protoEvangelion / portfolio

Gatsby blog + portfolio
https://iamrhino.com
2 stars 2 forks source link

[Snyk] Fix for 2 vulnerabilities #125

Closed snyk-bot closed 3 years ago

snyk-bot commented 4 years ago

Snyk has created this PR to fix one or more vulnerable packages in the `npm` dependencies of this project.

Changes included in this PR

Vulnerabilities that will be fixed

With an upgrade:
Severity Issue Breaking Change Exploit Maturity
medium severity Prototype Pollution
SNYK-JS-FLAT-596927
No No Known Exploit
high severity Cross-site Scripting (XSS)
SNYK-JS-PRISMJS-597628
No No Known Exploit
Commit messages
Package name: gatsby The new version differs by 250 commits.
  • 0049249 chore(release): Publish
  • bc4a39b chore(gatsby-plugin-less): less-loader version 6.1.0 with tests and doc… (#24893)
  • 35cf175 chore(showcase): Removing my site from the showcase (#25322)
  • 96ba315 chore(showcase): Showcase addition: Real Estate Shows (#25340)
  • 04b9ea6 Remove micro modules (#23916)
  • 6e68f17 refactor(www): Turn HubspotForm to function component (#25495)
  • 88cfa77 enhancement(docs): dictionary.txt -> Infer* -> putting all code prefixed with infer into code blocks (#25339)
  • c41a800 Fix file name typo (#25494)
  • c58203f fix(www): Fix getting active item when pathname does not end with / (#24965)
  • 1a1177e fix: incorrect typedef parsing for interfaces (#24192)
  • baddf58 refactor pagination to function component (#25496)
  • 6a6ac17 fix(gatsby-plugin-google-analytics): Separate preconnect and dns-prefetch (#25279)
  • f08687c refactor(www): Make easy-to-convert class components into function components (#25489)
  • c9692ab chore(release): Publish
  • 5250a02 Revert "feat(gatsby): Track static queries by template (#25120)" (#25493)
  • 473d2c8 Remove file copy from www (#25429)
  • 3a94eb6 remove unused typobot file (#25490)
  • 7efdbd3 fix(gatsby-design-tokens): Add border definitions to theme (#25486)
  • 0ffe483 import layer icons directly (#25488)
  • d0b6a83 Switch layer-icon to pure SVGs (#25448)
  • 1081ea7 chore(showcase): Add Inbound Latino website (#25213)
  • 6cf4588 chore(release): Publish
  • e2af89d chore: update xstate and adjust code to not use deprecated transient transitions (#25483)
  • 6dc5458 remove last updated field on docs pages (#25399)
See the full diff
Package name: prismjs The new version differs by 250 commits.
  • 187c8a6 1.21.0
  • bf4f323 Changelog for v1.21.0 (#2507)
  • 8bba488 Previewers: Fixed XSS (#2506)
  • 158caf5 JSON: Greedy comments (#2479)
  • f0f8210 Batch: Fix escaped double quote (#2485)
  • 649e51e Added support for Dhall (#2473)
  • 453079b Line Numbers: Fixed class name on website
  • a0efa40 Fixed Treeview page (#2484)
  • 78161d6 VB: Added VBA alias (#2469)
  • ed1df1e Added support for YANG (#2467)
  • 447429f Line Numbers: Improved documentation (#2456)
  • 3fcce6f Added support for .gitignore (#2481)
  • 0c30c58 EditorConfig: Trim spaces before key and section title (#2482)
  • 2ff40fe Rust: Improvements (#2464)
  • 2805ae3 JSDoc: Improvements (#2466)
  • 398e294 Added support for Cypher (#2459)
  • 4f55052 JS: Improved regex detection (#2465)
  • 16fbe3e Bump lodash from 4.17.15 to 4.17.19 (#2478)
  • bea7a58 SQL: Added PostgreSQL `RETURNING` keyword (#2476)
  • 67f97e2 Kotlin: Added `kt` and `kts` aliases (#2474)
  • 4028520 Core: Fixed greedy matching bug (#2032)
  • ed8fff9 Added support for EditorConfig (#2471)
  • 278316c SAS: Improved macro string functions (#2463)
  • 537a9e8 CSP: Fixed directives (#2461)
See the full diff

Check the changes in this PR to ensure they won't cause issues with your project.


Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information: 🧐 View latest project report

🛠 Adjust project settings

📚 Read more about Snyk's upgrade and patch logic