[Snyk] Fix for 1 vulnerabilities

[twilio-product-security]

This PR was automatically created by Snyk using the credentials of a real user.

Snyk has created this PR to fix one or more vulnerable packages in the `npm` dependencies of this project.

Changes included in this PR

• Changes to the following files to upgrade the vulnerable dependencies to a fixed version:
  • packages/paste-website/package.json

Vulnerabilities that will be fixed

With an upgrade:

Severity	Priority Score (*)	Issue	Breaking Change	Exploit Maturity
	696/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 7.5	Regular Expression Denial of Service (ReDoS) SNYK-JS-TRIM-1017038	Yes	Proof of Concept

(*) Note that the real score may have changed since the PR was raised.

Commit messages

Package name: @mdx-js/loader

The new version differs by 30 commits.

• bf7deab v2.0.0-next.5
• 5c15a00 fix(remark-mdx): move remark-stringify to deps (Combobox - continuing with an error #1190)
• f59b174 Make type test run in their own action, closes #1172 (chore: prevent behavior where peerDeps patching causes major bump #1179)
• 9ac9755 docs(typescript): document how to use mdx 2 with typescript (fix(toast): correctly handle custom ids what auto dismissing toasts #1181)
• 42077e4 ci(github): update github actions to latest versions (chore(icons): adds product icon for event streams #1180)
• cc95646 ci(github): update github actions and dtslint to latest (Tabs component cannot have children? #1178)
• 6098d94 Remove deprecated plugin options, fixes UDL color pallette to Sketch #718 (chore: add DangerJS to CI workflow #1174)
• 0da2fcf Specify pre-dist-tag
• e1b45e3 v2.0.0-next.4
• 649dbd8 Implement inline link serialization that doesn't wrap them in angle (Search filter and results for provisioning a Phone number #1171)
• d08c5b6 Make testing matrix simpler (Paste with react-hook-form #1173)
• d0059c8 v2.0.0-next.3
• fa091d2 v2.0.0-next.2
• 7829b88 Move publish to its own action
• afd60c2 Break out linting into its own action
• 3ca8e0a Fix linting (New Pattern for linking to logs #1161)
• 577d48f Fix some linting
• db93304 Improve export name extraction for shortcode generation (#1160)
• ea9970a Bump deps, fix core-js version in babel configs
• 166fd9d v2.0.0-next.1
• 569f82f Make preid next to match dist tag
• a3d8f08 types: add types to test utils (docs(tokens): fix typo in readme file #1083)
• e2eb4ee types: add typescript typings for remark-mdx, remark-mdx-remove-exports, remark-mdx-remove-imports, @ mdx-js/util ([Snyk] Security upgrade browser-sync from 2.26.7 to 2.26.9 #1082)
• 65af47c Break three main tests into their own scripts

See the full diff

Package name: @mdx-js/mdx

The new version differs by 30 commits.

• bf7deab v2.0.0-next.5
• 5c15a00 fix(remark-mdx): move remark-stringify to deps (Combobox - continuing with an error #1190)
• f59b174 Make type test run in their own action, closes #1172 (chore: prevent behavior where peerDeps patching causes major bump #1179)
• 9ac9755 docs(typescript): document how to use mdx 2 with typescript (fix(toast): correctly handle custom ids what auto dismissing toasts #1181)
• 42077e4 ci(github): update github actions to latest versions (chore(icons): adds product icon for event streams #1180)
• cc95646 ci(github): update github actions and dtslint to latest (Tabs component cannot have children? #1178)
• 6098d94 Remove deprecated plugin options, fixes UDL color pallette to Sketch #718 (chore: add DangerJS to CI workflow #1174)
• 0da2fcf Specify pre-dist-tag
• e1b45e3 v2.0.0-next.4
• 649dbd8 Implement inline link serialization that doesn't wrap them in angle (Search filter and results for provisioning a Phone number #1171)
• d08c5b6 Make testing matrix simpler (Paste with react-hook-form #1173)
• d0059c8 v2.0.0-next.3
• fa091d2 v2.0.0-next.2
• 7829b88 Move publish to its own action
• afd60c2 Break out linting into its own action
• 3ca8e0a Fix linting (New Pattern for linking to logs #1161)
• 577d48f Fix some linting
• db93304 Improve export name extraction for shortcode generation (#1160)
• ea9970a Bump deps, fix core-js version in babel configs
• 166fd9d v2.0.0-next.1
• 569f82f Make preid next to match dist tag
• a3d8f08 types: add types to test utils (docs(tokens): fix typo in readme file #1083)
• e2eb4ee types: add typescript typings for remark-mdx, remark-mdx-remove-exports, remark-mdx-remove-imports, @ mdx-js/util ([Snyk] Security upgrade browser-sync from 2.26.7 to 2.26.9 #1082)
• 65af47c Break three main tests into their own scripts

See the full diff

Check the changes in this PR to ensure they won't cause issues with your project.

---

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information:
🧐 View latest project report

🛠 Adjust project settings

📚 Read more about Snyk's upgrade and patch logic

---

Learn how to fix vulnerabilities with free interactive lessons:

🦉 Regular Expression Denial of Service (ReDoS)

[vercel]

The latest updates on your projects. Learn more about Vercel for Git ↗︎

Name	Status	Preview	Comments	Updated (UTC)
paste-docs	❌ Failed (Inspect)			Mar 1, 2024 4:45am
paste-remix	❌ Failed (Inspect)			Mar 1, 2024 4:45am

[stackblitz]

Run & review this pull request in StackBlitz Codeflow.

[changeset-bot]

⚠️ No Changeset found

Latest commit: fc3ae61

Merging this PR will not cause a version bump for any packages. If these changes should not result in a new version, you're good to go. If these changes should result in a version bump, you need to add a changeset.

This PR includes no changesets

When changesets are added to this PR, you'll see the packages that this PR includes changesets for and the associated semver types

Click here to learn what changesets are, and how to add one.

Click here if you're a maintainer who wants to add a changeset to this PR

[nx-cloud]

☁️ Nx Cloud Report

CI is running/has finished running commands for commit fc3ae61. As they complete they will appear below. Click to see the status, the terminal output, and the build insights.

📂 See all runs for this CI Pipeline Execution

---

✅ Successfully ran 1 target

• nx run @twilio-paste/backend:generate:db-types

---

Sent with 💌 from NxCloud.