Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

[Snyk] Fix for 1 vulnerabilities #33

Open
wants to merge 1 commit into
base: master
Choose a base branch
from

Conversation

GTVolk
Copy link
Member

@GTVolk GTVolk commented Dec 1, 2023

This PR was automatically created by Snyk using the credentials of a real user.


Snyk has created this PR to fix one or more vulnerable packages in the `npm` dependencies of this project.

Changes included in this PR

  • Changes to the following files to upgrade the vulnerable dependencies to a fixed version:
    • package.json

Vulnerabilities that will be fixed

With an upgrade:
Severity Priority Score (*) Issue Breaking Change Exploit Maturity
high severity 661/1000
Why? Recently disclosed, Has a fix available, CVSS 7.5
Missing Release of Resource after Effective Lifetime
SNYK-JS-INFLIGHT-6095116
Yes No Known Exploit

(*) Note that the real score may have changed since the PR was raised.

Commit messages
Package name: eslint The new version differs by 134 commits.
  • a7985a6 6.0.0
  • be74dd9 Build: changelog update for 6.0.0
  • 81aa06b Upgrade: [email protected] (#11869)
  • 5f022bc Fix: no-else-return autofix produces name collisions (fixes #11069) (#11867)
  • ded9548 Fix: multiline-comment-style incorrect message (#11864)
  • cad074d Docs: Add JSHint W047 compat to no-floating-decimal (#11861)
  • 41f6304 Upgrade: sinon (#11855)
  • 167ce87 Chore: remove unuseable profile command (#11854)
  • c844c6f Fix: max-len properly ignore trailing comments (fixes #11838) (#11841)
  • 1b5661a Fix: no-var should not fix variables named 'let' (fixes #11830) (#11832)
  • 4d75956 Build: CI with Azure Pipelines (#11845)
  • 1db3462 Chore: rm superfluous argument & fix perf-multifiles-targets (#11834)
  • c57a4a4 Upgrade: @ babel/polyfill => core-js v3 (#11833)
  • 65faa04 Docs: Clarify prefer-destructuring array/object difference (fixes #9970) (#11851)
  • 81c3823 Fix: require-atomic-updates reports parameters (fixes #11723) (#11774)
  • aef8ea1 Sponsors: Sync README with website
  • 4f48f5a 6.0.0-rc.0
  • 6bad650 Build: changelog update for 6.0.0-rc.0
  • f403b07 Update: introduce minKeys option to sort-keys rule (fixes #11624) (#11625)
  • 87451f4 Fix: no-octal should report NonOctalDecimalIntegerLiteral (fixes #11794) (#11805)
  • e4ab053 Update: support "bigint" in valid-typeof rule (#11802)
  • e0fafc8 Chore: removes unnecessary assignment in loop (#11780)
  • 20908a3 Docs: removed '>' prefix from from docs/working-with-rules (#11818)
  • 1c43eef Sponsors: Sync README with website

See the full diff

Package name: gatsby The new version differs by 250 commits.
  • 7c43f38 chore(release): Publish
  • 9a087ec fix(gatsby): fix eperm when cache getting cleared (#35154) (#35197)
  • a56b652 fix(gatsby): PnP fixes (#35194) (#35199)
  • 0b6067a fix(gatsby): remove apis from ts,tsx (#35183) (#35198)
  • f080b46 chore(release): Publish
  • 0275fad fix(gatsby-plugin-preact): fix preact alias (#35156) (#35169)
  • 3ac159f fix(gatsby-plugin-utils): Add missing fs-extra dep (#35165) (#35168)
  • 0f2ec73 fix(gatsby-cli): Resolve babel preset ts explicitly (#35153) (#35167)
  • 24b9fde chore(release): Publish
  • f10eb58 chore: Update eslintignore
  • 4753cf9 chore(docs): Update migration guide to add more info about image resolvers (#35105)
  • cd0b80c chore(docs): update documentation for node-fetch to use CommonJS (#35129)
  • 9690c7c fix(gatsby-plugin-sharp): Handle diff duotone settings (#35075)
  • bf8392c chore(gatsby): add generic to GatsbyFunctionRequest (#35029)
  • c5b8bb9 fix(deps): update starters and examples - gatsby (#35085)
  • 56fbf8d feat(gatsby-core-utils,gatsby-cli): Allow write to gatsby-config.ts (#35074)
  • fb9c014 chore(plugins): Deprecate create client paths plugin (#35124)
  • 500d17a chore(docs): Update query-execution.md (#35115)
  • 6d01f21 docs(gh-pages): improve separate repository instructions (#35118)
  • c02d256 chore(docs): Fix typos (#35119)
  • a5cd72a fix(gatsby): use lmdb for resultHash cache so shared across workers (#34925)
  • c0f394d fix(create-gatsby): Update wordpress deps in schema (#35107)
  • 46e2902 fix(gatsby): null check for context (#35096)
  • 5852dc8 feat(gatsby): Capture number of compiled TS files in Telemetry (#35023)

See the full diff

Package name: gatsby-plugin-sharp The new version differs by 250 commits.
  • 78f8c7a chore(release): Publish
  • 4dcdeb1 chore(gatsby): Add env log for build and remove incorrect log for functions (#36462) (#36466)
  • 41de1f0 feat(gatsby): add partial hydration flag (#36436)
  • b8c2072 fix(gatsby-source-graphql): add dataLoaderOptions validation to gatsby-source-graphql (#36112)
  • b45debc chore(docs): fix incorrect closing tag in tutorial (#36459)
  • 222793d chore(docs): Update plugin count in part 3 of the tutorial (#36455)
  • 3222684 chore(docs): Fix page link to page 6 of remark tutorial (#36437)
  • 0b458e6 chore(docs): Fix some typos (#36431)
  • 1bf2358 fix(gatsby): remove resource query from warnings (#36439)
  • 0d896ae chore(gatsby-plugin-sharp,gatsby-plugin-utils,gatsby-remark-images,gatsby-transformer-sharp): bump min potrace version (#36443)
  • a21510e docs: plugin image / image cdn (#36423)
  • 8043d7e feat(docs): add webiny to headless cms list (#36388)
  • 240dfac chore: update using-image-processing example (#36421)
  • b361081 chore(gatsby): drop eslint-plugin-graphql (#36364)
  • 2e67161 chore(docs): Update tutorial to Head API (#36378)
  • 77190f4 fix(deps): update starters and examples - gatsby (#36416)
  • c92404b chore(changelogs): update changelogs (#36417)
  • b7b3577 fix(gatsby-plugin-react-helmet): Typo in `onPreInit` warning (#36419)
  • 7b3286c chore(docs): Add note about query name to MDX
  • dc283d7 chore: Use GCS for pipeline tests (#36413)
  • 3760a0e feat(gatsby): Add option to emit TS types during build (#36405)
  • c01806e chore(release): Publish next
  • a05201e fix(gatsby): Prevent errors if `Head` has root text node (#36402)
  • 9d737b6 fix(gatsby): close parcel cache db before clearing cache and retrying (#36377)

See the full diff

Package name: node-sass The new version differs by 90 commits.
  • 3b556c1 7.0.2
  • c716359 Bump sass-graph@^4.0.1 (#3292)
  • 24741b3 docs(readme): fix docpad plugin link
  • 1523330 feat: Drop Node 12
  • 365d357 update https://registry.npm.taobao.org to https://registry.npmmirror.com
  • 1456114 build(deps): bump actions/upload-artifact from 2 to 3
  • b465b69 chore: bump GitHub Actions to Windows 2019 (#3254)
  • e6194b1 build(deps): bump make-fetch-happen from 9.1.0 to 10.0.4
  • 4edf594 build(deps): bump node-gyp from 8.4.1 to 9.0.0
  • 29e2344 build(deps): bump actions/checkout from 2 to 3
  • 85b0d22 build(deps): bump actions/setup-node from 2 to 3
  • 3bb51da Use make-fetch-happen instead of request (#3193)
  • adc2f8b build(deps): bump true-case-path from 1.0.3 to 2.2.1 (#3000)
  • 77d12f0 chore: disable Apline for Node 16/17 builds
  • 308d533 ci: use Python 3 for Node 12
  • c818907 ci: unpin actions/setup-node to v2
  • 99242d7 7.0.1
  • 77049d1 build(deps): bump sass-graph from 2.2.5 to 4.0.0 (#3224)
  • c929f25 build(deps): bump node-gyp from 7.1.2 to 8.4.1 (#3209)
  • 918dcb3 Lint fix
  • 0a21792 Set rejectUnauthorized to true by default (#3149)
  • e80d4af chore: Drop EOL Node 15 (#3122)
  • d753397 feat: Add Node 17 support (#3195)
  • dcf2e75 build(deps-dev): bump eslint from 7.32.0 to 8.0.0

See the full diff

Package name: stylelint The new version differs by 250 commits.
  • 04af9e4 13.0.0
  • 704f6a2 Prepare 13.0.0
  • 50ba8a9 Reorder changelog
  • 1666bba Update devDependencies (#4542)
  • 062d298 Reindent nodejs.yml (#4541)
  • a24e44a Fix atypical rule README structure (#4537)
  • 616ad71 Bump husky from 4.0.3 to 4.0.6 (#4536)
  • 5e58ee7 Bump globby from 10.0.2 to 11.0.0 (#4528)
  • eaee6a4 Refactor CLI options definition (#4530)
  • 6a2ffbd Fix plugin path
  • 644b713 Fix Windows path problem
  • 1005cbd Add info about invalid syntax in FAQ (#4535)
  • 18b1f99 Fix help text indentation (#4531)
  • d3c4a9f Update CHANGELOG.md
  • 32f67e7 Update CHANGELOG.md
  • 04ec577 Bump globby from 10.0.1 to 11.0.0
  • d9dbce2 Process multiple spaces in media-feature-parentheses-space-inside (#4513)
  • 1dc203e Regenerate package-lock.json (#4517)
  • 36bf292 Bump husky from 3.1.0 to 4.0.3 (#4527)
  • f5529d5 Bump @ types/micromatch from 3.1.1 to 4.0.0 (#4526)
  • a254fd2 Bump got from 10.2.0 to 10.2.1 (#4525)
  • f2e9f02 Bump remark-validate-links from 9.0.1 to 9.1.0 (#4524)
  • 74d5233 Remove unneeded `@ types/meow` package (#4523)
  • cef0b95 Update CHANGELOG.md

See the full diff

Check the changes in this PR to ensure they won't cause issues with your project.


Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information:
🧐 View latest project report

🛠 Adjust project settings

📚 Read more about Snyk's upgrade and patch logic


Learn how to fix vulnerabilities with free interactive lessons:

🦉 Learn about vulnerability in an interactive lesson of Snyk Learn.

The following vulnerabilities are fixed with an upgrade:
- https://snyk.io/vuln/SNYK-JS-INFLIGHT-6095116
Copy link

netlify bot commented Dec 1, 2023

Deploy Preview for devvault failed.

Name Link
🔨 Latest commit 656a16c
🔍 Latest deploy log https://app.netlify.com/sites/devvault/deploys/6569224225b5ec0007ac1481

Copy link

sonarqubecloud bot commented Dec 1, 2023

Kudos, SonarCloud Quality Gate passed!    Quality Gate passed

Bug A 0 Bugs
Vulnerability A 0 Vulnerabilities
Security Hotspot A 0 Security Hotspots
Code Smell A 0 Code Smells

No Coverage information No Coverage information
0.0% 0.0% Duplication

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

2 participants