design-system [Snyk] Fix for 3 vulnerabilities

[Snyk] Fix for 3 vulnerabilities

Open Dottenpixel opened this issue 2 years ago • 0 comments

This PR was automatically created by Snyk using the credentials of a real user.

Changes to the following files to upgrade the vulnerable dependencies to a fixed version:
- package.json
- package-lock.json

Priority Score (*)	Issue	Breaking Change	Exploit Maturity
479/1000 Why? Has a fix available, CVSS 5.3	Regular Expression Denial of Service (ReDoS) SNYK-JS-LOADERUTILS-3042992	Yes	No Known Exploit
589/1000 Why? Has a fix available, CVSS 7.5	Prototype Pollution SNYK-JS-LOADERUTILS-3043105	Yes	No Known Exploit
479/1000 Why? Has a fix available, CVSS 5.3	Regular Expression Denial of Service (ReDoS) SNYK-JS-LOADERUTILS-3105943	Yes	No Known Exploit

(*) Note that the real score may have changed since the PR was raised.

Commit messages

Package name: @mdx-js/loader

The new version differs by 78 commits.

bf7deab v2.0.0-next.5
5c15a00 fix(remark-mdx): move remark-stringify to deps (#1190)
f59b174 Make type test run in their own action, closes #1172 (#1179)
9ac9755 docs(typescript): document how to use mdx 2 with typescript (#1181)
42077e4 ci(github): update github actions to latest versions (#1180)
cc95646 ci(github): update github actions and dtslint to latest (#1178)
6098d94 Remove deprecated plugin options, fixes #718 (#1174)
0da2fcf Specify pre-dist-tag
e1b45e3 v2.0.0-next.4
649dbd8 Implement inline link serialization that doesn't wrap them in angle (#1171)
d08c5b6 Make testing matrix simpler (#1173)
d0059c8 v2.0.0-next.3
fa091d2 v2.0.0-next.2
7829b88 Move publish to its own action
afd60c2 Break out linting into its own action
3ca8e0a Fix linting (#1161)
577d48f Fix some linting
db93304 Improve export name extraction for shortcode generation (#1160)
ea9970a Bump deps, fix core-js version in babel configs
166fd9d v2.0.0-next.1
569f82f Make preid next to match dist tag
a3d8f08 types: add types to test utils (#1083)
e2eb4ee types: add typescript typings for remark-mdx, remark-mdx-remove-exports, remark-mdx-remove-imports, @ mdx-js/util (#1082)
65af47c Break three main tests into their own scripts

Package name: @storybook/addon-docs

The new version differs by 250 commits.

05070ca v6.5.0
88c6a62 Update root, peer deps, version.ts/json to 6.5.0 [ci skip]
ca93284 6.5.0 changelog
ff28cd9 6.5.0-rc.1 next.json version file
9e1f519 Update git head to 6.5.0-rc.1, update yarn.lock
3f09d4e v6.5.0-rc.1
82b7ac1 Update root, peer deps, version.ts/json to 6.5.0-rc.1 [ci skip]
4b50e28 6.5.0-rc.1 changelog
0a6e347 Merge pull request #18220 from storybookjs/improve/detection-webpack5
95a5c80 move nextjs detection up
152e441 Merge pull request #18248 from storybookjs/18177-fix-conditional-args-fail-gracefully
2948cae ArgsTable: Gracefully handle conditional args failures
f837e31 Merge pull request #18246 from storybookjs/chore_docs_adds_mdx2_steps
73cf6ba adds MDX 2 docs and gotchas
64b07fe Merge pull request #18244 from storybookjs/chore_docs_cleanup_broken_links
fef1a32 Fixes broken links
82ce9de Merge pull request #18231 from Tomastomaslol/issue-18143-reset-button-broken-for-URL-values
ebf9341 Merge pull request #18038 from bisubus/fix-vue3-tsx
9583cea remove repeated test
1b396fd 6.5.0-rc.0 next.json version file
6cc69b5 Update git head to 6.5.0-rc.0, update yarn.lock
c27fd9e v6.5.0-rc.0
b56b1ce re add reset of args that was not set initially. Extend tests for onResetArgs
19ba77b Update root, peer deps, version.ts/json to 6.5.0-rc.0 [ci skip]

Check the changes in this PR to ensure they won't cause issues with your project.

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information: 🧐 View latest project report

Learn how to fix vulnerabilities with free interactive lessons:

Jan 12 '23 02:01 Dottenpixel