Open snyk-bot opened 3 years ago
(*) Note that the real score may have changed since the PR was raised.
Check the changes in this PR to ensure they won't cause issues with your project.
Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.
For more information: 🧐 View latest project report
🛠 Adjust project settings
📚 Read more about Snyk's upgrade and patch logic
Snyk has created this PR to fix one or more vulnerable packages in the `npm` dependencies of this project.
Changes included in this PR
⚠️ Warning
``` Failed to update the package-lock.json, please update manually before merging. ```Vulnerabilities that will be fixed
With an upgrade:
Why? Proof of Concept exploit, CVSS 7.3
SNYK-JS-Y18N-1021887
(*) Note that the real score may have changed since the PR was raised.
Commit messages
Package name: gatsby
The new version differs by 250 commits.- ba46e99 chore(release): Publish
- 8494a1b Move to @gatsbyjs scoped version of yarn (#11759)
- 67c0131 fix(blog): 2019-01-01 json code blocks (#11750)
- d1ae7ab fix(starters): update dependency gatsby to ^2.1.0 (#11745)
- 03fae48 fix(starters): update dependency prop-types to ^15.7.2 (#11748)
- 5e7899c feat(showcase): add Incremental.com.au (#11729)
- 8f7f8cd feat(starters): add starter magicsoup.io (#11670)
- bb147bd docs(gatsby): Add documentation for useStaticQuery (#11741)
- 9896fa0 chore(release): Publish
- f149c4c feat(gatsby): add useStaticQuery hook (#11588)
- a68769d chore(release): Publish
- 0caea8b chore(docs): reword CSS in JS docs for clarity (#11439)
- 67daa2d chore: Upgrade Prettier related packages to the latest (#11735)
- 8a6db6a fix(core): added event source polyfill in develop to fix IE/edge hmr (#11582)
- 3024839 chore: minify svg husky hook (#10560)
- 22c41fb docs: add videos for Gatsby Link + rewrite for flow (#11700)
- 0baa034 docs: add egghead lesson to quickstart (#11699)
- 3198ca5 Update sites.yml (#11713)
- 5dc5640 fix(starters): update dependency gatsby-transformer-remark to ^2.2.5 (#11718)
- fadd172 fix(starters): clean up redundant/incorrect tags
- 41b4f89 chore(release): Publish
- 29dee3f fix(gatsby-transformer-remark): restore behavior of serializing date-like fields to string (#11716)
- 128b156 chore: fix circle ci workflow (#11715)
- bab4eae Docs/client search with js search (#11505)
See the full diffCheck the changes in this PR to ensure they won't cause issues with your project.
Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.
For more information:
🧐 View latest project report
🛠 Adjust project settings
📚 Read more about Snyk's upgrade and patch logic