LabZoneSK / labzone-gatsby

BSD Zero Clause License
2 stars 0 forks source link

[Snyk] Security upgrade gatsby from 4.12.1 to 5.4.0 #156

Closed snyk-bot closed 1 year ago

snyk-bot commented 1 year ago

Snyk has created this PR to fix one or more vulnerable packages in the `npm` dependencies of this project.

Changes included in this PR

Vulnerabilities that will be fixed

With an upgrade:
Severity Priority Score (*) Issue Breaking Change Exploit Maturity
high severity 589/1000
Why? Has a fix available, CVSS 7.5
Denial of Service (DoS)
SNYK-JS-ENGINEIO-3136336
Yes No Known Exploit

(*) Note that the real score may have changed since the PR was raised.

Commit messages
Package name: gatsby The new version differs by 250 commits.
  • 12252dd chore(release): Publish
  • e2084f6 fix(gatsby): Restore asset, path prefix for file-loader handled files (#37429) (#37430)
  • c7b5e7c chore(gatsby): Improve SlicePlaceholderProps type (#37409)
  • 57607f1 fix(gatsby): Allow "gatsby-node" directory for Parcel Compilation (#36712)
  • 56ace78 fix(gatsby-source-contentful): Add contentTypeFilter to Joi schema (#37403)
  • 04fb852 chore: Update `.gitpod` to use correct Node version (#37336)
  • 7a382f2 chore(deps): Bump yaml-loader (#37401)
  • 7fda6d1 fix(deps): update parcel to v2.8.2 (#37383)
  • 6e7c57f chore(deps): update [dev] minor and patch dependencies for gatsby (#37384)
  • b941876 chore(deps): update babel monorepo (#37386)
  • 5df8a99 chore(release): Publish next
  • 919efc0 fix(deps): update minor and patch dependencies for gatsby (#37377)
  • dd6bb8a chore(deps): update [dev] minor and patch dependencies for gatsby-source-shopify (#37355)
  • 594886b chore(deps): update [dev] minor and patch dependencies for gatsby-plugin-gatsby-cloud (#37385)
  • 9077a3f chore(deps): update [dev] minor and patch dependencies for gatsby-plugin-mdx (#37353)
  • 4c2ac49 chore(deps): update [dev] minor and patch dependencies for gatsby-plugin-image (#37352)
  • 78324eb chore(docs): Add wrapRootElement limitation to off-main-thread (#37402)
  • 20ce44b fix(deps): update e2e tests (major) (#37289)
  • bbd6220 chore(deps): update gatsby monorepo (#37366)
  • f8e8078 chore(docs): Update Storybook instructions (#37321)
  • e9ab3f4 chore(docs): Add `--legacy-peer-deps` flag for experimental React (#37332)
  • b573e21 chore(deps): update dependency cross-env to ^5.2.1 (#37359)
  • f503625 chore(deps): update [dev] minor and patch dependencies for gatsby-plugin-preact (#37354)
  • b8ce9de chore(deps): update dependency react-typography to ^0.16.23 for gatsby-plugin-typography (#37363)
See the full diff

Check the changes in this PR to ensure they won't cause issues with your project.


Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information: 🧐 View latest project report

🛠 Adjust project settings

📚 Read more about Snyk's upgrade and patch logic


Learn how to fix vulnerabilities with free interactive lessons:

🦉 Denial of Service (DoS)