Quark is a cross-platform, integrated development environment for rapidly building - functional , prototypal projects, written in HTML, CSS and JavaScript with native desktop app like capabilities.
This PR was automatically created by Snyk using the credentials of a real user.
Snyk has created this PR to fix one or more vulnerable packages in the `npm` dependencies of this project.
#### Changes included in this PR
- Changes to the following files to upgrade the vulnerable dependencies to a fixed version:
- package.json
- package-lock.json
#### Vulnerabilities that will be fixed
##### With an upgrade:
Severity | Priority Score (*) | Issue | Breaking Change | Exploit Maturity
:-------------------------:|-------------------------|:-------------------------|:-------------------------|:-------------------------
 | **658/1000** **Why?** Proof of Concept exploit, Recently disclosed, Has a fix available, CVSS 5.3 | Regular Expression Denial of Service (ReDoS) [SNYK-JS-SEMVER-3247795](https://snyk.io/vuln/SNYK-JS-SEMVER-3247795) | Yes | Proof of Concept
(*) Note that the real score may have changed since the PR was raised.
Commit messagesPackage name: material-icon-theme
The new version differs by 250 commits.
95b6fe8 Uses existing instance if config file is same as already built solution (#1177)
b38678a Update minimum compiler version to 3.6.3 (#1188)
f8eba53 Add documentation and example code for projectReferences (#1184)
46d9761 Update docs to show transpileOnly does not affect project references (#1175)
0e64ceb Fix getOptionsHash when two options has different props but same values. (#1170)
See the full diff
Check the changes in this PR to ensure they won't cause issues with your project.
------------
**Note:** *You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.*
For more information:
🧐 [View latest project report](https://app.snyk.io/org/nishkalkashyap/project/1f69bd6d-330a-4f30-ac57-14a5ddb67367?utm_source=github&utm_medium=referral&page=fix-pr)
🛠 [Adjust project settings](https://app.snyk.io/org/nishkalkashyap/project/1f69bd6d-330a-4f30-ac57-14a5ddb67367?utm_source=github&utm_medium=referral&page=fix-pr/settings)
📚 [Read more about Snyk's upgrade and patch logic](https://support.snyk.io/hc/en-us/articles/360003891078-Snyk-patches-to-fix-vulnerabilities)
[//]: # (snyk:metadata:{"prId":"203acc5a-42c1-4007-bcaf-d43e848a25c4","prPublicId":"203acc5a-42c1-4007-bcaf-d43e848a25c4","dependencies":[{"name":"ionic","from":"4.12.0","to":"5.3.0"},{"name":"material-icon-theme","from":"3.7.1","to":"4.14.0"},{"name":"npm","from":"6.14.4","to":"7.21.0"},{"name":"serialport","from":"8.0.7","to":"9.0.0"},{"name":"stylus","from":"0.54.7","to":"0.56.0"},{"name":"ts-loader","from":"5.4.5","to":"8.0.14"}],"packageManager":"npm","projectPublicId":"1f69bd6d-330a-4f30-ac57-14a5ddb67367","projectUrl":"https://app.snyk.io/org/nishkalkashyap/project/1f69bd6d-330a-4f30-ac57-14a5ddb67367?utm_source=github&utm_medium=referral&page=fix-pr","type":"auto","patch":[],"vulns":["SNYK-JS-SEMVER-3247795"],"upgrade":["SNYK-JS-SEMVER-3247795"],"isBreakingChange":true,"env":"prod","prType":"fix","templateVariants":["priorityScore"],"priorityScoreList":[658],"remediationStrategy":"vuln"})
---
**Learn how to fix vulnerabilities with free interactive lessons:**
🦉 [Regular Expression Denial of Service (ReDoS)](https://learn.snyk.io/lessons/redos/javascript/?loc=fix-pr)
This PR was automatically created by Snyk using the credentials of a real user.
Snyk has created this PR to fix one or more vulnerable packages in the `npm` dependencies of this project.
#### Changes included in this PR - Changes to the following files to upgrade the vulnerable dependencies to a fixed version: - package.json - package-lock.json #### Vulnerabilities that will be fixed ##### With an upgrade: Severity | Priority Score (*) | Issue | Breaking Change | Exploit Maturity :-------------------------:|-------------------------|:-------------------------|:-------------------------|:-------------------------  | **658/1000****Why?** Proof of Concept exploit, Recently disclosed, Has a fix available, CVSS 5.3 | Regular Expression Denial of Service (ReDoS)
[SNYK-JS-SEMVER-3247795](https://snyk.io/vuln/SNYK-JS-SEMVER-3247795) | Yes | Proof of Concept (*) Note that the real score may have changed since the PR was raised.
Commit messages
Package name: material-icon-theme
The new version differs by 250 commits.- 1b54692 Release 4.14.0
- a2b05b6 Update vscodeignore
- fe4acfb Support partials folders (#1307)
- ac862f6 [Icon Request] Gleam language (#1415)
- 4e0a489 Update color check workflow
- 50d9faf feat: hardhat (#1377)
- b4266df Add Parcel bundler icon (#1414)
- 53615b9 Improve range of language `Makefile` (#1409)
- 858100a Improve build workflow (#1413)
- 06e9cd2 Adds second extension to the cucumber file type (#1411)
- 64e85c0 Add firebase as folder name (#1410)
- 7795947 Add Svelte-Kit to be included with the folder-svelte (#1405)
- 85cf632 Add `pom.xml` to maven files (#1398)
- 055091d Add TS support for capacitor config file (#1396)
- fa17ba8 Release 4.13.0
- 97d8114 Improve release workflow (#1378)
- 3ad3ff7 Add new sponsor (#1389)
- fc0bcea Add support for Eleventy's _layouts dir (#585)
- cbe5a82 Add support for pnpm files (#584)
- 1e23f93 Add support for Gridsome-related files (#1383)
- a8b8374 Add NextJS folder icons (#933)
- 3c364b8 fileicon added for go.work file (#1326)
- 3aa20b1 feat: integrations folder icon (#1360)
- 5d92879 Add Translation for Japanese (#1379)
See the full diffPackage name: npm
The new version differs by 250 commits.- 30a9844 7.21.0
- 0b2cd9d update AUTHORS
- 06461ec docs: changelog for v7.21.0
- 771a1cb chore(tests): fix snapshots
- 71cdfd8 spdx-license-ids@3.0.10
- 94f92de make-fetch-happen@9.0.5
- 7ac621c smart-buffer@4.2.0
- 218caca is-core-module@2.6.0
- ff6626a fix(docs): update npm-publish access flag info
- b6f40b5 tar@6.1.10
- e9e5ee5 @ npmcli/arborist@2.8.2
- 991a3bd read-package-json@4.0.0
- f077724 init-package-json@2.0.4
- 68a19bb fix(error-message): look for er.path not er.file
- ff34d6c feat(cache): initial implementation of ls and rm
- 8183976 normalize-package-data@3.0.3
- df57f0d @ npmcli/run-script@1.8.6
- 487731c fix(logging): sanitize logged argv
- 7a58264 chore(ci): check that docs are up to date in ci
- 22f3bbb chore(docs): add more 'autogenerated' comments
- 4314490 fix(docs): revert auto-generated portion of docs
- 32e88c9 fix(did-you-mean): switch levenshtein libraries
- 59b9851 7.20.6
- 2591e67 update AUTHORS
See the full diffPackage name: serialport
The new version differs by 9 commits.- 36d3abc v9.0.0
- e0c232c chore: build on node 14 and drop node 8 and 32bit linux builds (#2079)
- 485b615 chore: upgrade nan and prebuild-install
- 9f8f8fc chore: upgrade commander and enquirer
- ab02f01 chore: upgrade prettier (#2077)
- c5ae5bd chore: Update prebuild (#2073)
- 53a1f84 v8.0.8
- 6ee5c84 fix: reject on non-zero exit codes (#2046)
- b8ada2b * chore(package): update sinon to version 9.0.0 🚀 (#2035)
See the full diffPackage name: stylus
The new version differs by 61 commits.- fc2e630 chore: add url parse guard (#2600)
- 3329f5b deps: remove semver and mkdirp deps and add node17 test (#2641)
- e64ae7d feat: upgrade debug version from v3 to v4 (#2643)
- 33a5fd9 Fix: variable names beginning with a keyword and dash (#2634)
- d2cddcf Fix: `@ import` url() error in dependency resolver (#2632)
- 9cb7635 chore: add new npm ugnore config (#2631)
- dde9868 0.55.0 (#2630)
- fe5bde1 Replace dependency css-parse with css (#2554)
- 7334567 Add deg and fr as exceptions for 0 value unit omission (#2578)
- 57480a4 chore: update history.md and readme.md (#2628)
- f5a02e8 chore: add macos platform test (#2624)
- 1f7f419 fix yaml front matter (#2617)
- 6a96c0f [skip ci]chore: update reademe.md content (#2602)
- 99b05a9 chore: add issue and pull request template (#2606)
- ae9d267 chore: add github actions ci and improve test (#2601)
- 11a0735 Bump lodash from 4.17.19 to 4.17.21 (#2589)
- 7a8e777 Bump glob-parent from 5.1.1 to 5.1.2 (#2592)
- 23d3295 Merge pull request #2571 from dthadi3/ppc64le
- f546669 Travis-ci: Updated nodejs versions 10, 12, 14
- 5b90e45 Travis-ci: added support for ppc64le
- 59bc665 Merge pull request #2549 from mockee/dev
- 96c02de Bug fixes of encoding png image in `url` lib function.
- 8f42760 Merge pull request #2186 from royels/1567
- 775537b Create SECURITY.md
See the full diffPackage name: ts-loader
The new version differs by 126 commits.- 268bc69 chore(deps): upgrade most production deps (#1237)
- e160564 Add a cache to file path mapping (#1228)
- 14fa3f8 Add documentation about performance profiling (#1230)
- 3cc78b8 Fix typo in README.md (#1229)
- 8f2a509 Add documentation for the useCaseSensitiveFileNames option (#1227)
- 566e6ce Instead of checking date, check time thats more accurate to see if something has changed (#1217)
- 172ebeb Feature/typescript 4 1 (#1213)
- 0816fe9 Add peer dependencies for Yarn PnP (#1209)
- 4909d99 Fixed missing errors in watch mode in webpack5 (#1208)
- 3f73e98 Fix failed builds when using thread-loader (#1207)
- e90f8ad Fix memory leak when using multiple webpack instances (#1205)
- 95050eb Speeds up project reference build and doesnt store the result in memory (#1202)
- f99c7c4 doc: escape pipe in table (#1201)
- 0b4a86d Replace afterCompile to stop webpack 5 warning (#1200)
- 6d8d601 Fixed deprecation warnings on webpack@5. (#1195)
- cafc933 Fix installation link on README.md (#1192)
- f5e901e Bump http-proxy in /examples/react-babel-karma-gulp (#1182)
- 0767bce add github action status badge (#1190)
- db5ea55 Feature/upgrade testpack to ts4 (#1189)
- 95b6fe8 Uses existing instance if config file is same as already built solution (#1177)
- b38678a Update minimum compiler version to 3.6.3 (#1188)
- f8eba53 Add documentation and example code for projectReferences (#1184)
- 46d9761 Update docs to show transpileOnly does not affect project references (#1175)
- 0e64ceb Fix getOptionsHash when two options has different props but same values. (#1170)
See the full diff