search

LabZoneSK / labzone-gatsby

BSD Zero Clause License
2 stars 0 forks source link

[Snyk] Upgrade gatsby-plugin-mdx from 3.12.1 to 3.13.0 #144

Closed snyk-bot closed 1 year ago

snyk-bot commented 2 years ago

Snyk has created this PR to upgrade gatsby-plugin-mdx from 3.12.1 to 3.13.0.

merge advice :information_source: Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.

The recommended version fixes:

Severity Issue PriorityScore (*) Exploit Maturity
Remote Code Execution (RCE)
SNYK-JS-SHELLQUOTE-1766506		 619/1000
Why? Has a fix available, CVSS 8.1		 No Known Exploit
Prototype Pollution
SNYK-JS-UNSETVALUE-2400660		 619/1000
Why? Has a fix available, CVSS 8.1		 No Known Exploit
Regular Expression Denial of Service (ReDoS)
SNYK-JS-BROWSERSLIST-1090194		 619/1000
Why? Has a fix available, CVSS 8.1		 Proof of Concept
Regular Expression Denial of Service (ReDoS)
SNYK-JS-DEVCERT-2808183		 619/1000
Why? Has a fix available, CVSS 8.1		 No Known Exploit
Undesired Behavior
SNYK-JS-EVENTSOURCEPOLYFILL-2429580		 619/1000
Why? Has a fix available, CVSS 8.1		 Mature
Prototype Pollution
SNYK-JS-IMMER-1540542		 619/1000
Why? Has a fix available, CVSS 8.1		 Proof of Concept
Regular Expression Denial of Service (ReDoS)
SNYK-JS-PROMPTS-1729737		 619/1000
Why? Has a fix available, CVSS 8.1		 Proof of Concept

(*) Note that the real score may have changed since the PR was raised.

Release notes
Package name: gatsby-plugin-mdx
  • 3.13.0 - 2022-04-26
  • 3.13.0-next.0 - 2022-04-07
  • 3.13.0-alpha-image-cdn-telemetry.29 - 2022-04-18
  • 3.12.1 - 2022-04-12
from gatsby-plugin-mdx GitHub release notes
Commit messages
Package name: gatsby-plugin-mdx
  • 89509ff chore(release): Publish
  • dc25387 fix(gatsby-source-contentful): Prevent null pointer exception (#35244) (#35492)
  • 4627e3d chore(docs):Update Link URL (#35462)
  • 028f348 fix(gatsby-dev-cli): use package name not directory name (#35447)
  • 027acf8 feat(gatsby-source-wordpress): bring back defaults before image_cdn (#35370)
  • a246011 feat(gatsby-plugin-utils): enable tracedsvg (#35328)
  • dfa5991 chore(gatsby-source-wordpress): Fix typo in `presets[].options` (#35455)
  • 697e6f4 docs(gatsby): image cdn author docs tweak (#35451)
  • 3fb8642 fix(gatsby-transformer-screenshot): finished migration from better-queue to fastq (#35425)
  • e30be3e fix(gatsby-link): modify relative links based on trailing slash option (#35444)
  • 1b6a35b chore(docs): Typo on "Adding forms" (#35438)
  • e1e82bc chore(changelogs): update changelogs (#35431)
  • d50457f fix(gatsby-source-wordpress): localFile id (#35423)
  • 6476633 fix(gatsby): limit node manifest creation limit (#35359)
  • 5698ada fix(gatsby-plugin-netlify-cms): react18-compatible require resolve (#35365)
  • f63d13d chore(changelogs): update changelogs (#35414)
  • 233f54a fix(deps): update starters and examples - gatsby (#35413)
  • 5979c88 chore(docs): Release Notes for 4.12 (#35376)
  • 68c8e74 fix(deps): update starters and examples gatsby packages to ^4.11.3 (#35401)
  • f49f10b chore(changelogs): update changelogs (#35402)
  • 68aabc8 fix(gatsby-plugin-gatsby-cloud): don't add `undefined` to preload path if assetPrefix is falsy (#35400)
  • 9b8aadc fix(gatsby-source-wordpress): fix integration tests (#35399)
  • 316ac02 chore(release): Publish next
  • 92d384f fix(gatsby): only install 2.2.x patch versions of lmdb while 2.3.0 has a bug (#35397)
Compare

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.

For more information:

🧐 View latest project report

🛠 Adjust upgrade PR settings

🔕 Ignore this dependency or unsubscribe from future upgrade PRs