[Snyk] Upgrade gatsby from 5.0.0 to 5.12.11 #328

X-oss-byte · 2023-12-16T21:03:01Z

This PR was automatically created by Snyk using the credentials of a real user.

Snyk has created this PR to upgrade gatsby from 5.0.0 to 5.12.11.

ℹ️ Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.

The recommended version is 113 versions ahead of your current version.
The recommended version was released 24 days ago, on 2023-11-22.

The recommended version fixes:

Issue	PriorityScore (*)	Exploit Maturity
Prototype Pollution SNYK-JS-JSON5-3182856	427/1000 Why? Proof of Concept exploit, CVSS 6.4	Proof of Concept
Incomplete List of Disallowed Inputs SNYK-JS-BABELTRAVERSE-5962462	427/1000 Why? Proof of Concept exploit, CVSS 6.4	Proof of Concept
Denial of Service (DoS) SNYK-JS-ENGINEIO-3136336	427/1000 Why? Proof of Concept exploit, CVSS 6.4	No Known Exploit
Heap-based Buffer Overflow SNYK-JS-SHARP-5922108	427/1000 Why? Proof of Concept exploit, CVSS 6.4	Mature
Denial of Service (DoS) SNYK-JS-SOCKETIOPARSER-5596892	427/1000 Why? Proof of Concept exploit, CVSS 6.4	No Known Exploit
Sandbox Bypass SNYK-JS-WEBPACK-3358798	427/1000 Why? Proof of Concept exploit, CVSS 6.4	Proof of Concept
Information Exposure SNYK-JS-GATSBY-5671647	427/1000 Why? Proof of Concept exploit, CVSS 6.4	Proof of Concept
Information Exposure SNYK-JS-GATSBYCLI-5671903	427/1000 Why? Proof of Concept exploit, CVSS 6.4	Proof of Concept
Denial of Service (DoS) SNYK-JS-GRAPHQL-5905181	427/1000 Why? Proof of Concept exploit, CVSS 6.4	Proof of Concept
Regular Expression Denial of Service (ReDoS) SNYK-JS-SIDEWAYFORMULA-3317169	427/1000 Why? Proof of Concept exploit, CVSS 6.4	No Known Exploit
Regular Expression Denial of Service (ReDoS) SNYK-JS-UAPARSERJS-3244450	427/1000 Why? Proof of Concept exploit, CVSS 6.4	Proof of Concept
Prototype Pollution SNYK-JS-JSON5-3182856	427/1000 Why? Proof of Concept exploit, CVSS 6.4	Proof of Concept
Improper Input Validation SNYK-JS-POSTCSS-5926692	427/1000 Why? Proof of Concept exploit, CVSS 6.4	No Known Exploit

(*) Note that the real score may have changed since the PR was raised.

Release notes

Package name: gatsby

5.12.11 - 2023-11-22
5.12.10 - 2023-11-21
5.12.9 - 2023-10-26
5.12.8 - 2023-10-20
5.12.7 - 2023-10-17
5.12.6 - 2023-10-09
5.12.5 - 2023-09-27
5.12.4 - 2023-09-05
5.12.3 - 2023-08-28
5.12.2 - 2023-08-28
5.12.1 - 2023-08-24
5.12.0 - 2023-08-24
5.12.0-next.1 - 2023-07-03
5.12.0-next.0 - 2023-06-15
5.11.0 - 2023-06-15
5.11.0-touch-nodes-fix.4 - 2023-06-14
5.11.0-next.1 - 2023-06-05
5.11.0-next.0 - 2023-05-16
5.10.0 - 2023-05-16
5.10.0-next.4 - 2023-05-03
5.10.0-next.3 - 2023-04-27
5.10.0-next.2 - 2023-04-27
5.10.0-next.1 - 2023-04-19
5.10.0-next.0 - 2023-04-18
5.10.0-infer-block-less.13 - 2023-05-09
5.10.0-infer-block-less.12 - 2023-05-09
5.10.0-infer-block-less.11 - 2023-05-08
5.10.0-infer-block-less.8 - 2023-05-08
5.10.0-infer-block-less.7 - 2023-05-05
5.10.0-infer-block-less.6 - 2023-05-05
5.10.0-infer-block-less.5 - 2023-05-05
5.10.0-gatsby-gc.20 - 2023-05-16
5.10.0-gatsby-gc.19 - 2023-05-16
5.10.0-gatsby-gc.18 - 2023-05-16
5.10.0-gatsby-gc.17 - 2023-05-15
5.10.0-gatsby-gc.16 - 2023-05-15
5.10.0-gatsby-gc.15 - 2023-05-15
5.10.0-gatsby-gc.14 - 2023-05-15
5.10.0-alpha-adapters.165 - 2023-07-14
5.10.0-alpha-adapters.164 - 2023-07-13
5.10.0-alpha-adapters.159 - 2023-07-12
5.10.0-alpha-adapters.158 - 2023-07-12
5.10.0-alpha-adapters.156 - 2023-07-11
5.10.0-alpha-adapters.155 - 2023-07-11
5.10.0-alpha-adapters.153 - 2023-07-11
5.10.0-alpha-adapters.142 - 2023-07-04
5.10.0-alpha-adapters.141 - 2023-07-03
5.10.0-alpha-adapters.130 - 2023-06-30
5.10.0-alpha-adapters.96 - 2023-06-14
5.10.0-alpha-adapters.94 - 2023-06-14
5.10.0-alpha-adapters.89 - 2023-06-14
5.9.1 - 2023-05-09
5.9.0 - 2023-04-18
5.9.0-touch-nodes-optout.49 - 2023-04-12
5.9.0-reduce-contentful-mem-usage.39 - 2023-04-17
5.9.0-reduce-contentful-mem-usage.38 - 2023-04-17
5.9.0-reduce-contentful-mem-usage.36 - 2023-04-17
5.9.0-next.3 - 2023-04-06
5.9.0-next.2 - 2023-03-30
5.9.0-next.1 - 2023-03-28
5.9.0-next.0 - 2023-03-21
5.9.0-lmdb-remapchunks.41 - 2023-04-20
5.9.0-lmdb-remapchunks.40 - 2023-04-20
5.9.0-image-cdn-configurable.4 - 2023-04-11
5.9.0-alpha-cg-tailwind.23 - 2023-05-09
5.8.1 - 2023-03-29
5.8.0 - 2023-03-21
5.8.0-touchnodes-memdebug2.19 - 2023-03-23
5.8.0-touchnodes-memdebug2.17 - 2023-03-22
5.8.0-touchnodes-memdebug.17 - 2023-03-21
5.8.0-next.3 - 2023-03-14
5.8.0-next.2 - 2023-03-07
5.8.0-next.1 - 2023-02-22
5.8.0-next.0 - 2023-02-16
5.8.0-inference-memdebug.26 - 2023-03-23
5.8.0-inference-memdebug.22 - 2023-03-23
5.8.0-alpha-rspack.4 - 2023-03-10
5.8.0-alpha-react-profiling-env.8 - 2023-03-17
5.7.0 - 2023-02-21
5.7.0-next.1 - 2023-02-08
5.7.0-next.0 - 2023-02-03
5.6.1 - 2023-02-16
5.6.0 - 2023-02-07
5.6.0-next.2 - 2023-01-30
5.6.0-next.1 - 2023-01-26
5.6.0-next.0 - 2023-01-19
5.5.0 - 2023-01-24
5.5.0-next.1 - 2023-01-17
5.5.0-next.0 - 2023-01-05
5.5.0-alpha-initial-webhook-body.31 - 2023-01-16
5.5.0-alpha-initial-webhook-body.30 - 2023-01-16
5.4.2 - 2023-01-17
5.4.1 - 2023-01-13
5.4.0 - 2023-01-10
5.4.0-next.3 - 2023-01-04
5.4.0-next.2 - 2022-12-14
5.4.0-next.1 - 2022-12-14
5.4.0-next.0 - 2022-12-08
5.3.3 - 2022-12-20
5.3.2 - 2022-12-14
5.3.1 - 2022-12-14
5.3.0 - 2022-12-13
5.3.0-next.4 - 2022-12-07
5.3.0-next.3 - 2022-12-07
5.3.0-next.2 - 2022-12-06
5.3.0-next.1 - 2022-12-01
5.3.0-next.0 - 2022-11-25
5.2.0 - 2022-11-25
5.2.0-next.1 - 2022-11-23
5.2.0-next.0 - 2022-11-17
5.1.0 - 2022-11-22
5.1.0-next.0 - 2022-11-08
5.0.1 - 2022-11-10
5.0.0 - 2022-11-08

from gatsby GitHub release notes

Commit messages

Package name: gatsby

4d78fba chore(release): Publish
f713e59 fix: re-install lmdb when detecting the absence of @ LMDB prebuilt packages (fix: re-install lmdb when detecting the absence of @LMDB prebuilt packages gatsbyjs/gatsby#38691) (fix: re-install lmdb when detecting the absence of @LMDB prebuilt packages (#38691) gatsbyjs/gatsby#38707)
c5ec678 chore(release): Publish
1090558 feat(gatsby,gatsby-adapter-netlify): support pathPrefix and trailingSlash options (feat(gatsby,gatsby-adapter-netlify): support pathPrefix and trailingSlash options gatsbyjs/gatsby#38666) (feat(gatsby,gatsby-adapter-netlify): support pathPrefix and trailingSlash options (#38666) gatsbyjs/gatsby#38701)
3ce63a4 chore(release): Publish
8ae5702 fix(gatsby-adapter-netlify): adapter use headerRoutes (fix(gatsby-adapter-netlify): adapter use headerRoutes gatsbyjs/gatsby#38652) (fix(gatsby-adapter-netlify): adapter use headerRoutes (#38652) gatsbyjs/gatsby#38674)
8ae8281 chore(release): Publish
c43080f fix: respect 'force' and 'conditions' properties on redirects (fix: respect 'force' and 'conditions' properties on redirects gatsbyjs/gatsby#38657) (fix: respect 'force' and 'conditions' properties on redirects (#38657) gatsbyjs/gatsby#38664)
4bf84f0 test(adapters-e2e): deploy to platform instead of ntl serve (test(adapters-e2e): deploy to platform instead of ntl serve gatsbyjs/gatsby#38643) (test(adapters-e2e): deploy to platform instead of ntl serve (#38643) gatsbyjs/gatsby#38662)
67c8832 test: bump node version for pnp tests (test: bump node version for pnp tests gatsbyjs/gatsby#38656) (test: bump node version for pnp tests (#38656) gatsbyjs/gatsby#38663)
6869562 fix(gatsby): Adapter header rules (fix(gatsby): Adapter header rules gatsbyjs/gatsby#38644) (fix(gatsby): Adapter header rules (#38644) gatsbyjs/gatsby#38661)
4a76878 chore: added logging for cache handling (chore: added logging for cache handling gatsbyjs/gatsby#38654) (chore: added logging for cache handling (#38654) gatsbyjs/gatsby#38660)
470d182 chore(release): Publish
02e925a fix(gatsby): support multiple instances of same variable in gatsbyImage placeholderUrl (fix(gatsby): support multiple instances of same variable in gatsbyImage placeholderUrl gatsbyjs/gatsby#38626) (fix(gatsby): support multiple instances of same variable in gatsbyImage placeholderUrl (#38626) gatsbyjs/gatsby#38647)
8302bc8 fix(gatsby): don't force leading slash for external paths in routes manifest (fix(gatsby): don't force leading slash for external paths in routes manifest gatsbyjs/gatsby#38639) (fix(gatsby): don't force leading slash for external paths in routes manifest (#38639) gatsbyjs/gatsby#38646)
39d2fd8 chore(release): Publish
acb8799 fix(gatsby): open lmdb instances in writeable locations in generated ssr/dsg function (fix(gatsby): open lmdb instances in writeable locations in generated ssr/dsg function gatsbyjs/gatsby#38631) (fix(gatsby): open lmdb instances in writeable locations in generated ssr/dsg function (#38631) gatsbyjs/gatsby#38638)
1e8748c chore(release): Publish
f1a4107 chore(deps): upgrade sharp to latest v0.32.6 (chore(deps): upgrade sharp to latest v0.32.6 gatsbyjs/gatsby#38374) (chore(deps): upgrade sharp to latest v0.32.6 (#38374) gatsbyjs/gatsby#38617)
4dc464b chore(source-npm-package-search): bespoke treatment for `plugin-gatsby-cloud` and `source-contentful` (chore(source-npm-package-search): bespoke treatment for plugin-gatsby-cloud and source-contentful gatsbyjs/gatsby#38619) (chore(source-npm-package-search): bespoke treatment for plugin-gatsby-cloud and source-contentful (#38619) gatsbyjs/gatsby#38622)
aff105b chore(release): Publish
8061500 Update gatsby-contentful-plugin README (Update gatsby-contentful-plugin README gatsbyjs/gatsby#38480) (Update gatsby-contentful-plugin README (#38480) gatsbyjs/gatsby#38607)
aefefa9 chore(release): Publish
9ffed29 feat(gatsby-graphiql-explorer): lower minimum node version (feat(gatsby-graphiql-explorer): lower minimum node version gatsbyjs/gatsby#38577) (feat(gatsby-graphiql-explorer): lower minimum node version (#38577) gatsbyjs/gatsby#38579)

Compare

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.

For more information:

🧐 View latest project report

🛠 Adjust upgrade PR settings

🔕 Ignore this dependency or unsubscribe from future upgrade PRs

Snyk has created this PR to upgrade gatsby from 5.0.0 to 5.12.11. See this package in npm: https://www.npmjs.com/package/gatsby See this project in Snyk: https://app.snyk.io/org/sammyfilly/project/af737f69-1615-4ff8-88ef-8864ae118b27?utm_source=github&utm_medium=referral&page=upgrade-pr

stackblitz · 2023-12-16T21:03:05Z

Run & review this pull request in StackBlitz Codeflow.

changeset-bot · 2023-12-16T21:03:06Z

⚠️ No Changeset found

Latest commit: 6b40936

Merging this PR will not cause a version bump for any packages. If these changes should not result in a new version, you're good to go. If these changes should result in a version bump, you need to add a changeset.

Click here to learn what changesets are, and how to add one.

Click here if you're a maintainer who wants to add a changeset to this PR

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

[Snyk] Upgrade gatsby from 5.0.0 to 5.12.11 #328

[Snyk] Upgrade gatsby from 5.0.0 to 5.12.11 #328

X-oss-byte commented Dec 16, 2023

stackblitz bot commented Dec 16, 2023

changeset-bot bot commented Dec 16, 2023

[Snyk] Upgrade gatsby from 5.0.0 to 5.12.11 #328

Are you sure you want to change the base?

[Snyk] Upgrade gatsby from 5.0.0 to 5.12.11 #328

Conversation

X-oss-byte commented Dec 16, 2023

Snyk has created this PR to upgrade gatsby from 5.0.0 to 5.12.11.

stackblitz bot commented Dec 16, 2023

changeset-bot bot commented Dec 16, 2023

⚠️ No Changeset found