Skip to content
New issue

Have a question about this project? # for a free GitHub account to open an issue and contact its maintainers and the community.

#

By clicking “#”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? # to your account

Jump to bottom

[Snyk] Upgrade mini-css-extract-plugin from 0.6.0 to 2.6.1 #31

Open
wants to merge 1 commit into
base: master
Choose a base branch
from
Open

[Snyk] Upgrade mini-css-extract-plugin from 0.6.0 to 2.6.1 #31

wants to merge 1 commit into from

Conversation

snyk-bot
Copy link

Snyk has created this PR to upgrade mini-css-extract-plugin from 0.6.0 to 2.6.1.

merge advice
ℹ️ Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.

Warning: This is a major version upgrade, and may be a breaking change.

  • The recommended version is 55 versions ahead of your current version.
  • The recommended version was released 2 months ago, on 2022-06-15.

The recommended version fixes:

Severity Issue PriorityScore (*) Exploit Maturity
Prototype Pollution
SNYK-JS-Y18N-1021887		 472/1000
Why? Proof of Concept exploit, CVSS 7.3		 Proof of Concept
Prototype Pollution
SNYK-JS-Y18N-1021887		 472/1000
Why? Proof of Concept exploit, CVSS 7.3		 Proof of Concept
Regular Expression Denial of Service (ReDoS)
SNYK-JS-WEBSOCKETEXTENSIONS-570623		 472/1000
Why? Proof of Concept exploit, CVSS 7.3		 Proof of Concept
Improper Input Validation
SNYK-JS-URLPARSE-2407770		 472/1000
Why? Proof of Concept exploit, CVSS 7.3		 Proof of Concept
Arbitrary Code Injection
SNYK-JS-SERIALIZEJAVASCRIPT-570062		 472/1000
Why? Proof of Concept exploit, CVSS 7.3		 Proof of Concept
Prototype Pollution
SNYK-JS-NODEFORGE-598677		 472/1000
Why? Proof of Concept exploit, CVSS 7.3		 Proof of Concept
Prototype Pollution
SNYK-JS-LODASH-608086		 472/1000
Why? Proof of Concept exploit, CVSS 7.3		 Proof of Concept
Prototype Pollution
SNYK-JS-LODASH-567746		 472/1000
Why? Proof of Concept exploit, CVSS 7.3		 Proof of Concept
Command Injection
SNYK-JS-LODASH-1040724		 472/1000
Why? Proof of Concept exploit, CVSS 7.3		 Proof of Concept
Prototype Pollution
SNYK-JS-JSONSCHEMA-1920922		 472/1000
Why? Proof of Concept exploit, CVSS 7.3		 No Known Exploit
Prototype Pollution
SNYK-JS-INI-1048974		 472/1000
Why? Proof of Concept exploit, CVSS 7.3		 Proof of Concept
Cryptographic Issues
SNYK-JS-ELLIPTIC-571484		 472/1000
Why? Proof of Concept exploit, CVSS 7.3		 Proof of Concept
Remote Memory Exposure
SNYK-JS-DNSPACKET-1293563		 472/1000
Why? Proof of Concept exploit, CVSS 7.3		 No Known Exploit
Prototype Pollution
SNYK-JS-ASYNC-2441827		 472/1000
Why? Proof of Concept exploit, CVSS 7.3		 Proof of Concept
Regular Expression Denial of Service (ReDoS)
SNYK-JS-ANSIHTML-1296849		 472/1000
Why? Proof of Concept exploit, CVSS 7.3		 Proof of Concept
Prototype Pollution
SNYK-JS-AJV-584908		 472/1000
Why? Proof of Concept exploit, CVSS 7.3		 No Known Exploit
Regular Expression Denial of Service (ReDoS)
SNYK-JS-ACORN-559469		 472/1000
Why? Proof of Concept exploit, CVSS 7.3		 No Known Exploit
Prototype Pollution
SNYK-JS-YARGSPARSER-560381		 472/1000
Why? Proof of Concept exploit, CVSS 7.3		 Proof of Concept
Prototype Pollution
SNYK-JS-YARGSPARSER-560381		 472/1000
Why? Proof of Concept exploit, CVSS 7.3		 Proof of Concept
Regular Expression Denial of Service (ReDoS)
SNYK-JS-WS-1296835		 472/1000
Why? Proof of Concept exploit, CVSS 7.3		 Proof of Concept
Authorization Bypass Through User-Controlled Key
SNYK-JS-URLPARSE-2412697		 472/1000
Why? Proof of Concept exploit, CVSS 7.3		 Proof of Concept
Authorization Bypass
SNYK-JS-URLPARSE-2407759		 472/1000
Why? Proof of Concept exploit, CVSS 7.3		 Proof of Concept
Access Restriction Bypass
SNYK-JS-URLPARSE-2401205		 472/1000
Why? Proof of Concept exploit, CVSS 7.3		 Proof of Concept
Open Redirect
SNYK-JS-URLPARSE-1533425		 472/1000
Why? Proof of Concept exploit, CVSS 7.3		 Proof of Concept
Improper Input Validation
SNYK-JS-URLPARSE-1078283		 472/1000
Why? Proof of Concept exploit, CVSS 7.3		 No Known Exploit
Regular Expression Denial of Service (ReDoS)
SNYK-JS-TERSER-2806366		 472/1000
Why? Proof of Concept exploit, CVSS 7.3		 No Known Exploit
Denial of Service (DoS)
SNYK-JS-SOCKJS-575261		 472/1000
Why? Proof of Concept exploit, CVSS 7.3		 Proof of Concept
Regular Expression Denial of Service (ReDoS)
SNYK-JS-POSTCSS-1255640		 472/1000
Why? Proof of Concept exploit, CVSS 7.3		 Proof of Concept
Regular Expression Denial of Service (ReDoS)
SNYK-JS-POSTCSS-1090595		 472/1000
Why? Proof of Concept exploit, CVSS 7.3		 Proof of Concept
Regular Expression Denial of Service (ReDoS)
SNYK-JS-PATHPARSE-1077067		 472/1000
Why? Proof of Concept exploit, CVSS 7.3		 Proof of Concept
Prototype Pollution
SNYK-JS-MINIMIST-559764		 472/1000
Why? Proof of Concept exploit, CVSS 7.3		 Proof of Concept
Prototype Pollution
SNYK-JS-MINIMIST-559764		 472/1000
Why? Proof of Concept exploit, CVSS 7.3		 Proof of Concept
Regular Expression Denial of Service (ReDoS)
SNYK-JS-LODASH-1018905		 472/1000
Why? Proof of Concept exploit, CVSS 7.3		 Proof of Concept
Cross-site Scripting (XSS)
SNYK-JS-JQUERY-567880		 472/1000
Why? Proof of Concept exploit, CVSS 7.3		 Mature
Cross-site Scripting (XSS)
SNYK-JS-JQUERY-565129		 472/1000
Why? Proof of Concept exploit, CVSS 7.3		 Mature
Regular Expression Denial of Service (ReDoS)
SNYK-JS-ISSVG-1243891		 472/1000
Why? Proof of Concept exploit, CVSS 7.3		 Proof of Concept
Regular Expression Denial of Service (ReDoS)
SNYK-JS-ISSVG-1085627		 472/1000
Why? Proof of Concept exploit, CVSS 7.3		 Proof of Concept
Denial of Service (DoS)
SNYK-JS-HTTPPROXY-569139		 472/1000
Why? Proof of Concept exploit, CVSS 7.3		 Proof of Concept
Regular Expression Denial of Service (ReDoS)
SNYK-JS-HOSTEDGITINFO-1088355		 472/1000
Why? Proof of Concept exploit, CVSS 7.3		 Proof of Concept
Information Exposure
SNYK-JS-FOLLOWREDIRECTS-2332181		 472/1000
Why? Proof of Concept exploit, CVSS 7.3		 Proof of Concept
Information Exposure
SNYK-JS-EVENTSOURCE-2823375		 472/1000
Why? Proof of Concept exploit, CVSS 7.3		 Proof of Concept
Cryptographic Issues
SNYK-JS-ELLIPTIC-1064899		 472/1000
Why? Proof of Concept exploit, CVSS 7.3		 No Known Exploit
Prototype Pollution
SNYK-JS-DOTPROP-543489		 472/1000
Why? Proof of Concept exploit, CVSS 7.3		 Proof of Concept
Regular Expression Denial of Service (ReDoS)
SNYK-JS-COLORSTRING-1082939		 472/1000
Why? Proof of Concept exploit, CVSS 7.3		 Proof of Concept
Regular Expression Denial of Service (ReDoS)
SNYK-JS-BROWSERSLIST-1090194		 472/1000
Why? Proof of Concept exploit, CVSS 7.3		 Proof of Concept
Prototype Pollution
SNYK-JS-MINIMIST-2429795		 472/1000
Why? Proof of Concept exploit, CVSS 7.3		 Proof of Concept
Prototype Pollution
SNYK-JS-MINIMIST-2429795		 472/1000
Why? Proof of Concept exploit, CVSS 7.3		 Proof of Concept
Validation Bypass
SNYK-JS-KINDOF-537849		 472/1000
Why? Proof of Concept exploit, CVSS 7.3		 Proof of Concept
Information Exposure
SNYK-JS-FOLLOWREDIRECTS-2396346		 472/1000
Why? Proof of Concept exploit, CVSS 7.3		 No Known Exploit

(*) Note that the real score may have changed since the PR was raised.

Release notes
Package name: mini-css-extract-plugin
  • 2.6.1 - 2022-06-15

    2.6.1 (2022-06-15)

    Bug Fixes

    • do not attempt hot reloading when emit is false (#953) (b426f04)
  • 2.6.0 - 2022-03-03

    2.6.0 (2022-03-03)

    Features

    • added baseUri option support (from entry options) (#915) (6004d95)
  • 2.5.3 - 2022-01-25

    2.5.3 (2022-01-25)

    Bug Fixes

  • 2.5.2 - 2022-01-17

    2.5.2 (2022-01-17)

    Bug Fixes

  • 2.5.1 - 2022-01-17

    2.5.1 (2022-01-17)

    Bug Fixes

  • 2.5.0 - 2022-01-14

    2.5.0 (2022-01-14)

    Features

  • 2.4.7 - 2022-01-13

    2.4.7 (2022-01-13)

    Bug Fixes

  • 2.4.6 - 2022-01-06

    2.4.6 (2022-01-06)

    Bug Fixes

    • crash when publicPath is function (#881) (41bd828)
    • do not allow absolute path in the chunkFilename option (#879) (36e04ab)
    • do not allow absolute path in the filename option (#878) (76361df)
  • 2.4.5 - 2021-11-17

    2.4.5 (2021-11-17)

    Chore

    • update schema-utils package to 4.0.0 version
  • 2.4.4 - 2021-11-04

    2.4.4 (2021-11-04)

    Bug Fixes

  • 2.4.3 - 2021-10-21
  • 2.4.2 - 2021-10-07
  • 2.4.1 - 2021-10-05
  • 2.4.0 - 2021-10-05
  • 2.3.0 - 2021-09-11
  • 2.2.2 - 2021-09-01
  • 2.2.1 - 2021-08-31
  • 2.2.0 - 2021-08-04
  • 2.1.0 - 2021-07-05
  • 2.0.0 - 2021-06-30
  • 1.6.2 - 2021-06-28
  • 1.6.1 - 2021-06-25
  • 1.6.0 - 2021-04-30
  • 1.5.1 - 2021-04-28
  • 1.5.0 - 2021-04-17
  • 1.4.1 - 2021-04-07
  • 1.4.0 - 2021-03-26
  • 1.3.9 - 2021-02-25
  • 1.3.8 - 2021-02-18
  • 1.3.7 - 2021-02-15
  • 1.3.6 - 2021-02-08
  • 1.3.5 - 2021-01-28
  • 1.3.4 - 2021-01-13
  • 1.3.3 - 2020-12-10
  • 1.3.2 - 2020-12-04
  • 1.3.1 - 2020-11-12
  • 1.3.0 - 2020-11-06
  • 1.2.1 - 2020-10-27
  • 1.2.0 - 2020-10-23
  • 1.1.2 - 2020-10-22
  • 1.1.1 - 2020-10-20
  • 1.1.0 - 2020-10-19
  • 1.0.0 - 2020-10-09
  • 0.12.0 - 2020-10-07
  • 0.11.3 - 2020-10-02
  • 0.11.2 - 2020-09-12
  • 0.11.1 - 2020-09-08
  • 0.11.0 - 2020-08-27
  • 0.10.1 - 2020-08-27
  • 0.10.0 - 2020-08-10
  • 0.9.0 - 2019-12-20
  • 0.8.2 - 2019-12-17
  • 0.8.1 - 2019-12-17
  • 0.8.0 - 2019-07-16
  • 0.7.0 - 2019-05-27
  • 0.6.0 - 2019-04-10
from mini-css-extract-plugin GitHub release notes
Commit messages
Package name: mini-css-extract-plugin

Compare

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.

For more information:

🧐 View latest project report

🛠 Adjust upgrade PR settings

🔕 Ignore this dependency or unsubscribe from future upgrade PRs

# for free to join this conversation on GitHub. Already have an account? # to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
1 participant
@snyk-bot