search

craftcms / spoke-and-chain

Craft CMS + Craft Commerce demo site.
https://craftcms.com/demo?kind=spokeandchain
BSD Zero Clause License
54 stars 28 forks source link

[Snyk] Upgrade mini-css-extract-plugin from 0.11.3 to 0.12.0 #111

Closed snyk-bot closed 2 years ago

snyk-bot commented 2 years ago

Snyk has created this PR to upgrade mini-css-extract-plugin from 0.11.3 to 0.12.0.

merge advice As this is a private repository, Snyk-bot does not have access. Therefore, this PR has been created automatically, but appears to have been created by a real user.
:sparkles: Snyk has automatically assigned this pull request, set who gets assigned.

:information_source: Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.

The recommended version fixes:

Severity Issue PriorityScore (*) Exploit Maturity
Access Restriction Bypass
SNYK-JS-XMLHTTPREQUESTSSL-1255647		 472/1000
Why? Proof of Concept exploit, CVSS 7.3		 Proof of Concept
Arbitrary Code Injection
SNYK-JS-XMLHTTPREQUESTSSL-1082936		 472/1000
Why? Proof of Concept exploit, CVSS 7.3		 Proof of Concept
Regular Expression Denial of Service (ReDoS)
SNYK-JS-TMPL-1583443		 472/1000
Why? Proof of Concept exploit, CVSS 7.3		 Proof of Concept
Arbitrary File Write
SNYK-JS-TAR-1579155		 472/1000
Why? Proof of Concept exploit, CVSS 7.3		 No Known Exploit
Arbitrary File Write
SNYK-JS-TAR-1579152		 472/1000
Why? Proof of Concept exploit, CVSS 7.3		 No Known Exploit
Arbitrary File Write
SNYK-JS-TAR-1579147		 472/1000
Why? Proof of Concept exploit, CVSS 7.3		 No Known Exploit
Arbitrary File Overwrite
SNYK-JS-TAR-1536531		 472/1000
Why? Proof of Concept exploit, CVSS 7.3		 No Known Exploit
Arbitrary File Overwrite
SNYK-JS-TAR-1536528		 472/1000
Why? Proof of Concept exploit, CVSS 7.3		 No Known Exploit
Arbitrary File Write
SNYK-JS-TAR-1579155		 472/1000
Why? Proof of Concept exploit, CVSS 7.3		 No Known Exploit
Arbitrary File Write
SNYK-JS-TAR-1579152		 472/1000
Why? Proof of Concept exploit, CVSS 7.3		 No Known Exploit
Arbitrary File Write
SNYK-JS-TAR-1579147		 472/1000
Why? Proof of Concept exploit, CVSS 7.3		 No Known Exploit
Arbitrary File Overwrite
SNYK-JS-TAR-1536531		 472/1000
Why? Proof of Concept exploit, CVSS 7.3		 No Known Exploit
Arbitrary File Overwrite
SNYK-JS-TAR-1536528		 472/1000
Why? Proof of Concept exploit, CVSS 7.3		 No Known Exploit
Regular Expression Denial of Service (ReDoS)
SNYK-JS-SSRI-1246392		 472/1000
Why? Proof of Concept exploit, CVSS 7.3		 Proof of Concept
Regular Expression Denial of Service (ReDoS)
SNYK-JS-SSRI-1246392		 472/1000
Why? Proof of Concept exploit, CVSS 7.3		 Proof of Concept
Information Exposure
SNYK-JS-SIMPLEGET-2361683		 472/1000
Why? Proof of Concept exploit, CVSS 7.3		 Proof of Concept
Regular Expression Denial of Service (ReDoS)
SNYK-JS-NORMALIZEURL-1296539		 472/1000
Why? Proof of Concept exploit, CVSS 7.3		 No Known Exploit
Command Injection
SNYK-JS-LODASHTEMPLATE-1088054		 472/1000
Why? Proof of Concept exploit, CVSS 7.3		 Proof of Concept
Command Injection
SNYK-JS-LODASH-1040724		 472/1000
Why? Proof of Concept exploit, CVSS 7.3		 Proof of Concept
Prototype Pollution
SNYK-JS-JSONSCHEMA-1920922		 472/1000
Why? Proof of Concept exploit, CVSS 7.3		 No Known Exploit
Remote Code Execution (RCE)
SNYK-JS-HANDLEBARS-1056767		 472/1000
Why? Proof of Concept exploit, CVSS 7.3		 Proof of Concept
Denial of Service (DoS)
SNYK-JS-ENGINEIO-1056749		 472/1000
Why? Proof of Concept exploit, CVSS 7.3		 Proof of Concept
Remote Memory Exposure
SNYK-JS-DNSPACKET-1293563		 472/1000
Why? Proof of Concept exploit, CVSS 7.3		 No Known Exploit
Regular Expression Denial of Service (ReDoS)
SNYK-JS-ANSIHTML-1296849		 472/1000
Why? Proof of Concept exploit, CVSS 7.3		 Proof of Concept
Improper Input Validation
SNYK-JS-XMLDOM-1534562		 472/1000
Why? Proof of Concept exploit, CVSS 7.3		 No Known Exploit
XML External Entity (XXE) Injection
SNYK-JS-XMLDOM-1084960		 472/1000
Why? Proof of Concept exploit, CVSS 7.3		 No Known Exploit
Authorization Bypass
SNYK-JS-URLPARSE-2407770		 472/1000
Why? Proof of Concept exploit, CVSS 7.3		 Proof of Concept
Authorization Bypass
SNYK-JS-URLPARSE-2407759		 472/1000
Why? Proof of Concept exploit, CVSS 7.3		 Proof of Concept
Access Restriction Bypass
SNYK-JS-URLPARSE-2401205		 472/1000
Why? Proof of Concept exploit, CVSS 7.3		 Proof of Concept
Open Redirect
SNYK-JS-URLPARSE-1533425		 472/1000
Why? Proof of Concept exploit, CVSS 7.3		 Proof of Concept
Improper Input Validation
SNYK-JS-URLPARSE-1078283		 472/1000
Why? Proof of Concept exploit, CVSS 7.3		 No Known Exploit
Arbitrary Code Injection
SNYK-JS-UNDERSCORE-1080984		 472/1000
Why? Proof of Concept exploit, CVSS 7.3		 Proof of Concept
Regular Expression Denial of Service (ReDoS)
SNYK-JS-UGLIFYJS-1727251		 472/1000
Why? Proof of Concept exploit, CVSS 7.3		 No Known Exploit
Regular Expression Denial of Service (ReDoS)
SNYK-JS-RAMDA-1582370		 472/1000
Why? Proof of Concept exploit, CVSS 7.3		 No Known Exploit
Regular Expression Denial of Service (ReDoS)
SNYK-JS-POSTCSS-1255640		 472/1000
Why? Proof of Concept exploit, CVSS 7.3		 Proof of Concept
Regular Expression Denial of Service (ReDoS)
SNYK-JS-POSTCSS-1090595		 472/1000
Why? Proof of Concept exploit, CVSS 7.3		 Proof of Concept
Regular Expression Denial of Service (ReDoS)
SNYK-JS-POSTCSS-1255640		 472/1000
Why? Proof of Concept exploit, CVSS 7.3		 Proof of Concept
Regular Expression Denial of Service (ReDoS)
SNYK-JS-POSTCSS-1090595		 472/1000
Why? Proof of Concept exploit, CVSS 7.3		 Proof of Concept
Regular Expression Denial of Service (ReDoS)
SNYK-JS-POSTCSS-1255640		 472/1000
Why? Proof of Concept exploit, CVSS 7.3		 Proof of Concept
Regular Expression Denial of Service (ReDoS)
SNYK-JS-POSTCSS-1090595		 472/1000
Why? Proof of Concept exploit, CVSS 7.3		 Proof of Concept
Regular Expression Denial of Service (ReDoS)
SNYK-JS-PATHPARSE-1077067		 472/1000
Why? Proof of Concept exploit, CVSS 7.3		 Proof of Concept
Command Injection
SNYK-JS-NODENOTIFIER-1035794		 472/1000
Why? Proof of Concept exploit, CVSS 7.3		 No Known Exploit
Information Exposure
SNYK-JS-NANOID-2332193		 472/1000
Why? Proof of Concept exploit, CVSS 7.3		 Proof of Concept
Regular Expression Denial of Service (ReDoS)
SNYK-JS-LODASH-1018905		 472/1000
Why? Proof of Concept exploit, CVSS 7.3		 Proof of Concept
Regular Expression Denial of Service (ReDoS)
SNYK-JS-ISSVG-1243891		 472/1000
Why? Proof of Concept exploit, CVSS 7.3		 Proof of Concept
Regular Expression Denial of Service (ReDoS)
SNYK-JS-ISSVG-1085627		 472/1000
Why? Proof of Concept exploit, CVSS 7.3		 Proof of Concept
Regular Expression Denial of Service (ReDoS)
SNYK-JS-ISSVG-1243891		 472/1000
Why? Proof of Concept exploit, CVSS 7.3		 Proof of Concept
Regular Expression Denial of Service (ReDoS)
SNYK-JS-ISSVG-1085627		 472/1000
Why? Proof of Concept exploit, CVSS 7.3		 Proof of Concept
Regular Expression Denial of Service (ReDoS)
SNYK-JS-HOSTEDGITINFO-1088355		 472/1000
Why? Proof of Concept exploit, CVSS 7.3		 Proof of Concept
Regular Expression Denial of Service (ReDoS)
SNYK-JS-HOSTEDGITINFO-1088355		 472/1000
Why? Proof of Concept exploit, CVSS 7.3		 Proof of Concept
Prototype Pollution
SNYK-JS-HANDLEBARS-1279029		 472/1000
Why? Proof of Concept exploit, CVSS 7.3		 Proof of Concept
Information Exposure
SNYK-JS-FOLLOWREDIRECTS-2332181		 472/1000
Why? Proof of Concept exploit, CVSS 7.3		 Proof of Concept
Cryptographic Issues
SNYK-JS-ELLIPTIC-1064899		 472/1000
Why? Proof of Concept exploit, CVSS 7.3		 No Known Exploit
Regular Expression Denial of Service (ReDoS)
SNYK-JS-COLORSTRING-1082939		 472/1000
Why? Proof of Concept exploit, CVSS 7.3		 Proof of Concept
Regular Expression Denial of Service (ReDoS)
SNYK-JS-BROWSERSLIST-1090194		 472/1000
Why? Proof of Concept exploit, CVSS 7.3		 Proof of Concept
Regular Expression Denial of Service (ReDoS)
SNYK-JS-TAR-1536758		 472/1000
Why? Proof of Concept exploit, CVSS 7.3		 No Known Exploit
Regular Expression Denial of Service (ReDoS)
SNYK-JS-TAR-1536758		 472/1000
Why? Proof of Concept exploit, CVSS 7.3		 No Known Exploit
Information Exposure
SNYK-JS-FOLLOWREDIRECTS-2396346		 472/1000
Why? Proof of Concept exploit, CVSS 7.3		 No Known Exploit

(*) Note that the real score may have changed since the PR was raised.

Release notes
Package name: mini-css-extract-plugin
  • 0.12.0 - 2020-10-07

    0.12.0 (2020-10-07)

    Features

    • opt-in to transitive only side effects (webpack@5), no more empty JS chunks
  • 0.11.3 - 2020-10-02

    0.11.3 (2020-10-02)

    Bug Fixes

from mini-css-extract-plugin GitHub release notes
Commit messages
Package name: mini-css-extract-plugin
  • b935f26 chore(release): 0.12.0
  • bc0ca2c test: improve (#601)
  • 5fafdf8 feat opt-in to transitive only side effects (webpack@5) (#599)
  • ef4bd79 test: empty chunk
Compare

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.

For more information:

šŸ§ View latest project report

šŸ‘©ā€šŸ’» Set who automatically gets assigned

šŸ›  Adjust upgrade PR settings

šŸ”• Ignore this dependency or unsubscribe from future upgrade PRs