[Snyk] Upgrade mini-css-extract-plugin from 0.6.0 to 2.6.1

[snyk-bot]

Snyk has created this PR to upgrade mini-css-extract-plugin from 0.6.0 to 2.6.1.

ℹ️ Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.

---

Warning: This is a major version upgrade, and may be a breaking change.

• The recommended version is 55 versions ahead of your current version.
• The recommended version was released 2 months ago, on 2022-06-15.

The recommended version fixes:

Severity	Issue	PriorityScore (*)	Exploit Maturity
	Prototype Pollution SNYK-JS-Y18N-1021887	472/1000 Why? Proof of Concept exploit, CVSS 7.3	Proof of Concept
	Prototype Pollution SNYK-JS-Y18N-1021887	472/1000 Why? Proof of Concept exploit, CVSS 7.3	Proof of Concept
	Regular Expression Denial of Service (ReDoS) SNYK-JS-WEBSOCKETEXTENSIONS-570623	472/1000 Why? Proof of Concept exploit, CVSS 7.3	Proof of Concept
	Improper Input Validation SNYK-JS-URLPARSE-2407770	472/1000 Why? Proof of Concept exploit, CVSS 7.3	Proof of Concept
	Arbitrary Code Injection SNYK-JS-SERIALIZEJAVASCRIPT-570062	472/1000 Why? Proof of Concept exploit, CVSS 7.3	Proof of Concept
	Prototype Pollution SNYK-JS-NODEFORGE-598677	472/1000 Why? Proof of Concept exploit, CVSS 7.3	Proof of Concept
	Prototype Pollution SNYK-JS-LODASH-608086	472/1000 Why? Proof of Concept exploit, CVSS 7.3	Proof of Concept
	Prototype Pollution SNYK-JS-LODASH-567746	472/1000 Why? Proof of Concept exploit, CVSS 7.3	Proof of Concept
	Command Injection SNYK-JS-LODASH-1040724	472/1000 Why? Proof of Concept exploit, CVSS 7.3	Proof of Concept
	Prototype Pollution SNYK-JS-JSONSCHEMA-1920922	472/1000 Why? Proof of Concept exploit, CVSS 7.3	No Known Exploit
	Prototype Pollution SNYK-JS-INI-1048974	472/1000 Why? Proof of Concept exploit, CVSS 7.3	Proof of Concept
	Cryptographic Issues SNYK-JS-ELLIPTIC-571484	472/1000 Why? Proof of Concept exploit, CVSS 7.3	Proof of Concept
	Remote Memory Exposure SNYK-JS-DNSPACKET-1293563	472/1000 Why? Proof of Concept exploit, CVSS 7.3	No Known Exploit
	Prototype Pollution SNYK-JS-ASYNC-2441827	472/1000 Why? Proof of Concept exploit, CVSS 7.3	Proof of Concept
	Regular Expression Denial of Service (ReDoS) SNYK-JS-ANSIHTML-1296849	472/1000 Why? Proof of Concept exploit, CVSS 7.3	Proof of Concept
	Prototype Pollution SNYK-JS-AJV-584908	472/1000 Why? Proof of Concept exploit, CVSS 7.3	No Known Exploit
	Regular Expression Denial of Service (ReDoS) SNYK-JS-ACORN-559469	472/1000 Why? Proof of Concept exploit, CVSS 7.3	No Known Exploit
	Prototype Pollution SNYK-JS-YARGSPARSER-560381	472/1000 Why? Proof of Concept exploit, CVSS 7.3	Proof of Concept
	Prototype Pollution SNYK-JS-YARGSPARSER-560381	472/1000 Why? Proof of Concept exploit, CVSS 7.3	Proof of Concept
	Regular Expression Denial of Service (ReDoS) SNYK-JS-WS-1296835	472/1000 Why? Proof of Concept exploit, CVSS 7.3	Proof of Concept
	Authorization Bypass Through User-Controlled Key SNYK-JS-URLPARSE-2412697	472/1000 Why? Proof of Concept exploit, CVSS 7.3	Proof of Concept
	Authorization Bypass SNYK-JS-URLPARSE-2407759	472/1000 Why? Proof of Concept exploit, CVSS 7.3	Proof of Concept
	Access Restriction Bypass SNYK-JS-URLPARSE-2401205	472/1000 Why? Proof of Concept exploit, CVSS 7.3	Proof of Concept
	Open Redirect SNYK-JS-URLPARSE-1533425	472/1000 Why? Proof of Concept exploit, CVSS 7.3	Proof of Concept
	Improper Input Validation SNYK-JS-URLPARSE-1078283	472/1000 Why? Proof of Concept exploit, CVSS 7.3	No Known Exploit
	Regular Expression Denial of Service (ReDoS) SNYK-JS-TERSER-2806366	472/1000 Why? Proof of Concept exploit, CVSS 7.3	No Known Exploit
	Denial of Service (DoS) SNYK-JS-SOCKJS-575261	472/1000 Why? Proof of Concept exploit, CVSS 7.3	Proof of Concept
	Regular Expression Denial of Service (ReDoS) SNYK-JS-POSTCSS-1255640	472/1000 Why? Proof of Concept exploit, CVSS 7.3	Proof of Concept
	Regular Expression Denial of Service (ReDoS) SNYK-JS-POSTCSS-1090595	472/1000 Why? Proof of Concept exploit, CVSS 7.3	Proof of Concept
	Regular Expression Denial of Service (ReDoS) SNYK-JS-PATHPARSE-1077067	472/1000 Why? Proof of Concept exploit, CVSS 7.3	Proof of Concept
	Prototype Pollution SNYK-JS-MINIMIST-559764	472/1000 Why? Proof of Concept exploit, CVSS 7.3	Proof of Concept
	Prototype Pollution SNYK-JS-MINIMIST-559764	472/1000 Why? Proof of Concept exploit, CVSS 7.3	Proof of Concept
	Regular Expression Denial of Service (ReDoS) SNYK-JS-LODASH-1018905	472/1000 Why? Proof of Concept exploit, CVSS 7.3	Proof of Concept
	Cross-site Scripting (XSS) SNYK-JS-JQUERY-567880	472/1000 Why? Proof of Concept exploit, CVSS 7.3	Mature
	Cross-site Scripting (XSS) SNYK-JS-JQUERY-565129	472/1000 Why? Proof of Concept exploit, CVSS 7.3	Mature
	Regular Expression Denial of Service (ReDoS) SNYK-JS-ISSVG-1243891	472/1000 Why? Proof of Concept exploit, CVSS 7.3	Proof of Concept
	Regular Expression Denial of Service (ReDoS) SNYK-JS-ISSVG-1085627	472/1000 Why? Proof of Concept exploit, CVSS 7.3	Proof of Concept
	Denial of Service (DoS) SNYK-JS-HTTPPROXY-569139	472/1000 Why? Proof of Concept exploit, CVSS 7.3	Proof of Concept
	Regular Expression Denial of Service (ReDoS) SNYK-JS-HOSTEDGITINFO-1088355	472/1000 Why? Proof of Concept exploit, CVSS 7.3	Proof of Concept
	Information Exposure SNYK-JS-FOLLOWREDIRECTS-2332181	472/1000 Why? Proof of Concept exploit, CVSS 7.3	Proof of Concept
	Information Exposure SNYK-JS-EVENTSOURCE-2823375	472/1000 Why? Proof of Concept exploit, CVSS 7.3	Proof of Concept
	Cryptographic Issues SNYK-JS-ELLIPTIC-1064899	472/1000 Why? Proof of Concept exploit, CVSS 7.3	No Known Exploit
	Prototype Pollution SNYK-JS-DOTPROP-543489	472/1000 Why? Proof of Concept exploit, CVSS 7.3	Proof of Concept
	Regular Expression Denial of Service (ReDoS) SNYK-JS-COLORSTRING-1082939	472/1000 Why? Proof of Concept exploit, CVSS 7.3	Proof of Concept
	Regular Expression Denial of Service (ReDoS) SNYK-JS-BROWSERSLIST-1090194	472/1000 Why? Proof of Concept exploit, CVSS 7.3	Proof of Concept
	Prototype Pollution SNYK-JS-MINIMIST-2429795	472/1000 Why? Proof of Concept exploit, CVSS 7.3	Proof of Concept
	Prototype Pollution SNYK-JS-MINIMIST-2429795	472/1000 Why? Proof of Concept exploit, CVSS 7.3	Proof of Concept
	Validation Bypass SNYK-JS-KINDOF-537849	472/1000 Why? Proof of Concept exploit, CVSS 7.3	Proof of Concept
	Information Exposure SNYK-JS-FOLLOWREDIRECTS-2396346	472/1000 Why? Proof of Concept exploit, CVSS 7.3	No Known Exploit

(*) Note that the real score may have changed since the PR was raised.

Release notes

Package name: mini-css-extract-plugin

• 2.6.1 - 2022-06-15
  

  2.6.1 (2022-06-15)

  Bug Fixes

  • do not attempt hot reloading when emit is false (#953) (b426f04)
• 2.6.0 - 2022-03-03
  

  2.6.0 (2022-03-03)

  Features

  • added baseUri option support (from entry options) (#915) (6004d95)
• 2.5.3 - 2022-01-25
  

  2.5.3 (2022-01-25)

  Bug Fixes

  • types (#903) (6650691)
• 2.5.2 - 2022-01-17
  

  2.5.2 (2022-01-17)

  Bug Fixes

  • types (dfb9afd)
• 2.5.1 - 2022-01-17
  

  2.5.1 (2022-01-17)

  Bug Fixes

  • cjs export and types (e836a00)
• 2.5.0 - 2022-01-14
  

  2.5.0 (2022-01-14)

  Features

  • added types (5b5654c)
• 2.4.7 - 2022-01-13
  

  2.4.7 (2022-01-13)

  Bug Fixes

  • multiple serializer registrations (#894) (c784204)
• 2.4.6 - 2022-01-06
  

  2.4.6 (2022-01-06)

  Bug Fixes

  • crash when publicPath is function (#881) (41bd828)
  • do not allow absolute path in the chunkFilename option (#879) (36e04ab)
  • do not allow absolute path in the filename option (#878) (76361df)
• 2.4.5 - 2021-11-17
  

  2.4.5 (2021-11-17)

  Chore

  • update schema-utils package to 4.0.0 version
• 2.4.4 - 2021-11-04
  

  2.4.4 (2021-11-04)

  Bug Fixes

  • crash with [contenthash] (#869) (57ad127)
  • runtime path in modules without context (#866) (e2e30b2)
• 2.4.3 - 2021-10-21
• 2.4.2 - 2021-10-07
• 2.4.1 - 2021-10-05
• 2.4.0 - 2021-10-05
• 2.3.0 - 2021-09-11
• 2.2.2 - 2021-09-01
• 2.2.1 - 2021-08-31
• 2.2.0 - 2021-08-04
• 2.1.0 - 2021-07-05
• 2.0.0 - 2021-06-30
• 1.6.2 - 2021-06-28
• 1.6.1 - 2021-06-25
• 1.6.0 - 2021-04-30
• 1.5.1 - 2021-04-28
• 1.5.0 - 2021-04-17
• 1.4.1 - 2021-04-07
• 1.4.0 - 2021-03-26
• 1.3.9 - 2021-02-25
• 1.3.8 - 2021-02-18
• 1.3.7 - 2021-02-15
• 1.3.6 - 2021-02-08
• 1.3.5 - 2021-01-28
• 1.3.4 - 2021-01-13
• 1.3.3 - 2020-12-10
• 1.3.2 - 2020-12-04
• 1.3.1 - 2020-11-12
• 1.3.0 - 2020-11-06
• 1.2.1 - 2020-10-27
• 1.2.0 - 2020-10-23
• 1.1.2 - 2020-10-22
• 1.1.1 - 2020-10-20
• 1.1.0 - 2020-10-19
• 1.0.0 - 2020-10-09
• 0.12.0 - 2020-10-07
• 0.11.3 - 2020-10-02
• 0.11.2 - 2020-09-12
• 0.11.1 - 2020-09-08
• 0.11.0 - 2020-08-27
• 0.10.1 - 2020-08-27
• 0.10.0 - 2020-08-10
• 0.9.0 - 2019-12-20
• 0.8.2 - 2019-12-17
• 0.8.1 - 2019-12-17
• 0.8.0 - 2019-07-16
• 0.7.0 - 2019-05-27
• 0.6.0 - 2019-04-10

from mini-css-extract-plugin GitHub release notes

Commit messages

Package name: mini-css-extract-plugin

• 26f711e chore(release): 2.6.1
• 3fb6845 chore(deps): update (Screenreader gives vague information for prev, next buttons readthedocs/sphinx_rtd_theme#954)
• b426f04 fix: do not attempt hot reloading when emit is false (Screenreader does not announce the number of listed versions readthedocs/sphinx_rtd_theme#953)
• 31c165f docs: fix runtime value (Tab order of prev/next buttons is the opposite of their layout on screen readthedocs/sphinx_rtd_theme#952)
• 64b32f0 ci: add node v18 workflow (Too many keyboard focus targets on Next and Previous buttons readthedocs/sphinx_rtd_theme#951)
• 7f72caf chore: update github actions (Also change the package lock file readthedocs/sphinx_rtd_theme#940)
• 4a7c36f docs: remove old badge (0.5.0 not installable from pypi package readthedocs/sphinx_rtd_theme#946)
• 3665a20 chore: disable commit message length check (Table of contents can expand -- but not collapse -- via keyboard controls readthedocs/sphinx_rtd_theme#950)
• 92b6206 ci: don't install webpack again (Included code is not properly displayed readthedocs/sphinx_rtd_theme#930)
• 4d8e043 chore: replace deprecated String.prototype.substr() (Overwrite links of previous and next buttons for a single page readthedocs/sphinx_rtd_theme#921)
• 3fd5e5e chore: upgrade dependencies to the latest version (Add local TOC as right sidebar for #764 readthedocs/sphinx_rtd_theme#919)
• 752b913 chore(release): 2.6.0
• 6004d95 feat: added `baseUri` option support (from entry options) (Address issue with dl.simple definition lists readthedocs/sphinx_rtd_theme#915)
• b2261c4 chore(dependencies): update webpack version (Add a hack to our docs to avoid cache readthedocs/sphinx_rtd_theme#918)
• 6605129 ci: add a job to check `types` (Change FOUT back to FOIT readthedocs/sphinx_rtd_theme#917)
• 01f3585 chore(deps): bump follow-redirects
• f868e82 docs: fix typo in BUG.md (Update transifex usage and localization context readthedocs/sphinx_rtd_theme#911)
• bbdb7ab chore: upgrade dependencies to the latest version (Use unique identifier to avoid caching readthedocs/sphinx_rtd_theme#910)
• 4a0d409 ci: remove install NPM steps (Improve webpack dev server readthedocs/sphinx_rtd_theme#908)
• 1a11327 chore(release): 2.5.3
• 6650691 fix: types (Sphinx theme option "prev_next_buttons_location" does not work readthedocs/sphinx_rtd_theme#903)
• 7fd41e3 chore: ignore `types` for eslint (How to remove .html suffix from URL? readthedocs/sphinx_rtd_theme#902)
• be75c50 chore(release): 2.5.2
• d898ddd chore: update types

Compare

---

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.

For more information:

🧐 View latest project report

🛠 Adjust upgrade PR settings

🔕 Ignore this dependency or unsubscribe from future upgrade PRs