assembly
  • Fixed &= and |= operators (#​3395) 8c4ae5a5
• AutoHotkey
  • Use standard tokens (#​3385) 61c460e8
  • Use general pattern instead of name list for directives (#​3384) 7ac84dda
• CFScript
  • Simplified operator regex (#​3396) 6a215fe0
• CMake
  • Simplified variable and operator regexes (#​3398) 8e59744b
• Erlang
  • Added begin keyword (#​3387) cf38d059
• Excel Formula
  • Use more fitting aliases for function-name, range, and cell (#​3391) ef0ec02a
• Flow
  • Changed alias of type to class-name (#​3390) ce41434d
  • Recognise [Ss]ymbol as a type (#​3388) 3916883a
• GEDCOM
  • Update tag to record (#​3386) f8f95340
• Groovy
  • Added string interpolation without hook (#​3366) 5617765f
• Handlebars
  • Added Mustache alias (#​3422) cb5229af
• Java
  • Improved class name detection (#​3351) 4cb3d038
  • Fixed record false positives (#​3348) 3bd8fdb1
• JavaScript
  • Added support for new regex syntax (#​3399) ca78cde6
• Keyman
  • Added new keywords (#​3401) bac36827
• MEL
  • Improved functions, code, and comments (#​3393) 8e648dab
• NEON
  • Change alias of key to property (#​3394) 1c533f4a
• PHP
  • Added never return type + minor fix of named arguments (#​3421) 4ffab525
  • Added readonly keyword (#​3349) 4c3f1969
• PureBasic
  • Added support for pointer to string operator (#​3362) 499b1fa0
• Razor C#
  • Added support for @helper and inline C# inside attribute values (#​3355) 31a38d0c
• VHDL
  • Add private, view keywords; Distinguish attribute from keyword (#​3389) d1a5ce30
• Wolfram language
  • Simplified operator regex (#​3397) 10ae6da3

Updated plugins

• Autolinker
  • Fixed URL regex to match more valid URLs (#​3358) 17ed9160
• Command Line
  • Add support for command continuation prefix (#​3344) b53832cd
  • Increased prompt opacity (#​3352) f95dd190
• Keep Markup
  • Use original nodes instead of clones (#​3365) 8a843a17

Other

• Infrastructure
  • Use terser (#​3407) 11c54624
  • Tests: Cache results for exp backtracking check (#​3356) ead22e1e
• Website
  • More documentation for language definitons (#​3427) 333bd590

---

Configuration

📅 Schedule: Branch creation - "" in timezone America/New_York, Automerge - At any time (no schedule defined).

🚦 Automerge: Enabled.

♻ Rebasing: Whenever PR is behind base branch, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.

---

• If you want to rebase/retry this PR, check this box

---

This PR was generated by Mend Renovate. View the repository job log.

[cypress-app-bot]

See the guidelines for reviewing dependency updates for info on how to review dependency update PRs.

[renovate]

Edited/Blocked Notification

Renovate will not automatically rebase this PR, because it does not recognize the last commit author and assumes somebody else may have edited the PR.

You can manually request rebase by checking the rebase/retry box above.

⚠️ Warning: custom changes will be lost.

[cypress]

cypress    Run #64674

Run Properties:   Passed #64674  •  3bf097c3c5: Merge branch 'renovate/npm-prismjs-vulnerability' of https://github.com/cypress-...

Project	cypress
Branch Review	renovate/npm-prismjs-vulnerability
Run status	Passed #64674
Run duration	19m 23s
Commit	3bf097c3c5: Merge branch 'renovate/npm-prismjs-vulnerability' of https://github.com/cypress-...
Committer	Jennifer Shehane
View all properties for this run ↗︎

---

Test results
Failures	0
Flaky	8
Pending	1101
Skipped	0
Passing	26543
View all changes introduced in this branch ↗︎

UI Coverage  45.14%
Untested elements	187
Tested elements	158

Accessibility  97.71%
Failed rules	4 critical   8 serious   2 moderate   2 minor
Failed elements	110