Skip to content
New issue

Have a question about this project? # for a free GitHub account to open an issue and contact its maintainers and the community.

#

By clicking “#”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? # to your account

Jump to bottom

[Snyk] Upgrade: , , , , , , , ajv, cheerio, dayjs, express-rate-limit, file-type, glob, highlight.js, is-svg, js-cookie, liquidjs, mdast-util-from-markdown, next, ora, unified, semver, sharp, styled-components, swr, tsx #19

Open
wants to merge 1 commit into
base: main
Choose a base branch
from
Open

[Snyk] Upgrade: , , , , , , , ajv, cheerio, dayjs, express-rate-limit, file-type, glob, highlight.js, is-svg, js-cookie, liquidjs, mdast-util-from-markdown, next, ora, unified, semver, sharp, styled-components, swr, tsx #19

wants to merge 1 commit into from

Conversation

AKJUS
Copy link
Owner

@AKJUS AKJUS commented Sep 15, 2024

snyk-top-banner

Snyk has created this PR to upgrade multiple dependencies.

👯 The following dependencies are linked and will therefore be updated together.

ℹ️ Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.

Name Versions Released on

@elastic/elasticsearch
from 8.13.1 to 8.15.0 | 3 versions ahead of your current version | a month ago
on 2024-08-12
@octokit/request-error
from 6.1.1 to 6.1.4 | 3 versions ahead of your current version | 2 months ago
on 2024-07-11
@primer/behaviors
from 1.5.1 to 1.7.2 | 31 versions ahead of your current version | 23 days ago
on 2024-08-23
@primer/css
from 21.3.1 to 21.3.6 | 17 versions ahead of your current version | 2 months ago
on 2024-07-09
@primer/octicons
from 19.9.0 to 19.11.0 | 2 versions ahead of your current version | 2 months ago
on 2024-07-11
@primer/octicons-react
from 19.9.0 to 19.11.0 | 2 versions ahead of your current version | 2 months ago
on 2024-07-11
@primer/react
from 36.21.0 to 36.27.0 | 76 versions ahead of your current version | 2 months ago
on 2024-07-26
ajv
from 8.16.0 to 8.17.1 | 1 version ahead of your current version | 2 months ago
on 2024-07-12
cheerio
from 1.0.0-rc.12 to 1.0.0 | 1 version ahead of your current version | a month ago
on 2024-08-09
dayjs
from 1.11.3 to 1.11.13 | 10 versions ahead of your current version | a month ago
on 2024-08-20
express-rate-limit
from 7.3.0 to 7.4.0 | 2 versions ahead of your current version | 2 months ago
on 2024-07-23
file-type
from 19.0.0 to 19.4.1 | 6 versions ahead of your current version | a month ago
on 2024-08-14
glob
from 10.4.1 to 10.4.5 | 4 versions ahead of your current version | 2 months ago
on 2024-07-09
highlight.js
from 11.9.0 to 11.10.0 | 1 version ahead of your current version | 2 months ago
on 2024-07-06
is-svg
from 5.0.0 to 5.1.0 | 2 versions ahead of your current version | a month ago
on 2024-08-05
js-cookie
from 3.0.1 to 3.0.5 | 4 versions ahead of your current version | a year ago
on 2023-04-24
liquidjs
from 10.14.0 to 10.16.4 | 6 versions ahead of your current version | 23 days ago
on 2024-08-23
mdast-util-from-markdown
from 2.0.0 to 2.0.1 | 1 version ahead of your current version | 4 months ago
on 2024-05-27
next
from 14.2.4 to 14.2.6 | 2 versions ahead of your current version | 25 days ago
on 2024-08-21
ora
from 8.0.1 to 8.1.0 | 1 version ahead of your current version | 21 days ago
on 2024-08-25
unified
from 11.0.3 to 11.0.5 | 2 versions ahead of your current version | 3 months ago
on 2024-06-19
semver
from 7.6.2 to 7.6.3 | 1 version ahead of your current version | 2 months ago
on 2024-07-16
sharp
from 0.33.1 to 0.33.5 | 10 versions ahead of your current version | a month ago
on 2024-08-16
styled-components
from 5.3.5 to 5.3.11 | 6 versions ahead of your current version | a year ago
on 2023-05-26
swr
from 2.2.4 to 2.2.5 | 1 version ahead of your current version | 7 months ago
on 2024-02-15
tsx
from 4.15.1 to 4.18.0 | 17 versions ahead of your current version | 22 days ago
on 2024-08-24

Issues fixed by the recommended upgrade:

Issue Score Exploit Maturity
medium severity Regular Expression Denial of Service (ReDoS)
SNYK-JS-FASTXMLPARSER-7573289		 559 No Known Exploit
medium severity Undesired Behavior
SNYK-JS-STYLEDCOMPONENTS-3149924		 559 No Known Exploit
Release notes
Package name: @elastic/elasticsearch from @elastic/elasticsearch GitHub release notes
Package name: @octokit/request-error from @octokit/request-error GitHub release notes
Package name: @primer/behaviors
  • 1.7.2 - 2024-08-23

    Patch Changes

    • #429 4b729b0 Thanks @ TylerJDev! - Adds mutation observer to focus-trap to ensure sentinel elements are always in the correct position
  • 1.7.2-rc.91a5267 - 2024-08-23
  • 1.7.1 - 2024-08-01

    Patch Changes

  • 1.7.1-rc.521975f - 2024-08-01
  • 1.7.0 - 2024-07-25

    Minor Changes

    • #400 67215a5 Thanks @ joshblack! - Update the output of the package to correctly map "import" conditions to ESM
  • 1.7.0-rc.09d1a86 - 2024-07-14
  • 1.6.0 - 2024-06-17

    Minor Changes

    • #263 5d7e0b1 Thanks @ TylerJDev! - Adjusts mutation observer to now track hidden and disabled attributes being applied or removed.

    Patch Changes

  • 1.6.0-rc.f34fe81 - 2024-06-04
  • 1.6.0-rc.f19f2b2 - 2024-06-04
  • 1.6.0-rc.e3ef655 - 2024-05-15
  • 1.6.0-rc.de18910 - 2024-05-22
  • 1.6.0-rc.dad23e3 - 2024-06-04
  • 1.6.0-rc.ce91571 - 2024-05-21
  • 1.6.0-rc.c6688a2 - 2024-05-27
  • 1.6.0-rc.c328e0b - 2024-05-17
  • 1.6.0-rc.b634288 - 2024-05-17
  • 1.6.0-rc.ad7b8b6 - 2024-05-29
  • 1.6.0-rc.a3725a0 - 2024-05-22
  • 1.6.0-rc.6ca7a61 - 2024-05-29
  • 1.6.0-rc.6ca02b7 - 2024-06-15
  • 1.6.0-rc.515a318 - 2024-05-15
  • 1.6.0-rc.46fc5d4 - 2024-06-05
  • 1.6.0-rc.3dca9db - 2024-05-08
  • 1.6.0-rc.34e3e47 - 2024-06-05
  • 1.6.0-rc.34040d7 - 2024-06-04
  • 1.6.0-rc.2ec5057 - 2024-06-04
  • 1.6.0-rc.2c802b3 - 2024-05-27
  • 1.6.0-rc.2a8776b - 2024-05-15
  • 1.6.0-rc.20542a8 - 2024-05-10
  • 1.6.0-rc.192d841 - 2024-05-13
  • 1.6.0-rc.11b5e6c - 2024-05-28
  • 1.5.1 - 2023-11-16

    Patch Changes

    • #245 caf30c4 Thanks @ pksjce! - When zoomed in, an overlay floating element should anchor itself properly instead of getting the top part cut off in the process
from @primer/behaviors GitHub release notes
Package name: @primer/css from @primer/css GitHub release notes
Package name: @primer/octicons from @primer/octicons GitHub release notes
Package name: @primer/octicons-react from @primer/octicons-react GitHub release notes
Package name: @primer/react from @primer/react GitHub release notes
Package name: ajv from ajv GitHub release notes
Package name: cheerio
  • 1.0.0 - 2024-08-09

    Cheerio 1.0 is here! 🎉

    Announcement Blog Post

    Breaking Changes

    • The minimum NodeJS version is now 18.17 or higher #3959

    • Import paths were simplified. For example, use cheerio/slim instead of
      cheerio/lib/slim. #3970

    • The deprecated default Cheerio instance and static methods were removed. #3974

      Before, it was possible to write code like this:

      import cheerio, { html } from 'cheerio';

      html(cheerio('<test></test>')); // ~ '<test></test>' -- NO LONGER WORKS

      Make sure to always load documents first:

      import * as cheerio from 'cheerio';

      cheerio.load('<test></test>').html();

    • Node types previously re-exported by Cheerio must now be imported directly
      from (domhandler)(https://github.com/fb55/domhandler). #3969

    • htmlparser2 options now reside exclusively under the xml key (#2916):

      const $ = cheerio.load('<html>', {
  xml: {
    withStartIndices: true,
  },
});

    New Features

    • Add functions to load buffers, streams & URLs in NodeJS by @ fb55 in #2857
    • Add extract method by @ fb55 in #2750

    Fixes

    • Allow imports of cheerio/utils by @ blixt in #2601
    • Allow empty string in data, and simplify by @ fb55 in #2818
    • Make closest be able to start from text nodes by @ Qualtagh in

@snyk-bot
fix: upgrade multiple dependencies with Snyk
20bff92 
Snyk has created this PR to upgrade:
  - @elastic/elasticsearch from 8.13.1 to 8.15.0.
    See this package in npm: https://www.npmjs.com/package/@elastic/elasticsearch
  - @octokit/request-error from 6.1.1 to 6.1.4.
    See this package in npm: https://www.npmjs.com/package/@octokit/request-error
  - @primer/behaviors from 1.5.1 to 1.7.2.
    See this package in npm: https://www.npmjs.com/package/@primer/behaviors
  - @primer/css from 21.3.1 to 21.3.6.
    See this package in npm: https://www.npmjs.com/package/@primer/css
  - @primer/octicons from 19.9.0 to 19.11.0.
    See this package in npm: https://www.npmjs.com/package/@primer/octicons
  - @primer/octicons-react from 19.9.0 to 19.11.0.
    See this package in npm: https://www.npmjs.com/package/@primer/octicons-react
  - @primer/react from 36.21.0 to 36.27.0.
    See this package in npm: https://www.npmjs.com/package/@primer/react
  - ajv from 8.16.0 to 8.17.1.
    See this package in npm: https://www.npmjs.com/package/ajv
  - cheerio from 1.0.0-rc.12 to 1.0.0.
    See this package in npm: https://www.npmjs.com/package/cheerio
  - dayjs from 1.11.3 to 1.11.13.
    See this package in npm: https://www.npmjs.com/package/dayjs
  - express-rate-limit from 7.3.0 to 7.4.0.
    See this package in npm: https://www.npmjs.com/package/express-rate-limit
  - file-type from 19.0.0 to 19.4.1.
    See this package in npm: https://www.npmjs.com/package/file-type
  - glob from 10.4.1 to 10.4.5.
    See this package in npm: https://www.npmjs.com/package/glob
  - highlight.js from 11.9.0 to 11.10.0.
    See this package in npm: https://www.npmjs.com/package/highlight.js
  - is-svg from 5.0.0 to 5.1.0.
    See this package in npm: https://www.npmjs.com/package/is-svg
  - js-cookie from 3.0.1 to 3.0.5.
    See this package in npm: https://www.npmjs.com/package/js-cookie
  - liquidjs from 10.14.0 to 10.16.4.
    See this package in npm: https://www.npmjs.com/package/liquidjs
  - mdast-util-from-markdown from 2.0.0 to 2.0.1.
    See this package in npm: https://www.npmjs.com/package/mdast-util-from-markdown
  - next from 14.2.4 to 14.2.6.
    See this package in npm: https://www.npmjs.com/package/next
  - ora from 8.0.1 to 8.1.0.
    See this package in npm: https://www.npmjs.com/package/ora
  - unified from 11.0.3 to 11.0.5.
    See this package in npm: https://www.npmjs.com/package/unified
  - semver from 7.6.2 to 7.6.3.
    See this package in npm: https://www.npmjs.com/package/semver
  - sharp from 0.33.1 to 0.33.5.
    See this package in npm: https://www.npmjs.com/package/sharp
  - styled-components from 5.3.5 to 5.3.11.
    See this package in npm: https://www.npmjs.com/package/styled-components
  - swr from 2.2.4 to 2.2.5.
    See this package in npm: https://www.npmjs.com/package/swr
  - tsx from 4.15.1 to 4.18.0.
    See this package in npm: https://www.npmjs.com/package/tsx

See this project in Snyk:
https://app.snyk.io/org/akjus/project/5f7e6913-7fed-4de4-95a0-2b94cb95d456?utm_source=github&utm_medium=referral&page=upgrade-pr
# for free to join this conversation on GitHub. Already have an account? # to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

[BUG]: No "exports" main defined in version 6.0.1 Docs: addKeyword argument
2 participants
@AKJUS @snyk-bot