[Snyk] Upgrade: gatsby-plugin-sharp, gatsby-plugin-typography, gatsby-transformer-sharp

[snyk-bot]

Snyk has created this PR to upgrade multiple dependencies.

👯‍♂ The following dependencies are linked and will therefore be updated together.

:information_source: Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.

Name	Versions	Released on
gatsby-plugin-sharp from 4.12.1 to 4.13.0	3 versions ahead of your current version	21 days ago on 2022-04-26
gatsby-plugin-typography from 4.12.1 to 4.13.0	2 versions ahead of your current version	21 days ago on 2022-04-26
gatsby-transformer-sharp from 4.12.1 to 4.13.0	2 versions ahead of your current version	21 days ago on 2022-04-26

The recommended version fixes:

Severity	Issue	PriorityScore (*)	Exploit Maturity
	Remote Code Execution (RCE) SNYK-JS-SHELLQUOTE-1766506	619/1000 Why? Has a fix available, CVSS 8.1	No Known Exploit
	Prototype Pollution SNYK-JS-UNSETVALUE-2400660	619/1000 Why? Has a fix available, CVSS 8.1	No Known Exploit
	Regular Expression Denial of Service (ReDoS) SNYK-JS-BROWSERSLIST-1090194	619/1000 Why? Has a fix available, CVSS 8.1	Proof of Concept
	Regular Expression Denial of Service (ReDoS) SNYK-JS-DEVCERT-2808183	619/1000 Why? Has a fix available, CVSS 8.1	No Known Exploit
	Undesired Behavior SNYK-JS-EVENTSOURCEPOLYFILL-2429580	619/1000 Why? Has a fix available, CVSS 8.1	Mature
	Prototype Pollution SNYK-JS-IMMER-1540542	619/1000 Why? Has a fix available, CVSS 8.1	Proof of Concept
	Regular Expression Denial of Service (ReDoS) SNYK-JS-PROMPTS-1729737	619/1000 Why? Has a fix available, CVSS 8.1	Proof of Concept

(*) Note that the real score may have changed since the PR was raised.

Release notes

Package name: gatsby-plugin-sharp

• 4.13.0 - 2022-04-26
• 4.13.0-next.0 - 2022-04-07
• 4.13.0-alpha-image-cdn-telemetry.29 - 2022-04-18
• 4.12.1 - 2022-04-12

from gatsby-plugin-sharp GitHub release notes

Package name: gatsby-plugin-typography

• 4.13.0 - 2022-04-26
• 4.13.0-next.0 - 2022-04-07
• 4.12.1 - 2022-04-12

from gatsby-plugin-typography GitHub release notes

Package name: gatsby-transformer-sharp

• 4.13.0 - 2022-04-26
• 4.13.0-next.0 - 2022-04-07
• 4.12.1 - 2022-04-12

from gatsby-transformer-sharp GitHub release notes

Commit messages

Package name: gatsby-plugin-sharp

• 89509ff chore(release): Publish
• dc25387 fix(gatsby-source-contentful): Prevent null pointer exception (#35244) (#35492)
• 4627e3d chore(docs):Update Link URL (#35462)
• 028f348 fix(gatsby-dev-cli): use package name not directory name (#35447)
• 027acf8 feat(gatsby-source-wordpress): bring back defaults before image_cdn (#35370)
• a246011 feat(gatsby-plugin-utils): enable tracedsvg (#35328)
• dfa5991 chore(gatsby-source-wordpress): Fix typo in `presets[].options` (#35455)
• 697e6f4 docs(gatsby): image cdn author docs tweak (#35451)
• 3fb8642 fix(gatsby-transformer-screenshot): finished migration from better-queue to fastq (#35425)
• e30be3e fix(gatsby-link): modify relative links based on trailing slash option (#35444)
• 1b6a35b chore(docs): Typo on "Adding forms" (#35438)
• e1e82bc chore(changelogs): update changelogs (#35431)
• d50457f fix(gatsby-source-wordpress): localFile id (#35423)
• 6476633 fix(gatsby): limit node manifest creation limit (#35359)
• 5698ada fix(gatsby-plugin-netlify-cms): react18-compatible require resolve (#35365)
• f63d13d chore(changelogs): update changelogs (#35414)
• 233f54a fix(deps): update starters and examples - gatsby (#35413)
• 5979c88 chore(docs): Release Notes for 4.12 (#35376)
• 68c8e74 fix(deps): update starters and examples gatsby packages to ^4.11.3 (#35401)
• f49f10b chore(changelogs): update changelogs (#35402)
• 68aabc8 fix(gatsby-plugin-gatsby-cloud): don't add `undefined` to preload path if assetPrefix is falsy (#35400)
• 9b8aadc fix(gatsby-source-wordpress): fix integration tests (#35399)
• 316ac02 chore(release): Publish next
• 92d384f fix(gatsby): only install 2.2.x patch versions of lmdb while 2.3.0 has a bug (#35397)

Compare

Package name: gatsby-plugin-typography

• 89509ff chore(release): Publish
• dc25387 fix(gatsby-source-contentful): Prevent null pointer exception (#35244) (#35492)
• 4627e3d chore(docs):Update Link URL (#35462)
• 028f348 fix(gatsby-dev-cli): use package name not directory name (#35447)
• 027acf8 feat(gatsby-source-wordpress): bring back defaults before image_cdn (#35370)
• a246011 feat(gatsby-plugin-utils): enable tracedsvg (#35328)
• dfa5991 chore(gatsby-source-wordpress): Fix typo in `presets[].options` (#35455)
• 697e6f4 docs(gatsby): image cdn author docs tweak (#35451)
• 3fb8642 fix(gatsby-transformer-screenshot): finished migration from better-queue to fastq (#35425)
• e30be3e fix(gatsby-link): modify relative links based on trailing slash option (#35444)
• 1b6a35b chore(docs): Typo on "Adding forms" (#35438)
• e1e82bc chore(changelogs): update changelogs (#35431)
• d50457f fix(gatsby-source-wordpress): localFile id (#35423)
• 6476633 fix(gatsby): limit node manifest creation limit (#35359)
• 5698ada fix(gatsby-plugin-netlify-cms): react18-compatible require resolve (#35365)
• f63d13d chore(changelogs): update changelogs (#35414)
• 233f54a fix(deps): update starters and examples - gatsby (#35413)
• 5979c88 chore(docs): Release Notes for 4.12 (#35376)
• 68c8e74 fix(deps): update starters and examples gatsby packages to ^4.11.3 (#35401)
• f49f10b chore(changelogs): update changelogs (#35402)
• 68aabc8 fix(gatsby-plugin-gatsby-cloud): don't add `undefined` to preload path if assetPrefix is falsy (#35400)
• 9b8aadc fix(gatsby-source-wordpress): fix integration tests (#35399)
• 316ac02 chore(release): Publish next
• 92d384f fix(gatsby): only install 2.2.x patch versions of lmdb while 2.3.0 has a bug (#35397)

Compare

Package name: gatsby-transformer-sharp

• 89509ff chore(release): Publish
• dc25387 fix(gatsby-source-contentful): Prevent null pointer exception (#35244) (#35492)
• 4627e3d chore(docs):Update Link URL (#35462)
• 028f348 fix(gatsby-dev-cli): use package name not directory name (#35447)
• 027acf8 feat(gatsby-source-wordpress): bring back defaults before image_cdn (#35370)
• a246011 feat(gatsby-plugin-utils): enable tracedsvg (#35328)
• dfa5991 chore(gatsby-source-wordpress): Fix typo in `presets[].options` (#35455)
• 697e6f4 docs(gatsby): image cdn author docs tweak (#35451)
• 3fb8642 fix(gatsby-transformer-screenshot): finished migration from better-queue to fastq (#35425)
• e30be3e fix(gatsby-link): modify relative links based on trailing slash option (#35444)
• 1b6a35b chore(docs): Typo on "Adding forms" (#35438)
• e1e82bc chore(changelogs): update changelogs (#35431)
• d50457f fix(gatsby-source-wordpress): localFile id (#35423)
• 6476633 fix(gatsby): limit node manifest creation limit (#35359)
• 5698ada fix(gatsby-plugin-netlify-cms): react18-compatible require resolve (#35365)
• f63d13d chore(changelogs): update changelogs (#35414)
• 233f54a fix(deps): update starters and examples - gatsby (#35413)
• 5979c88 chore(docs): Release Notes for 4.12 (#35376)
• 68c8e74 fix(deps): update starters and examples gatsby packages to ^4.11.3 (#35401)
• f49f10b chore(changelogs): update changelogs (#35402)
• 68aabc8 fix(gatsby-plugin-gatsby-cloud): don't add `undefined` to preload path if assetPrefix is falsy (#35400)
• 9b8aadc fix(gatsby-source-wordpress): fix integration tests (#35399)
• 316ac02 chore(release): Publish next
• 92d384f fix(gatsby): only install 2.2.x patch versions of lmdb while 2.3.0 has a bug (#35397)

Compare

---

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.

For more information:

🧐 View latest project report

🛠 Adjust upgrade PR settings

🔕 Ignore this dependency or unsubscribe from future upgrade PRs