[Snyk] Upgrade gatsby from 5.0.0 to 5.12.5 #182

X-oss-byte · 2023-10-29T20:17:13Z

This PR was automatically created by Snyk using the credentials of a real user.

Snyk has created this PR to upgrade gatsby from 5.0.0 to 5.12.5.

ℹ️ Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.

The recommended version is 107 versions ahead of your current version.
The recommended version was released a month ago, on 2023-09-27.

The recommended version fixes:

Issue	PriorityScore (*)	Exploit Maturity
Incomplete List of Disallowed Inputs SNYK-JS-BABELTRAVERSE-5962462	632/1000 Why? Currently trending on Twitter, Recently disclosed, CVSS 9.3	No Known Exploit
Denial of Service (DoS) SNYK-JS-ENGINEIO-3136336	632/1000 Why? Currently trending on Twitter, Recently disclosed, CVSS 9.3	No Known Exploit
Denial of Service (DoS) SNYK-JS-SOCKETIOPARSER-5596892	632/1000 Why? Currently trending on Twitter, Recently disclosed, CVSS 9.3	No Known Exploit
Sandbox Bypass SNYK-JS-WEBPACK-3358798	632/1000 Why? Currently trending on Twitter, Recently disclosed, CVSS 9.3	Proof of Concept
Information Exposure SNYK-JS-GATSBY-5671647	632/1000 Why? Currently trending on Twitter, Recently disclosed, CVSS 9.3	Proof of Concept
Information Exposure SNYK-JS-GATSBYCLI-5671903	632/1000 Why? Currently trending on Twitter, Recently disclosed, CVSS 9.3	Proof of Concept
Denial of Service (DoS) SNYK-JS-GRAPHQL-5905181	632/1000 Why? Currently trending on Twitter, Recently disclosed, CVSS 9.3	Proof of Concept
Prototype Pollution SNYK-JS-JSON5-3182856	632/1000 Why? Currently trending on Twitter, Recently disclosed, CVSS 9.3	Proof of Concept
Improper Input Validation SNYK-JS-POSTCSS-5926692	632/1000 Why? Currently trending on Twitter, Recently disclosed, CVSS 9.3	No Known Exploit
Heap-based Buffer Overflow SNYK-JS-SHARP-5922108	632/1000 Why? Currently trending on Twitter, Recently disclosed, CVSS 9.3	Mature
Regular Expression Denial of Service (ReDoS) SNYK-JS-SIDEWAYFORMULA-3317169	632/1000 Why? Currently trending on Twitter, Recently disclosed, CVSS 9.3	No Known Exploit
Regular Expression Denial of Service (ReDoS) SNYK-JS-UAPARSERJS-3244450	632/1000 Why? Currently trending on Twitter, Recently disclosed, CVSS 9.3	Proof of Concept
Prototype Pollution SNYK-JS-JSON5-3182856	632/1000 Why? Currently trending on Twitter, Recently disclosed, CVSS 9.3	Proof of Concept

(*) Note that the real score may have changed since the PR was raised.

Release notes

Package name: gatsby

5.12.5 - 2023-09-27
5.12.4 - 2023-09-05
5.12.3 - 2023-08-28
gatsby-transformer-sqip@5.12.3
5.12.2 - 2023-08-28
5.12.1 - 2023-08-24
gatsby-source-graphql@5.12.1
5.12.0 - 2023-08-24
5.12.0-next.1 - 2023-07-03
5.12.0-next.0 - 2023-06-15
5.11.0 - 2023-06-15
5.11.0-touch-nodes-fix.4 - 2023-06-14
5.11.0-next.1 - 2023-06-05
5.11.0-next.0 - 2023-05-16
5.10.0 - 2023-05-16
5.10.0-next.4 - 2023-05-03
5.10.0-next.3 - 2023-04-27
5.10.0-next.2 - 2023-04-27
5.10.0-next.1 - 2023-04-19
5.10.0-next.0 - 2023-04-18
5.10.0-infer-block-less.13 - 2023-05-09
5.10.0-infer-block-less.12 - 2023-05-09
5.10.0-infer-block-less.11 - 2023-05-08
5.10.0-infer-block-less.8 - 2023-05-08
5.10.0-infer-block-less.7 - 2023-05-05
5.10.0-infer-block-less.6 - 2023-05-05
5.10.0-infer-block-less.5 - 2023-05-05
5.10.0-gatsby-gc.20 - 2023-05-16
5.10.0-gatsby-gc.19 - 2023-05-16
5.10.0-gatsby-gc.18 - 2023-05-16
5.10.0-gatsby-gc.17 - 2023-05-15
5.10.0-gatsby-gc.16 - 2023-05-15
5.10.0-gatsby-gc.15 - 2023-05-15
5.10.0-gatsby-gc.14 - 2023-05-15
5.10.0-alpha-adapters.165 - 2023-07-14
5.10.0-alpha-adapters.164 - 2023-07-13
5.10.0-alpha-adapters.159 - 2023-07-12
5.10.0-alpha-adapters.158 - 2023-07-12
5.10.0-alpha-adapters.156 - 2023-07-11
5.10.0-alpha-adapters.155 - 2023-07-11
5.10.0-alpha-adapters.153 - 2023-07-11
5.10.0-alpha-adapters.142 - 2023-07-04
5.10.0-alpha-adapters.141 - 2023-07-03
5.10.0-alpha-adapters.130 - 2023-06-30
5.10.0-alpha-adapters.96 - 2023-06-14
5.10.0-alpha-adapters.94 - 2023-06-14
5.10.0-alpha-adapters.89 - 2023-06-14
5.9.1 - 2023-05-09
5.9.0 - 2023-04-18
5.9.0-touch-nodes-optout.49 - 2023-04-12
5.9.0-reduce-contentful-mem-usage.39 - 2023-04-17
5.9.0-reduce-contentful-mem-usage.38 - 2023-04-17
5.9.0-reduce-contentful-mem-usage.36 - 2023-04-17
5.9.0-next.3 - 2023-04-06
5.9.0-next.2 - 2023-03-30
5.9.0-next.1 - 2023-03-28
5.9.0-next.0 - 2023-03-21
5.9.0-lmdb-remapchunks.41 - 2023-04-20
5.9.0-lmdb-remapchunks.40 - 2023-04-20
5.9.0-image-cdn-configurable.4 - 2023-04-11
5.9.0-alpha-cg-tailwind.23 - 2023-05-09
5.8.1 - 2023-03-29
5.8.0 - 2023-03-21
5.8.0-touchnodes-memdebug2.19 - 2023-03-23
5.8.0-touchnodes-memdebug2.17 - 2023-03-22
5.8.0-touchnodes-memdebug.17 - 2023-03-21
5.8.0-next.3 - 2023-03-14
5.8.0-next.2 - 2023-03-07
5.8.0-next.1 - 2023-02-22
5.8.0-next.0 - 2023-02-16
5.8.0-inference-memdebug.26 - 2023-03-23
5.8.0-inference-memdebug.22 - 2023-03-23
5.8.0-alpha-rspack.4 - 2023-03-10
5.8.0-alpha-react-profiling-env.8 - 2023-03-17
5.7.0 - 2023-02-21
5.7.0-next.1 - 2023-02-08
5.7.0-next.0 - 2023-02-03
5.6.1 - 2023-02-16
5.6.0 - 2023-02-07
5.6.0-next.2 - 2023-01-30
5.6.0-next.1 - 2023-01-26
5.6.0-next.0 - 2023-01-19
5.5.0 - 2023-01-24
5.5.0-next.1 - 2023-01-17
5.5.0-next.0 - 2023-01-05
5.5.0-alpha-initial-webhook-body.31 - 2023-01-16
5.5.0-alpha-initial-webhook-body.30 - 2023-01-16
5.4.2 - 2023-01-17
5.4.1 - 2023-01-13
5.4.0 - 2023-01-10
5.4.0-next.3 - 2023-01-04
5.4.0-next.2 - 2022-12-14
5.4.0-next.1 - 2022-12-14
5.4.0-next.0 - 2022-12-08
5.3.3 - 2022-12-20
5.3.2 - 2022-12-14
5.3.1 - 2022-12-14
5.3.0 - 2022-12-13
5.3.0-next.4 - 2022-12-07
5.3.0-next.3 - 2022-12-07
5.3.0-next.2 - 2022-12-06
5.3.0-next.1 - 2022-12-01
5.3.0-next.0 - 2022-11-25
5.2.0 - 2022-11-25
5.2.0-next.1 - 2022-11-23
5.2.0-next.0 - 2022-11-17
5.1.0 - 2022-11-22
5.1.0-next.0 - 2022-11-08
5.0.1 - 2022-11-10
5.0.0 - 2022-11-08

from gatsby GitHub release notes

Commit messages

Package name: gatsby

aefefa9 chore(release): Publish
9ffed29 feat(gatsby-graphiql-explorer): lower minimum node version (feat(gatsby-graphiql-explorer): lower minimum node version gatsbyjs/gatsby#38577) (feat(gatsby-graphiql-explorer): lower minimum node version (#38577) gatsbyjs/gatsby#38579)
d055a99 chore(release): Publish
56ddcce fix(gatsby-adapter-netlify): handle cases with large cached _redirects and/or _headers files (fix(gatsby-adapter-netlify): handle cases with large cached _redirects and/or _headers files gatsbyjs/gatsby#38559) (fix(gatsby-adapter-netlify): handle cases with large cached _redirects and/or _headers files (#38559) gatsbyjs/gatsby#38564)
68be864 chore(release): Publish
dfcc546 Update gatsby-cloud-plugin README (Update gatsby-cloud-plugin README gatsbyjs/gatsby#38479) (Update gatsby-cloud-plugin README (#38479) gatsbyjs/gatsby#38550)
0642eb7 chore(release): Publish
232ec13 fix(gatsby): don't break builds when using features unsupported by adapter (fix(gatsby): don't break builds when using features unsupported by adapter gatsbyjs/gatsby#38520) (fix(gatsby): don't break builds when using features unsupported by adapter (#38520) gatsbyjs/gatsby#38521)
4b082d3 chore(release): Publish
da050e5 fix(gatsby): fix api function compilation on Windows (fix(gatsby): fix api function compilation on Windows gatsbyjs/gatsby#38489) (fix(gatsby): fix api function compilation on Windows (#38489) gatsbyjs/gatsby#38491)
b6f1a10 chore(release): Publish
6a73ee1 fix: fix fetching adapters manifest from latest gatsby version (fix: fix fetching adapters manifest from latest gatsby version gatsbyjs/gatsby#38475) (fix: fix fetching adapters manifest from latest gatsby version (#38475) gatsbyjs/gatsby#38482)
1fe0cf1 chore(release): Publish
1f9e806 fix: fix fetching adapters manifest from latest gatsby version
a1c87bc chore(release): Publish
b2d4aef feat(gatsby): Adapters (feat(gatsby): Adapters gatsbyjs/gatsby#38232)
7a2778b fix(gatsby-source-contentful): handle nullable fields (fix(gatsby-source-contentful): handle nullable fields gatsbyjs/gatsby#38358)
2e08202 chore(docs): clarify react upgrade with --legacy-peer-deps (chore(docs): clarify react upgrade with --legacy-peer-deps gatsbyjs/gatsby#38359)
e5126f9 fix(gatsby-source-wordpress): Set empty default alt tag for inline images (fix(gatsby-source-wordpress): Set empty default alt tag for inline images gatsbyjs/gatsby#38341)
668aa5f fix(deps): update dependency algoliasearch to ^4.18.0 for gatsby-source-npm-package-search (fix(deps): update dependency algoliasearch to ^4.18.0 for gatsby-source-npm-package-search gatsbyjs/gatsby#38308)
06015b9 fix(deps): update minor and patch dependencies for gatsby-source-contentful (fix(deps): update minor and patch dependencies for gatsby-source-contentful gatsbyjs/gatsby#38322)
544862b fix(deps): update minor and patch dependencies for gatsby (fix(deps): update minor and patch dependencies for gatsby gatsbyjs/gatsby#38297)
cde8b49 fix(deps): update dependency verdaccio to ^5.25.0 for gatsby-dev-cli (fix(deps): update dependency verdaccio to ^5.25.0 for gatsby-dev-cli gatsbyjs/gatsby#38318)
b074b85 fix(deps): update minor and patch dependencies for gatsby-source-wordpress (fix(deps): update minor and patch dependencies for gatsby-source-wordpress gatsbyjs/gatsby#38293)

Compare

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.

For more information:

🧐 View latest project report

🛠 Adjust upgrade PR settings

🔕 Ignore this dependency or unsubscribe from future upgrade PRs

Snyk has created this PR to upgrade gatsby from 5.0.0 to 5.12.5. See this package in npm: https://www.npmjs.com/package/gatsby See this project in Snyk: https://app.snyk.io/org/sammyfilly/project/af737f69-1615-4ff8-88ef-8864ae118b27?utm_source=github&utm_medium=referral&page=upgrade-pr

stackblitz · 2023-10-29T20:17:17Z

Run & review this pull request in StackBlitz Codeflow.

changeset-bot · 2023-10-29T20:17:18Z

⚠️ No Changeset found

Latest commit: 378b665

Merging this PR will not cause a version bump for any packages. If these changes should not result in a new version, you're good to go. If these changes should result in a version bump, you need to add a changeset.

Click here to learn what changesets are, and how to add one.

Click here if you're a maintainer who wants to add a changeset to this PR

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

[Snyk] Upgrade gatsby from 5.0.0 to 5.12.5 #182

[Snyk] Upgrade gatsby from 5.0.0 to 5.12.5 #182

X-oss-byte commented Oct 29, 2023

stackblitz bot commented Oct 29, 2023

changeset-bot bot commented Oct 29, 2023

[Snyk] Upgrade gatsby from 5.0.0 to 5.12.5 #182

Are you sure you want to change the base?

[Snyk] Upgrade gatsby from 5.0.0 to 5.12.5 #182

Conversation

X-oss-byte commented Oct 29, 2023

Snyk has created this PR to upgrade gatsby from 5.0.0 to 5.12.5.

stackblitz bot commented Oct 29, 2023

changeset-bot bot commented Oct 29, 2023

⚠️ No Changeset found