github-actions[bot]
commented
1 year ago Great PR! Please pay attention to the following items before merging:
Files matching docs/**:
- [ ] Do you linted the code?
- [ ] Have you added the new version on metadata.js?
This is an automatically generated QA checklist based on modified files.
Snyk has created this PR to fix one or more vulnerable packages in the `npm` dependencies of this project.
Changes included in this PR
Vulnerabilities that will be fixed
With an upgrade:
Why? Proof of Concept exploit, Has a fix available, CVSS 5.9
SNYK-JS-ALGOLIASEARCHHELPER-1570421
Why? Proof of Concept exploit, Has a fix available, CVSS 5.3
SNYK-JS-BROWSERSLIST-1090194
Why? Proof of Concept exploit, Has a fix available, CVSS 5.3
SNYK-JS-COLORSTRING-1082939
Why? Has a fix available, CVSS 5.3
SNYK-JS-CSSWHAT-1298035
Why? Proof of Concept exploit, Has a fix available, CVSS 4.1
SNYK-JS-EJS-1049328
Why? Proof of Concept exploit, Has a fix available, CVSS 8.1
SNYK-JS-EJS-2803307
Why? Proof of Concept exploit, Has a fix available, CVSS 8.1
SNYK-JS-ETA-2936803
Why? Has a fix available, CVSS 5.4
SNYK-JS-ETA-3261240
Why? Proof of Concept exploit, Has a fix available, CVSS 5.3
SNYK-JS-GLOBPARENT-1016905
Why? Proof of Concept exploit, Has a fix available, CVSS 5.3
SNYK-JS-HTTPCACHESEMANTICS-3248783
Why? Proof of Concept exploit, Has a fix available, CVSS 7.5
SNYK-JS-IMMER-1019369
Why? Proof of Concept exploit, Has a fix available, CVSS 5.6
SNYK-JS-IMMER-1540542
Why? Proof of Concept exploit, Has a fix available, CVSS 5.3
SNYK-JS-ISSVG-1085627
Why? Proof of Concept exploit, Has a fix available, CVSS 5.3
SNYK-JS-ISSVG-1243891
Why? Proof of Concept exploit, Has a fix available, CVSS 6.4
SNYK-JS-JSON5-3182856
Why? Has a fix available, CVSS 5.3
SNYK-JS-LOADERUTILS-3042992
Why? Has a fix available, CVSS 7.5
SNYK-JS-LOADERUTILS-3043105
Why? Has a fix available, CVSS 5.3
SNYK-JS-LOADERUTILS-3105943
Why? Proof of Concept exploit, Has a fix available, CVSS 5.3
SNYK-JS-LODASH-1018905
Why? Proof of Concept exploit, Has a fix available, CVSS 7.2
SNYK-JS-LODASH-1040724
Why? Has a fix available, CVSS 5.3
SNYK-JS-MINIMATCH-3050818
Why? Proof of Concept exploit, Has a fix available, CVSS 3.7
SNYK-JS-MINIMIST-2429795
Why? Has a fix available, CVSS 7.5
SNYK-JS-MOMENT-2440688
Why? Proof of Concept exploit, Has a fix available, CVSS 7.5
SNYK-JS-MOMENT-2944238
Why? Has a fix available, CVSS 7.5
SNYK-JS-NORMALIZEURL-1296539
Why? Proof of Concept exploit, Has a fix available, CVSS 7.5
SNYK-JS-NTHCHECK-1586032
Why? Proof of Concept exploit, Has a fix available, CVSS 5.3
SNYK-JS-POSTCSS-1090595
Why? Proof of Concept exploit, Has a fix available, CVSS 5.3
SNYK-JS-POSTCSS-1255640
Why? Proof of Concept exploit, Has a fix available, CVSS 7.5
SNYK-JS-PRISMJS-1076581
Why? Has a fix available, CVSS 7.4
SNYK-JS-PRISMJS-1314893
Why? Proof of Concept exploit, Has a fix available, CVSS 7.5
SNYK-JS-PRISMJS-1585202
Why? Has a fix available, CVSS 5.4
SNYK-JS-PRISMJS-2404333
Why? Proof of Concept exploit, Has a fix available, CVSS 7.5
SNYK-JS-QS-3153490
Why? Proof of Concept exploit, Has a fix available, CVSS 5.6
SNYK-JS-REACTDEVUTILS-1083268
Why? Proof of Concept exploit, Has a fix available, CVSS 7.1
SNYK-JS-SHELLJS-2332187
Why? Has a fix available, CVSS 8.1
SNYK-JS-SHELLQUOTE-1766506
(*) Note that the real score may have changed since the PR was raised.
Commit messages
Package name: @docusaurus/core
The new version differs by 250 commits.- cf12f21 v2.3.1
- cc767ed fix(theme-common): fix issue in tab scroll position restoration on tab click (#8628)
- ed13d5c chore: add "pr: dependencies" to lerna changelog labels (#8622)
- 484774c trigger ci
- 692bbda fix(theme-common): localStorage utils dispatch too many storage events leading to infinite loop (#8619)
- ce8e55b fix(theme-common): prepare usage of useSyncExternalStore compatibility with React 18 (#8618)
- 883983c fix(theme-classic): allow rendering single tab item (#8593)
- 2bdd27a fix(utils): handle CRLF when parsing MDX imports (#8606)
- 4761c8c chore(theme-translations): complete zh translations (#8614)
- 990e553 fix(preset-classic): install the right plugin for googleTagManager (#8597)
- 4cd2c65 chore(deps): bump eta from 1.12.3 to 2.0.0 (#8610)
- c84d779 chore: backport retro compatible commits for the Docusaurus v2.3 release (#8585)
- de97214 chore: backport retro compatible commits for the Docusaurus v2.2 release (#8264)
- 7743aa6 chore: release Docusaurus v2.1.0 (#8040)
- 26d2b9a chore: backport retro compatible commits for the Docusaurus v2.1 release (#8033)
- bb65b5c chore: release v2.0.1 (#7919)
- 2ef40c2 chore: Netlify branch deploys should only deploy default locale "en" (#7788)
- d88f248 chore: add Netlify config for major version branch deploys (docusaurus-v2 branch) (#7787)
- e4fc47b Merge branch 'main' into docusaurus-v2
- 7f40350 chore: fix codesandbox playgrounds, use Node.js 16 version (#7784)
- 1065e55 refactor(core): log Docusaurus & Node version before exiting (#7781)
- 965a01e chore: port-2.0.0-rc.1 (#7782)
- e78a15e chore: ci tests should run on version branches "docusaurus-vX" (#7783)
- c751bc6 chore: regen v2.0.0-rc.1 examples (#7780)
See the full diffPackage name: @docusaurus/plugin-pwa
The new version differs by 250 commits.- 2a9e8f5 v2.0.0
- 2ef40c2 chore: Netlify branch deploys should only deploy default locale "en" (#7788)
- d88f248 chore: add Netlify config for major version branch deploys (docusaurus-v2 branch) (#7787)
- e4fc47b Merge branch 'main' into docusaurus-v2
- 7f40350 chore: fix codesandbox playgrounds, use Node.js 16 version (#7784)
- 1065e55 refactor(core): log Docusaurus & Node version before exiting (#7781)
- 965a01e chore: port-2.0.0-rc.1 (#7782)
- e78a15e chore: ci tests should run on version branches "docusaurus-vX" (#7783)
- c751bc6 chore: regen v2.0.0-rc.1 examples (#7780)
- d255389 chore: prepare v2.0.0-rc.1 release (#7778)
- 443914a docs: add Bruce Wiki website to showcase (#7770)
- f913af0 docs: release process, versioning, breaking changes, public API surface (#7706)
- 9788944 refactor(theme): fix duplicate page metadata usage (#7777)
- c48f338 fix(core): swizzle --eject js should not copy theme .d.ts files (#7776)
- c3d2e0d fix(sitemap): complete gracefully when all pages have noIndex meta (#7774)
- 665c311 chore: bump Infima to 0.2.0-alpha.42, fix a:hover link bug (#7771)
- 1899a2e docs: add EverShop website to showcase (#7765)
- 542228e fix(deploy): revert "feat(deploy): copy local git config to tmp repo (#7702)" (#7750)
- a4b4a7f fix(migrate): import siteConfig with file extension (#7766)
- 337463a chore(theme-translations): complete ko translations (#7762)
- 9467da6 chore(deps): bump actions/setup-node from 3.3.0 to 3.4.0 (#7764)
- cba8be0 fix(theme-classic): validate options properly (#7755)
- 636d470 refactor(core): use has instead of get to test for existence in ExecEnv (#7763)
- f21dadf docs: add StackQL Provider Registry to showcase (#7760)
See the full diffPackage name: @docusaurus/preset-classic
The new version differs by 250 commits.- cf12f21 v2.3.1
- cc767ed fix(theme-common): fix issue in tab scroll position restoration on tab click (#8628)
- ed13d5c chore: add "pr: dependencies" to lerna changelog labels (#8622)
- 484774c trigger ci
- 692bbda fix(theme-common): localStorage utils dispatch too many storage events leading to infinite loop (#8619)
- ce8e55b fix(theme-common): prepare usage of useSyncExternalStore compatibility with React 18 (#8618)
- 883983c fix(theme-classic): allow rendering single tab item (#8593)
- 2bdd27a fix(utils): handle CRLF when parsing MDX imports (#8606)
- 4761c8c chore(theme-translations): complete zh translations (#8614)
- 990e553 fix(preset-classic): install the right plugin for googleTagManager (#8597)
- 4cd2c65 chore(deps): bump eta from 1.12.3 to 2.0.0 (#8610)
- c84d779 chore: backport retro compatible commits for the Docusaurus v2.3 release (#8585)
- de97214 chore: backport retro compatible commits for the Docusaurus v2.2 release (#8264)
- 7743aa6 chore: release Docusaurus v2.1.0 (#8040)
- 26d2b9a chore: backport retro compatible commits for the Docusaurus v2.1 release (#8033)
- bb65b5c chore: release v2.0.1 (#7919)
- 2ef40c2 chore: Netlify branch deploys should only deploy default locale "en" (#7788)
- d88f248 chore: add Netlify config for major version branch deploys (docusaurus-v2 branch) (#7787)
- e4fc47b Merge branch 'main' into docusaurus-v2
- 7f40350 chore: fix codesandbox playgrounds, use Node.js 16 version (#7784)
- 1065e55 refactor(core): log Docusaurus & Node version before exiting (#7781)
- 965a01e chore: port-2.0.0-rc.1 (#7782)
- e78a15e chore: ci tests should run on version branches "docusaurus-vX" (#7783)
- c751bc6 chore: regen v2.0.0-rc.1 examples (#7780)
See the full diffCheck the changes in this PR to ensure they won't cause issues with your project.
Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.
For more information:
🧐 View latest project report
🛠 Adjust project settings
📚 Read more about Snyk's upgrade and patch logic
Learn how to fix vulnerabilities with free interactive lessons:
🦉 Prototype Pollution 🦉 Regular Expression Denial of Service (ReDoS) 🦉 Arbitrary Code Injection 🦉 More lessons are available in Snyk Learn