[Snyk] Upgrade: , asciinema-player, dayjs, eslint-plugin-jsx-a11y, eslint-plugin-react, react-bootstrap, react-icons, react-router-dom, spdx-license-ids

[patooworld]

Snyk has created this PR to upgrade multiple dependencies.

👯 The following dependencies are linked and will therefore be updated together.

ℹ️ Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.

Name	Versions	Released on

@types/node
from 16.18.96 to 16.18.105 | 9 versions ahead of your current version | a month ago
on 2024-08-09
asciinema-player
from 3.7.1 to 3.8.0 | 8 versions ahead of your current version | 3 months ago
on 2024-06-15
dayjs
from 1.11.11 to 1.11.12 | 1 version ahead of your current version | 2 months ago
on 2024-07-18
eslint-plugin-jsx-a11y
from 6.8.0 to 6.9.0 | 1 version ahead of your current version | 3 months ago
on 2024-06-20
eslint-plugin-react
from 7.34.1 to 7.35.0 | 4 versions ahead of your current version | 2 months ago
on 2024-07-20
react-bootstrap
from 2.10.2 to 2.10.4 | 2 versions ahead of your current version | 2 months ago
on 2024-06-30
react-icons
from 4.3.1 to 4.12.0 | 12 versions ahead of your current version | 10 months ago
on 2023-11-14
react-router-dom
from 6.23.0 to 6.26.1 | 16 versions ahead of your current version | 25 days ago
on 2024-08-15
spdx-license-ids
from 3.0.17 to 3.0.18 | 1 version ahead of your current version | 4 months ago
on 2024-05-23

Issues fixed by the recommended upgrade:

	Issue	Score	Exploit Maturity
	Uncontrolled resource consumption SNYK-JS-BRACES-6838727	169	Proof of Concept
	Inefficient Regular Expression Complexity SNYK-JS-MICROMATCH-6838728	169	No Known Exploit

Release notes

Package name: @types/node

• 16.18.105 - 2024-08-09
• 16.18.104 - 2024-07-23
• 16.18.103 - 2024-07-18
• 16.18.102 - 2024-07-16
• 16.18.101 - 2024-06-20
• 16.18.100 - 2024-06-19
• 16.18.99 - 2024-06-17
• 16.18.98 - 2024-06-03
• 16.18.97 - 2024-05-06
• 16.18.96 - 2024-04-09

from @types/node GitHub release notes

Package name: asciinema-player

• 3.8.0 - 2024-06-15
  

  Notable changes:

  • added support for colons in SGR color sequences - fixes (asciinema/avt#9, #154, #231)
  • added support for auto/<theme-name> specification for theme option (see below)
  • added help overlay, triggered by "?" key
  • improved adaptive buffering algorithm in the websocket driver
  • improved rendering of block drawing characters
  • made text of the time display and marker tooltips bigger
  • made the control bar and markers use terminal theme's foreground and background colors
  • added tooltip for the fullscreen button
  • added "type": "module" to package.json to fix import error with some bundlers (thanks @ MaddyGuthridge)
  • fixed player element focus behavior when clicking on a marker dot or the playback toggle button

  https://www.npmjs.com/package/asciinema-player/v/3.8.0

  ---

  Recordings made with asciinema CLI 3.0 or later may embed original terminal theme, which is used by the player when available.

  Before this release the only way to let the player use the embedded theme automatically was not specifying the theme option when initializing the player. When the theme option was not used, the player favored the embedded theme, falling back to asciinema theme. There was no way to specify "use the original theme when available, fall back to monokai".

  This release adds the ability to specify the above wish as { theme: "auto/monokai" }. You can use any built-in theme, e.g. { theme: "auto/dracula" }, and the player will use Dracula theme if the original theme was not captured at the time of recording.

  To always use a specific theme regardless of the presence of the original theme in a recording file, use { theme: "<theme-name>" }, e.g. { theme: "dracula" }.

  Default value of the theme option (when one not specified) is now auto/asciinema.

• 3.7.2-rc.7 - 2024-06-07
  No content.
• 3.7.2-rc.6 - 2024-06-02
  No content.
• 3.7.2-rc.5 - 2024-06-01
  No content.
• 3.7.2-rc.4 - 2024-05-30
  No content.
• 3.7.2-rc.3 - 2024-04-27
  No content.
• 3.7.2-rc.2 - 2024-04-24
  No content.
• 3.7.2-rc.1 - 2024-04-04
  No content.
• 3.7.1 - 2024-03-24
  

  Notable changes:

  • greatly improved rendering (position, alignment, accuracy) of ascii drawing, block elements, braille patterns and Powerline triangle symbols
  • fixed alignment of double-width chars (such as CJK, emoji)
  • new adaptive algorithm for buffering in live (websocket) driver, ensuring smooth playback on high-latency or high-jitter network connections
  • minor rendering performance improvement via UI updates batching
  • improved visibility of play button's drop shadow for themes with light background
  • code refactorings and cleanup

  https://www.npmjs.com/package/asciinema-player/v/3.7.1

  Demo showing the improved rendering in general:

  

  Screenshots showing the fixes to the character alignment and positioning:

  

  

  

  

from asciinema-player GitHub release notes

Package name: dayjs

• 1.11.12 - 2024-07-18
  

  1.11.12 (2024-07-18)

  Bug Fixes

  • Add NegativeYear Plugin support (#2640) (6a42e0d)
  • add UTC support to negativeYear plugin (#2692) (f3ef705)
  • Fix zero offset issue when use tz with locale (#2532) (d0e6738)
  • Improve typing for min/max plugin (#2573) (4fbe94a)
  • timezone plugin currect parse UTC tz (#2693) (b575c81)
• 1.11.11 - 2024-04-28
  

  1.11.11 (2024-04-28)

  Bug Fixes

  • day of week type literal (#2630) (f68d73e)
  • improve locale "zh-hk" format and meridiem (#2419) (a947a51)
  • Update 'da' locale to match correct first week of year (#2592) (44b0936)
  • update locale Bulgarian monthsShort Jan (#2538) (f0c9a41)

from dayjs GitHub release notes

Package name: eslint-plugin-jsx-a11y

• 6.9.0 - 2024-06-20
  

  Added

  • add support for Flat Config 6b5f096
  • no-noninteractive-element-to-interactive-role: allow menuitemradio and menuitemcheckbox on <li> c0733f9

  Fixed

  • img-redundant-alt: fixed multibyte character support #969
  • Revert "[Fix] isNonInteractiveElement: Upgrade aria-query to 5.3.0 and axobject-query to 3.2.1" 75d5dd7
  • ensure summary remains non-interactive 6a048da

  Changed

  • [meta] fix changelog links #960
  • [Robustness] use safe-regex-test 4c7e781
  • [actions] update actions/checkout 51a1ca7
  • [Deps] pin aria-query and axobject-query, add ls-engines test to CI 32fd82c
  • [Deps] remove @ babel/runtime 0a98ad8
  • [Deps] unpin axe-core b3559cf
  • [Deps] move object.entries to dev deps 1be7b70

  Full Changelog: v6.8.0...v6.9.0

• 6.8.0 - 2023-11-01
  

  Full Changelog: v6.7.1...v6.8.0

from eslint-plugin-jsx-a11y GitHub release notes

Package name: eslint-plugin-react

• 7.35.0 - 2024-07-20
  

  Added

  • support eslint v9 (#3759 @ mdjermanovic)
  • export flat configs from plugin root and fix flat config crash (#3694 @ bradzacher @ mdjermanovic)
  • add jsx-props-no-spread-multi (#3724 @ SimonSchick)
  • forbid-component-props: add propNamePattern to allow / disallow prop name patterns (#3774 @ akulsr0)
  • jsx-handler-names: support ignoring component names (#3772 @ akulsr0)
  • version settings: Allow react defaultVersion to be configurable (#3771 @ onlywei)
  • jsx-closing-tag-location: add line-aligned option (#3777 @ kimtaejin3)
  • no-danger: add customComponentNames option (#3748 @ akulsr0)

  Fixed

  • no-invalid-html-attribute: substitute placeholders in suggestion messages (#3759 @ mdjermanovic)
  • sort-prop-types: single line type ending without semicolon (#3784 @ akulsr0)
  • require-default-props: report when required props have default value (#3785 @ akulsr0)

  Refactors

  • variableUtil: Avoid creating a single flat variable scope for each lookup (#3782 @ DanielRosenwasser)
• 7.34.4 - 2024-07-13
  

  Fixed

  • prop-types: fix className missing in prop validation false negative (#3749 @ akulsr0)
  • sort-prop-types: Check for undefined before accessing node.typeAnnotation.typeAnnotation (#3779 @ tylerlaprade)
• 7.34.3 - 2024-06-18
  

  Fixed

  • prop-types: null-check rootNode before calling getScope (#3762 @ crnhrv)
  • boolean-prop-naming: avoid a crash with a spread prop (#3733 @ ljharb)
  • jsx-boolean-value: assumeUndefinedIsFalse with never must not allow explicit true value (#3757 @ 6uliver)
  • no-object-type-as-default-prop: enable rule for components with many parameters (#3768 @ JulienR1)
  • jsx-key: incorrect behavior for checkKeyMustBeforeSpread with map callbacks (#3769 @ akulsr0)
• 7.34.2 - 2024-05-28
  

  Fixed

  • boolean-prop-naming: avoid a crash with a non-TSTypeReference type (#3718 @ developer-bandi)
  • jsx-no-leaked-render: invalid report if left side is boolean (#3746 @ akulsr0)
  • jsx-closing-bracket-location: message shows {{details}} when there are no details (#3759 @ mdjermanovic)
  • no-invalid-html-attribute: ensure error messages are correct (#3759 @ mdjermanovic, @ ljharb)

  Changed

  • [Refactor] create various eslint utils to fix eslint deprecations (#3759 @ mdjermanovic, @ ljharb)
• 7.34.1 - 2024-03-15
  

  Fixed

  • jsx-no-leaked-render: prevent wrongly adding parens (#3700 @ developer-bandi)
  • boolean-prop-naming: detect TS interfaces (#3701 @ developer-bandi)
  • boolean-prop-naming: literalType error fix (#3704 @ developer-bandi)
  • boolean-prop-naming: allow TSIntersectionType (#3705 @ developer-bandi)
  • no-unknown-property: support popover, popovertarget, popovertargetaction attributes (#3707 @ ljharb)
  • no-unknown-property: only match data-* attributes containing - (#3713 @ silverwind)
  • checked-requires-onchange-or-readonly: correct options that were behaving opposite (#3715 @ jaesoekjjang)

  Changed

  • boolean-prop-naming: improve error message (@ ljharb)

from eslint-plugin-react GitHub release notes

Package name: react-bootstrap

• 2.10.4 - 2024-06-30
  

  2.10.4 (2024-06-30)

  Bug Fixes

  • fix component type error (#6821) (ab5e5fb)
• 2.10.3 - 2024-06-19
  

  v2.10.3

• 2.10.2 - 2024-03-18
  

  2.10.2 (2024-03-18)

  Bug Fixes

  • update @ restart/ui to v1.6.8 (#6779) (c86187f)
  • Tabs: add id attribute to nav (#6767) (3b4fd9b)

from react-bootstrap GitHub release notes

Package name: react-icons

• 4.12.0 - 2023-11-14
  
  • A new preview site built with Astro is available🎉 #834
  • Fixed display: Ant design icons twotone icon ccfbc00
  • some icons update

  Icon Library	License	Version	Count
  Circum Icons	MPL-2.0 license	1.0.0	288
  Font Awesome 5	CC BY 4.0 License	5.15.4-3-gafecf2a	1612
  Font Awesome 6	CC BY 4.0 License	6.4.2	2025
  Ionicons 4	MIT	4.6.3	696
  Ionicons 5	MIT	5.5.4	1332
  Material Design icons	Apache License Version 2.0	4.0.0-90-g1ea21d5429	4341
  Typicons	CC BY-SA 3.0	2.1.2	336
  Github Octicons icons	MIT	18.3.0	264
  Feather	MIT	4.29.1	287
  Lucide	ISC	v4.12.0	1215
  Game Icons	CC BY 3.0	12920d6565588f0512542a3cb0cdfd36a497f910	4040
  Weather Icons	SIL OFL 1.1	2.0.12	219
  Devicons	MIT	1.8.0	192
  Ant Design Icons	MIT	4.3.1	789
  Bootstrap Icons	MIT	1.11.1	2716
  Remix Icon	Apache License Version 2.0	3.5.0	2537
  Flat Color Icons	MIT	1.0.2	329
  Grommet-Icons	Apache License Version 2.0	4.11.0	635
  Heroicons	MIT	1.0.6	460
  Heroicons 2	MIT	2.0.18	876
  Simple Icons	CC0 1.0 Universal	9.20.0	2753
  Simple Line Icons	MIT	2.5.5	189
  IcoMoon Free	CC BY 4.0 License	d006795ede82361e1bac1ee76f215cf1dc51e4ca	491
  BoxIcons	CC BY 4.0 License	2.1.4	1634
  css.gg	MIT	2.1.1	704
  VS Code Icons	CC BY 4.0	0.0.35	439
  Tabler Icons	MIT	2.40.0	4836
  Themify Icons	MIT	v0.1.2-2-g9600186	352
  Radix Icons	MIT	@ radix-ui/[email protected]	318
  Phosphor Icons	MIT	2.0.2	7488
  Icons8 Line Awesome	MIT	1.3.1	1544

• 4.11.0 - 2023-09-07
  

  Icon Library	License	Version	Count
  Circum Icons	MPL-2.0 license	1.0.0	288
  Font Awesome 5	CC BY 4.0 License	5.15.4-3-gafecf2a	1612
  Font Awesome 6	CC BY 4.0 License	6.4.2	2025
  Ionicons 4	MIT	4.6.3	696
  Ionicons 5	MIT	5.5.4	1332
  Material Design icons	Apache License Version 2.0	4.0.0-86-g589092d9a7	4341
  Typicons	CC BY-SA 3.0	2.1.2	336
  Github Octicons icons	MIT	18.3.0	264
  Feather	MIT	4.28.0	286
  Lucide	ISC	v4.11.0	1215
  Game Icons	CC BY 3.0	12920d6565588f0512542a3cb0cdfd36a497f910	4040
  Weather Icons	SIL OFL 1.1	2.0.12	219
  Devicons	MIT	1.8.0	192
  Ant Design Icons	MIT	4.3.1	789
  Bootstrap Icons	MIT	1.10.5	2592
  Remix Icon	Apache License Version 2.0	3.5.0	2537
  Flat Color Icons	MIT	1.0.2	329
  Grommet-Icons	Apache License Version 2.0	4.11.0	621
  Heroicons	MIT	1.0.6	460
  Heroicons 2	MIT	2.0.18	876
  Simple Icons	CC0 1.0 Universal	9.13.0	2707
  Simple Line Icons	MIT	2.5.5	189
  IcoMoon Free	CC BY 4.0 License	d006795ede82361e1bac1ee76f215cf1dc51e4ca	491
  BoxIcons	CC BY 4.0 License	2.1.4	1634
  css.gg	MIT	2.1.1	704
  VS Code Icons	CC BY 4.0	0.0.32	427
  Tabler Icons	MIT	2.33.0	4655
  Themify Icons	MIT	v0.1.2-2-g9600186	352
  Radix Icons	MIT	@ radix-ui/[email protected]	318
  Phosphor Icons	MIT	2.0.2	7488
  Icons8 Line Awesome	MIT	1.3.1	1544

• 4.10.1 - 2023-06-22
  

  Icon Library	License	Version	Count
  Circum Icons	MPL-2.0 license	1.0.0	288
  Font Awesome 5	CC BY 4.0 License	5.15.4-3-gafecf2a	1612
  Font Awesome 6	CC BY 4.0 License	6.4.0	2020
  Ionicons 4	MIT	4.6.3	696
  Ionicons 5	MIT	5.5.4	1332
  Material Design icons	Apache License Version 2.0	4.0.0-67-g3912baecc9	4341
  Typicons	CC BY-SA 3.0	2.1.2	336
  Github Octicons icons	MIT	18.3.0	264
  Feather	MIT	4.28.0	286
  Lucide	ISC	v4.10.1	1042
  Game Icons	CC BY 3.0	12920d6565588f0512542a3cb0cdfd36a497f910	4040
  Weather Icons	SIL OFL 1.1	2.0.12	...

[vercel]

The latest updates on your projects. Learn more about Vercel for Git ↗︎

Name	Status	Preview	Comments	Updated (UTC)
app	❌ Failed (Inspect)			Sep 9, 2024 2:15pm
app-78uw	❌ Failed (Inspect)			Sep 9, 2024 2:15pm
scoopinstaller-github-io	❌ Failed (Inspect)			Sep 9, 2024 2:15pm

[cr-gpt]

Seems you are using me but didn't get OPENAI_API_KEY seted in Variables/Secrets for this repo. you could follow readme for more information