Upgrade Quill Dependency to 2.0.0-rc.4

[repugraf]

This PR updates the quill dependency in react-quill from an outdated version (1.3.7) to the latest release candidate, 2.0.0-rc.4. The previous major version of Quill has not been updated for over five years and includes several security vulnerabilities that have been resolved in version 2.0.

Key Changes

• Version Upgrade:
  The upgrade to Quill 2.0.0-rc.4 addresses critical security concerns, ensuring a safer and more reliable library for our users.
• Enhanced Security: The new version includes patches for vulnerabilities identified in the earlier releases, significantly improving the overall security posture of applications using react-quill.
• Future-Proofing:
  By staying current with Quill's latest versions, we ensure compatibility with future updates and maintain the robustness of react-quill.

[adgoncal]

You forgot to update the yarn lock file. Also, Quill 2.0.0-rc.5 is out, so might as well bump it.

Do note that 2 other PRs have been created in the last few years attempting this same upgrade, but neither were merged: #507 and #711.

It's also worth noting that QuillJS v1.3.7 relies on the browser mutation events, which is deprecated and will be removed from Chrome in July 2024. This means react-quill as is today will not work on Chrome without this change after July 23, 2024.
See https://developer.chrome.com/blog/mutation-events-deprecation

The last time we heard from one of the maintainers of react-quill regarding this was in November of 2023: #914 (comment)

[piesuke]

It looks like Quill 2.0 has been officially released.
I think this PR will also need to support Quill 2.0. Is it okay if I create a new Pull Request that is compatible with the new Quill 2.0?

[luin]

nit: EmitterSource can be imported directly from quill:

import type { EmitterSource } from 'quill';

The same applies to Range:

import type { Range } from 'quill';

[mparisi76]

Hello. Any updates on when this will be merged? Would like to address the DomNodeInserted deprecation message..

[dextel2]

Hey there, when will this get merged ?

[HiroakiLion]

I would like to know as well.

[yuri-scarbaci-lenio]

My (limited) understanding is that this would include the same breaking changes for react-quill user's as detailed on https://quilljs.com/docs/upgrading-to-2-0 right?

If so, it would probably be wise to add a call-out in the readme && changelog to the relevant document