search

dalexhd / SteamSpeak

Steam and TeamSpeak integration, done right!
https://steamspeak.dalexhd.dev/
MIT License
47 stars 4 forks source link

[Snyk] Fix for 2 vulnerabilities #306

Open dalexhd opened 5 months ago

dalexhd commented 5 months ago

This PR was automatically created by Snyk using the credentials of a real user.


Snyk has created this PR to fix one or more vulnerable packages in the `npm` dependencies of this project.

#### Changes included in this PR - Changes to the following files to upgrade the vulnerable dependencies to a fixed version: - docs/package.json #### Vulnerabilities that will be fixed ##### With an upgrade: Severity | Priority Score (*) | Issue | Breaking Change | Exploit Maturity :-------------------------:|-------------------------|:-------------------------|:-------------------------|:------------------------- ![high severity](https://res.cloudinary.com/snyk/image/upload/w_20,h_20/v1561977819/icon/h.png "high severity") | **661/1000**
**Why?** Recently disclosed, Has a fix available, CVSS 7.5 | Uncontrolled resource consumption
[SNYK-JS-BRACES-6838727](https://snyk.io/vuln/SNYK-JS-BRACES-6838727) | Yes | No Known Exploit ![high severity](https://res.cloudinary.com/snyk/image/upload/w_20,h_20/v1561977819/icon/h.png "high severity") | **661/1000**
**Why?** Recently disclosed, Has a fix available, CVSS 7.5 | Inefficient Regular Expression Complexity
[SNYK-JS-MICROMATCH-6838728](https://snyk.io/vuln/SNYK-JS-MICROMATCH-6838728) | Yes | No Known Exploit (*) Note that the real score may have changed since the PR was raised.
Commit messages
Package name: @docusaurus/core The new version differs by 250 commits.
  • 1ddee1c v2.0.1
  • 2ef40c2 chore: Netlify branch deploys should only deploy default locale "en" (#7788)
  • d88f248 chore: add Netlify config for major version branch deploys (docusaurus-v2 branch) (#7787)
  • e4fc47b Merge branch 'main' into docusaurus-v2
  • 7f40350 chore: fix codesandbox playgrounds, use Node.js 16 version (#7784)
  • 1065e55 refactor(core): log Docusaurus & Node version before exiting (#7781)
  • 965a01e chore: port-2.0.0-rc.1 (#7782)
  • e78a15e chore: ci tests should run on version branches "docusaurus-vX" (#7783)
  • c751bc6 chore: regen v2.0.0-rc.1 examples (#7780)
  • d255389 chore: prepare v2.0.0-rc.1 release (#7778)
  • 443914a docs: add Bruce Wiki website to showcase (#7770)
  • f913af0 docs: release process, versioning, breaking changes, public API surface (#7706)
  • 9788944 refactor(theme): fix duplicate page metadata usage (#7777)
  • c48f338 fix(core): swizzle --eject js should not copy theme .d.ts files (#7776)
  • c3d2e0d fix(sitemap): complete gracefully when all pages have noIndex meta (#7774)
  • 665c311 chore: bump Infima to 0.2.0-alpha.42, fix a:hover link bug (#7771)
  • 1899a2e docs: add EverShop website to showcase (#7765)
  • 542228e fix(deploy): revert "feat(deploy): copy local git config to tmp repo (#7702)" (#7750)
  • a4b4a7f fix(migrate): import siteConfig with file extension (#7766)
  • 337463a chore(theme-translations): complete ko translations (#7762)
  • 9467da6 chore(deps): bump actions/setup-node from 3.3.0 to 3.4.0 (#7764)
  • cba8be0 fix(theme-classic): validate options properly (#7755)
  • 636d470 refactor(core): use has instead of get to test for existence in ExecEnv (#7763)
  • f21dadf docs: add StackQL Provider Registry to showcase (#7760)
See the full diff
Package name: @docusaurus/preset-classic The new version differs by 250 commits.
  • 1ddee1c v2.0.1
  • 2ef40c2 chore: Netlify branch deploys should only deploy default locale "en" (#7788)
  • d88f248 chore: add Netlify config for major version branch deploys (docusaurus-v2 branch) (#7787)
  • e4fc47b Merge branch 'main' into docusaurus-v2
  • 7f40350 chore: fix codesandbox playgrounds, use Node.js 16 version (#7784)
  • 1065e55 refactor(core): log Docusaurus & Node version before exiting (#7781)
  • 965a01e chore: port-2.0.0-rc.1 (#7782)
  • e78a15e chore: ci tests should run on version branches "docusaurus-vX" (#7783)
  • c751bc6 chore: regen v2.0.0-rc.1 examples (#7780)
  • d255389 chore: prepare v2.0.0-rc.1 release (#7778)
  • 443914a docs: add Bruce Wiki website to showcase (#7770)
  • f913af0 docs: release process, versioning, breaking changes, public API surface (#7706)
  • 9788944 refactor(theme): fix duplicate page metadata usage (#7777)
  • c48f338 fix(core): swizzle --eject js should not copy theme .d.ts files (#7776)
  • c3d2e0d fix(sitemap): complete gracefully when all pages have noIndex meta (#7774)
  • 665c311 chore: bump Infima to 0.2.0-alpha.42, fix a:hover link bug (#7771)
  • 1899a2e docs: add EverShop website to showcase (#7765)
  • 542228e fix(deploy): revert "feat(deploy): copy local git config to tmp repo (#7702)" (#7750)
  • a4b4a7f fix(migrate): import siteConfig with file extension (#7766)
  • 337463a chore(theme-translations): complete ko translations (#7762)
  • 9467da6 chore(deps): bump actions/setup-node from 3.3.0 to 3.4.0 (#7764)
  • cba8be0 fix(theme-classic): validate options properly (#7755)
  • 636d470 refactor(core): use has instead of get to test for existence in ExecEnv (#7763)
  • f21dadf docs: add StackQL Provider Registry to showcase (#7760)
See the full diff
Check the changes in this PR to ensure they won't cause issues with your project. ------------ **Note:** *You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.* For more information: šŸ§ [View latest project report](https://app.snyk.io/org/dalexhd/project/fa99c619-3228-4c44-8a47-37a800e69237?utm_source=github&utm_medium=referral&page=fix-pr) šŸ›  [Adjust project settings](https://app.snyk.io/org/dalexhd/project/fa99c619-3228-4c44-8a47-37a800e69237?utm_source=github&utm_medium=referral&page=fix-pr/settings) šŸ“š [Read more about Snyk's upgrade and patch logic](https://support.snyk.io/hc/en-us/articles/360003891078-Snyk-patches-to-fix-vulnerabilities) [//]: # (snyk:metadata:{"prId":"17c36c80-c234-48fd-bfa7-169c9da2af5e","prPublicId":"17c36c80-c234-48fd-bfa7-169c9da2af5e","dependencies":[{"name":"@docusaurus/core","from":"2.0.0-alpha.63","to":"2.0.1"},{"name":"@docusaurus/preset-classic","from":"2.0.0-alpha.63","to":"2.0.1"}],"packageManager":"npm","projectPublicId":"fa99c619-3228-4c44-8a47-37a800e69237","projectUrl":"https://app.snyk.io/org/dalexhd/project/fa99c619-3228-4c44-8a47-37a800e69237?utm_source=github&utm_medium=referral&page=fix-pr","type":"auto","patch":[],"vulns":["SNYK-JS-BRACES-6838727","SNYK-JS-MICROMATCH-6838728"],"upgrade":["SNYK-JS-BRACES-6838727","SNYK-JS-MICROMATCH-6838728"],"isBreakingChange":true,"env":"prod","prType":"fix","templateVariants":["priorityScore"],"priorityScoreList":[661,661],"remediationStrategy":"vuln"}) --- **Learn how to fix vulnerabilities with free interactive lessons:** šŸ¦‰ [Uncontrolled resource consumption](https://learn.snyk.io/lesson/redos/?loc=fix-pr)
github-actions[bot] commented 5 months ago

Great PR! Please pay attention to the following items before merging:

Files matching docs/**:

This is an automatically generated QA checklist based on modified files.