Skip to content
New issue

Have a question about this project? # for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “#”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? # to your account

[Snyk] Security upgrade next from 9.4.4 to 9.5.2 #7

Open
wants to merge 1 commit into
base: develop
Choose a base branch
from

Conversation

snyk-bot
Copy link

Snyk has created this PR to fix one or more vulnerable packages in the `npm` dependencies of this project.

merge advice

Changes included in this PR

  • Changes to the following files to upgrade the vulnerable dependencies to a fixed version:
    • package.json
    • package-lock.json

Vulnerabilities that will be fixed

With an upgrade:
Severity Priority Score (*) Issue Breaking Change Exploit Maturity
medium severity 479/1000
Why? Has a fix available, CVSS 5.3
Regular Expression Denial of Service (ReDoS)
SNYK-JS-CSSWHAT-1298035
No No Known Exploit

(*) Note that the real score may have changed since the PR was raised.

Commit messages
Package name: next The new version differs by 250 commits.
  • 07df897 v9.5.2
  • 1bc63a3 v9.5.2-canary.18
  • 4b2a825 Fix with-i18n-rosetta example (#16023)
  • 782d27e v9.5.2-canary.17
  • 052a9d2 Don’t prevent the browser’s default behavior for Alt key (#16003)
  • 378f092 v9.5.2-canary.16
  • 2ddfd84 Improvements - Font optimizations (#16031)
  • bd70354 v9.5.2-canary.15
  • 6d71eef Do not assign to readonly property in Safari (#16051)
  • 4a04212 v9.5.2-canary.14
  • d6ad0d0 upgrade @ ampproject/toolbox-optimizer to 2.6.0 (#16043)
  • e08b633 Do not bundle caniuse-lite (#16048)
  • 1398aeb v9.5.2-canary.13
  • 89c5689 Update labeler to include next-codemod (#16041)
  • 7acfd7e Add files array to @ next/codemod (#16049)
  • 06d0ba4 Fix typos in @ next/codemod CLI (#16042)
  • e8e59a1 v9.5.2-canary.12
  • d170109 Add cli for @ next/codemod (#16039)
  • 281318d v9.5.2-canary.11
  • 1738c02 Update version of next-codemod to prepare for publishing
  • 37d2d15 Resolve aliases modules (#16033)
  • 62031ff Move next-codemod to Next.js monorepo (#15536)
  • f4433ce v9.5.2-canary.10
  • 843d584 Add browser polyfils for Node.js modules (webpack 5 backwards compat) (#16022)

See the full diff

Check the changes in this PR to ensure they won't cause issues with your project.


Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information:
🧐 View latest project report

🛠 Adjust project settings

📚 Read more about Snyk's upgrade and patch logic

# for free to join this conversation on GitHub. Already have an account? # to comment
Labels
None yet
Development

Successfully merging this pull request may close these issues.

1 participant