Open svcsnyksanity opened 1 month ago
vercel[bot]
commented
1 month ago The latest updates on your projects. Learn more about Vercel for Git ↗︎
| Name | Status | Preview | Comments | Updated (UTC) |
|---|---|---|---|---|
| template-astro-clean | ✅ Ready (Inspect) | Visit Preview | 💬 Add feedback | Oct 22, 2024 9:37pm |
socket-security[bot]
commented
1 month ago New and removed dependencies detected. Learn more about Socket for GitHub ↗︎
| Package | New capabilities | Transitives | Size | Publisher |
|---|---|---|---|---|
| npm/sanity@3.62.0 | Transitive: environment, eval, filesystem, network, shell, unsafe | +820 |
629 MB | bjoerge |
🚮 Removed packages: npm/sanity@3.48.1
Snyk has created this PR to fix one or more vulnerable packages in the `npm` dependencies of this project.
Changes included in this PR
Vulnerabilities that will be fixed
With an upgrade:
Why? Proof of Concept exploit, Has a fix available, CVSS 6.9
SNYK-JS-PATHTOREGEXP-7925106
(*) Note that the real score may have changed since the PR was raised.
Commit messages
Package name: sanity
The new version differs by 250 commits.- f352db8 v3.62.0
- 9c72c74 fix: warnings on React 19 (#7654)
- 5452e3d fix(deps): update dependency @ sanity/ui to ^2.8.10 (#7652)
- b6df802 fix(deps): update dependency @ sanity/ui to ^2.8.10 (#7653)
- 6c1d4c8 chore(deps): update dependency @ sanity/visual-editing to v2.2.2 (#7651)
- 4298fe0 fix(core): inherit readOnly state from ancestors in copyPaste function (#7643)
- c9b574d fix(deps): update dependency @ sanity/mutate to ^0.10.1 (#7650)
- 65d7e7e fix(deps): Update dev-non-major (#7649)
- 2bc49be fix(deps): update dependency @ sanity/presentation to v1.17.3 (#7648)
- 07c48a0 fix(deps): update dependency @ portabletext/editor to ^1.1.5 (#7638)
- 93a1114 fix(deps): update dependency @ sanity/presentation to v1.17.2 (#7647)
- 5a8965e fix(deps): Update dev-non-major (#7646)
- 3698fd3 fix(deps): update dependency @ sanity/presentation to v1.17.1 (#7645)
- 816067e chore(deps): update dependency @ sanity/preview-url-secret to v2 (#7641)
- 4973abc fix(deps): update dependency @ sanity/presentation to v1.17.0 (#7640)
- 97f1db0 fix(deps): Update dev-non-major (#7639)
- a4bd01d chore(cli): update help copy for deploy command (#7624)
- f1f21fd chore(test-studio): add asset types to structure navigation (#7631)
- 01d0313 chore(deps): update dependency sanity-diff-patch to v4 (#7630)
- a9525c8 feat: validate PR title against conventional commits (#7580)
- ede88ac chore(deps): update dependency @ sanity/tsdoc to v1.0.113 (#7627)
- 2e150f1 fix(deps): update dependency @ sanity/client to ^6.22.2 (#7625)
- 7f2c1ce chore(deps): update typescript-tooling (#7605)
- 02da757 fix: restore support for defaultOrdering. (#7626)
See the full diffCheck the changes in this PR to ensure they won't cause issues with your project.
Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.
For more information:
🧐 View latest project report
🛠 Adjust project settings
📚 Read more about Snyk's upgrade and patch logic
Learn how to fix vulnerabilities with free interactive lessons:
🦉 Regular Expression Denial of Service (ReDoS)