[Snyk] Upgrade react-styleguidist from 9.0.8 to 9.2.0 #38

snyk-bot · 2022-07-11T21:25:03Z

Snyk has created this PR to upgrade react-styleguidist from 9.0.8 to 9.2.0.

ℹ️ Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.

The recommended version is 19 versions ahead of your current version.
The recommended version was released 3 years ago, on 2019-10-16.

The recommended version fixes:

Issue	PriorityScore (*)	Exploit Maturity
Regular Expression Denial of Service (ReDoS) SNYK-JS-WEBSOCKETEXTENSIONS-570623	517/1000 Why? Proof of Concept exploit, CVSS 8.2	Proof of Concept
Improper Input Validation SNYK-JS-URLPARSE-2407770	517/1000 Why? Proof of Concept exploit, CVSS 8.2	Proof of Concept
Cross-site Scripting (XSS) SNYK-JS-PRISMJS-597628	517/1000 Why? Proof of Concept exploit, CVSS 8.2	No Known Exploit
Regular Expression Denial of Service (ReDoS) SNYK-JS-PRISMJS-1585202	517/1000 Why? Proof of Concept exploit, CVSS 8.2	Proof of Concept
Regular Expression Denial of Service (ReDoS) SNYK-JS-PRISMJS-1314893	517/1000 Why? Proof of Concept exploit, CVSS 8.2	No Known Exploit
Regular Expression Denial of Service (ReDoS) SNYK-JS-PRISMJS-1076581	517/1000 Why? Proof of Concept exploit, CVSS 8.2	Proof of Concept
Prototype Pollution SNYK-JS-NODEFORGE-598677	517/1000 Why? Proof of Concept exploit, CVSS 8.2	Proof of Concept
Cross-site Scripting (XSS) SNYK-JS-MARKDOWNTOJSX-570059	517/1000 Why? Proof of Concept exploit, CVSS 8.2	No Known Exploit
Remote Memory Exposure SNYK-JS-DNSPACKET-1293563	517/1000 Why? Proof of Concept exploit, CVSS 8.2	No Known Exploit
Prototype Pollution SNYK-JS-ASYNC-2441827	517/1000 Why? Proof of Concept exploit, CVSS 8.2	Proof of Concept
Regular Expression Denial of Service (ReDoS) SNYK-JS-ANSIHTML-1296849	517/1000 Why? Proof of Concept exploit, CVSS 8.2	Proof of Concept
Prototype Pollution SNYK-JS-YARGSPARSER-560381	517/1000 Why? Proof of Concept exploit, CVSS 8.2	Proof of Concept
Authorization Bypass Through User-Controlled Key SNYK-JS-URLPARSE-2412697	517/1000 Why? Proof of Concept exploit, CVSS 8.2	Proof of Concept
Authorization Bypass SNYK-JS-URLPARSE-2407759	517/1000 Why? Proof of Concept exploit, CVSS 8.2	Proof of Concept
Access Restriction Bypass SNYK-JS-URLPARSE-2401205	517/1000 Why? Proof of Concept exploit, CVSS 8.2	Proof of Concept
Open Redirect SNYK-JS-URLPARSE-1533425	517/1000 Why? Proof of Concept exploit, CVSS 8.2	Proof of Concept
Improper Input Validation SNYK-JS-URLPARSE-1078283	517/1000 Why? Proof of Concept exploit, CVSS 8.2	No Known Exploit
Denial of Service (DoS) SNYK-JS-SOCKJS-575261	517/1000 Why? Proof of Concept exploit, CVSS 8.2	Proof of Concept
Cross-site Scripting (XSS) SNYK-JS-PRISMJS-2404333	517/1000 Why? Proof of Concept exploit, CVSS 8.2	No Known Exploit
Denial of Service (DoS) SNYK-JS-HTTPPROXY-569139	517/1000 Why? Proof of Concept exploit, CVSS 8.2	Proof of Concept
Information Exposure SNYK-JS-FOLLOWREDIRECTS-2332181	517/1000 Why? Proof of Concept exploit, CVSS 8.2	Proof of Concept
Information Exposure SNYK-JS-EVENTSOURCE-2823375	517/1000 Why? Proof of Concept exploit, CVSS 8.2	Proof of Concept
Information Exposure SNYK-JS-EVENTSOURCE-2823375	517/1000 Why? Proof of Concept exploit, CVSS 8.2	Proof of Concept
Information Exposure SNYK-JS-FOLLOWREDIRECTS-2396346	517/1000 Why? Proof of Concept exploit, CVSS 8.2	No Known Exploit

(*) Note that the real score may have changed since the PR was raised.

Release notes

Package name: react-styleguidist

9.2.0 - 2019-10-16
New features
- New minimize option to disable JavaScript compression (#1442, #1443 by @ kopax)
9.1.16 - 2019-08-19
- Fixed: Update react-dev-utils to ^9.0.3 (#1422)
9.1.15 - 2019-08-19
- Fixed: Don't show empty sidebar (#1423)
9.1.14 - 2019-08-08
- Fixed: Single sections can contain only sections (#1414)
  
  If a section contains only one subsection, Styleguidist will try to optimize. It will make the section disappear and show its components instead. If this section only contain sections, no components, it should optimize to sections and not to components.
9.1.13 - 2019-07-26
- Fixed: Highlighting currently selected page on sidebar broken with sections (#1405)
  
  Fixes #1375
9.1.12 - 2019-07-25
- Fixed: Disable HTML minification (#1402)
  
  Fixes #1189
9.1.11 - 2019-06-25
- Fixed: Fix incorrect component name capitalization (#1388)
  
  Fixes #1381
  
  It is happening in a case when react-docgen (any propsParser) is failed and we are trying to guess displayName based on file path. We capitalized every case in the string instead of just words separated by - started with small letter. So, by mistake ButtonTS in file name becomes ButtonTs display name for component when we expect ButtonTS Use [startCase]:(https://lodash.com/docs/4.17.11#startCase) and then remove spaces which covers most our cases likemy-buttonTS => MyButtonTS
9.1.10 - 2019-06-24
- Fixed: Encode sublinks in URLs to fix broken routes (#1389)
  
  Follow up of #1332. This appears to have fixed the top level section link, but any sub-links within that section are still unencoded and result in "Page not found".
9.1.9 - 2019-06-20
- Fixed: Add .wasm and .mjs to default extensions in webpack config (#1386)
  
  Fixes #1385
9.1.8 - 2019-06-19
- Fixed: Replace 'walkes' with 'estree-walker' (#1349)
  
  Because walkes has LGPL-3 license.
  
  Fixes #1210
9.1.7 - 2019-06-15
9.1.6 - 2019-06-11
9.1.5 - 2019-06-07
9.1.4 - 2019-06-05
9.1.3 - 2019-06-04
9.1.2 - 2019-05-19
9.1.1 - 2019-05-18
9.1.0 - 2019-05-16
9.0.9 - 2019-04-28
9.0.8 - 2019-04-16