search

stanleyowen / otlio

An open source project of Todo which is easy to use and easy to organize!
https://otlio.netlify.app
MIT License
23 stars 4 forks source link

[Snyk] Upgrade @fortawesome/react-fontawesome from 0.1.19 to 0.2.0 #411

Closed stanleyowen closed 1 year ago

stanleyowen commented 1 year ago

This PR was automatically created by Snyk using the credentials of a real user.


Snyk has created this PR to upgrade @fortawesome/react-fontawesome from 0.1.19 to 0.2.0.

:information_source: Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.
- The recommended version is **1 version** ahead of your current version. - The recommended version was released **10 months ago**, on 2022-06-29. The recommended version fixes: Severity | Issue | PriorityScore (*) | Exploit Maturity | :-------------------------:|:-------------------------|-------------------------|:------------------------- | Sandbox Bypass
[SNYK-JS-WEBPACK-3358798](https://snyk.io/vuln/SNYK-JS-WEBPACK-3358798) | **522/1000**
**Why?** Proof of Concept exploit, CVSS 8.3 | Proof of Concept | Regular Expression Denial of Service (ReDoS)
[SNYK-JS-ANSIREGEX-1583908](https://snyk.io/vuln/SNYK-JS-ANSIREGEX-1583908) | **522/1000**
**Why?** Proof of Concept exploit, CVSS 8.3 | Proof of Concept | Prototype Pollution
[SNYK-JS-LOADERUTILS-3043105](https://snyk.io/vuln/SNYK-JS-LOADERUTILS-3043105) | **522/1000**
**Why?** Proof of Concept exploit, CVSS 8.3 | No Known Exploit | Regular Expression Denial of Service (ReDoS)
[SNYK-JS-MINIMATCH-3050818](https://snyk.io/vuln/SNYK-JS-MINIMATCH-3050818) | **522/1000**
**Why?** Proof of Concept exploit, CVSS 8.3 | No Known Exploit | Information Exposure
[SNYK-JS-FOLLOWREDIRECTS-2332181](https://snyk.io/vuln/SNYK-JS-FOLLOWREDIRECTS-2332181) | **522/1000**
**Why?** Proof of Concept exploit, CVSS 8.3 | Proof of Concept | Prototype Pollution
[SNYK-JS-JSON5-3182856](https://snyk.io/vuln/SNYK-JS-JSON5-3182856) | **522/1000**
**Why?** Proof of Concept exploit, CVSS 8.3 | Proof of Concept | Prototype Pollution
[SNYK-JS-JSON5-3182856](https://snyk.io/vuln/SNYK-JS-JSON5-3182856) | **522/1000**
**Why?** Proof of Concept exploit, CVSS 8.3 | Proof of Concept | Regular Expression Denial of Service (ReDoS)
[SNYK-JS-LOADERUTILS-3042992](https://snyk.io/vuln/SNYK-JS-LOADERUTILS-3042992) | **522/1000**
**Why?** Proof of Concept exploit, CVSS 8.3 | No Known Exploit | Regular Expression Denial of Service (ReDoS)
[SNYK-JS-LOADERUTILS-3105943](https://snyk.io/vuln/SNYK-JS-LOADERUTILS-3105943) | **522/1000**
**Why?** Proof of Concept exploit, CVSS 8.3 | No Known Exploit | Regular Expression Denial of Service (ReDoS)
[SNYK-JS-LOADERUTILS-3042992](https://snyk.io/vuln/SNYK-JS-LOADERUTILS-3042992) | **522/1000**
**Why?** Proof of Concept exploit, CVSS 8.3 | No Known Exploit | Regular Expression Denial of Service (ReDoS)
[SNYK-JS-LOADERUTILS-3105943](https://snyk.io/vuln/SNYK-JS-LOADERUTILS-3105943) | **522/1000**
**Why?** Proof of Concept exploit, CVSS 8.3 | No Known Exploit | Information Exposure
[SNYK-JS-FOLLOWREDIRECTS-2396346](https://snyk.io/vuln/SNYK-JS-FOLLOWREDIRECTS-2396346) | **522/1000**
**Why?** Proof of Concept exploit, CVSS 8.3 | No Known Exploit (*) Note that the real score may have changed since the PR was raised.
Release notes
Package name: @fortawesome/react-fontawesome
  • 0.2.0 - 2022-06-29

    Added

    • Support for React forwardRef if using React >= 16.3
  • 0.1.19 - 2022-06-29

    Fixed

    • Added missing beatFade, spinPulse, and spinReverse animations
from @fortawesome/react-fontawesome GitHub release notes
Commit messages
Package name: @fortawesome/react-fontawesome
  • f3585b7 Adjust CI to include FA deps in matrix
  • 295baab Removing React 16.2 as it's no longer supported
  • de58148 Update tag for release
  • e32a0cb Use forwardRef rather than custom `forwardedRef` prop (#503)
  • 6e1663b Fix a few missing animations (#516)
  • c28e82b Deps updates
  • c86b4e6 Deps updates from npm audit
  • fd719e8 Bump async from 2.6.3 to 2.6.4 in /examples/create-react-app (#507)
  • 11e4cea Bump minimist in /examples/create-react-app-typescript (#513)
  • f3005cd Bump async from 2.6.3 to 2.6.4 in /examples/create-react-app-typescript (#514)
Compare
**Note:** *You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.* For more information: 🧐 [View latest project report](https://app.snyk.io/org/stanleyowen06/project/6c4f0783-1007-4aa3-8da0-92885788a6c2?utm_source=github&utm_medium=referral&page=upgrade-pr) 🛠 [Adjust upgrade PR settings](https://app.snyk.io/org/stanleyowen06/project/6c4f0783-1007-4aa3-8da0-92885788a6c2/settings/integration?utm_source=github&utm_medium=referral&page=upgrade-pr) 🔕 [Ignore this dependency or unsubscribe from future upgrade PRs](https://app.snyk.io/org/stanleyowen06/project/6c4f0783-1007-4aa3-8da0-92885788a6c2/settings/integration?pkg=@fortawesome/react-fontawesome&utm_source=github&utm_medium=referral&page=upgrade-pr#auto-dep-upgrades)
netlify[bot] commented 1 year ago

Deploy Preview for otlio ready!

Name Link
Latest commit 906da4ecc766eb256d85d352759560c7c7ac65c8
Latest deploy log https://app.netlify.com/sites/otlio/deploys/6441fd30fb07a800088fac68
Deploy Preview https://deploy-preview-411--otlio.netlify.app/
Preview on mobile
Toggle QR Code...

QR Code

Use your smartphone camera to open QR code link.

To edit notification comments on pull requests, go to your Netlify site settings.