[Snyk] Security upgrade @docusaurus/plugin-pwa from 2.4.3 to 3.1.0

[tjenkinson]

This PR was automatically created by Snyk using the credentials of a real user.

Snyk has created this PR to fix one or more vulnerable packages in the `npm` dependencies of this project.

Changes included in this PR

• Changes to the following files to upgrade the vulnerable dependencies to a fixed version:
  • website/package.json

Vulnerabilities that will be fixed

With an upgrade:

Severity	Priority Score (*)	Issue	Breaking Change	Exploit Maturity
	626/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 6.1	Cross-site Scripting (XSS) SNYK-JS-SERIALIZEJAVASCRIPT-6147607	Yes	Proof of Concept

(*) Note that the real score may have changed since the PR was raised.

Commit messages

Package name: @docusaurus/plugin-pwa

The new version differs by 250 commits.

• a5e6758 v3.1.0
• a97a74f update lockfile
• 0da5936 remove problematic @ ts-expect-error
• 9088efb docs: broken link in release 3.0 page (Handle ERR_REQUIRE_ESM when reading configuration jestjs/jest#9573)
• 643c33c update lockfile
• 921fa24 refactor: apply lint autofix
• a9cef92 fix(theme): allow empty code blocks and live playgrounds (fix: TS1005: '=' expected on tsc jestjs/jest#9704)
• a779857 fix(create-docusaurus): fix init template code blocks, and little improvements (testTimeout config not working in projects jestjs/jest#9696)
• 760a5ae feat(core): make broken link checker detect broken anchors - add `onBrokenAnchors` config (watch mode regex is not working jestjs/jest#9528)
• 6d1897d fix(pwa-plugin): upgrade workbox (docs: fix typo in configuration runner jestjs/jest#9668)
• 31bd1b1 feat(mdx-loader): add support for siteConfig.markdown.remarkRehypeOptions (New moderate vulnerability found jestjs/jest#9674)
• 539fd73 feat(theme-common): code block MagicComments support for (Visual) Basic/Batch/Fortran/COBOL/ML (Docs/troubleshooting jestjs/jest#9671)
• 803ccee chore: attempt fo fix Lint Autofix workflow (Error displays current file code, not the code used in the test. jestjs/jest#9632)
• 6c06a70 chore: add lint autofix CI job (How do I test an async void function using nuxt and jest? jestjs/jest#9604)
• 839ccbd fix(cli): output help when no conventional config + no subcommand (NPM audit failure  jestjs/jest#9648)
• 1a91145 feat: siteConfig.markdown.parseFrontMatter hook (toContainEqual failing when searching through an array in a mongoose/mongodb object jestjs/jest#9624)
• 85e32fd fix(live-codeblock): stabilize react-live transformCode callback, fix editor/preview desync (TypeError: rel attribute has no supported tokens jestjs/jest#9631)
• 3c051ee feat(core): enable port configuration via environment variable (Fix CHANGELOG links jestjs/jest#9610)
• 17a2751 fix(utils): Markdown link replacement with <> but no spaces (Float precision error in jsdom jestjs/jest#9617)
• ab6147a fix(type-aliases): add `title` prop for imported inline SVG React components (chore: don't publish pretty-format/perf to npm jestjs/jest#9612)
• ed758fc fix(content-blog): add baseUrl for author.image_url ([jest-haste-map] Remove mapper option. jestjs/jest#9581)
• 68cc281 refactor(theme-common): allow optional desktopBreakpoint param in useWindowSize (beforeAll never run when use path pattern on cli jestjs/jest#9335)
• 97278be fix(i18n): complete translations for theme-common.json Brazilian Portuguese (pt-BR) (Inline snapshots indented at col 0 when existing inline snapshots in file jestjs/jest#9477)
• a2e05d2 chore: release Docusaurus 3.0.1 (chore: move execution of setupFiles to jest-runner jestjs/jest#9596)

See the full diff

Check the changes in this PR to ensure they won't cause issues with your project.

---

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information:
🧐 View latest project report

🛠 Adjust project settings

📚 Read more about Snyk's upgrade and patch logic

---

Learn how to fix vulnerabilities with free interactive lessons:

🦉 Cross-site Scripting (XSS)

[socket-security]

New and removed dependencies detected. Learn more about Socket for GitHub ↗︎

Package	New capabilities	Transitives	Size	Publisher
npm/@algolia/autocomplete-core@1.7.4	environment	0	626 kB	francoischalifour
npm/@algolia/autocomplete-preset-algolia@1.7.4	environment	0	123 kB	francoischalifour
npm/@algolia/autocomplete-shared@1.7.4	None	0	9.22 kB	francoischalifour
npm/@algolia/cache-browser-local-storage@4.23.3	None	0	8.15 kB	shortcuts
npm/@algolia/cache-common@4.23.3	None	0	5.58 kB	shortcuts
npm/@algolia/cache-in-memory@4.23.3	None	0	3.63 kB	shortcuts
npm/@algolia/client-account@4.23.3	None	0	6.78 kB	shortcuts
npm/@algolia/client-analytics@4.23.3	None	0	12.3 kB	shortcuts
npm/@algolia/client-common@4.23.3	None	0	10.6 kB	shortcuts
npm/@algolia/client-personalization@4.23.3	None	0	6.51 kB	shortcuts
npm/@algolia/client-search@4.23.3	None	0	189 kB	shortcuts
npm/@algolia/events@4.0.1	None	0	13 kB	haroenv
npm/@algolia/logger-common@4.23.3	None	0	2.16 kB	shortcuts
npm/@algolia/logger-console@4.23.3	None	0	2.37 kB	shortcuts
npm/@algolia/requester-browser-xhr@4.23.3	None	0	6.25 kB	shortcuts
npm/@algolia/requester-common@4.23.3	None	0	2.76 kB	shortcuts
npm/@algolia/requester-node-http@4.23.3	network	0	9.21 kB	shortcuts
npm/@algolia/transporter@4.23.3	None	0	50 kB	shortcuts
npm/@angular/common@12.2.17	None	0	11.6 MB	google-wombot
npm/@angular/compiler@12.2.17	None	0	19.6 MB	google-wombot
npm/@angular/core@12.2.17	None	0	16.2 MB	google-wombot
npm/@angular/forms@12.2.17	None	0	2.42 MB	google-wombot
npm/@angular/platform-browser-dynamic@12.2.17	None	0	388 kB	google-wombot
npm/@angular/platform-browser@12.2.17	None	0	1.23 MB	google-wombot
npm/@apideck/better-ajv-errors@0.3.6	environment Transitive: eval	+2	1.12 MB	eliasmeire
npm/@babel/plugin-proposal-decorators@7.21.0	None	0	128 kB	nicolo-ribaudo
npm/@babel/plugin-proposal-export-default-from@7.18.10	None	0	3.82 kB	nicolo-ribaudo
npm/@babel/plugin-proposal-object-rest-spread@7.12.1	None	0	18.3 kB	nicolo-ribaudo
npm/@babel/plugin-syntax-bigint@7.8.3	None	0	2.42 kB	nicolo-ribaudo
npm/@babel/plugin-syntax-decorators@7.24.1	None	0	12.6 kB	nicolo-ribaudo
npm/@babel/plugin-syntax-export-default-from@7.24.1	None	0	3.68 kB	nicolo-ribaudo
npm/@babel/plugin-transform-react-constant-elements@7.21.3	None	0	23.3 kB	nicolo-ribaudo
npm/@babel/plugin-transform-react-display-name@7.24.1	None	0	12.4 kB	nicolo-ribaudo
npm/@babel/plugin-transform-react-jsx-development@7.22.5	None	0	2.98 kB	nicolo-ribaudo
npm/@babel/plugin-transform-react-jsx-self@7.21.0	None	0	8.93 kB	nicolo-ribaudo
npm/@babel/plugin-transform-react-jsx-source@7.19.6	None	0	9.01 kB	nicolo-ribaudo
npm/@babel/plugin-transform-react-jsx@7.23.4	None	0	80 kB	nicolo-ribaudo
npm/@babel/plugin-transform-react-pure-annotations@7.24.1	None	0	8.34 kB	nicolo-ribaudo
npm/@babel/plugin-transform-runtime@7.21.4	unsafe	+4	495 kB	nicolo-ribaudo
npm/@babel/register@7.23.7	environment, filesystem, unsafe	0	62 kB	nicolo-ribaudo
npm/@babel/runtime-corejs3@7.21.0	None	+1	357 kB	nicolo-ribaudo
npm/@bcoe/v8-coverage@0.2.3	None	0	277 kB	bcoe
npm/@colors/colors@1.5.0	environment	0	39.5 kB	dabh
npm/@crowdin/cli@3.19.2	None	0	8.49 MB	andrii.bodnar
npm/@cspotcode/source-map-support@0.8.1	filesystem	+1	194 kB	cspotcode
npm/@discoveryjs/json-ext@0.5.7	None	0	81.1 kB	lahmatiy
npm/@docsearch/css@3.3.3	None	0	27.9 kB	shortcuts
npm/@docsearch/react@3.3.3	None	0	450 kB	shortcuts
npm/@docusaurus/core@2.4.0	Transitive: filesystem	+3	453 kB	slorber
npm/@docusaurus/cssnano-preset@2.4.0	None	0	8.66 kB	slorber
npm/@docusaurus/logger@2.4.0	None	0	158 kB	slorber
npm/@docusaurus/mdx-loader@2.4.0	environment, filesystem	0	112 kB	slorber
npm/@docusaurus/module-type-aliases@2.4.0	None	0	12 kB	slorber
npm/@docusaurus/plugin-client-redirects@2.4.0	filesystem	0	49.7 kB	slorber
npm/@docusaurus/plugin-content-blog@2.4.0	environment, filesystem	0	130 kB	slorber
npm/@docusaurus/plugin-content-docs@2.4.0	environment, filesystem	0	348 kB	slorber
npm/@docusaurus/plugin-content-pages@2.4.0	filesystem	0	28.9 kB	slorber
npm/@docusaurus/plugin-debug@2.4.0	None	0	36.7 kB	slorber
npm/@docusaurus/plugin-google-analytics@2.4.0	environment	0	11.7 kB	slorber
npm/@docusaurus/plugin-google-gtag@2.4.0	environment	0	16.2 kB	slorber
npm/@docusaurus/plugin-google-tag-manager@2.4.0	environment	0	8.5 kB	slorber
npm/@docusaurus/plugin-pwa@2.4.0	environment	0	56.4 kB	slorber
npm/@docusaurus/plugin-sitemap@2.4.0	filesystem	0	16.1 kB	slorber
npm/@docusaurus/preset-classic@2.4.0	environment	0	14.1 kB	slorber
npm/@docusaurus/react-loadable@5.5.2	None	0	57.1 kB	slorber
npm/@docusaurus/remark-plugin-npm2yarn@2.4.0	None	0	32.7 kB	slorber
npm/@docusaurus/theme-classic@2.4.0	unsafe	0	653 kB	slorber
npm/@docusaurus/theme-common@2.4.0	environment	0	507 kB	slorber
npm/@docusaurus/theme-search-algolia@2.4.0	filesystem	0	109 kB	slorber
npm/@docusaurus/theme-translations@2.4.0	filesystem	0	266 kB	slorber
npm/@docusaurus/types@2.4.0	None	0	30.6 kB	slorber
npm/@docusaurus/utils-common@2.4.0	None	0	11.6 kB	slorber
npm/@docusaurus/utils-validation@2.4.0	None	0	35.1 kB	slorber
npm/@docusaurus/utils@2.4.0	environment, filesystem	+1	229 kB	slorber
npm/@es-joy/jsdoccomment@0.37.1	None	0	71.4 kB	brettz9
npm/@eslint-community/eslint-utils@4.4.0	None	0	379 kB	eslint-community-bot
npm/@eslint-community/regexpp@4.10.0	None	0	431 kB	eslint-community-bot
npm/@eslint/eslintrc@2.1.4	filesystem, unsafe	+2	746 kB	eslintbot
npm/@eslint/js@8.57.0	None	0	13.9 kB	eslintbot
npm/@fast-check/jest@1.8.1	Transitive: environment, eval, filesystem, shell, unsafe	+16	730 kB	ndubien
npm/@gar/promisify@1.1.3	None	0	4.2 kB	gar
npm/@graphql-typed-document-node/core@3.2.0	None	0	2.96 kB	dotansimha
npm/@hapi/hoek@9.3.0	None	0	51.5 kB	devinivy
npm/@hapi/topo@5.1.0	None	0	10.7 kB	devinivy
npm/@humanwhocodes/config-array@0.11.14	None	0	55.6 kB	nzakas
npm/@humanwhocodes/module-importer@1.0.1	unsafe	0	21.2 kB	nzakas
npm/@humanwhocodes/object-schema@2.0.3	None	0	23.3 kB	nzakas
npm/@hutson/parse-repository-url@3.0.2	None	0	20.6 kB	hutson
npm/@isaacs/string-locale-compare@1.1.0	None	0	3.16 kB	isaacs
npm/@istanbuljs/load-nyc-config@1.1.0	environment, filesystem Transitive: eval	+2	310 kB	coreyfarrell
npm/@istanbuljs/schema@0.1.3	None	0	17.2 kB	coreyfarrell
npm/@jest/types@0.0.0-use.local	None	0	0 B
npm/@jridgewell/source-map@0.3.6	None	0	177 kB	jridgewell
npm/@leichtgewicht/ip-codec@2.0.5	None	0	17.7 kB	leichtgewicht
npm/@lerna-lite/cli@1.17.0	None	0	160 kB	ghiscoding
npm/@lerna-lite/core@1.17.0	environment, filesystem	0	307 kB	ghiscoding
npm/@lerna-lite/info@1.13.0	Transitive: environment, filesystem	+5	457 kB	ghiscoding
npm/@lerna-lite/init@1.17.0	filesystem	0	14.9 kB	ghiscoding
npm/@lerna-lite/listable@1.17.0	None	0	18.7 kB	ghiscoding
npm/@lerna-lite/publish@1.17.0	environment, eval, filesystem	0	178 kB	ghiscoding
npm/@lerna-lite/version@1.17.0	environment, filesystem	0	256 kB	ghiscoding
npm/@mdx-js/mdx@1.6.22	Transitive: environment, filesystem	+7	1.12 MB	johno
npm/@mdx-js/react@1.6.22	None	0	15.5 kB	johno
npm/@mdx-js/util@1.6.22	None	0	3.95 kB	johno
npm/@microsoft/api-extractor-model@7.28.14	None	0	791 kB	odspnpm
npm/@microsoft/api-extractor@7.43.1	None	+4	34.1 MB	odspnpm
npm/@microsoft/tsdoc-config@0.16.2	filesystem	+1	277 kB	odspnpm
npm/@microsoft/tsdoc@0.14.2	None	0	2.62 MB	odspnpm
npm/@nodelib/fs.scandir@2.1.5	filesystem	0	22.2 kB	mrmlnc
npm/@nodelib/fs.stat@2.0.5	filesystem	0	11.8 kB	mrmlnc
npm/@nodelib/fs.walk@1.2.8	None	0	26.4 kB	mrmlnc
npm/@npmcli/arborist@6.5.1	environment, filesystem, network	+1	894 kB	gar
npm/@npmcli/fs@3.1.0	filesystem	0	26.5 kB	lukekarrys
npm/@npmcli/git@4.1.0	filesystem	+1	156 kB	npm-cli-ops
npm/@npmcli/installed-package-contents@2.1.0	filesystem	0	12.3 kB	npm-cli-ops
npm/@npmcli/map-workspaces@3.0.6	None	+1	472 kB	npm-cli-ops
npm/@npmcli/metavuln-calculator@5.0.1	None	0	30.4 kB	npm-cli-ops
npm/@npmcli/move-file@2.0.1	filesystem	0	8.73 kB	gar
npm/@npmcli/name-from-folder@2.0.0	None	0	2.38 kB	lukekarrys
npm/@npmcli/node-gyp@3.0.0	filesystem	0	1.87 kB	lukekarrys
npm/@npmcli/package-json@4.0.1	filesystem	0	36.9 kB	npm-cli-ops
npm/@npmcli/promise-spawn@6.0.2	environment, shell	0	11.8 kB	nlf
npm/@npmcli/query@3.1.0	None	0	11 kB	npm-cli-ops
npm/@npmcli/run-script@6.0.2	environment, filesystem	0	18.5 kB	npm-cli-ops
npm/@octokit/auth-token@3.0.4	None	0	24.2 kB	octokitbot
npm/@octokit/core@4.2.4	None	0	43.7 kB	octokitbot
npm/@octokit/endpoint@7.0.6	None	0	87.4 kB	octokitbot
npm/@octokit/graphql@5.0.6	None	0	38.7 kB	octokitbot
npm/@octokit/openapi-types@18.1.1	None	0	4.23 MB	octokitbot
npm/@octokit/plugin-enterprise-rest@6.0.1	None	0	8.99 MB	octokitbot
npm/@octokit/plugin-paginate-rest@6.1.2	None	0	196 kB	octokitbot
npm/@octokit/plugin-request-log@1.0.4	None	0	11.6 kB	gr2m
npm/@octokit/plugin-rest-endpoint-methods@7.2.3	None	+1	1.73 MB	octokitbot
npm/@octokit/request-error@3.0.3	None	0	21.7 kB	octokitbot
npm/@octokit/request@6.2.8	network	0	54.7 kB	octokitbot
npm/@octokit/rest@19.0.13	None	0	9.82 kB	octokitbot
npm/@octokit/types@9.3.2	None	0	228 kB	octokitbot
npm/@pkgr/utils@2.3.1	environment	0	32.8 kB	jounqin
npm/@polka/url@1.0.0-next.25	None	0	4.48 kB	lukeed
npm/@react-native-community/cli-clean@10.1.1	filesystem Transitive: environment, shell	+9	98.3 kB	thymikee
npm/@react-native-community/cli-config@10.1.1	filesystem Transitive: unsafe	+4	135 kB	thymikee
npm/@react-native-community/cli-debugger-ui@10.0.0	None	0	290 kB	thymikee
npm/@react-native-community/cli-doctor@10.2.2	environment, filesystem	+2	250 kB	thymikee
npm/@react-native-community/cli-hermes@10.2.0	environment, filesystem, shell	0	33.6 kB	thymikee
npm/@react-native-community/cli-platform-android@10.2.0	environment, filesystem, shell	0	199 kB	thymikee
npm/@react-native-community/cli-platform-ios@10.2.5	environment, filesystem, shell	0	161 kB	thymikee
npm/@react-native-community/cli-plugin-metro@10.2.2	environment, filesystem	0	133 kB	thymikee
npm/@react-native-community/cli-server-api@10.1.1	environment, filesystem, shell	+2	182 kB	thymikee
npm/@react-native-community/cli-tools@10.1.1	environment, filesystem, network, shell	+4	246 kB	thymikee
npm/@react-native-community/cli-types@10.0.0	None	0	21.3 kB	thymikee
npm/@react-native-community/cli@10.2.2	filesystem, shell Transitive: environment	+2	482 kB	thymikee
npm/@react-native/assets@1.0.0	None	0	3.2 kB	cpojer
npm/@react-native/normalize-color@2.1.0	None	0	13.4 kB	dmitryrykun
npm/@react-native/polyfills@2.0.0	None	0	23.4 kB	yungsters
npm/@rollup/plugin-babel@5.3.1	None	0	64.8 kB	shellscape
npm/@rollup/plugin-node-resolve@11.2.1	filesystem	+1	95 kB	shellscape
npm/@rollup/plugin-replace@2.4.2	None	0	21.5 kB	shellscape
npm/@rollup/pluginutils@3.1.0	None	+1	65.5 kB	shellscape
npm/@rushstack/node-core-library@4.1.0	environment, filesystem, shell, unsafe	+1	1.15 MB	odspnpm
npm/react-dom@16.14.0	environment	+1	3.12 MB	gaearon
npm/react-dom@18.2.0	environment	0	4.5 MB	gnoff
npm/react-test-renderer@18.2.0	environment	+1	1.59 MB	gnoff
npm/react@16.14.0	environment	0	270 kB	gaearon
npm/react@18.2.0	environment	0	316 kB	gnoff

🚮 Removed packages: npm/@discordjs/builders@1.7.0, npm/@discordjs/collection@1.5.3, npm/@discordjs/formatters@0.3.3, npm/@discordjs/rest@1.7.1, npm/@discordjs/util@1.0.2, npm/@sapphire/async-queue@1.5.2, npm/@sapphire/shapeshift@3.9.7, npm/@sapphire/snowflake@3.5.3, npm/@tokenizer/token@0.3.0, npm/@types/ws@8.5.10, npm/ansi-regex@5.0.1, npm/busboy@1.6.0, npm/cliui@8.0.1, npm/discord-api-types@0.37.81, npm/discord.js@14.3.0, npm/emoji-regex@8.0.0, npm/fast-deep-equal@3.1.3, npm/file-type@18.7.0, npm/get-caller-file@2.0.5, npm/ieee754@1.2.1, npm/is-fullwidth-code-point@3.0.0, npm/iso-constants@0.1.2, npm/lodash.snakecase@4.1.1, npm/lodash@4.17.21, npm/peek-readable@5.0.0, npm/react-dom@17.0.2, npm/react-test-renderer@17.0.2, npm/readable-web-to-node-stream@3.0.2, npm/require-directory@2.1.1, npm/streamsearch@1.1.0, npm/string-width@4.2.3, npm/strip-ansi@6.0.1, npm/strtok3@7.0.0, npm/token-types@5.0.1, npm/ts-mixer@6.0.4, npm/tslib@2.6.2, npm/undici@5.28.4, npm/wrap-ansi@7.0.0, npm/ws@8.16.0, npm/y18n@5.0.8, npm/yargs-parser@21.1.1, npm/yargs@17.7.2

View full report↗︎