`highlight.js`

Ecosystem:
npm

Package URL:
pkg:npm/highlight.js

Total PRs:
245 Dependabot PRs

Latest PR:
1 day ago

Unique Repositories:
167 repositories

Unique Repos (30 days):
22 repositories

Security Advisories

ReDOS vulnerabities: multiple grammars

GHSA-7wwv-vh3v-89cq MODERATE published almost 5 years ago • updated 4 months ago

### Impact: Potential ReDOS vulnerabilities (exponential and polynomial RegEx backtracking) [oswasp](https://owasp.org/www-community/attacks/Regul...

Prototype Pollution in highlight.js

GHSA-vfrc-7r7c-w9mx CVE-2020-26237 MODERATE published almost 5 years ago • updated about 2 months ago

### Impact Affected versions of this package are vulnerable to Prototype Pollution. A malicious HTML code block can be crafted that will result i...

Recent PRs (filtered by: Merged , Patch PRs )

RSS Feed Clear filter

Bump highlight.js from 9.18.1 to 9.18.5

mindvalley/universal-player #11

9.18.1 → 9.18.5 Patch PR

Merged almost 5 years ago

Bump highlight.js from 9.18.1 to 9.18.5 in /vue-js-complete-guide-vuecli

daipresents/udemy #6

9.18.1 → 9.18.5 Patch PR

Merged almost 5 years ago

Package Details

Name:	`highlight.js`
Ecosystem:	npm
PURL Type:	npm
Package URL:	`pkg:npm/highlight.js`
JSON API:	View JSON

Security Advisories

2

Active advisories

MODERATE 2

View All npm Advisories

Package Information

Description:

Syntax highlighting with language autodetection.

Repository:	https://github.com/highlightjs/highlight.js
Homepage:	https://highlightjs.org/
Latest Release:	`11.11.1` 9 months ago
Dependent Repos:	700,734
Dependent Packages:	11,299
Downloads:	45,814,735
Ranking:	Top 0.0436% by dependent repos Top 0.0488% by downloads Top 0.009% by dependent pkgs

PR Status

Open 107 (43.7%)

Merged 26 (10.6%)

Closed 90 (36.7%)

PR Types

Removal 3 (1.2%)

Minor 125 (51.0%)

Major 59 (24.1%)

Patch 33 (13.5%)