gatsby-bigcommerce-netlify-cms-starter
gatsby-bigcommerce-netlify-cms-starter copied to clipboard
Published
20 hours ago •
bigcommerce
bigcommerce
[Snyk] Fix for 1 vulnerabilities
This PR was automatically created by Snyk using the credentials of a real user.
Snyk has created this PR to fix one or more vulnerable packages in the `npm` dependencies of this project.
Changes included in this PR
- Changes to the following files to upgrade the vulnerable dependencies to a fixed version:
- package.json
- package-lock.json
Vulnerabilities that will be fixed
With an upgrade:
| Severity | Priority Score (*) | Issue | Breaking Change | Exploit Maturity |
|---|---|---|---|---|
 |
713/1000 Why? Proof of Concept exploit, Recently disclosed, Has a fix available, CVSS 6.4 |
Prototype Pollution SNYK-JS-JSON5-3182856 |
Yes | Proof of Concept |
(*) Note that the real score may have changed since the PR was raised.
Commit messages
Package name: gatsby
The new version differs by 250 commits.- f1d3f7b chore(release): Publish
- 6e6ea56 chore(release): Publish rc
- df50ce7 fix(gatsby): Add dir=ltr to Fast Refresh overlay (#29900) (#29908)
- 83adec5 chore(docs): update readme (#29837) (#29909)
- b2628da will git stop being weird (#29897) (#29907)
- c98c87f chore(release): Publish rc
- c8bf571 fix(gatsby-source-wordpress): image fixes (#29813) (#29886)
- 85bb8ea fix(gatsby-plugin-image): Update peerdeps (#29880) (#29888)
- c266b83 fix(gatsby): Remove `react-hot-loader` deps & other unused deps (#29864) (#29876)
- 222ca3f fix(gatsby): with some custom babel configs array spreading with Set is not safe (#29885) (#29889)
- ea31900 chore(release): Publish rc
- f070422 fix(gatsby): Fix various small DEV_SSR bugs exposed in development_runtime tests (#29720) (#29866)
- cb3b1ca chore: update peerdeps to latest major versions (#29857) (#29867)
- 8639f7b fix(create-gatsby): Use legacy peer deps (#29856) (#29862)
- fdc1fe2 fix(gatsby): fix some css HMR edge cases (#29839) (#29865)
- e8a7e3b fix(gatsby-plugin-preact): fix fast-refresh (#29831) (#29860)
- e7453c3 fix(gatsby): Improve Fast Refresh overlay styles (#29855) (#29861)
- 76f4f96 chore: upgrade postcss & plugins (#29793)
- de6cba6 chore(release): Publish rc
- aafe584 fix: query on demand loading indicator always active on preact. (#29829) (#29836)
- 34f5b8c fix(hmr): accept hot updates for modules above page templates (#29752) (#29835)
- b8d21f8 fix(gatsby): workaround graphql-compose issue (#29822) (#29834)
- 32fee71 fix(gatsby): eslint linting (#29796) (#29814)
- bca7951 fix(gatsby-source-wordpress): HTML image regex's (#29778) (#29816)
Package name: gatsby-plugin-netlify-cms
The new version differs by 250 commits.- 8d07242 chore(release): Publish
- 0790895 chore(gatsby): Update README (#33615)
- 06760d7 chore(gatsby): Change comment format in actions/public (#33592)
- 7d66a23 feat(gatsby): capture number of ssg,dsg,ssr pages in telemetry (#33337)
- 98a843c fix(gatsby): use lmdb.removeSync so getNode can't return deleted nodes (#33554)
- 4d8e40b fix(gatsby-source-wordpress): Add steps for `refetch_ALL` (#33264)
- 4761dc3 fix(gatsby): restore onPreBuild to being called right after bootstrap finishes (#33591)
- 1cdbab6 fix(deps): update starters and examples gatsby packages to ^3.14.3 (#33553)
- 0f421db chore(release): Publish next
- 7d6a0aa fix(gatsby): fix page-tree in ink-cli (#33579)
- 3993819 chore(gatsby): Add `assetPrefix` to `IGatsbyConfig` (#33575)
- 6cc964a fix(gatsby-source-wordpress): restore PQR support (#33590)
- 9eef270 specifying what actually changed (#33452)
- 2975c4d feat(gatsby,gatsby-link): add queue to prefetch (#33530)
- 68fe836 fix(gatsby): temporary workaround for stale jobs cache (#33586)
- a800d9d fix(gatsby): Update internal usage of .runQuery (#33571)
- 677760c chore(docs): Clarify SEO component guide (#33451)
- ccca4b3 fix(gatsby): only remove unused code when apis got removed (#33527)
- 8dbf550 fix(gatsby): assign correct parentSpans to PQR activities (#33568)
- 31d5a5e fix(gatsby-dev-cli): resolve correct versions of packages with unpkg (#33551)
- 5110074 fix(gatsby-plugin-gatsby-cloud): emit file nodes after source updates (#33548)
- d2329df fix(gatsby): make sure 404 and 500 page inherit stateful status from original page (#33544)
- 68e5b90 chore(docs): Update query var in part-7 tutorial (#33559)
- a8cab55 chore(gatsby-plugin-react-helmet): Update Examples (#33552)
Package name: gatsby-plugin-purgecss
The new version differs by 198 commits.- 1a18e33 Release 5.0.0
- afcfade Merge pull request #663 from anantoghosh/v5
- 9146a95 fix(deps): Update package.json
- e05a5ad test: Update snapshot
- 791c06a feat: Update tailwind regex
- 42c7642 fix: Update release-it config
- d2e8831 feat: Upgrade to PurgeCSS v2
- 1a5c51c Merge pull request #652 from anantoghosh/renovate/loader-utils-2.x
- 3735686 fix(deps): update dependency loader-utils to v2
- f136d4c Merge pull request #657 from anantoghosh/renovate/fs-extra-9.x
- 1e3b68f fix(deps): update dependency fs-extra to v9
- c429494 chore(deps): update dependency release-it to v13.1.2
- eb5ebe7 chore(deps): update babel monorepo to v7.9.0
- c4a7c8b chore(deps): update react monorepo to v16.13.1
- 90cd848 chore(deps): update dependency coveralls to v3.0.11
- fd360ef chore(deps): update dependency gatsby to v2.20.2
- 4db6050 chore(deps): update gatsby monorepo
- 83fd9ab chore(deps): update dependency gatsby to v2.19.49
- 3a2b56b chore(deps): update dependency gatsby to v2.19.48
- d76cf6d chore(deps): update dependency gatsby to v2.19.45
- 1e01236 chore(deps): update gatsby monorepo
- 394434e chore(deps): update dependency release-it to v13.1.1
- f7f21db chore(deps): update dependency gatsby to v2.19.43
- 467c566 chore(deps): update dependency sass to v1.26.3
Package name: gatsby-plugin-sass
The new version differs by 250 commits.- f8cc2a3 chore(release): Publish
- ecebdd3 fix(gatsby-plugin-sharp): Add avif to pipeline (#28871) (#28876)
- 3f854ba perf(gatsby-plugin-mdx): Stop clobbering the same file over and over again (#27974) (#28874)
- 0c1c807 fix(create-gatsby) the sessionId is supposed to be the same for the whole duration of the session (#28864) (#28870)
- 6b7c5e7 fix(gatsby-plugin-image): Fix handling of sizes prop in SSR (#28835) (#28867)
- afac774 perf(gatsby-plugin-sharp): change approach to concurrency for image processing (#28575) (#28862)
- f04304e feat(gatsby): Partially release develop SSR to 5% (#28844) (#28859)
- ceeb7d4 fix(gatsby-plugin-sharp): Pass format-specific options in image-data (#28826) (#28853)
- 883d184 feature(gatsby): Extract non-css-in-js css and add add to <head> when SSRing in dev (#28471) (#28856)
- b648728 fix(gatsby-plugin-image): Correct image styles (#28834) (#28854)
- f45ba68 fix(gatsby-plugin-image): Better error logging (#28741) (#28855)
- f19c807 chore(gatsby): enable query on demand (and lazy images) by default for local development (#28787)
- bd6b899 feat(gatsby): use production React for dev-ssr when CI=true (#28728)
- abdb8d6 feat(gatsby-source-graphql): Default Apollo Link fetch wrapper to show better API errors (#28786)
- 3b40d80 feat(gatsby): enable lazy images by default (#28743)
- 968914f chore(release): Publish next
- 5c3931c chore(gatsby): Keep page renderer around (#28784)
- 2058775 feat: Add AVIF image support to beta image plugin (#28742)
- 146b197 fix(gatsby): print childOf directive for implicit child fields (#28483)
- 3af7182 chore(telemetry) improve github action and circle detection (#28732)
- 338ed78 chore(telemetry): add valueBoolean (#28734)
- 4021a57 chore(gatsby-source-graphql): docs on how to use apollo links (#28686)
- 3a51e22 perf(gatsby-source-contentful): dont re-create nodes (#28642)
- 6af620c fix(gatsby-plugin-image): Preload lazy-hydrator (#28690)
Check the changes in this PR to ensure they won't cause issues with your project.
Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.
For more information:
🧐 View latest project report
📚 Read more about Snyk's upgrade and patch logic
Learn how to fix vulnerabilities with free interactive lessons:
