search

stanleyowen / otlio

An open source project of Todo which is easy to use and easy to organize!
https://otlio.netlify.app
MIT License
23 stars 4 forks source link

[Snyk] Upgrade @fortawesome/react-fontawesome from 0.1.15 to 0.2.0 #391

Closed stanleyowen closed 1 year ago

stanleyowen commented 1 year ago

This PR was automatically created by Snyk using the credentials of a real user.


Snyk has created this PR to upgrade @fortawesome/react-fontawesome from 0.1.15 to 0.2.0.

![merge advice](https://app.snyk.io/badges/merge-advice/?package_manager=npm&package_name=@fortawesome/react-fontawesome&from_version=0.1.15&to_version=0.2.0&pr_id=54b7e8f8-6f3b-4730-8e30-710ad53ef97f&visibility=true&has_feature_flag=false) :information_source: Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.
- The recommended version is **5 versions** ahead of your current version. - The recommended version was released **4 months ago**, on 2022-06-29. The recommended version fixes: Severity | Issue | PriorityScore (*) | Exploit Maturity | :-------------------------:|:-------------------------|-------------------------|:------------------------- | Improper Input Validation
[SNYK-JS-URLPARSE-2407770](https://snyk.io/vuln/SNYK-JS-URLPARSE-2407770) | **512/1000**
**Why?** Proof of Concept exploit, CVSS 8.1 | Proof of Concept | Prototype Pollution
[SNYK-JS-UNSETVALUE-2400660](https://snyk.io/vuln/SNYK-JS-UNSETVALUE-2400660) | **512/1000**
**Why?** Proof of Concept exploit, CVSS 8.1 | No Known Exploit | Regular Expression Denial of Service (ReDoS)
[SNYK-JS-TMPL-1583443](https://snyk.io/vuln/SNYK-JS-TMPL-1583443) | **512/1000**
**Why?** Proof of Concept exploit, CVSS 8.1 | Proof of Concept | Arbitrary File Write
[SNYK-JS-TAR-1579155](https://snyk.io/vuln/SNYK-JS-TAR-1579155) | **512/1000**
**Why?** Proof of Concept exploit, CVSS 8.1 | No Known Exploit | Arbitrary File Write
[SNYK-JS-TAR-1579152](https://snyk.io/vuln/SNYK-JS-TAR-1579152) | **512/1000**
**Why?** Proof of Concept exploit, CVSS 8.1 | No Known Exploit | Arbitrary File Write
[SNYK-JS-TAR-1579147](https://snyk.io/vuln/SNYK-JS-TAR-1579147) | **512/1000**
**Why?** Proof of Concept exploit, CVSS 8.1 | No Known Exploit | Remote Code Execution (RCE)
[SNYK-JS-SHELLQUOTE-1766506](https://snyk.io/vuln/SNYK-JS-SHELLQUOTE-1766506) | **512/1000**
**Why?** Proof of Concept exploit, CVSS 8.1 | No Known Exploit | Improper Verification of Cryptographic Signature
[SNYK-JS-NODEFORGE-2430339](https://snyk.io/vuln/SNYK-JS-NODEFORGE-2430339) | **512/1000**
**Why?** Proof of Concept exploit, CVSS 8.1 | No Known Exploit | Command Injection
[SNYK-JS-LODASHTEMPLATE-1088054](https://snyk.io/vuln/SNYK-JS-LODASHTEMPLATE-1088054) | **512/1000**
**Why?** Proof of Concept exploit, CVSS 8.1 | Proof of Concept | Remote Code Execution (RCE)
[SNYK-JS-EJS-2803307](https://snyk.io/vuln/SNYK-JS-EJS-2803307) | **512/1000**
**Why?** Proof of Concept exploit, CVSS 8.1 | Proof of Concept | Prototype Pollution
[SNYK-JS-ASYNC-2441827](https://snyk.io/vuln/SNYK-JS-ASYNC-2441827) | **512/1000**
**Why?** Proof of Concept exploit, CVSS 8.1 | Proof of Concept | Regular Expression Denial of Service (ReDoS)
[SNYK-JS-ANSIHTML-1296849](https://snyk.io/vuln/SNYK-JS-ANSIHTML-1296849) | **512/1000**
**Why?** Proof of Concept exploit, CVSS 8.1 | Proof of Concept | Authorization Bypass Through User-Controlled Key
[SNYK-JS-URLPARSE-2412697](https://snyk.io/vuln/SNYK-JS-URLPARSE-2412697) | **512/1000**
**Why?** Proof of Concept exploit, CVSS 8.1 | Proof of Concept | Authorization Bypass
[SNYK-JS-URLPARSE-2407759](https://snyk.io/vuln/SNYK-JS-URLPARSE-2407759) | **512/1000**
**Why?** Proof of Concept exploit, CVSS 8.1 | Proof of Concept | Access Restriction Bypass
[SNYK-JS-URLPARSE-2401205](https://snyk.io/vuln/SNYK-JS-URLPARSE-2401205) | **512/1000**
**Why?** Proof of Concept exploit, CVSS 8.1 | Proof of Concept | Regular Expression Denial of Service (ReDoS)
[SNYK-JS-TERSER-2806366](https://snyk.io/vuln/SNYK-JS-TERSER-2806366) | **512/1000**
**Why?** Proof of Concept exploit, CVSS 8.1 | No Known Exploit | Regular Expression Denial of Service (ReDoS)
[SNYK-JS-TERSER-2806366](https://snyk.io/vuln/SNYK-JS-TERSER-2806366) | **512/1000**
**Why?** Proof of Concept exploit, CVSS 8.1 | No Known Exploit | Regular Expression Denial of Service (ReDoS)
[SNYK-JS-PROMPTS-1729737](https://snyk.io/vuln/SNYK-JS-PROMPTS-1729737) | **512/1000**
**Why?** Proof of Concept exploit, CVSS 8.1 | Proof of Concept | Denial of Service (DoS)
[SNYK-JS-NWSAPI-2841516](https://snyk.io/vuln/SNYK-JS-NWSAPI-2841516) | **512/1000**
**Why?** Proof of Concept exploit, CVSS 8.1 | No Known Exploit | Improper Verification of Cryptographic Signature
[SNYK-JS-NODEFORGE-2430341](https://snyk.io/vuln/SNYK-JS-NODEFORGE-2430341) | **512/1000**
**Why?** Proof of Concept exploit, CVSS 8.1 | No Known Exploit | Improper Verification of Cryptographic Signature
[SNYK-JS-NODEFORGE-2430337](https://snyk.io/vuln/SNYK-JS-NODEFORGE-2430337) | **512/1000**
**Why?** Proof of Concept exploit, CVSS 8.1 | No Known Exploit | Prototype Pollution
[SNYK-JS-NODEFORGE-2331908](https://snyk.io/vuln/SNYK-JS-NODEFORGE-2331908) | **512/1000**
**Why?** Proof of Concept exploit, CVSS 8.1 | No Known Exploit | Open Redirect
[SNYK-JS-NODEFORGE-2330875](https://snyk.io/vuln/SNYK-JS-NODEFORGE-2330875) | **512/1000**
**Why?** Proof of Concept exploit, CVSS 8.1 | Proof of Concept | Information Exposure
[SNYK-JS-NANOID-2332193](https://snyk.io/vuln/SNYK-JS-NANOID-2332193) | **512/1000**
**Why?** Proof of Concept exploit, CVSS 8.1 | Proof of Concept | Reverse Tabnabbing
[SNYK-JS-ISTANBULREPORTS-2328088](https://snyk.io/vuln/SNYK-JS-ISTANBULREPORTS-2328088) | **512/1000**
**Why?** Proof of Concept exploit, CVSS 8.1 | No Known Exploit | Prototype Pollution
[SNYK-JS-IMMER-1540542](https://snyk.io/vuln/SNYK-JS-IMMER-1540542) | **512/1000**
**Why?** Proof of Concept exploit, CVSS 8.1 | Proof of Concept | Regular Expression Denial of Service (ReDoS)
[SNYK-JS-GLOBPARENT-1016905](https://snyk.io/vuln/SNYK-JS-GLOBPARENT-1016905) | **512/1000**
**Why?** Proof of Concept exploit, CVSS 8.1 | Proof of Concept | Arbitrary Code Injection
[SNYK-JS-EJS-1049328](https://snyk.io/vuln/SNYK-JS-EJS-1049328) | **512/1000**
**Why?** Proof of Concept exploit, CVSS 8.1 | Proof of Concept | Regular Expression Denial of Service (ReDoS)
[SNYK-JS-BROWSERSLIST-1090194](https://snyk.io/vuln/SNYK-JS-BROWSERSLIST-1090194) | **512/1000**
**Why?** Proof of Concept exploit, CVSS 8.1 | Proof of Concept | Prototype Pollution
[SNYK-JS-MINIMIST-2429795](https://snyk.io/vuln/SNYK-JS-MINIMIST-2429795) | **512/1000**
**Why?** Proof of Concept exploit, CVSS 8.1 | Proof of Concept (*) Note that the real score may have changed since the PR was raised.
Release notes
Package name: @fortawesome/react-fontawesome
  • 0.2.0 - 2022-06-29

    Added

    • Support for React forwardRef if using React >= 16.3
  • 0.1.19 - 2022-06-29

    Fixed

    • Added missing beatFade, spinPulse, and spinReverse animations
  • 0.1.18 - 2022-03-16

    Added

    • Animations bounce, shake, fade, and beat-fade
    • Property maskId and titleId to allow consistent rendering on client and server

    Changed

    • Peer dependencies now include major version 6
  • 0.1.17 - 2022-01-28

    Added

    • New v6 sizes and animations
  • 0.1.16 - 2021-10-18

    Fixed

    • Include 1.3.0-beta versions in peer dependencies
  • 0.1.15 - 2021-08-03

    Fixed

    • Skip parse.icon if the icon is imported directly from an icon package
from @fortawesome/react-fontawesome GitHub release notes
Commit messages
Package name: @fortawesome/react-fontawesome
  • f3585b7 Adjust CI to include FA deps in matrix
  • 295baab Removing React 16.2 as it's no longer supported
  • de58148 Update tag for release
  • e32a0cb Use forwardRef rather than custom `forwardedRef` prop (#503)
  • 6e1663b Fix a few missing animations (#516)
  • c28e82b Deps updates
  • c86b4e6 Deps updates from npm audit
  • fd719e8 Bump async from 2.6.3 to 2.6.4 in /examples/create-react-app (#507)
  • 11e4cea Bump minimist in /examples/create-react-app-typescript (#513)
  • f3005cd Bump async from 2.6.3 to 2.6.4 in /examples/create-react-app-typescript (#514)
  • 872d0b0 Don't skip the majority of tests (#502)
  • 77e6da9 Release 0.0.18
  • fddf603 Allow 6 in peer deps
  • 8d6680d Removing `.only` on a test
  • 9f83d49 Adding maskId (#491)
  • ac63cd4 Adding titleId (#489)
  • 797dd75 Fixing duplicate props after merging two PRs (#488)
  • 77b9bde Fix fade prop and support beat-fade, bounce and shake props (#483) (#484)
  • 6b6af65 Add bounce and shake along with tests (#469)
  • 83a50e0 V6 Readme update (#461)
  • a038faf Release 0.1.17
  • 5b286b3 New v6 sizes and animations (#466)
  • c28de56 Removed second entry of Brian Talbot (#468)
  • 174bd60 Release 0.1.16
Compare
**Note:** *You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.* For more information: 🧐 [View latest project report](https://app.snyk.io/org/stanleyowen06/project/6c4f0783-1007-4aa3-8da0-92885788a6c2?utm_source=github&utm_medium=referral&page=upgrade-pr) 🛠 [Adjust upgrade PR settings](https://app.snyk.io/org/stanleyowen06/project/6c4f0783-1007-4aa3-8da0-92885788a6c2/settings/integration?utm_source=github&utm_medium=referral&page=upgrade-pr) 🔕 [Ignore this dependency or unsubscribe from future upgrade PRs](https://app.snyk.io/org/stanleyowen06/project/6c4f0783-1007-4aa3-8da0-92885788a6c2/settings/integration?pkg=@fortawesome/react-fontawesome&utm_source=github&utm_medium=referral&page=upgrade-pr#auto-dep-upgrades)
netlify[bot] commented 1 year ago

Deploy Preview for otlio ready!

Name Link
Latest commit fa9555c8e62288f41168080bb4a70e039a7015c8
Latest deploy log https://app.netlify.com/sites/otlio/deploys/634db8e6355ff00008514766
Deploy Preview https://deploy-preview-391--otlio.netlify.app/
Preview on mobile
Toggle QR Code...

QR Code

Use your smartphone camera to open QR code link.

To edit notification comments on pull requests, go to your Netlify site settings.