Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

[Snyk] Upgrade gatsby from 5.8.0-next.3 to 5.12.3 #21

Open
wants to merge 1 commit into
base: main
Choose a base branch
from

Conversation

X-oss-byte
Copy link
Owner

This PR was automatically created by Snyk using the credentials of a real user.


Snyk has created this PR to upgrade gatsby from 5.8.0-next.3 to 5.12.3.

ℹ️ Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.


  • The recommended version is 62 versions ahead of your current version.
  • The recommended version was released a month ago, on 2023-08-28.

The recommended version fixes:

Severity Issue PriorityScore (*) Exploit Maturity
Uncaught Exception
SNYK-JS-ENGINEIO-5496331
589/1000
Why? Has a fix available, CVSS 7.5
No Known Exploit
Information Exposure
SNYK-JS-GATSBY-5671647
589/1000
Why? Has a fix available, CVSS 7.5
Proof of Concept

(*) Note that the real score may have changed since the PR was raised.

Release notes
Package name: gatsby
  • 5.12.3 - 2023-08-28

    [email protected]

  • 5.12.2 - 2023-08-28

    [email protected]

  • 5.12.1 - 2023-08-24

    [email protected]

  • 5.12.0 - 2023-08-24

    [email protected]

  • 5.12.0-next.1 - 2023-07-03
  • 5.12.0-next.0 - 2023-06-15
  • 5.11.0 - 2023-06-15
  • 5.11.0-touch-nodes-fix.4 - 2023-06-14
  • 5.11.0-next.1 - 2023-06-05
  • 5.11.0-next.0 - 2023-05-16
  • 5.10.0 - 2023-05-16
  • 5.10.0-next.4 - 2023-05-03
  • 5.10.0-next.3 - 2023-04-27
  • 5.10.0-next.2 - 2023-04-27
  • 5.10.0-next.1 - 2023-04-19
  • 5.10.0-next.0 - 2023-04-18
  • 5.10.0-infer-block-less.13 - 2023-05-09
  • 5.10.0-infer-block-less.12 - 2023-05-09
  • 5.10.0-infer-block-less.11 - 2023-05-08
  • 5.10.0-infer-block-less.8 - 2023-05-08
  • 5.10.0-infer-block-less.7 - 2023-05-05
  • 5.10.0-infer-block-less.6 - 2023-05-05
  • 5.10.0-infer-block-less.5 - 2023-05-05
  • 5.10.0-gatsby-gc.20 - 2023-05-16
  • 5.10.0-gatsby-gc.19 - 2023-05-16
  • 5.10.0-gatsby-gc.18 - 2023-05-16
  • 5.10.0-gatsby-gc.17 - 2023-05-15
  • 5.10.0-gatsby-gc.16 - 2023-05-15
  • 5.10.0-gatsby-gc.15 - 2023-05-15
  • 5.10.0-gatsby-gc.14 - 2023-05-15
  • 5.10.0-alpha-adapters.165 - 2023-07-14
  • 5.10.0-alpha-adapters.164 - 2023-07-13
  • 5.10.0-alpha-adapters.159 - 2023-07-12
  • 5.10.0-alpha-adapters.158 - 2023-07-12
  • 5.10.0-alpha-adapters.156 - 2023-07-11
  • 5.10.0-alpha-adapters.155 - 2023-07-11
  • 5.10.0-alpha-adapters.153 - 2023-07-11
  • 5.10.0-alpha-adapters.142 - 2023-07-04
  • 5.10.0-alpha-adapters.141 - 2023-07-03
  • 5.10.0-alpha-adapters.130 - 2023-06-30
  • 5.10.0-alpha-adapters.96 - 2023-06-14
  • 5.10.0-alpha-adapters.94 - 2023-06-14
  • 5.10.0-alpha-adapters.89 - 2023-06-14
  • 5.9.1 - 2023-05-09
  • 5.9.0 - 2023-04-18
  • 5.9.0-touch-nodes-optout.49 - 2023-04-12
  • 5.9.0-reduce-contentful-mem-usage.39 - 2023-04-17
  • 5.9.0-reduce-contentful-mem-usage.38 - 2023-04-17
  • 5.9.0-reduce-contentful-mem-usage.36 - 2023-04-17
  • 5.9.0-next.3 - 2023-04-06
  • 5.9.0-next.2 - 2023-03-30
  • 5.9.0-next.1 - 2023-03-28
  • 5.9.0-next.0 - 2023-03-21
  • 5.9.0-lmdb-remapchunks.41 - 2023-04-20
  • 5.9.0-lmdb-remapchunks.40 - 2023-04-20
  • 5.9.0-image-cdn-configurable.4 - 2023-04-11
  • 5.9.0-alpha-cg-tailwind.23 - 2023-05-09
  • 5.8.1 - 2023-03-29
  • 5.8.0 - 2023-03-21
  • 5.8.0-touchnodes-memdebug2.19 - 2023-03-23
  • 5.8.0-touchnodes-memdebug2.17 - 2023-03-22
  • 5.8.0-touchnodes-memdebug.17 - 2023-03-21
  • 5.8.0-next.3 - 2023-03-14
from gatsby GitHub release notes
Commit messages
Package name: gatsby
  • 4b082d3 chore(release): Publish
  • da050e5 fix(gatsby): fix api function compilation on Windows (#38489) (#38491)
  • b6f1a10 chore(release): Publish
  • 6a73ee1 fix: fix fetching adapters manifest from latest gatsby version (#38475) (#38482)
  • 1fe0cf1 chore(release): Publish
  • 1f9e806 fix: fix fetching adapters manifest from latest gatsby version
  • a1c87bc chore(release): Publish
  • b2d4aef feat(gatsby): Adapters (#38232)
  • 7a2778b fix(gatsby-source-contentful): handle nullable fields (#38358)
  • 2e08202 chore(docs): clarify react upgrade with --legacy-peer-deps (#38359)
  • e5126f9 fix(gatsby-source-wordpress): Set empty default alt tag for inline images (#38341)
  • 668aa5f fix(deps): update dependency algoliasearch to ^4.18.0 for gatsby-source-npm-package-search (#38308)
  • 06015b9 fix(deps): update minor and patch dependencies for gatsby-source-contentful (#38322)
  • 544862b fix(deps): update minor and patch dependencies for gatsby (#38297)
  • cde8b49 fix(deps): update dependency verdaccio to ^5.25.0 for gatsby-dev-cli (#38318)
  • b074b85 fix(deps): update minor and patch dependencies for gatsby-source-wordpress (#38293)
  • 176b1cc fix(deps): update dependency core-js to ^3.31.0 (#38309)
  • 31df9ef chore(deps): update dependency webpack to ^5.88.1 for gatsby-plugin-mdx (#38306)
  • 39c4987 chore(deps): update [dev] minor and patch dependencies for gatsby-graphiql-explorer (#38279)
  • 1ebae56 chore(release): Publish next
  • 6c7a0e3 fix(gatsby): copy slices overrides to 404.html copy (#38337)
  • 0c8f948 chore(docs): Add DSG webpack limitation
  • 87a3412 fix(deps): update dependency sanitize-html to ^2.11.0 for gatsby-transformer-remark (#38315)
  • 7ffaebe fix(deps): update dependency @ apollo/client to ^3.7.16 for gatsby-source-graphql (#38290)

Compare


Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.

For more information:

🧐 View latest project report

🛠 Adjust upgrade PR settings

🔕 Ignore this dependency or unsubscribe from future upgrade PRs

@stackblitz
Copy link

stackblitz bot commented Sep 25, 2023

Review PR in StackBlitz Codeflow Run & review this pull request in StackBlitz Codeflow.

@changeset-bot
Copy link

changeset-bot bot commented Sep 25, 2023

⚠️ No Changeset found

Latest commit: cceb62a

Merging this PR will not cause a version bump for any packages. If these changes should not result in a new version, you're good to go. If these changes should result in a version bump, you need to add a changeset.

Click here to learn what changesets are, and how to add one.

Click here if you're a maintainer who wants to add a changeset to this PR

@socket-security
Copy link

Removed dependencies detected. Learn more about Socket for GitHub ↗︎

🚮 Removed packages: [email protected], [email protected]

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

2 participants