highlight.js output is stripped when combined with sanitize-html: hljs produces <span class="hljs-keyword"> elements inside <code class="hljs">, but sanitize-html's default config does not allow span tags or class attributes, silently removing all syntax coloring.
Add span to allowedTags and add class to allowedAttributes for both code and span: { allowedTags: [..., 'span'], allowedAttributes: { code: ['class'], span: ['class'] } }. Only allow class (not style) to keep the security posture tight — hljs uses class-based theming exclusively.