Bump ws, gatsby, gatsby-plugin-google-analytics, gatsby-plugin-manifest, gatsby-plugin-material-ui, gatsby-plugin-offline, gatsby-plugin-react-helmet, gatsby-plugin-react-intl, gatsby-plugin-sharp, gatsby-plugin-sitemap, gatsby-plugin-typography, gatsby-source-filesystem and gatsby-transformer-sharp

[dependabot[bot]]

Bumps ws to 8.17.1 and updates ancestor dependencies ws, gatsby, gatsby-plugin-google-analytics, gatsby-plugin-manifest, gatsby-plugin-material-ui, gatsby-plugin-offline, gatsby-plugin-react-helmet, gatsby-plugin-react-intl, gatsby-plugin-sharp, gatsby-plugin-sitemap, gatsby-plugin-typography, gatsby-source-filesystem and gatsby-transformer-sharp. These dependencies need to be updated together.

Updates ws from 7.4.5 to 8.17.1

Release notes

Sourced from ws's releases.

8.17.1

Bug fixes

• Fixed a DoS vulnerability (#2231).

A request with a number of headers exceeding the[server.maxHeadersCount][] threshold could be used to crash a ws server.

const http = require('http');
const WebSocket = require('ws');
const wss = new WebSocket.Server({ port: 0 }, function () {
const chars = "!#$%&'*+-.0123456789abcdefghijklmnopqrstuvwxyz^_`|~".split('');
const headers = {};
let count = 0;
for (let i = 0; i < chars.length; i++) {
if (count === 2000) break;
for (let j = 0; j &lt; chars.length; j++) {
  const key = chars[i] + chars[j];
  headers[key] = 'x';

  if (++count === 2000) break;
}

}
headers.Connection = 'Upgrade';
headers.Upgrade = 'websocket';
headers['Sec-WebSocket-Key'] = 'dGhlIHNhbXBsZSBub25jZQ==';
headers['Sec-WebSocket-Version'] = '13';
const request = http.request({
headers: headers,
host: '127.0.0.1',
port: wss.address().port
});
request.end();
});

The vulnerability was reported by Ryan LaPointe in websockets/ws#2230.

In vulnerable versions of ws, the issue can be mitigated in the following ways:

1. Reduce the maximum allowed length of the request headers using the [--max-http-header-size=size][] and/or the [maxHeaderSize][] options so that no more headers than the server.maxHeadersCount limit can be sent.

... (truncated)

Commits

• 3c56601 [dist] 8.17.1
• e55e510 [security] Fix crash when the Upgrade header cannot be read (#2231)
• 6a00029 [test] Increase code coverage
• ddfe4a8 [perf] Reduce the amount of crypto.randomFillSync() calls
• b73b118 [dist] 8.17.0
• 29694a5 [test] Use the highWaterMark variable
• 934c9d6 [ci] Test on node 22
• 1817bac [ci] Do not test on node 21
• 96c9b3d [major] Flip the default value of allowSynchronousEvents (#2221)
• e5f32c7 [fix] Emit at most one event per event loop iteration (#2218)
• Additional commits viewable in compare view

Updates gatsby from 3.15.0 to 5.13.7

Release notes

Sourced from gatsby's releases.

v5.13.0

Welcome to gatsby@5.13.0 release (December 2023 #1)

Key highlight of this release:

• Custom Image and File CDN URL generators

Bleeding Edge: Want to try new features as soon as possible? Install gatsby@next and let us know if you have any issues.

Previous release notes

v5.12.0

Welcome to gatsby@5.12.0 release (August 2023 #1)

Key highlight of this release:

• Adapters

Bleeding Edge: Want to try new features as soon as possible? Install gatsby@next and let us know if you have any issues.

Previous release notes

v5.11.0

Welcome to gatsby@5.11.0 release (June 2023 #1)

Key highlights of this release:

• RFC: Adapters
• gatsby-source-wordpress: Support for multiple instances

Bleeding Edge: Want to try new features as soon as possible? Install gatsby@next and let us know if you have any issues.

Previous release notes

Full changelog

v5.10.0

Welcome to gatsby@5.10.0 release (May 2023 #1)

This release focused on bug fixes and perf improvements. Check out notable bugfixes and improvements.

Bleeding Edge: Want to try new features as soon as possible? Install gatsby@next and let us know if you have any issues.

Previous release notes

Full changelog

v5.9.0

Welcome to gatsby@5.9.0 release (April 2023 #1)

... (truncated)

Commits

• d92aa8c chore(release): Publish
• 74d1fd1 fix(gatsby-adapter-netlify): support monorepos (#39005) (#39037)
• 36f23d2 chore(release): Publish
• 04c438a perf(gatsby-adapter-netlify): improve adapt() performance (#38988) (#38991)
• 6c63350 chore(release): Publish
• 326c89a feat: allow dsg/ssr renders without access to datastore if it's not required ...
• e7231ec chore: pin @​vercel/webpack-asset-relocator-loader (#38981) (#38982)
• 0f9ad54 chore(release): Publish
• b6935a4 chore(gatsby-source-contentful): upgrade is-online (#38862) (#38970)
• 8f0f7c5 chore(release): Publish
• Additional commits viewable in compare view

Updates gatsby-plugin-google-analytics from 3.15.0 to 5.13.1

Release notes

Sourced from gatsby-plugin-google-analytics's releases.

v5.13.0

Welcome to gatsby@5.13.0 release (December 2023 #1)

Key highlight of this release:

• Custom Image and File CDN URL generators

Bleeding Edge: Want to try new features as soon as possible? Install gatsby@next and let us know if you have any issues.

Previous release notes

v5.12.0

Welcome to gatsby@5.12.0 release (August 2023 #1)

Key highlight of this release:

• Adapters

Bleeding Edge: Want to try new features as soon as possible? Install gatsby@next and let us know if you have any issues.

Previous release notes

v5.11.0

Welcome to gatsby@5.11.0 release (June 2023 #1)

Key highlights of this release:

• RFC: Adapters
• gatsby-source-wordpress: Support for multiple instances

Bleeding Edge: Want to try new features as soon as possible? Install gatsby@next and let us know if you have any issues.

Previous release notes

Full changelog

v5.10.0

Welcome to gatsby@5.10.0 release (May 2023 #1)

This release focused on bug fixes and perf improvements. Check out notable bugfixes and improvements.

Bleeding Edge: Want to try new features as soon as possible? Install gatsby@next and let us know if you have any issues.

Previous release notes

Full changelog

v5.9.0

Welcome to gatsby@5.9.0 release (April 2023 #1)

... (truncated)

Changelog

Sourced from gatsby-plugin-google-analytics's changelog.

5.13.1 (2024-01-23)

Note: Version bump only for package gatsby-plugin-google-analytics

5.13.0 (2023-12-18)

🧾 Release notes

Note: Version bump only for package gatsby-plugin-google-analytics

5.12.0 (2023-08-24)

🧾 Release notes

Note: Version bump only for package gatsby-plugin-google-analytics

5.11.0 (2023-06-15)

🧾 Release notes

Note: Version bump only for package gatsby-plugin-google-analytics

5.10.0 (2023-05-16)

🧾 Release notes

Note: Version bump only for package gatsby-plugin-google-analytics

5.9.0 (2023-04-18)

🧾 Release notes

Note: Version bump only for package gatsby-plugin-google-analytics

5.8.0 (2023-03-21)

🧾 Release notes

Note: Version bump only for package gatsby-plugin-google-analytics

5.7.0 (2023-02-21)

🧾 Release notes

Note: Version bump only for package gatsby-plugin-google-analytics

5.6.0 (2023-02-07)

🧾 Release notes

... (truncated)

Commits

• b24134d chore(release): Publish
• 18ffcfa chore(release): Publish
• db248ab chore(changelogs): update changelogs (#38526)
• e6e2fb4 chore(release): Publish next pre-minor
• fd4d702 chore(changelogs): update changelogs (#38248)
• 0991178 chore(release): Publish next pre-minor
• ebe9bc6 chore(release): Publish next
• 57a4af5 chore(changelogs): update changelogs (#38096)
• 99664bc chore(release): Publish next pre-minor
• a9c54f7 chore(release): Publish next
• Additional commits viewable in compare view

Updates gatsby-plugin-manifest from 3.15.0 to 5.13.1

Release notes

Sourced from gatsby-plugin-manifest's releases.

v5.13.0

Welcome to gatsby@5.13.0 release (December 2023 #1)

Key highlight of this release:

• Custom Image and File CDN URL generators

Bleeding Edge: Want to try new features as soon as possible? Install gatsby@next and let us know if you have any issues.

Previous release notes

v5.12.0

Welcome to gatsby@5.12.0 release (August 2023 #1)

Key highlight of this release:

• Adapters

Bleeding Edge: Want to try new features as soon as possible? Install gatsby@next and let us know if you have any issues.

Previous release notes

v5.11.0

Welcome to gatsby@5.11.0 release (June 2023 #1)

Key highlights of this release:

• RFC: Adapters
• gatsby-source-wordpress: Support for multiple instances

Bleeding Edge: Want to try new features as soon as possible? Install gatsby@next and let us know if you have any issues.

Previous release notes

Full changelog

v5.10.0

Welcome to gatsby@5.10.0 release (May 2023 #1)

This release focused on bug fixes and perf improvements. Check out notable bugfixes and improvements.

Bleeding Edge: Want to try new features as soon as possible? Install gatsby@next and let us know if you have any issues.

Previous release notes

Full changelog

v5.9.0

Welcome to gatsby@5.9.0 release (April 2023 #1)

... (truncated)

Changelog

Sourced from gatsby-plugin-manifest's changelog.

5.13.1 (2024-01-23)

Note: Version bump only for package gatsby-plugin-manifest

5.13.0 (2023-12-18)

🧾 Release notes

Chores

• upgrade sharp to latest v0.32.6 #38374 (ca15ef3)

5.12.3 (2023-10-26)

Note: Version bump only for package gatsby-plugin-manifest

5.12.2 (2023-10-20)

Note: Version bump only for package gatsby-plugin-manifest

5.12.1 (2023-10-09)

Chores

• upgrade sharp to latest v0.32.6 #38374 #38617 (f1a4107)

5.12.0 (2023-08-24)

🧾 Release notes

Bug Fixes

• update dependency semver to ^7.5.3 #38296 (11e64e2)

5.11.0 (2023-06-15)

🧾 Release notes

Chores

• update semver #38171 (208cdef)

5.10.0 (2023-05-16)

🧾 Release notes

Bug Fixes

• update dependency sharp to ^0.32.1 #38024 (d7cccfe)
• update dependency semver to ^7.5.0 #38023 (2564f6b)

... (truncated)

Commits

• b24134d chore(release): Publish
• 18ffcfa chore(release): Publish
• 26871b8 chore(release): Publish next
• 9a26700 chore(changelogs): update changelogs (#38667)
• 7ba63eb chore(changelogs): update changelogs (#38658)
• d90d747 chore(changelogs): update changelogs (#38642)
• ca15ef3 chore(deps): upgrade sharp to latest v0.32.6 (#38374)
• db248ab chore(changelogs): update changelogs (#38526)
• e6e2fb4 chore(release): Publish next pre-minor
• 1ebae56 chore(release): Publish next
• Additional commits viewable in compare view

Updates gatsby-plugin-material-ui from 3.0.1 to 4.1.0

Commits

• 6eda811 v4.1.0
• c59c025 chore: Update node in ci
• b9ddd06 feat: Add gatsby v4 support
• f49dca5 v4.0.3
• e787e20 mui V5 support (#78)
• See full diff in compare view

Updates gatsby-plugin-offline from 4.15.0 to 6.13.2

Release notes

Sourced from gatsby-plugin-offline's releases.

v5.13.0

Welcome to gatsby@5.13.0 release (December 2023 #1)

Key highlight of this release:

• Custom Image and File CDN URL generators

Bleeding Edge: Want to try new features as soon as possible? Install gatsby@next and let us know if you have any issues.

Previous release notes

v5.12.0

Welcome to gatsby@5.12.0 release (August 2023 #1)

Key highlight of this release:

• Adapters

Bleeding Edge: Want to try new features as soon as possible? Install gatsby@next and let us know if you have any issues.

Previous release notes

v5.11.0

Welcome to gatsby@5.11.0 release (June 2023 #1)

Key highlights of this release:

• RFC: Adapters
• gatsby-source-wordpress: Support for multiple instances

Bleeding Edge: Want to try new features as soon as possible? Install gatsby@next and let us know if you have any issues.

Previous release notes

Full changelog

v5.10.0

Welcome to gatsby@5.10.0 release (May 2023 #1)

This release focused on bug fixes and perf improvements. Check out notable bugfixes and improvements.

Bleeding Edge: Want to try new features as soon as possible? Install gatsby@next and let us know if you have any issues.

Previous release notes

Full changelog

v5.9.0

Welcome to gatsby@5.9.0 release (April 2023 #1)

... (truncated)

Changelog

Sourced from gatsby-plugin-offline's changelog.

6.13.2 (2024-04-10)

Bug Fixes

• handler generation on windows #38900 #38929 (edaf016)

6.13.1 (2024-01-23)

Note: Version bump only for package gatsby-plugin-offline

6.13.0 (2023-12-18)

🧾 Release notes

Note: Version bump only for package gatsby-plugin-offline

6.12.3 (2023-10-26)

Note: Version bump only for package gatsby-plugin-offline

6.12.2 (2023-10-20)

Note: Version bump only for package gatsby-plugin-offline

6.12.1 (2023-10-09)

Note: Version bump only for package gatsby-plugin-offline

6.12.0 (2023-08-24)

🧾 Release notes

Note: Version bump only for package gatsby-plugin-offline

6.11.0 (2023-06-15)

🧾 Release notes

Note: Version bump only for package gatsby-plugin-offline

6.10.0 (2023-05-16)

🧾 Release notes

Note: Version bump only for package gatsby-plugin-offline

6.9.0 (2023-04-18)

🧾 Release notes

... (truncated)

Commits

• 8f0f7c5 chore(release): Publish
• edaf016 fix(gatsby-adapter-netlify): handler generation on windows (#38900) (#38929)
• b24134d chore(release): Publish
• 18ffcfa chore(release): Publish
• 26871b8 chore(release): Publish next
• 9a26700 chore(changelogs): update changelogs (#38667)
• 7ba63eb chore(changelogs): update changelogs (#38658)
• d90d747 chore(changelogs): update changelogs (#38642)
• db248ab chore(changelogs): update changelogs (#38526)
• e6e2fb4 chore(release): Publish next pre-minor
• Additional commits viewable in compare view

Updates gatsby-plugin-react-helmet from 4.15.0 to 6.13.1

Release notes

Sourced from gatsby-plugin-react-helmet's releases.

v5.13.0

Welcome to gatsby@5.13.0 release (December 2023 #1)

Key highlight of this release:

• Custom Image and File CDN URL generators

Bleeding Edge: Want to try new features as soon as possible? Install gatsby@next and let us know if you have any issues.

Previous release notes

v5.12.0

Welcome to gatsby@5.12.0 release (August 2023 #1)

Key highlight of this release:

• Adapters

Bleeding Edge: Want to try new features as soon as possible? Install gatsby@next and let us know if you have any issues.

Previous release notes

v5.11.0

Welcome to gatsby@5.11.0 release (June 2023 #1)

Key highlights of this release:

• RFC: Adapters
• gatsby-source-wordpress: Support for multiple instances

Bleeding Edge: Want to try new features as soon as possible? Install gatsby@next and let us know if you have any issues.

Previous release notes

Full changelog

v5.10.0

Welcome to gatsby@5.10.0 release (May 2023 #1)

This release focused on bug fixes and perf improvements. Check out notable bugfixes and improvements.

Bleeding Edge: Want to try new features as soon as possible? Install gatsby@next and let us know if you have any issues.

Previous release notes

Full changelog

v5.9.0

Welcome to gatsby@5.9.0 release (April 2023 #1)

... (truncated)

Changelog

Sourced from gatsby-plugin-react-helmet's changelog.

6.13.1 (2024-01-23)

Note: Version bump only for package gatsby-plugin-react-helmet

6.13.0 (2023-12-18)

🧾 Release notes

Note: Version bump only for package gatsby-plugin-react-helmet

6.12.0 (2023-08-24)

🧾 Release notes

Note: Version bump only for package gatsby-plugin-react-helmet

6.11.0 (2023-06-15)

🧾 Release notes

Note: Version bump only for package gatsby-plugin-react-helmet

6.10.0 (2023-05-16)

🧾 Release notes

Note: Version bump only for package gatsby-plugin-react-helmet

6.9.0 (2023-04-18)

🧾 Release notes

Note: Version bump only for package gatsby-plugin-react-helmet

6.8.0 (2023-03-21)

🧾 Release notes

Note: Version bump only for package gatsby-plugin-react-helmet

6.7.0 (2023-02-21)

🧾 Release notes

Note: Version bump only for package gatsby-plugin-react-helmet

6.6.0 (2023-02-07)

🧾 Release notes

... (truncated)

Commits

• b24134d chore(release): Publish
• 18ffcfa chore(release): Publish
• db248ab chore(changelogs): update changelogs (#38526)
• e6e2fb4 chore(release): Publish next pre-minor
• fd4d702 chore(changelogs): update changelogs (#38248)
• 0991178 chore(release): Publish next pre-minor
• ebe9bc6 chore(release): Publish next
• 57a4af5 chore(changelogs): update changelogs (#38096)
• 99664bc chore(release): Publish next pre-minor
• a9c54f7 chore(release): Publish next
• Additional commits viewable in compare view

Updates gatsby-plugin-react-intl from 3.0.2 to 4.0.0

Commits

• e54fa5d Release 4.0.0
• 642e8a9 Merge pull request #16 from violy/main
• 9d45d38 Update peerDependencies to include Gatsby 4
• 7564088 Update README.md
• See full diff in compare view

Updates gatsby-plugin-sharp from 3.15.0 to 5.13.1

Release notes

Sourced from gatsby-plugin-sharp's releases.

v5.13.0

Welcome to gatsby@5.13.0 release (December 2023 #1)

Key highlight of this release:

• Custom Image and File CDN URL generators

Bleeding Edge: Want to try new features as soon as possible? Install gatsby@next and let us know if you have any issues.

Previous release notes

v5.12.0

Welcome to gatsby@5.12.0 release (August 2023 #1)

Key highlight of this release:

• Adapters

Bleeding Edge: Want to try new features as soon as possible? Install gatsby@next and let us know if you have any issues.

Previous release notes

v5.11.0

Welcome to gatsby@5.11.0 release (June 2023 #1)

Key highlights of this release:

• RFC: Adapters
• gatsby-source-wordpress: Support for multiple instances

Bleeding Edge: Want to try new features as soon as possible? Install gatsby@next and let us know if you have any issues.

Previous release notes

Full changelog

v5.10.0

Welcome to gatsby@5.10.0 release (May 2023 #1)

This release focused on bug fixes and perf improvements. Check out notable bugfixes and improvements.

Bleeding Edge: Want to try new features as soon as possible? Install gatsby@next and let us know if you have any issues.

Previous release notes

Full changelog

v5.9.0

Welcome to gatsby@5.9.0 release (April 2023 #1)

... (truncated)

Changelog

Sourced from gatsby-plugin-sharp's changelog.

5.13.1 (2024-01-23)

Note: Version bump only for package gatsby-plugin-sharp

5.13.0 (2023-12-18)

🧾 Release notes

Chores

• upgrade sharp to latest v0.32.6 #38374 (ca15ef3)

5.12.3 (2023-10-26)

Note: Version bump only for package gatsby-plugin-sharp

5.12.2 (2023-10-20)

Note: Version bump only for package gatsby-plugin-sharp

5.12.1 (2023-10-09)

Chores

• upgrade sharp to latest v0.32.6 #38374 #38617 (f1a4107)

5.12.0 (2023-08-24)

🧾 Release notes

Bug Fixes

• update dependency semver to ^7.5.3 #38296 (11e64e2)

5.11.0 (2023-06-15)

🧾 Release notes

Chores

• update semver #38171 (208cdef)

5.10.0 (2023-05-16)

🧾 Release notes

Bug Fixes

• update dependency sharp to ^0.32.1 #38024 (d7cccfe)
• update dependency semver to ^7.5.0 #38023 (2564f6b)

... (truncated)

Commits

• b24134d chore(release): Publish
• 18ffcfa chore(release): Publish
• 26871b8 chore(release): Publish next
• 9a26700 chore(changelogs): update changelogs (#38667)
• 7ba63eb chore(changelogs): update changelogs (#38658)
• d90d747 chore(changelogs): update changelogs (#38642)
• ca15ef3 chore(deps): upgrade sharp to latest v0.32.6 (#38374)
• db248ab chore(changelogs): update changelogs (#38526)
• e6e2fb4 chore(release): Publish next pre-minor
• 1ebae56 chore(release): Publish next
• Additional commits viewable in compare view

Updates gatsby-plugin-sitemap from 4.11.0 to 6.13.1

Release notes

Sourced from gatsby-plugin-sitemap's releases.

v5.13.0

Welcome to gatsby@5.13.0 release (December 2023 #1)

Key highlight of this release:

• Custom Image and File CDN URL generators

Bleeding Edge: Want to try new features as soon as possible? Install gatsby@next and let us know if you have any issues.

Previous release notes

v5.12.0

Welcome to gatsby@5.12.0 release (August 2023 #1)

Key highlight of this release:

• Adapters

Bleeding Edge: Want to try new features as soon as possible? Install gatsby@next and let us know if you have any issues.

Previous release notes

v5.11.0

Welcome to gatsby@5.11.0 release (June 2023 #1)

Key highlights of this release:

• RFC: Adapters
• gatsby-source-wordpress: Support for multiple instances

Bleeding Edge: Want to try new features as soon as possible? Install gatsby@next and let us know if you have any issues.

Previous release notes

Full changelog

v5.10.0

Welcome to gatsby@5.10.0 release (May 2023 #1)

This release focused on bug fixes and perf improvements. Check out notable bugfixes and improvements.

Bleeding Edge: Want to try new features as soon as possible? Install gatsby@next and let us know if you have any issues.

Previous release notes

Full changelog

v5.9.0

Welcome to gatsby@5.9.0 release (April 2023 #1)

... (truncated)

Changelog

Sourced from gatsby-plugin-sitemap's changelog.

6.13.1 (2024-01-23)

Note: Version bump only for package gatsby-plugin-sitemap

6.13.0 (2023-12-18)

🧾 Release notes

Note: Version bump only for package gatsby-plugin-sitemap

6.12.3 (2023-10-26)

Note: Version bump only for package gatsby-plugin-sitemap

6.12.2 (2023-10-20)

Note: Version bump only for package gatsby-plugin-sitemap

6.12.1 (2023-10-09)

Note: Version bump only for package gatsby-plugin-sitemap

6.12.0 (2023-08-24)

🧾 Release notes

Note: Version bump only for package gatsby-plugin-sitemap

6.11.0 (2023-06-15)

🧾 Release notes

Note: Version bump only for package gatsby-plugin-sitemap

6.10.0 (2023-05-16)

🧾 Release notes

Note: Version bump only for package gatsby-plugin-sitemap

6.9.0 (2023-04-18)