axetroy / blog

:open_book:基于Github API 的动态博客
https://axetroy.xyz
216 stars 36 forks source link

[Snyk] Security upgrade next from 10.0.5 to 11.1.1 #629

Closed snyk-bot closed 2 years ago

snyk-bot commented 3 years ago

Snyk has created this PR to fix one or more vulnerable packages in the `npm` dependencies of this project.

merge advice

Changes included in this PR

Vulnerabilities that will be fixed

With an upgrade:
Severity Priority Score (*) Issue Breaking Change Exploit Maturity
medium severity 556/1000
Why? Recently disclosed, Has a fix available, CVSS 5.4
Cross-site Scripting (XSS)
SNYK-JS-NEXT-1577139
Yes No Known Exploit

(*) Note that the real score may have changed since the PR was raised.

Commit messages
Package name: next The new version differs by 250 commits.
  • 804971f v11.1.1
  • 194d70f v11.1.1-canary.19
  • 36d922f Add apiVersion to config (#28610)
  • a60690f v11.1.1-canary.18
  • 7afc97c Add CSP to Image Optimization API (#28620)
  • 8711c5c Tests: Remove unnecessary await (#28594)
  • d209435 Small grammar fixes (#28590)
  • 04cc37f Add docs for using pageExtensions to colocate other files with page components (#22740)
  • f1dbc92 Ensure dev server side errors are correct (#28520)
  • 27c2937 Update with-jest packages and docs (#28209)
  • 2cc2cb4 Support for functional Document components (#28515)
  • d8093ec Update warning when parent styles break `next/image` (#28517)
  • ed6ce1a v11.1.1-canary.17
  • 9442925 handle edge case for no-import-document rule (#28261)
  • 220fa9c Update to use the latest MongoDB best practices to limit connection pooling issues. (#28350)
  • 877f982 Use recommended pattern in testing example (#28404)
  • d835402 v11.1.1-canary.16
  • ead10f1 Fix handling for 204 status code with a body (#28479)
  • f216855 Update i18n locales limit to warning (#28429)
  • 74c349d Add prop-types in package.json (#28481)
  • c65248d Remove unused imports
  • a509d90 v11.1.1-canary.15
  • 9316dc0 Add default trace format that is exported automatically (#28461)
  • 706547e Ensure error is shown correctly for empty headers field (#28430)
See the full diff

Check the changes in this PR to ensure they won't cause issues with your project.


Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information: 🧐 View latest project report

🛠 Adjust project settings

📚 Read more about Snyk's upgrade and patch logic

vercel[bot] commented 3 years ago

This pull request is being automatically deployed with Vercel (learn more).
To see the status of your deployment, click below or on the icon next to each commit.

🔍 Inspect: https://vercel.com/axetroy/blog/2kEyrvx2R7pMJyyDR9n58nWA2XCw
✅ Preview: https://blog-git-snyk-fix-f3c6ded72638456b757c80e1d4365a85-axetroy2.vercel.app

[Deployment for c33a1fc failed]