Security Policy
Due to both time and resource constrains the Highlight.js core team fully supports only the current major/minor release of the library. Prior major releases may be supported for a short time after new major releases are issued. Problems with minor releases are often resolved by upgrading to the most recent minor release.
Release Status
| Version | Support | Status |
|---|---|---|
| 11.x | :white_check_mark: | The 11.x series recieves regular updates, new features & security fixes. |
| 10.7.x | :x: | No longer supported. See VERSION_11_UPGRADE.md. |
| <= 10.4.0 | :x: | Known vulnerabities. |
| <= 9.18.5 | :x: | Known vulnerabities. EOL |
| 7.x, 8.x | :x: | Obsolete. Known vulnerabities. |
Reporting a Vulnerability
Many vulnerabilities can simply be reported (and tracked) via our GitHub issues. If you feel your issue is more sensitive than that you can always reach us via email: security@highlightjs.org