Skip to content
This repository has been archived by the owner on Feb 18, 2021. It is now read-only.

[Snyk] Security upgrade next from 9.5.2 to 10.0.0 #226

Open
wants to merge 1 commit into
base: master
Choose a base branch
from

Conversation

snyk-bot
Copy link
Contributor

Snyk has created this PR to fix one or more vulnerable packages in the `npm` dependencies of this project.

merge advice

Changes included in this PR

  • Changes to the following files to upgrade the vulnerable dependencies to a fixed version:
    • packages/app/package.json

Vulnerabilities that will be fixed

With an upgrade:
Severity Priority Score (*) Issue Breaking Change Exploit Maturity
high severity 686/1000
Why? Proof of Concept exploit, Has a fix available, CVSS 7.3
Prototype Pollution
SNYK-JS-OBJECTPATH-1017036
Yes Proof of Concept

(*) Note that the real score may have changed since the PR was raised.

Commit messages
Package name: next The new version differs by 250 commits.
  • 118ab79 v10.0.0
  • 308ec39 v9.5.6-canary.18
  • 9a13dd3 Enable i18n feature flag (#18303)
  • 0f25051 Ensure getStaticProps is called for SSG 404 in blocking mode (#18300)
  • f7ba546 Fix trailing slash for default image loader (#18298)
  • ab0b0a8 Update docs - add default config for images property (#18296)
  • 26c438b Record leveraged configs (#18175)
  • f773a1a Rename iconSizes to imageSizes, remove size limitation (#18294)
  • 774286f update @now/next to @vercel/next (#18246)
  • a9984e4 Update example link text (#18286)
  • 900afdc Add support number quality on Image Component (#18224)
  • 080b91f Adjust default image quality to 75 (#18292)
  • 89b8bcb v9.5.6-canary.17
  • 379f4c6 Expose configured default locale in GS(S)P methods (#18216)
  • 9a770bd Add fetching 404 SSG data on fallback notFound (#18214)
  • 11fce3a Remove unstable_ prefix from unstable_notFound (#18283)
  • 7cb68f7 Re-add domain locale redirect handling (#18274)
  • 4026d9b Remove unstable_ prefix from unstable_redirect (#18282)
  • 1b22a39 Add initial example for i18n routing (#18206)
  • 046deab Add absolute import example (#17342)
  • 3c9da07 Add i18n routing docs to manifest (#18264)
  • 2972c06 Improve type for GSP return type (#18285)
  • 4782bda Add support for notFound in getServerSideProps (#18241)
  • 3f22490 Fix browser back issue of redirects from getServerSideProps / getStaticProps (#17741)

See the full diff

Check the changes in this PR to ensure they won't cause issues with your project.


Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information:
🧐 View latest project report

🛠 Adjust project settings

📚 Read more about Snyk's upgrade and patch logic

@vercel
Copy link

vercel bot commented Oct 28, 2020

This pull request is being automatically deployed with Vercel (learn more).
To see the status of your deployment, click below or on the icon next to each commit.

🔍 Inspect: https://vercel.com/zagrajmy/app/f9axaw012
✅ Preview: Failed

Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Labels
None yet
Development

Successfully merging this pull request may close these issues.

1 participant