Bump gh-pages from 3.1.0 to 5.0.0 in /docs

[dependabot[bot]]

Bumps gh-pages from 3.1.0 to 5.0.0.

Release notes

Sourced from gh-pages's releases.

v5.0.0

Potentially breaking change: the publish method now always returns a promise. Previously, it did not return a promise in some error cases. This should not impact most users.

Updates to the development dependencies required a minimum Node version of 14 for the tests. The library should still work on Node 12, but tests are no longer run in CI for version 12. A future major version of the library may drop support for version 12 altogether.

What's Changed

• Assorted updates by @​tschaub in tschaub/gh-pages#452
• Update README to clarify project site configuration requirements with tools like CRA, webpack, Vite, etc. by @​Nezteb in tschaub/gh-pages#445
• Bump actions/checkout from 2 to 3 by @​dependabot in tschaub/gh-pages#453
• Bump actions/setup-node from 1 to 3 by @​dependabot in tschaub/gh-pages#455
• Bump email-addresses from 3.0.1 to 5.0.0 by @​dependabot in tschaub/gh-pages#454
• Bump async from 2.6.4 to 3.2.4 by @​dependabot in tschaub/gh-pages#459
• Remove quotation marks by @​Vicropht in tschaub/gh-pages#438

New Contributors

• @​Nezteb made their first contribution in tschaub/gh-pages#445
• @​Vicropht made their first contribution in tschaub/gh-pages#438

Full Changelog: https://github.com/tschaub/gh-pages/compare/v4.0.0...v5.0.0

v4.0.0

This release doesn't include any breaking changes, but due to updated development dependencies, tests are no longer run on Node 10.

What's Changed

• Bump minimist from 1.2.5 to 1.2.6 by @​dependabot in tschaub/gh-pages#423
• Bump async from 2.6.1 to 2.6.4 by @​dependabot in tschaub/gh-pages#427
• Bump path-parse from 1.0.6 to 1.0.7 by @​dependabot in tschaub/gh-pages#431
• Bump ansi-regex from 3.0.0 to 3.0.1 by @​dependabot in tschaub/gh-pages#430
• Updated dev dependencies and formatting by @​tschaub in tschaub/gh-pages#432

Full Changelog: https://github.com/tschaub/gh-pages/compare/v3.2.3...v4.0.0

v3.2.3

• #398 - Update glob-parent (@​tschaub)
• #395 - Switch from filenamify-url to filenamify (@​tw0517tw)

Changelog

Sourced from gh-pages's changelog.

v5.0.0

Potentially breaking change: the publish method now always returns a promise. Previously, it did not return a promise in some error cases. This should not impact most users.

Updates to the development dependencies required a minimum Node version of 14 for the tests. The library should still work on Node 12, but tests are no longer run in CI for version 12. A future major version of the library may drop support for version 12 altogether.

• #438 - Remove quotation marks (@​Vicropht)
• #459 - Bump async from 2.6.4 to 3.2.4 (@​tschaub)
• #454 - Bump email-addresses from 3.0.1 to 5.0.0 (@​tschaub)
• #455 - Bump actions/setup-node from 1 to 3 (@​tschaub)
• #453 - Bump actions/checkout from 2 to 3 (@​tschaub)
• #445 - Update README to clarify project site configuration requirements with tools like CRA, webpack, Vite, etc. (@​Nezteb)
• #452 - Assorted updates (@​tschaub)

v4.0.0

This release doesn't include any breaking changes, but due to updated development dependencies, tests are no longer run on Node 10.

• #432 - Updated dev dependencies and formatting (@​tschaub)
• #430 - Bump ansi-regex from 3.0.0 to 3.0.1 (@​tschaub)
• #431 - Bump path-parse from 1.0.6 to 1.0.7 (@​tschaub)
• #427 - Bump async from 2.6.1 to 2.6.4 (@​tschaub)
• #423 - Bump minimist from 1.2.5 to 1.2.6 (@​tschaub)

v3.2.3

• #398 - Update glob-parent (@​tschaub)
• #395 - Switch from filenamify-url to filenamify (@​tw0517tw)

v3.2.2

• #396 - Revert "security(deps): bump filenamify-url to 2.1.1" (@​tschaub)

v3.2.1

• #393 - security(deps): bump filenamify-url to 2.1.1 (@​AviVahl)

v3.2.0

This release updates a few development dependencies and adds a bit of documentation.

• #391 - Update dev dependencies (@​tschaub)
• #375 - Add note about domain problem (@​demee)
• #390 - Fix little typo in the README (@​cizordj)
• #388 - Bump hosted-git-info from 2.8.8 to 2.8.9 (@​tschaub)
• #387 - Bump y18n from 4.0.0 to 4.0.3 (@​tschaub)
• #378 - Add GitHub Actions tips to readme.md (@​mickelsonmichael)
• #386 - Bump lodash from 4.17.14 to 4.17.21 (@​tschaub)

Commits

• f729b97 5.0.0
• 51534c7 Log changes
• ace063b Merge pull request #438 from Vicropht/patch-1
• 58e54be Merge pull request #459 from tschaub/dependabot/npm_and_yarn/async-3.2.4
• 2189df3 Bump async from 2.6.4 to 3.2.4
• 051846e Merge pull request #454 from tschaub/dependabot/npm_and_yarn/email-addresses-...
• 5c91c67 Merge pull request #455 from tschaub/dependabot/github_actions/actions/setup-...
• fe0ad83 Merge pull request #453 from tschaub/dependabot/github_actions/actions/checko...
• b89287d Merge pull request #445 from Nezteb/patch-1
• e890bd1 Bump email-addresses from 3.0.1 to 5.0.0
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) You can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/ValentinH/react-easy-crop/network/alerts).

[codesandbox-ci[bot]]

This pull request is automatically built and testable in CodeSandbox.

To see build info of the built libraries, click here or the icon next to each commit SHA.

[socket-security[bot]]

New and removed dependencies detected. Learn more about Socket for GitHub ↗︎

Package	New capabilities	Transitives	Size	Publisher
npm/@auto-it/all-contributors@11.1.2	environment, filesystem Transitive: eval, network, shell, unsafe	+71	12.3 MB	alisowski
npm/@auto-it/first-time-contributor@11.1.2	Transitive: environment, eval, filesystem, network, shell, unsafe	+57	11.7 MB	alisowski
npm/@auto-it/released@11.1.2	Transitive: environment, eval, filesystem, network, shell, unsafe	+57	11.8 MB	alisowski
npm/@babel/code-frame@7.18.6	None	+2	21.3 kB	nicolo-ribaudo
npm/@babel/compat-data@7.20.14	None	0	57.9 kB	nicolo-ribaudo
npm/@babel/core@7.20.12	environment, filesystem, unsafe	+4	1.56 MB	nicolo-ribaudo
npm/@babel/generator@7.20.14	None	+2	580 kB	nicolo-ribaudo
npm/@babel/helper-compilation-targets@7.20.7	None	+3	139 kB	nicolo-ribaudo
npm/@babel/helper-create-class-features-plugin@7.20.12	None	+6	254 kB	nicolo-ribaudo
npm/@babel/helper-create-regexp-features-plugin@7.20.5	None	+7	580 kB	nicolo-ribaudo
npm/@babel/helper-function-name@7.19.0	None	0	21.4 kB	nicolo-ribaudo
npm/@babel/helper-module-imports@7.18.6	None	0	16.1 kB	nicolo-ribaudo
npm/@babel/helper-module-transforms@7.20.11	None	+3	167 kB	nicolo-ribaudo
npm/@babel/helper-plugin-utils@7.20.2	None	0	11.9 kB	nicolo-ribaudo
npm/@babel/helper-replace-supers@7.20.7	None	+3	92.2 kB	nicolo-ribaudo
npm/@babel/helper-validator-identifier@7.19.1	None	0	51.7 kB	nicolo-ribaudo
npm/@babel/parser@7.20.15	None	0	1.95 MB	nicolo-ribaudo
npm/@babel/plugin-proposal-class-properties@7.18.6	None	0	3.34 kB	nicolo-ribaudo
npm/@babel/plugin-proposal-nullish-coalescing-operator@7.18.6	None	+1	7.05 kB	nicolo-ribaudo
npm/@babel/plugin-proposal-numeric-separator@7.18.6	None	0	3.37 kB	nicolo-ribaudo
npm/@babel/plugin-proposal-object-rest-spread@7.20.7	None	+1	73 kB	nicolo-ribaudo
npm/@babel/plugin-proposal-optional-chaining@7.20.7	None	+2	41.7 kB	nicolo-ribaudo
npm/@babel/plugin-proposal-private-methods@7.18.6	None	0	3.17 kB	nicolo-ribaudo
npm/@babel/plugin-proposal-unicode-property-regex@7.18.6	None	0	3.48 kB	nicolo-ribaudo
npm/@babel/plugin-syntax-class-properties@7.12.13	None	0	2.68 kB	nicolo-ribaudo
npm/@babel/plugin-syntax-jsx@7.18.6	None	0	2.74 kB	nicolo-ribaudo
npm/@babel/plugin-syntax-top-level-await@7.14.5	None	0	2.74 kB	nicolo-ribaudo
npm/@babel/plugin-syntax-typescript@7.20.0	None	0	6.26 kB	nicolo-ribaudo
npm/@babel/plugin-transform-dotall-regex@7.18.6	None	0	3.13 kB	nicolo-ribaudo
npm/@babel/plugin-transform-parameters@7.20.7	None	0	64.1 kB	nicolo-ribaudo
npm/@babel/plugin-transform-react-display-name@7.18.6	None	0	5.26 kB	nicolo-ribaudo
npm/@babel/plugin-transform-react-jsx@7.20.13	None	+1	81.8 kB	nicolo-ribaudo
npm/@babel/preset-env@7.20.2	environment Transitive: unsafe	+71	2.14 MB	nicolo-ribaudo
npm/@babel/preset-typescript@7.18.6	None	+2	132 kB	nicolo-ribaudo
npm/@babel/runtime@7.20.13	None	+1	265 kB	nicolo-ribaudo
npm/@babel/template@7.20.7	None	0	68.8 kB	nicolo-ribaudo
npm/@babel/traverse@7.20.13	None	+3	590 kB	nicolo-ribaudo
npm/@babel/types@7.20.7	environment	+2	2.49 MB	nicolo-ribaudo
npm/@jridgewell/resolve-uri@3.1.0	None	0	55.2 kB	jridgewell
npm/@jridgewell/set-array@1.1.2	None	0	15.5 kB	jridgewell
npm/@jridgewell/sourcemap-codec@1.4.14	None	0	40 kB	jridgewell
npm/@jridgewell/trace-mapping@0.3.17	None	0	164 kB	jridgewell
npm/@nodelib/fs.stat@2.0.5	filesystem	0	11.8 kB	mrmlnc
npm/@nodelib/fs.walk@1.2.8	Transitive: filesystem	+4	103 kB	mrmlnc
npm/@octokit/request-error@2.1.0	None	0	21.9 kB	octokitbot
npm/@octokit/request@5.6.3	network	+3	188 kB	octokitbot
npm/@octokit/types@6.41.0	None	+1	2.31 MB	octokitbot
npm/@percy/cli@1.18.0	environment, filesystem, unsafe Transitive: eval, network, shell	+29	6.62 MB	percy-admin
npm/@percy/cypress@3.1.2	eval Transitive: environment, network	+1	44.1 kB	percy-admin
npm/@rollup/pluginutils@3.1.0	Transitive: environment, filesystem, unsafe	+2	6.77 MB	shellscape
npm/@types/babel__traverse@7.18.3	None	0	65.2 kB	types
npm/@types/estree@0.0.39	None	0	17.8 kB	types
npm/@types/istanbul-lib-coverage@2.0.4	None	0	5.76 kB	types
npm/@types/jest@29.4.0	None	0	77.1 kB	types
npm/@types/lodash.debounce@4.0.7	None	+1	1.72 MB	types
npm/@types/react-dom@18.0.10	None	0	28.9 kB	types
npm/@types/react@18.0.28	None	+3	1.38 MB	types
npm/@types/tapable@1.0.8	None	0	17.9 kB	types
npm/@typescript-eslint/eslint-plugin@5.51.0	Transitive: environment, filesystem	+15	4.8 MB	jameshenry
npm/@typescript-eslint/parser@5.51.0	Transitive: environment, filesystem	+11	1.87 MB	jameshenry
npm/@typescript-eslint/utils@5.51.0	Transitive: environment, filesystem	+15	2.79 MB	jameshenry
npm/acorn-jsx@5.3.2	None	+1	1.22 MB	rreverser
npm/all-contributors-cli@6.24.0	environment, filesystem, network, shell	+14	529 kB	all-contributors-release-bot
npm/ansi-escapes@4.3.2	None	0	16.4 kB	sindresorhus
npm/anymatch@3.1.3	None	+1	18.9 kB	phated
npm/array-back@3.1.0	None	0	8.95 kB	75lb
npm/array-includes@3.1.6	None	0	25 kB	ljharb
npm/array.prototype.flatmap@1.3.1	None	+1	28.6 kB	ljharb
npm/async@3.2.4	None	0	821 kB	hargasinski
npm/auto@11.1.2	Transitive: environment, eval, filesystem, network, shell, unsafe	+86	12.4 MB	alisowski
npm/bili@5.0.5	environment, eval, filesystem, shell, unsafe	+49	17 MB	egoist
npm/browserslist@4.21.5	environment, filesystem Transitive: shell	+4	325 kB	ai
npm/caniuse-lite@1.0.30001451	None	0	1.92 MB	caniuse-lite
npm/chalk@4.1.2	None	+1	52 kB	sindresorhus
npm/check-more-types@2.24.0	None	0	63.8 kB	bahmutov
npm/convert-source-map@1.9.0	filesystem	0	11.4 kB	thlorenz
npm/cosmiconfig@7.0.0	filesystem	+2	107 kB	davidtheclark
npm/cypress@5.6.0	environment, filesystem, shell Transitive: network	+68	12.4 MB	chrisbreiding
npm/debug@4.3.4	environment	+1	49.2 kB	qix
npm/deepmerge@4.3.0	None	0	30.4 kB	tehshrike
npm/define-properties@1.2.0	None	+2	48.3 kB	ljharb
npm/deprecation@2.3.1	None	0	4.01 kB	gr2m
npm/enquirer@2.3.6	environment	+1	224 kB	jonschlinkert
npm/es-abstract@1.21.1	None	+27	2.06 MB	ljharb
npm/eslint-config-prettier@8.6.0	None	0	18.2 kB	lydell
npm/eslint-config-react-app@7.0.1	Transitive: environment, filesystem, unsafe	+26	2.17 MB	iansu
npm/eslint-plugin-cypress@2.12.1	None	0	41.6 kB	cypress-npm-publisher
npm/eslint-plugin-flowtype@8.0.3	None	+2	349 kB	gajus
npm/eslint-plugin-import@2.27.5	filesystem, unsafe Transitive: environment	+9	1.6 MB	ljharb
npm/eslint-plugin-jsx-a11y@6.7.1	None	+29	3.9 MB	ljharb
npm/eslint-plugin-react-hooks@4.6.0	environment	0	118 kB	gnoff
npm/eslint-plugin-react@7.32.2	filesystem Transitive: environment	+14	1.38 MB	ljharb
npm/eslint@8.34.0	filesystem Transitive: environment, eval, unsafe	+42	9.57 MB	eslintbot
npm/estraverse@5.3.0	None	0	37.1 kB	michaelficarra
npm/execa@4.1.0	environment, shell Transitive: filesystem	+5	119 kB	sindresorhus
npm/expect@29.4.2	Transitive: unsafe	+17	4.44 MB	simenb
npm/fast-glob@3.2.12	filesystem	+1	104 kB	mrmlnc
npm/fromentries@1.3.2	None	0	4.95 kB	feross
npm/fsevents@2.3.2	None	0	156 kB	pipobscure
npm/get-caller-file@2.0.5	None	0	4.72 kB	stefanpenner
npm/get-intrinsic@1.2.0	eval	+1	63.8 kB	ljharb
npm/glob@7.2.3	filesystem Transitive: environment	+4	78.8 kB	isaacs
npm/globals@11.12.0	None	0	39.8 kB	sindresorhus
npm/graceful-fs@4.2.10	environment, filesystem	0	32.5 kB	isaacs
npm/has-symbols@1.0.3	None	0	20.6 kB	ljharb
npm/has@1.0.3	None	+1	27.9 kB	ljharb
npm/html-webpack-plugin@4.5.2	filesystem, unsafe Transitive: environment, network, shell	+20	11.2 MB	jantimon
npm/husky@4.3.8	environment, filesystem, shell	+13	137 kB	typicode
npm/import-fresh@3.3.0	Transitive: filesystem, unsafe	+2	13.4 kB	sindresorhus
npm/inherits@2.0.4	None	0	3.96 kB	isaacs
npm/ini@1.3.7	None	0	9.39 kB	isaacs
npm/inquirer@7.3.3	Transitive: environment, filesystem, shell	+11	595 kB	sboudrias
npm/internal-slot@1.0.5	None	+1	34 kB	ljharb
npm/is-callable@1.2.7	None	0	28.9 kB	ljharb
npm/is-core-module@2.11.0	None	0	28.1 kB	ljharb
npm/is-date-object@1.0.5	None	+1	31.7 kB	ljharb
npm/is-glob@4.0.3	None	+1	19.8 kB	phated
npm/is-installed-globally@0.3.2	filesystem Transitive: environment	+1	12 kB	sindresorhus
npm/is-map@2.0.2	None	0	12.7 kB	ljharb
npm/is-path-inside@3.0.3	None	0	4.12 kB	sindresorhus
npm/is-set@2.0.2	None	0	12.3 kB	ljharb
npm/is-string@1.0.7	None	+1	30 kB	ljharb
npm/is-symbol@1.0.4	None	0	22 kB	ljharb
npm/is-typed-array@1.1.10	None	+4	64.2 kB	ljharb
npm/is-typedarray@1.0.0	None	0	4.41 kB	hughsk
npm/istanbul-lib-coverage@3.2.0	None	0	29.3 kB	oss-bot
npm/istanbul-lib-instrument@5.2.1	None	+1	87.4 kB	oss-bot
npm/jest-util@29.4.2	environment	+8	4.11 MB	simenb
npm/jest@29.4.2	Transitive: environment, eval, filesystem, network, shell, unsafe	+118	8.16 MB	simenb
npm/js-tokens@4.0.0	None	0	15.1 kB	lydell
npm/json-fixer@1.6.15	eval	0	91.9 kB	berkmann18
npm/json5@2.2.3	None	0	235 kB	jordanbtucker
npm/jsx-ast-utils@3.3.3	None	0	230 kB	ljharb
npm/lazy-ass@1.6.0	None	0	19.4 kB	bahmutov
npm/lint-staged@10.5.4	environment, filesystem Transitive: shell	+5	214 kB	okonet
npm/loader-utils@1.4.2	None	0	25.9 kB	evilebottnawi
npm/lodash.debounce@4.0.8	None	0	14 kB	jdalton
npm/lodash@4.17.21	None	0	1.41 MB	bnjmnt4n
npm/magic-string@0.25.9	None	0	373 kB	antfu
npm/make-error@1.3.6	None	0	12.4 kB	julien-f
npm/merge2@1.4.1	None	0	8.9 kB	zensh
npm/micromatch@4.0.5	None	0	55.9 kB	jonschlinkert
npm/mime-types@2.1.35	None	0	18.3 kB	dougwilson
npm/minimatch@3.1.2	None	0	34.9 kB	isaacs
npm/minimist@1.2.8	None	0	54.5 kB	ljharb
npm/mkdirp@0.5.6	filesystem	0	7.69 kB	isaacs
npm/node-fetch@2.6.9	network	+1	212 kB	node-fetch-bot
npm/normalize-wheel@1.0.1	None	0	19.7 kB	basilfx
npm/np@6.5.0	Transitive: filesystem	+8	128 kB	sindresorhus
npm/npm-run-path@4.0.1	environment	0	8.13 kB	sindresorhus
npm/object-assign@4.1.1	None	0	5.49 kB	sindresorhus
npm/object-inspect@1.12.3	None	0	94.8 kB	ljharb
npm/object.assign@4.1.4	None	+1	1.19 MB	ljharb
npm/object.values@1.1.6	None	0	30.5 kB	ljharb
npm/once@1.4.0	None	+1	7.01 kB	isaacs
npm/onetime@5.1.2	None	0	6.17 kB	sindresorhus
npm/p-limit@3.1.0	None	0	7.75 kB	sindresorhus
npm/parse-json@5.2.0	None	0	5.41 kB	sindresorhus
npm/path-parse@1.0.7	None	0	4.51 kB	jbgutierrez
npm/picomatch@2.3.1	None	0	90 kB	mrmlnc
npm/prettier@2.8.4	environment, filesystem, unsafe	0	11.7 MB	prettier-bot
npm/pretty-format@29.4.2	None	+3	435 kB	simenb
npm/query-string@6.14.1	None	0	37.3 kB	sindresorhus
npm/react-dom@18.2.0	environment	0	4.5 MB	gnoff
npm/react@18.2.0	environment	0	316 kB	gnoff
npm/regenerate@1.4.2	None	0	49.2 kB	mathias
npm/registry-url@5.1.0	None	0	4.33 kB	sindresorhus
npm/resolve@1.22.1	environment, filesystem	+1	155 kB	ljharb
npm/rimraf@3.0.2	filesystem	0	17.3 kB	isaacs
npm/rollup-plugin-typescript2@0.27.3	environment, eval, filesystem Transitive: unsafe	+5	11.8 MB	ezolenko
npm/run-async@2.4.1	None	0	6.6 kB	sboudrias
npm/rxjs@6.6.7	None	+1	5.16 MB	blesh
npm/safer-buffer@2.1.2	None	0	42.3 kB	chalker
npm/semver@7.5.4	None	+1	109 kB	npm-cli-ops
npm/signal-exit@3.0.7	None	0	9.96 kB	isaacs
npm/source-map-support@0.5.21	filesystem	+1	90.2 kB	linusu
npm/start-server-and-test@1.15.3	environment	+6	112 kB	bahmutov
npm/string-width@4.2.3	None	+2	109 kB	sindresorhus
npm/strip-ansi@3.0.1	None	+1	7.3 kB	jbnicolai
npm/strip-json-comments@3.1.1	None	0	6.96 kB	sindresorhus
npm/supports-color@5.5.0	environment	0	6.63 kB	sindresorhus
npm/terminal-link@2.1.1	None	0	6.52 kB	sindresorhus
npm/terser@4.8.1	eval Transitive: filesystem, shell	+1	1.92 MB	fabiosantoscode
npm/through@2.3.8	None	0	12.5 kB	dominictarr
npm/ts-jest@29.0.5	environment, filesystem, unsafe Transitive: eval, network, shell	+49	5.44 MB	kul
npm/ts-node@10.9.1	environment, filesystem, unsafe	+6	5.16 MB	cspotcode
npm/type-fest@0.21.3	None	0	119 kB	sindresorhus
npm/typescript@4.9.5	None	0	66.8 MB	typescript-bot
npm/util.promisify@1.0.0	None	0	13.3 kB	ljharb
npm/vite@4.5.3	environment, eval, filesystem, network, shell, unsafe	+2	13.6 MB	vitebot
npm/yargs-parser@21.1.1	environment, filesystem	0	128 kB	oss-bot
npm/yarn-or-npm@3.0.1	filesystem	+5	40.3 kB	camacho

🚮 Removed packages: npm/@babel/code-frame@7.10.4, npm/@babel/compat-data@7.11.0, npm/@babel/generator@7.11.6, npm/@babel/helper-builder-react-jsx-experimental@7.11.5, npm/@babel/helper-create-class-features-plugin@7.10.5, npm/@babel/helper-member-expression-to-functions@7.11.0, npm/@babel/helper-module-imports@7.10.4, npm/@babel/helper-module-transforms@7.11.0, npm/@babel/helper-plugin-utils@7.10.4, npm/@babel/helper-split-export-declaration@7.11.0, npm/@babel/parser@7.11.5, npm/@babel/plugin-proposal-unicode-property-regex@7.10.4, npm/@babel/plugin-syntax-jsx@7.10.4, npm/@babel/plugin-transform-dotall-regex@7.10.4, npm/@babel/runtime@7.11.2, npm/@babel/traverse@7.11.5, npm/@babel/types@7.11.5, npm/@emotion/hash@0.8.0, npm/@emotion/is-prop-valid@0.8.8, npm/@emotion/serialize@0.11.16, npm/@graphql-tools/utils@6.2.3, npm/@hapi/hoek@8.5.1, npm/@hapi/joi@15.1.1, npm/@material-ui/core@4.11.0, npm/@material-ui/icons@4.9.1, npm/@material-ui/styles@4.10.0, npm/@material-ui/utils@4.10.2, npm/@mdx-js/mdx@2.0.0-next.8, npm/@mdx-js/react@2.0.0-next.8, npm/@nodelib/fs.stat@2.0.3, npm/@nodelib/fs.walk@1.2.4, npm/@reach/popover@0.10.3, npm/@reach/portal@0.10.5, npm/@reach/rect@0.10.5, npm/@reach/utils@0.10.5, npm/@types/glob@5.0.36, npm/@types/istanbul-lib-coverage@2.0.3, npm/@types/json-schema@7.0.6, npm/@types/keyv@3.1.1, npm/@types/lodash@4.14.161, npm/@types/node@14.11.2, npm/@types/react-dom@16.9.8, npm/@types/react-helmet@6.1.0, npm/@types/react@16.9.49, npm/@types/unist@2.0.3, npm/accepts@1.3.8, npm/acorn-jsx@5.3.1, npm/acorn@7.4.0, npm/address@1.1.2, npm/ajv-keywords@3.5.2, npm/ajv@6.12.5, npm/ansi-html@0.0.7, npm/aproba@1.2.0, npm/arch@2.1.2, npm/autoprefixer@9.8.6, npm/axios@0.19.2, npm/babel-code-frame@6.26.0, npm/babel-plugin-macros@2.8.0, npm/backo2@1.0.2, npm/better-opn@1.0.0, npm/bin-wrapper@4.1.0, npm/bl@4.0.3, npm/boolbase@1.0.0, npm/brace-expansion@1.1.11, npm/braces@2.3.2, npm/brorand@1.1.0, npm/browserify-aes@1.2.0, npm/browserify-rsa@4.0.1, npm/browserslist@4.16.6, npm/buffer-alloc@1.2.0, npm/buffer@5.6.0, npm/bytes@3.1.2, npm/caniuse-lite@1.0.30001228, npm/caw@2.0.1, npm/chokidar@3.4.2, npm/cipher-base@1.0.4, npm/clone-response@1.0.2, npm/collapse-white-space@1.0.6, npm/color@3.1.2, npm/colorette@1.2.2, npm/commander@2.20.3, npm/console-control-strings@1.1.0, npm/content-type@1.0.4, npm/convert-source-map@1.7.0, npm/core-js-compat@3.6.5, npm/core-util-is@1.0.2, npm/create-hash@1.2.0, npm/create-hmac@1.1.7, npm/cross-spawn@6.0.5, npm/css-color-names@0.0.4, npm/css-select@1.2.0, npm/css-tree@1.0.0-alpha.37, npm/cssnano@4.1.10, npm/csstype@2.6.13, npm/date-fns@2.16.1, npm/debug@3.2.6, npm/decamelize@1.2.0, npm/decompress-tar@4.1.1, npm/decompress@4.2.1, npm/deep-equal@1.1.1, npm/detab@2.0.3, npm/dom-serializer@0.1.1, npm/domelementtype@1.3.1, npm/domutils@1.5.1, npm/duplexify@3.7.1, npm/end-of-stream@1.4.4, npm/entities@1.1.2, npm/envinfo@7.7.3, npm/errno@0.1.7, npm/error-ex@1.3.2, npm/error-stack-parser@2.0.6, npm/es-abstract@1.17.6, npm/eslint-visitor-keys@1.3.0, npm/evp_bytestokey@1.0.3, npm/execa@4.0.3, npm/expand-tilde@2.0.2, npm/extsprintf@1.3.0, npm/fast-glob@3.2.4, npm/fast-levenshtein@2.0.6, npm/faye-websocket@0.11.3, npm/find-up@2.1.0, npm/follow-redirects@1.5.10, npm/from2@2.3.0, npm/fs-exists-cached@1.0.0, npm/gatsby-image@2.4.19, npm/gatsby-plugin-google-fonts@1.0.1, npm/gatsby-plugin-manifest@2.4.31, npm/gatsby-plugin-material-ui@2.1.10, npm/gatsby-plugin-offline@3.2.28, npm/gatsby@2.24.65

View full report↗︎

[socket-security[bot]]

🚨 Potential security issues detected. Learn more about Socket for GitHub ↗︎

To accept the risk, merge this PR and you will not be notified again.

Alert	Package	Note	Source
Install scripts	npm/cypress@5.6.0	Install script: postinstall Source: node index.js --exec install	package.json
Install scripts	npm/husky@4.3.8	Install script: install Source: node husky install	package.json
Install scripts	npm/husky@4.3.8	Install script: postinstall Source: opencollective-postinstall || exit 0	package.json
Install scripts	npm/@percy/core@1.18.0	Install script: postinstall Source: node ./post-install	package.json

View full report↗︎

Next steps

What is an install script?

Install scripts are run when the package is installed. The majority of malware in npm is hidden in install scripts.

Packages should not be running non-essential scripts during install and there are often solutions to problems people solve with install scripts that can be run at publish time instead.

Take a deeper look at the dependency

Take a moment to review the security alert above. Review the linked package source code to understand the potential risk. Ensure the package is not malicious before proceeding. If you're unsure how to proceed, reach out to your security team or ask the Socket team for help at support [AT] socket [DOT] dev.

Remove the package

If you happen to install a dependency that Socket reports as Known Malware you should immediately remove it and select a different dependency. For other alert types, you may may wish to investigate alternative packages or consider if there are other ways to mitigate the specific risk posed by the dependency.

Mark a package as acceptable risk

To ignore an alert, reply with a comment starting with @SocketSecurity ignore followed by a space separated list of ecosystem/package-name@version specifiers. e.g. @SocketSecurity ignore npm/foo@1.0.0 or ignore all packages with @SocketSecurity ignore-all

• @SocketSecurity ignore npm/cypress@5.6.0
• @SocketSecurity ignore npm/husky@4.3.8
• @SocketSecurity ignore npm/@percy/core@1.18.0