haysclark / gatsby-starter-casper

The Casper theme v1.4 ported to GatsbyJS
https://haysclark.github.io/gatsby-starter-casper/
MIT License
198 stars 54 forks source link

[Snyk] Security upgrade gatsby-plugin-sharp from 2.0.17 to 2.6.31 #78

Open snyk-bot opened 2 years ago

snyk-bot commented 2 years ago

Snyk has created this PR to fix one or more vulnerable packages in the `npm` dependencies of this project.

merge advice

Changes included in this PR

⚠️ Warning ``` Failed to update the package-lock.json, please update manually before merging. ```

Vulnerabilities that will be fixed

With an upgrade:
Severity Priority Score (*) Issue Breaking Change Exploit Maturity
high severity 768/1000
Why? Proof of Concept exploit, Recently disclosed, Has a fix available, CVSS 7.5
Prototype Pollution
SNYK-JS-ASYNC-2441827
No Proof of Concept

(*) Note that the real score may have changed since the PR was raised.

Commit messages
Package name: gatsby-plugin-sharp The new version differs by 250 commits.
  • 83cd408 chore(release): Publish
  • d6f0318 chore: use packlist for cleanup-package-dir (#26657)
  • aa300f4 chore(docs):fixed file names and links in query-execution (#26680)
  • 11ab72a chore(docs): fixed some links in query-execution (#26555)
  • fed2619 fix(docs): query filters -> update dictionary, code fences, fix code, brand name (#26408)
  • 7de5f18 add code fences (#26409)
  • 823e473 fix(docs): schema -> fix 404, remove deleted page from sidebar, apply redirects (#26461)
  • 21b94df Docs - Remove not inclusive words (#26294)
  • 652af04 fix(docs): schema -> code fences, code fix (#26462)
  • 6b96972 chore(docs): Update GraphQL spelling in README.md (#26693)
  • c2aeded fix(gatsby): properly unlock processes onExit (#26670)
  • 93fdc09 fix(gatsby): only enable debugger when argument is given (#26669)
  • 7e83ace chore(docs): fix typos (#26682)
  • c40434a chore(docs): Fix a typo (#26665)
  • 18f6b4d chore(docs): Fix typos (#26663)
  • dedd37f chore(gatsby-plugin-sharp, gatsby-transformer-sharp): update dependencies (#26259)
  • 7975b91 chore(gatsby-recipes): Add a contributing.md to recipes (#26583)
  • ac72bfb chore(release): Publish
  • 703678e Admin/recipes gui (#26243)
  • 04c75bb fix(gatsby): fix error from ts conversion (#26681)
  • 25e3a63 fix(gatsby): fix materialization edge case with nullish values (#26677)
  • 19020c2 chore(benchmarks): set semver to match any patch/minor for most deps (#26679)
  • 608f40c chore: cherrypick Renovate updates (#26582)
  • 6ba68f8 feat(gatsby): Support React 17's new JSX Transform (#26652)
See the full diff

Check the changes in this PR to ensure they won't cause issues with your project.


Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information: 🧐 View latest project report

🛠 Adjust project settings

📚 Read more about Snyk's upgrade and patch logic


Learn how to fix vulnerabilities with free interactive lessons:

🦉 Prototype Pollution