Skip to content

[Snyk] Fix for 1 vulnerabilities #92

New issue

Have a question about this project? # for a free GitHub account to open an issue and contact its maintainers and the community.

#

By clicking “#”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? # to your account

Jump to bottom
Open
wants to merge 1 commit into
base: main
Choose a base branch
from
Open

[Snyk] Fix for 1 vulnerabilities #92

wants to merge 1 commit into from

Conversation

surajpuvvada
Copy link

This PR was automatically created by Snyk using the credentials of a real user.


Snyk has created this PR to fix one or more vulnerable packages in the `npm` dependencies of this project.

Changes included in this PR

  • Changes to the following files to upgrade the vulnerable dependencies to a fixed version:
    • package.json
    • package-lock.json

Vulnerabilities that will be fixed

With an upgrade:
Severity Priority Score (*) Issue Breaking Change Exploit Maturity
high severity 768/1000
Why? Proof of Concept exploit, Recently disclosed, Has a fix available, CVSS 7.5		 Prototype Pollution
SNYK-JS-LODASH-6139239		 No Proof of Concept

(*) Note that the real score may have changed since the PR was raised.

Commit messages
Package name: gatsby The new version differs by 250 commits.
  • d9c0cb4 chore(release): Publish
  • 5791ac3 chore(gatsby-source-filesystem): add pluginOptionsSchema (#27422)
  • 705ff91 chore(gatsby-plugin-feed): add pluginOptionsSchema export (#27399)
  • 6ba5d63 chore(gatsby-plugin-manifest): add pluginOptionsSchema (#27421)
  • 1496bf1 fix(deps): update minor and patch for gatsby-plugin-preact (#27392)
  • c100000 fix(deps): update starters and examples - gatsby (#27303)
  • 07e5752 chore(gatsby): major dep bump for eslint-plugin-graphql (#27492)
  • 6400383 perf(gatsby): test sync before calling onCreateNode (#27442)
  • f227e85 fix(gatsby): refresh browser when receiving update and runtime errored (#27467)
  • 26667be docs: document pluginOptionsSchema (#27337)
  • 8330683 chore: allow `unstable_` for API prefix (#27488)
  • 396fb6d chore(release): Publish
  • a70a66e fix(gatsby-plugin-page-creator): Use correct queryAll name (#27487)
  • c76ab29 chore(deps): update minor and patch for gatsby-transformer-screenshot (#27157)
  • 0a1eec4 docs(gatsby-plugin-image): Update now we know min gatsby version (#27473)
  • 6abef2c fix(blog-starter): don't pass data via context - pass identifiers (#27359)
  • eb9bac8 fix: Update version in tests (#27477)
  • 85c4adc chore(gatsby-cli): Categorize errors (#27449)
  • b27d755 docs(e2e-tests): add alternative hint of running the e2e tests (#27472)
  • 239d539 fix(gatsby): add runtime check for react 17 (#27468)
  • 1656152 chore(gatsby-plugin-mdx): add pluginOptionsSchema export (#27445)
  • 2494ae1 chore(release): Publish
  • 840f00d New Gatsby image plugin (#26924)
  • e6162dd perf(gatsby-source-contentful): change O(n*m) loop to O(n+m) (#27448)

See the full diff

Check the changes in this PR to ensure they won't cause issues with your project.

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information:
🧐 View latest project report

🛠 Adjust project settings

📚 Read more about Snyk's upgrade and patch logic

Learn how to fix vulnerabilities with free interactive lessons:

🦉 Prototype Pollution

# for free to join this conversation on GitHub. Already have an account? # to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@surajpuvvada @snyk-bot