[Snyk] Security upgrade gatsby-image from 2.0.9 to 3.11.0

[atherdon]

This PR was automatically created by Snyk using the credentials of a real user.

Snyk has created this PR to fix one or more vulnerable packages in the `npm` dependencies of this project.

Changes included in this PR

• Changes to the following files to upgrade the vulnerable dependencies to a fixed version:
  • package.json
  • package-lock.json

Vulnerabilities that will be fixed

With an upgrade:

Severity	Priority Score (*)	Issue	Breaking Change	Exploit Maturity
	696/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 7.5	Regular Expression Denial of Service (ReDoS) SNYK-JS-ANSIREGEX-1583908	Yes	Proof of Concept
	539/1000 Why? Has a fix available, CVSS 6.5	Information Exposure SNYK-JS-NODEFETCH-2342118	Yes	No Known Exploit
	520/1000 Why? Has a fix available, CVSS 5.9	Denial of Service SNYK-JS-NODEFETCH-674311	Yes	No Known Exploit
	696/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 7.5	Regular Expression Denial of Service (ReDoS) SNYK-JS-UAPARSERJS-1023599	Yes	Proof of Concept
	616/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 5.9	Regular Expression Denial of Service (ReDoS) SNYK-JS-UAPARSERJS-1072471	Yes	Proof of Concept
	696/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 7.5	Regular Expression Denial of Service (ReDoS) SNYK-JS-UAPARSERJS-610226	Yes	Proof of Concept
	586/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 5.3	Regular Expression Denial of Service (ReDoS) npm:ua-parser-js:20180227	Yes	Proof of Concept

(*) Note that the real score may have changed since the PR was raised.

Commit messages

Package name: gatsby-image

The new version differs by 250 commits.

• 115e631 chore(release): Publish
• 9b42793 fix(gatsby): correct results for multiple range filters with indexes (#32406)
• da35203 fix(gatsby-plugin-gatsby-cloud): Use fs instead of require to get webpack stats because require is cached (#32535)
• 7f41dcc docs(tutorial): add part 6 (#32527)
• 9fdde2d chore(release): Publish next
• 50a3eec fix(gatsby): PQR - Wait for Jobs to be Completed before restarting (#32520)
• e346ea2 fix(deps): update starters and examples gatsby packages to ^3.10.2 (#32515)
• ddfa508 chore(docs): Fix typo in File System Route API doc (#32517)
• 3651e93 chore(docs): Optimize image (#32519)
• 7d3b476 chore(docs): Fix typo in documentation for assetPrefix (#32499)
• 2c38377 chore(release): Publish next
• 2dbe647 fix(gatsby): correct pagination logic (#32496)
• c985fa8 chore(release): Publish next
• fd1d8cc fix(gatsby): merge data deps state instead of replaying actions (#32440)
• 270a549 chore(release): Publish next
• 0f8d747 fix(gatsby-plugin-mdx): generate mdx once when multiple mdx fields requested (#32462)
• fc06a4e chore(docs): Fix a minor typo "with" > "will" (#32491)
• 33f9855 fix(gatsby): Configurable PQR chunksize by env var (#32487)
• bfe8852 chore(validate-starters): Remove `npm audit` step (#32470)
• 6b75dbd chore(gatsby-admin): add allowlist of files (#32486)
• 29f272c chore(release): Publish next
• 7601014 feat: store partial page-data results in lmdb (#32431)
• f4a6525 fix(gatsby): Add encoding option to GatsbyCacheLmdb (#32466)
• 4535119 fix(deps): update starters and examples - gatsby (#32443)

See the full diff

Check the changes in this PR to ensure they won't cause issues with your project.

---

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information:
🧐 View latest project report

🛠 Adjust project settings

📚 Read more about Snyk's upgrade and patch logic

---

Learn how to fix vulnerabilities with free interactive lessons:

🦉 Regular Expression Denial of Service (ReDoS)