Skip to content
New issue

Have a question about this project? # for a free GitHub account to open an issue and contact its maintainers and the community.

#

By clicking “#”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? # to your account

Jump to bottom

[Snyk] Security upgrade gatsby from 2.15.28 to 2.18.4 #70

Open
wants to merge 1 commit into
base: master
Choose a base branch
from
Open

[Snyk] Security upgrade gatsby from 2.15.28 to 2.18.4 #70

wants to merge 1 commit into from

Conversation

bryanweast
Copy link
Owner

This PR was automatically created by Snyk using the credentials of a real user.


Snyk has created this PR to fix one or more vulnerable packages in the `npm` dependencies of this project.

Changes included in this PR

  • Changes to the following files to upgrade the vulnerable dependencies to a fixed version:
    • package.json
    • package-lock.json

Vulnerabilities that will be fixed

With an upgrade:
Severity Priority Score (*) Issue Breaking Change Exploit Maturity
critical severity 786/1000
Why? Proof of Concept exploit, Has a fix available, CVSS 9.3		 Incomplete List of Disallowed Inputs
SNYK-JS-BABELTRAVERSE-5962462		 No Proof of Concept

(*) Note that the real score may have changed since the PR was raised.

Commit messages
Package name: gatsby The new version differs by 250 commits.
  • 168bb34 chore(release): Publish
  • bda9f1f fix(gatsby): Remove relay compiler & use our own (#19665)
  • 613304c swap broken link (#19747)
  • a0094f4 chore(showcase): Add taroken.dev (#19788)
  • 9fa44cd chore(showcase): Add owlypixel.com (#19773)
  • 8c65d5f chore(starters): add gatsby-starter-amelie (#19760)
  • f4cf70e chore(gatsby-theme-notes): Adjust directory-list margin (#19753)
  • 9a458a3 chore(gatsby-theme-blog): Add missing css() invocations (#19673)
  • d8a17a3 chore(starters): add gatsby-starter-hello-world-with-header-an… (#19647)
  • 524862a fix(gatsby-plugin-google-analytics): Update typings (#19684)
  • ca4a65c docs: guide for porting an html site to gatsby (#18609)
  • 02207a8 Blogpost about .com/get-started (#19711)
  • 559beb2 fix: update minor updates in packages (#19776)
  • a9ed979 chore(starters): add gatsby-eth-dapp-starter (#19746)
  • 3043786 fix(gatsby): memoize shadowCreatePagePath to fix performance r… (#19774)
  • 5daf622 chore(showcase): Add lesleylai.info to sites.yml (#19749)
  • 166bc14 chore(showcase) Add talkoverflow (#19754)
  • 899a8ff chore: update minor updates in packages (#19772)
  • 0f099f0 refactor(gatsby-source-wordpress): use includes (#19757)
  • 4a0c103 chore(starters): add gatsby-minimalist-starter (#19724)
  • 1b72cd9 chore(release): Publish
  • e6ac315 Capatilise blog in theme README
  • b81cbf8 chore(gatsby-plugin-offline): use Array.includes (#19740)
  • 0e1d712 More noticable warning (#19719)

See the full diff

Check the changes in this PR to ensure they won't cause issues with your project.

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information:
🧐 View latest project report

🛠 Adjust project settings

📚 Read more about Snyk's upgrade and patch logic

Learn how to fix vulnerabilities with free interactive lessons:

🦉 Learn about vulnerability in an interactive lesson of Snyk Learn.

# for free to join this conversation on GitHub. Already have an account? # to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@bryanweast @snyk-bot