Security vulnerability reported in highlight.js

[wkilday]

Github's Dependabot is flagging Gatsby with a vulnerability in highlight.js@^8.1.0 via a dependency on hicat@0.7.0.

The vulnerability is fixed in highlight.js@10.4.1, which hicat@0.8.0 uses.

Updating the hicat dependency in gatsby-recipes should resolve this vulnerability. Pull Request #28545 is already doing that, so getting it reviewed and merged should be enough.

[JackHowa]

@LekoArts @wkilday have a more specific pr that might avoid any other ci issues of #28545. Let me know if there's anything else there with #28860

[JackHowa]

seems like #28545 is ready to go... saw the axios warning in gatsby as well