[Snyk] Fix for 20 vulnerabilities

[0xSebin]

This PR was automatically created by Snyk using the credentials of a real user.

Snyk has created this PR to fix one or more vulnerable packages in the `npm` dependencies of this project.

Changes included in this PR

• Changes to the following files to upgrade the vulnerable dependencies to a fixed version:
  • starters/blog/package.json
  • starters/blog/package-lock.json

Vulnerabilities that will be fixed

With an upgrade:

Severity	Priority Score (*)	Issue	Breaking Change	Exploit Maturity
	696/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 7.5	Regular Expression Denial of Service (ReDoS) SNYK-JS-ANSIREGEX-1583908	Yes	Proof of Concept
	586/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 5.3	Regular Expression Denial of Service (ReDoS) SNYK-JS-BROWSERSLIST-1090194	No	Proof of Concept
	589/1000 Why? Has a fix available, CVSS 7.5	Denial of Service (DoS) SNYK-JS-ENGINEIO-3136336	No	No Known Exploit
	589/1000 Why? Has a fix available, CVSS 7.5	Denial of Service (DoS) SNYK-JS-FILETYPE-2958042	Yes	No Known Exploit
	686/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 7.3	Arbitrary Code Injection SNYK-JS-GATSBYTRANSFORMERREMARK-3228581	Yes	Proof of Concept
	484/1000 Why? Has a fix available, CVSS 5.4	Open Redirect SNYK-JS-GOT-2932019	Yes	No Known Exploit
	601/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 5.6	Prototype Pollution SNYK-JS-IMMER-1540542	No	Proof of Concept
	479/1000 Why? Has a fix available, CVSS 5.3	Regular Expression Denial of Service (ReDoS) SNYK-JS-LOADERUTILS-3042992	No	No Known Exploit
	589/1000 Why? Has a fix available, CVSS 7.5	Prototype Pollution SNYK-JS-LOADERUTILS-3043105	No	No Known Exploit
	479/1000 Why? Has a fix available, CVSS 5.3	Regular Expression Denial of Service (ReDoS) SNYK-JS-LOADERUTILS-3105943	No	No Known Exploit
	479/1000 Why? Has a fix available, CVSS 5.3	Regular Expression Denial of Service (ReDoS) SNYK-JS-MINIMATCH-3050818	Yes	No Known Exploit
	696/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 7.5	Regular Expression Denial of Service (ReDoS) SNYK-JS-NTHCHECK-1586032	Yes	Proof of Concept
	484/1000 Why? Has a fix available, CVSS 5.4	Cross-site Scripting (XSS) SNYK-JS-PRISMJS-2404333	No	No Known Exploit
	586/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 5.3	Regular Expression Denial of Service (ReDoS) SNYK-JS-PROMPTS-1729737	No	Proof of Concept
	646/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 6.5	Validation Bypass SNYK-JS-SANITIZEHTML-1070780	Yes	Proof of Concept
	539/1000 Why? Has a fix available, CVSS 6.5	Access Restriction Bypass SNYK-JS-SANITIZEHTML-1070786	Yes	No Known Exploit
	479/1000 Why? Has a fix available, CVSS 5.3	Regular Expression Denial of Service (ReDoS) SNYK-JS-SANITIZEHTML-2957526	Yes	No Known Exploit
	684/1000 Why? Has a fix available, CVSS 9.4	Arbitrary Code Execution SNYK-JS-SANITIZEHTML-585892	Yes	No Known Exploit
	539/1000 Why? Has a fix available, CVSS 6.5	Remote Code Execution (RCE) SNYK-JS-SHARP-2848109	Yes	No Known Exploit
	619/1000 Why? Has a fix available, CVSS 8.1	Remote Code Execution (RCE) SNYK-JS-SHELLQUOTE-1766506	No	No Known Exploit

(*) Note that the real score may have changed since the PR was raised.

Commit messages

Package name: gatsby

The new version differs by 250 commits.

• 0c6cd61 chore(release): Publish
• 5e8e621 chore: Update main README (chore: Update main README gatsbyjs/gatsby#36954)
• 7130cd4 test(gatsby): Slices API integration tests (test(gatsby): Slices API integration tests gatsbyjs/gatsby#36747)
• 6496eed chore(release): Publish next
• bc7ac84 chore: preserve previous webpack stats derived values, even if we restart webpack itself (chore: preserve previous webpack stats derived values, even if we restart webpack itself gatsbyjs/gatsby#36980)
• 2b5af32 fix: drop `__renderedByLocation` prop when calculating slice props hashes and don't expose it to slice component (fix: drop __renderedByLocation prop when calculating slice props hashes and don't expose it to slice component gatsbyjs/gatsby#36979)
• cc1ee9b chore(release): Publish next
• 6a53861 chore(gatsby-link): Correct type export (chore(gatsby-link): Correct type export gatsbyjs/gatsby#36968)
• 0ad6314 fix(gatsby-graphiql-explorer): Use upstream exporter package (fix(gatsby-graphiql-explorer): Use upstream exporter package gatsbyjs/gatsby#36966)
• 964265c chore(release): Publish next
• b624442 chore: Update peerDeps (chore: Update peerDeps gatsbyjs/gatsby#36965)
• b2ab092 chore(release): Publish next
• e2a14bf feat(gatsby): Slices <> partial hydration interop (feat(gatsby): Slices <> partial hydration interop gatsbyjs/gatsby#36960)
• 0083e62 fix(deps): update starters and examples gatsby packages to ^4.24.7 (fix(deps): update starters and examples gatsby packages to ^4.24.7 gatsbyjs/gatsby#36957)
• 68e9cab chore(changelogs): update changelogs (chore(changelogs): update changelogs gatsbyjs/gatsby#36958)
• b9eb8d2 chore(deps): update dependency autoprefixer to ^10.4.13 for gatsby-plugin-sass (chore(deps): update dependency autoprefixer to ^10.4.13 for gatsby-plugin-sass gatsbyjs/gatsby#36934)
• 58c37ea chore(deps): update dependency @ jridgewell/trace-mapping to ^0.3.17 for gatsby-legacy-polyfills (chore(deps): update dependency @jridgewell/trace-mapping to ^0.3.17 for gatsby-legacy-polyfills gatsbyjs/gatsby#36933)
• a5e4c47 fix(deps): update dependency body-parser to ^1.20.1 for gatsby-source-drupal (fix(deps): update dependency body-parser to ^1.20.1 for gatsby-source-drupal gatsbyjs/gatsby#36940)
• c86aa7e chore(docs): Add clarification for Pro Tip on Part 4 of tutorial (chore(docs): Add clarification for Pro Tip on Part 4 of tutorial gatsbyjs/gatsby#36918)
• d5c775a feat(gatsby): handle graphql-import-node bundling (feat(gatsby): handle graphql-import-node bundling gatsbyjs/gatsby#36951)
• 59e2976 feat(gatsby-remark-embed-snippet): added csproj to language map so it will be recognized as xml (feat(gatsby-remark-embed-snippet): added csproj to language map so it will be recognized as xml gatsbyjs/gatsby#36919)
• c8a7dda chore(docs): Valhalla Content Hub Reference Guide (chore(docs): Valhalla Content Hub Reference Guide gatsbyjs/gatsby#36949)
• 3044280 fix(gatsby): stitch slices if just page html was regenerating without any of used slices regenerating (fix(gatsby): stitch slices if just page html was regenerating without any of used slices regenerating gatsbyjs/gatsby#36950)
• 10abdcb chore(release): Publish next

See the full diff

Package name: gatsby-plugin-google-analytics

The new version differs by 250 commits.

• 2cfb64b chore(release): Publish
• c132f2d feat(gatsby-plugin-google-gtag): Add `delayOnRouteUpdate` option (feat(gatsby-plugin-google-gtag): Add delayOnRouteUpdate option gatsbyjs/gatsby#37017)
• 3032a1b fix(gatsby): Use xstate `predictableActionArguments` & update to 4.34 (fix(gatsby): Use xstate predictableActionArguments & update to 4.34 gatsbyjs/gatsby#36342)
• aca64b7 chore: Add constraints to renovate (chore: Add constraints to renovate gatsbyjs/gatsby#37047)
• f94db78 fix(gatsby-transformer-csv): Fix high memory consumption (fix(gatsby-transformer-csv): Fix high memory consumption gatsbyjs/gatsby#36610)
• f158930 test: e2e tests for Slices API (test: e2e tests for Slices API gatsbyjs/gatsby#36746)
• 9d67c13 chore(docs): Google Analytics: use gtag.js plugin (chore(docs): Google Analytics: use gtag.js plugin gatsbyjs/gatsby#36984)
• 8569655 chore(gatsby-plugin-google-analytics): Update `minimatch` (chore(gatsby-plugin-google-analytics): Update minimatch gatsbyjs/gatsby#37029)
• 086c862 fix(gatsby-core-utils): decode uri-encode filename for remote file (fix(gatsby-core-utils): decode uri-encode filename for remote file gatsbyjs/gatsby#35637)
• ccf56d5 chore: Add npm "engines" (chore: Add npm "engines" gatsbyjs/gatsby#37046)
• 5772595 fix(gatsby-source-wordpress) pass store for auth (fix(gatsby-source-wordpress) pass store for auth gatsbyjs/gatsby#37006)
• c411d69 chore(docs): Add `--` to quick start flags (chore(docs): Add -- to quick start flags gatsbyjs/gatsby#37041)
• 2a06fff chore(docs): Deployment Updates & Cleanup (chore(docs): Deployment Updates & Cleanup gatsbyjs/gatsby#37038)
• 0fb0390 chore: Repository Cleanup (chore: Repository Cleanup gatsbyjs/gatsby#37035)
• 88b9dc5 chore(gatsby-source-wordpress): remove runApisInSteps and call runApiSteps for each gatsby-node api (chore(gatsby-source-wordpress): remove runApisInSteps and call runApiSteps for each gatsby-node api gatsbyjs/gatsby#37039)
• b69709c build: include e2e tests in renovate config (build: include e2e tests in renovate config gatsbyjs/gatsby#37005)
• 8fc95f5 chore(docs): Clarify language in v4 to v5 migration guide (chore(docs): Clarify language in v4 to v5 migration guide gatsbyjs/gatsby#37007)
• 1cfd9b8 chore(e2e-tests): Wait for route change on back/forward (chore(e2e-tests): Wait for route change on back/forward gatsbyjs/gatsby#37033)
• 4842417 chore(docs): Add IE 11 note to v2 to v3 migration guide (chore(docs): Add IE 11 note to v2 to v3 migration guide gatsbyjs/gatsby#37022)
• 19dd1c4 fix(graphiql-explorer): Adjust env var truthiness logic (fix(graphiql-explorer): Adjust env var truthiness logic gatsbyjs/gatsby#37032)
• 57b37ae chore(changelogs): update changelogs (chore(changelogs): update changelogs gatsbyjs/gatsby#37030)
• 58197a0 fix(docs): update forEach to use map (fix(docs): update forEach to use map gatsbyjs/gatsby#37008)
• 3a4d333 chore: migrate from express-graphql to graphql-http (chore: migrate from express-graphql to graphql-http gatsbyjs/gatsby#37001)
• 5766694 chore(docs): Add overview video to release notes (+ other misc) (chore(docs): Add overview video to release notes (+ other misc) gatsbyjs/gatsby#37003)

See the full diff

Package name: gatsby-plugin-manifest

The new version differs by 250 commits.

• f6734b9 chore(release): Publish
• 9a616c0 fix(gatsby): wait for LMDB upserts to finish before emitting ENGINES_READY (fix(gatsby): wait for LMDB upserts to finish before emitting ENGINES_READY gatsbyjs/gatsby#34853) (fix(gatsby): wait for LMDB upserts to finish before emitting ENGINES_READY (#34853) gatsbyjs/gatsby#34896)
• f5705b9 fix(create-gatsby): Add required deps for theme-ui option (fix(create-gatsby): Add required deps for theme-ui option gatsbyjs/gatsby#34885) (fix(create-gatsby): Add required deps for theme-ui option (#34885) gatsbyjs/gatsby#34897)
• 9a579f1 fix(gatsby-core-utils): fix 304 when file does not exists (fix(gatsby-core-utils): fix 304 when file does not exists gatsbyjs/gatsby#34842) (fix(gatsby-core-utils): fix 304 when file does not exists (#34842) gatsbyjs/gatsby#34888)
• 148d016 fix(gatsby): Remove double enhanced-resolve dep (fix(gatsby): Remove double enhanced-resolve dep gatsbyjs/gatsby#34854) (fix(gatsby): Remove double enhanced-resolve dep (#34854) gatsbyjs/gatsby#34889)
• 19b0304 feat(gatsby-core-utils): improve fetch-remote-file (feat(gatsby-core-utils): improve fetch-remote-file gatsbyjs/gatsby#34758)
• ac1d777 fix(gatsby-source-contentful): avoid confusion of Gatsby node and Contentful node count in logs (fix(gatsby-source-contentful): avoid confusion of Gatsby node and Contentful node count in logs gatsbyjs/gatsby#34830)
• ee8c874 refactor(gatsby-source-contentful): remove unnecessary check for existing node (refactor(gatsby-source-contentful): remove unnecessary check for existing node gatsbyjs/gatsby#34829)
• 056b48e test(gatsby): Add a memory test suite command to the memory benchmark (test(gatsby): Add a memory test suite command to the memory benchmark gatsbyjs/gatsby#34810)
• 45cb1f1 chore(release): Publish next
• 4c832bf documentation: Add Third Party Schema (docs(gatsby): Add Third Party Schema gatsbyjs/gatsby#34820)
• 9f23dec chore(gatsby): cache shouldn't reference nodes strongly (chore(gatsby): cache shouldn't reference nodes strongly gatsbyjs/gatsby#34821)
• f2d4830 feat(gatsby-core-utils): create proper mutex (feat(gatsby-core-utils): create proper mutex gatsbyjs/gatsby#34761)
• 21ef185 chore(changelogs): update changelogs (chore(changelogs): update changelogs gatsbyjs/gatsby#34826)
• a2f99af fix(deps): update starters and examples gatsby packages to ^4.7.2 (fix(deps): update starters and examples gatsby packages to ^4.7.2 gatsbyjs/gatsby#34822)
• 76c89d8 chore(release): Publish next
• 54d29c4 chore(gatsby): upgrade from lmdb-store to lmdb (chore(gatsby): upgrade from lmdb-store to lmdb gatsbyjs/gatsby#34576)
• 3df8583 fix(core): Make filter/sort query only hold onto node properties it needs (fix(core): Make filter/sort query only hold onto node properties it needs gatsbyjs/gatsby#34747)
• 3c3362b refactor(core): Make load plugins modular, prepare for TS (refactor(core): Make load plugins modular, prepare for TS gatsbyjs/gatsby#34813)
• 3d74584 feat(gatsby): allow referencing derived types in schema customization (feat(gatsby): allow referencing derived types in schema customization gatsbyjs/gatsby#34787)
• bfd04d3 fix(gatsby): Content Sync DSG bug (fix(gatsby): Content Sync DSG bug gatsbyjs/gatsby#34799)
• 326a483 fix(deps): update dependency sharp to ^0.30.1 (fix(deps): update dependency sharp to ^0.30.1 gatsbyjs/gatsby#34755)
• 7b958f9 docs: update typo Forestry (docs: update typo Forestry gatsbyjs/gatsby#34805)
• ba8e21c feat(gatsby): Match node manifest pages by page context slug (feat(gatsby): Match node manifest pages by page context slug gatsbyjs/gatsby#34790)

See the full diff

Package name: gatsby-plugin-sharp

The new version differs by 250 commits.

• f6734b9 chore(release): Publish
• 9a616c0 fix(gatsby): wait for LMDB upserts to finish before emitting ENGINES_READY (fix(gatsby): wait for LMDB upserts to finish before emitting ENGINES_READY gatsbyjs/gatsby#34853) (fix(gatsby): wait for LMDB upserts to finish before emitting ENGINES_READY (#34853) gatsbyjs/gatsby#34896)
• f5705b9 fix(create-gatsby): Add required deps for theme-ui option (fix(create-gatsby): Add required deps for theme-ui option gatsbyjs/gatsby#34885) (fix(create-gatsby): Add required deps for theme-ui option (#34885) gatsbyjs/gatsby#34897)
• 9a579f1 fix(gatsby-core-utils): fix 304 when file does not exists (fix(gatsby-core-utils): fix 304 when file does not exists gatsbyjs/gatsby#34842) (fix(gatsby-core-utils): fix 304 when file does not exists (#34842) gatsbyjs/gatsby#34888)
• 148d016 fix(gatsby): Remove double enhanced-resolve dep (fix(gatsby): Remove double enhanced-resolve dep gatsbyjs/gatsby#34854) (fix(gatsby): Remove double enhanced-resolve dep (#34854) gatsbyjs/gatsby#34889)
• 19b0304 feat(gatsby-core-utils): improve fetch-remote-file (feat(gatsby-core-utils): improve fetch-remote-file gatsbyjs/gatsby#34758)
• ac1d777 fix(gatsby-source-contentful): avoid confusion of Gatsby node and Contentful node count in logs (fix(gatsby-source-contentful): avoid confusion of Gatsby node and Contentful node count in logs gatsbyjs/gatsby#34830)
• ee8c874 refactor(gatsby-source-contentful): remove unnecessary check for existing node (refactor(gatsby-source-contentful): remove unnecessary check for existing node gatsbyjs/gatsby#34829)
• 056b48e test(gatsby): Add a memory test suite command to the memory benchmark (test(gatsby): Add a memory test suite command to the memory benchmark gatsbyjs/gatsby#34810)
• 45cb1f1 chore(release): Publish next
• 4c832bf documentation: Add Third Party Schema (docs(gatsby): Add Third Party Schema gatsbyjs/gatsby#34820)
• 9f23dec chore(gatsby): cache shouldn't reference nodes strongly (chore(gatsby): cache shouldn't reference nodes strongly gatsbyjs/gatsby#34821)
• f2d4830 feat(gatsby-core-utils): create proper mutex (feat(gatsby-core-utils): create proper mutex gatsbyjs/gatsby#34761)
• 21ef185 chore(changelogs): update changelogs (chore(changelogs): update changelogs gatsbyjs/gatsby#34826)
• a2f99af fix(deps): update starters and examples gatsby packages to ^4.7.2 (fix(deps): update starters and examples gatsby packages to ^4.7.2 gatsbyjs/gatsby#34822)
• 76c89d8 chore(release): Publish next
• 54d29c4 chore(gatsby): upgrade from lmdb-store to lmdb (chore(gatsby): upgrade from lmdb-store to lmdb gatsbyjs/gatsby#34576)
• 3df8583 fix(core): Make filter/sort query only hold onto node properties it needs (fix(core): Make filter/sort query only hold onto node properties it needs gatsbyjs/gatsby#34747)
• 3c3362b refactor(core): Make load plugins modular, prepare for TS (refactor(core): Make load plugins modular, prepare for TS gatsbyjs/gatsby#34813)
• 3d74584 feat(gatsby): allow referencing derived types in schema customization (feat(gatsby): allow referencing derived types in schema customization gatsbyjs/gatsby#34787)
• bfd04d3 fix(gatsby): Content Sync DSG bug (fix(gatsby): Content Sync DSG bug gatsbyjs/gatsby#34799)
• 326a483 fix(deps): update dependency sharp to ^0.30.1 (fix(deps): update dependency sharp to ^0.30.1 gatsbyjs/gatsby#34755)
• 7b958f9 docs: update typo Forestry (docs: update typo Forestry gatsbyjs/gatsby#34805)
• ba8e21c feat(gatsby): Match node manifest pages by page context slug (feat(gatsby): Match node manifest pages by page context slug gatsbyjs/gatsby#34790)

See the full diff

Package name: gatsby-source-filesystem

The new version differs by 250 commits.

• b8eac2d chore(release): Publish
• 3253a38 fix(gatsby-plugin-mdx): Hashing and pluginOptions (fix(gatsby-plugin-mdx): Hashing and pluginOptions gatsbyjs/gatsby#36387) (fix(gatsby-plugin-mdx): Hashing and pluginOptions (#36387) gatsbyjs/gatsby#36395)
• 1880491 fix(gatsby-script): Reach router import (fix(gatsby-script): Reach router import gatsbyjs/gatsby#36385) (fix(gatsby-script): Reach router import (#36385) gatsbyjs/gatsby#36394)
• f664ad2 feat(gatsby): Telemetry tracking for Head API (feat(gatsby): Telemetry tracking for Head API gatsbyjs/gatsby#36352)
• ab55e4e chore: Update `got` (chore: Update got gatsbyjs/gatsby#36366)
• 2b4ff76 fix(gatsby): Make runtime error overlay work in non-v8 browsers (fix(gatsby): Make runtime error overlay work in non-v8 browsers gatsbyjs/gatsby#36365)
• f990e08 fix(test): clear and close lmdb after each test suite (fix(test): clear and close lmdb after each test suite gatsbyjs/gatsby#36343)
• 7fcf580 fix(gatsby): e.remove() is not a function when using Gatsby Head API (fix(gatsby): e.remove() is not a function when using Gatsby Head API gatsbyjs/gatsby#36338)
• 25fb9d1 chore: Fix pipeline tests (chore: Fix pipeline tests gatsbyjs/gatsby#36363)
• a9132a5 chore(deps): update sharp (chore(deps): update sharp gatsbyjs/gatsby#35539)
• bc80c23 chore: Add note about rehype-slug-custom-id
• 5b6f1f6 chore(gatsby): upgrade multer (chore(gatsby): upgrade multer gatsbyjs/gatsby#36359)
• f2f0acf chore(gatsby-telemetry): upgrade git-up (chore(gatsby-telemetry): upgrade git-up gatsbyjs/gatsby#36358)
• 86a8efc chore(release): Publish next
• 0705ac7 chore(gatsby-plugin-mdx): Update .gitignore
• c92db36 BREAKING CHANGE(gatsby-plugin-mdx): MDX v2 (BREAKING CHANGE(gatsby-plugin-mdx): MDX v2 gatsbyjs/gatsby#35650)
• 3c0dd6d chore(release): Publish next
• 86b6ee9 Revert "chore(gatsby): Make `plugins` in `PluginOptions` type optional (chore(gatsby): Make plugins in PluginOptions type optional gatsbyjs/gatsby#36351)"
• a2fa5a2 chore(gatsby): Make `plugins` in `PluginOptions` type optional (chore(gatsby): Make plugins in PluginOptions type optional gatsbyjs/gatsby#36351)
• 6ecfe4a fix(gatsby-source-contentful): Correctly overwrite field type on Assets (fix(gatsby-source-contentful): Correctly overwrite field type on Assets gatsbyjs/gatsby#36337)
• 0ed362c chore(docs): Pre-encoded unicode characters can't be used in paths (chore(docs): Pre-encoded unicode characters can't be used in paths gatsbyjs/gatsby#36325)
• 2bbe96d fix(deps): update dependency file-type to ^16.5.4 for gatsby-source-filesystem (fix(deps): update dependency file-type to ^16.5.4 for gatsby-source-filesystem gatsbyjs/gatsby#36276)
• 2be3fa7 chore(docs): Add first batch of Cloud docs (chore(docs): Add first batch of Cloud docs gatsbyjs/gatsby#36218)
• 4238142 chore(docs): Remove outdated examples and recipes (chore(docs): Remove outdated examples and recipes gatsbyjs/gatsby#36335)

See the full diff

Package name: gatsby-transformer-remark

The new version differs by 250 commits.

• 0c6cd61 chore(release): Publish
• 5e8e621 chore: Update main README (chore: Update main README gatsbyjs/gatsby#36954)
• 7130cd4 test(gatsby): Slices API integration tests (test(gatsby): Slices API integration tests gatsbyjs/gatsby#36747)
• 6496eed chore(release): Publish next
• bc7ac84 chore: preserve previous webpack stats derived values, even if we restart webpack itself (chore: preserve previous webpack stats derived values, even if we restart webpack itself gatsbyjs/gatsby#36980)
• 2b5af32 fix: drop `__renderedByLocation` prop when calculating slice props hashes and don't expose it to slice component (fix: drop __renderedByLocation prop when calculating slice props hashes and don't expose it to slice component gatsbyjs/gatsby#36979)
• cc1ee9b chore(release): Publish next
• 6a53861 chore(gatsby-link): Correct type export (chore(gatsby-link): Correct type export gatsbyjs/gatsby#36968)
• 0ad6314 fix(gatsby-graphiql-explorer): Use upstream exporter package (fix(gatsby-graphiql-explorer): Use upstream exporter package gatsbyjs/gatsby#36966)
• 964265c chore(release): Publish next
• b624442 chore: Update peerDeps (chore: Update peerDeps gatsbyjs/gatsby#36965)
• b2ab092 chore(release): Publish next
• e2a14bf feat(gatsby): Slices <> partial hydration interop (feat(gatsby): Slices <> partial hydration interop gatsbyjs/gatsby#36960)
• 0083e62 fix(deps): update starters and examples gatsby packages to ^4.24.7 (fix(deps): update starters and examples gatsby packages to ^4.24.7 gatsbyjs/gatsby#36957)
• 68e9cab chore(changelogs): update changelogs (chore(changelogs): update changelogs gatsbyjs/gatsby#36958)
• b9eb8d2 chore(deps): update dependency autoprefixer to ^10.4.13 for gatsby-plugin-sass (chore(deps): update dependency autoprefixer to ^10.4.13 for gatsby-plugin-sass gatsbyjs/gatsby#36934)
• 58c37ea chore(deps): update dependency @ jridgewell/trace-mapping to ^0.3.17 for gatsby-legacy-polyfills (chore(deps): update dependency @jridgewell/trace-mapping to ^0.3.17 for gatsby-legacy-polyfills gatsbyjs/gatsby#36933)
• a5e4c47 fix(deps): update dependency body-parser to ^1.20.1 for gatsby-source-drupal (fix(deps): update dependency body-parser to ^1.20.1 for gatsby-source-drupal gatsbyjs/gatsby#36940)
• c86aa7e chore(docs): Add clarification for Pro Tip on Part 4 of tutorial (chore(docs): Add clarification for Pro Tip on Part 4 of tutorial gatsbyjs/gatsby#36918)
• d5c775a feat(gatsby): handle graphql-import-node bundling (feat(gatsby): handle graphql-import-node bundling gatsbyjs/gatsby#36951)
• 59e2976 feat(gatsby-remark-embed-snippet): added csproj to language map so it will be recognized as xml (feat(gatsby-remark-embed-snippet): added csproj to language map so it will be recognized as xml gatsbyjs/gatsby#36919)
• c8a7dda chore(docs): Valhalla Content Hub Reference Guide (chore(docs): Valhalla Content Hub Reference Guide gatsbyjs/gatsby#36949)
• 3044280 fix(gatsby): stitch slices if just page html was regenerating without any of used slices regenerating (fix(gatsby): stitch slices if just page html was regenerating without any of used slices regenerating gatsbyjs/gatsby#36950)
• 10abdcb chore(release): Publish next

See the full diff

Package name: gatsby-transformer-sharp

The new version differs by 250 commits.

• f6734b9 chore(release): Publish
• 9a616c0 fix(gatsby): wait for LMDB upserts to finish before emitting ENGINES_READY (fix(gatsby): wait for LMDB upserts to finish before emitting ENGINES_READY gatsbyjs/gatsby#34853) (fix(gatsby): wait for LMDB upserts to finish before emitting ENGINES_READY (#34853) gatsbyjs/gatsby#34896)
• f5705b9 fix(create-gatsby): Add required deps for theme-ui option (fix(create-gatsby): Add required deps for theme-ui option gatsbyjs/gatsby#34885) (fix(create-gatsby): Add required deps for theme-ui option (#34885) gatsbyjs/gatsby#34897)
• 9a579f1 fix(gatsby-core-utils): fix 304 when file does not exists (fix(gatsby-core-utils): fix 304 when file does not exists gatsbyjs/gatsby#34842) (fix(gatsby-core-utils): fix 304 when file does not exists (#34842) gatsbyjs/gatsby#34888)
• 148d016 fix(gatsby): Remove double enhanced-resolve dep (fix(gatsby): Remove double enhanced-resolve dep gatsbyjs/gatsby#34854) (fix(gatsby): Remove double enhanced-resolve dep (#34854) gatsbyjs/gatsby#34889)
• 19b0304 feat(gatsby-core-utils): improve fetch-remote-file (feat(gatsby-core-utils): improve fetch-remote-file gatsbyjs/gatsby#34758)
• ac1d777 fix(gatsby-source-contentful): avoid confusion of Gatsby node and Contentful node count in logs (fix(gatsby-source-contentful): avoid confusion of Gatsby node and Contentful node count in logs gatsbyjs/gatsby#34830)
• ee8c874 refactor(gatsby-source-contentful): remove unnecessary check for existing node (refactor(gatsby-source-contentful): remove unnecessary check for existing node gatsbyjs/gatsby#34829)
• 056b48e test(gatsby): Add a memory test suite command to the memory benchmark (test(gatsby): Add a memory test suite command to the memory benchmark gatsbyjs/gatsby#34810)
• 45cb1f1 chore(release): Publish next
• 4c832bf documentation: Add Third Party Schema (docs(gatsby): Add Third Party Schema gatsbyjs/gatsby#34820)
• 9f23dec chore(gatsby): cache shouldn't reference nodes strongly (chore(gatsby): cache shouldn't reference nodes strongly gatsbyjs/gatsby#34821)
• f2d4830 feat(gatsby-core-utils): create proper mutex (feat(gatsby-core-utils): create proper mutex gatsbyjs/gatsby#34761)
• 21ef185 chore(changelogs): update changelogs (chore(changelogs): update changelogs gatsbyjs/gatsby#34826)
• a2f99af fix(deps): update starters and examples gatsby packages to ^4.7.2 (fix(deps): update starters and examples gatsby packages to ^4.7.2 gatsbyjs/gatsby#34822)
• 76c89d8 chore(release): Publish next
• 54d29c4 chore(gatsby): upgrade from lmdb-store to lmdb (chore(gatsby): upgrade from lmdb-store to lmdb gatsbyjs/gatsby#34576)
• 3df8583 fix(core): Make filter/sort query only hold onto node properties it needs (fix(core): Make filter/sort query only hold onto node properties it needs gatsbyjs/gatsby#34747)
• 3c3362b refactor(core): Make load plugins modular, prepare for TS (refactor(core): Make load plugins modular, prepare for TS gatsbyjs/gatsby#34813)
• 3d74584 feat(gatsby): allow referencing derived types in schema customization (feat(gatsby): allow referencing derived types in schema customization gatsbyjs/gatsby#34787)
• bfd04d3 fix(gatsby): Content Sync DSG bug (fix(gatsby): Content Sync DSG bug gatsbyjs/gatsby#34799)
• 326a483 fix(deps): update dependency sharp to ^0.30.1 (fix(deps): update dependency sharp to ^0.30.1 gatsbyjs/gatsby#34755)
• 7b958f9 docs: update typo Forestry (docs: update typo Forestry gatsbyjs/gatsby#34805)
• ba8e21c feat(gatsby): Match node manifest pages by page context slug (feat(gatsby): Match node manifest pages by page context slug gatsbyjs/gatsby#34790)

See the full diff

Package name: prismjs

The new version differs by 193 commits.

• 703881e 1.27.0
• 7ac1373 Updated changelog for v1.27.0 (Fix typo in gatsby-remark-katex README gatsbyjs/gatsby#3342)
• e002e78 Command Line: Escape markup in command line output (Stack size limit on generation of more then 10000 pages gatsbyjs/gatsby#3341)
• 13b56a9 Bump follow-redirects from 1.14.7 to 1.14.8 (Consistently pass the pathPrefix with linked files gatsbyjs/gatsby#3338)
• f094c4a Bump yargs-parser from 5.0.0 to 5.0.1 (Add site to showcase gatsbyjs/gatsby#3334)
• 9fd4c74 Bump ajv from 6.10.0 to 6.12.6 (Adds email capture to bottom of blog gatsbyjs/gatsby#3333)
• 3fcca6b Bump pathval from 1.1.0 to 1.1.1 (Removes hrefs from homepage logos gatsbyjs/gatsby#3331)
• 1784b17 Command Line: Add support for line continuation and improved colors (Remove render-page.js.map from public folder gatsbyjs/gatsby#3326)
• f545843 ESLint: Allow `Map` and `Set` in ES5 code (Github -> GitHub gatsbyjs/gatsby#3328)
• d6c5372 PureBasic: Added missing keyword and fixed constants ending with `$` (GatsbyLink: typescript definition update gatsbyjs/gatsby#3320)
• 82d0ca1 Command Line: Added span around command and output (Service worker : css class on wrapper component. Doesn't apply at times using emotion-js gatsbyjs/gatsby#3312)
• 2cc4660 Core: Added better error message for missing grammars (JavaScript errors on index page only after build gatsbyjs/gatsby#3311)
• 3f8cc5a Added UO Razor Script ([gatsby-link] to should be of type string or location object gatsbyjs/gatsby#3309)
• bcb2e2c AutoIt: Allow hyphen in directive (Gatsby ignores custom html.js and static files gatsbyjs/gatsby#3308)
• deb3a97 INI: Swap out `header` for `section` (Styleguide example gatsbyjs/gatsby#3304)
• e46501b editorconfig: Change alias of `section` from `keyword` to `selector` (Support URLs that end in SemVer ranges gatsbyjs/gatsby#3305)
• 2eb89e1 Swap out `operator` for `punctuation` (Try using v8-compile-cache gatsbyjs/gatsby#3306)
• 3a20bdc Bump node-fetch from 2.6.1 to 3.1.1 (Fix wrong plugin name leftover from name-change gatsbyjs/gatsby#3307)
• 081d515 Bump copy-props from 2.0.4 to 2.0.5 (build fail gatsbyjs/gatsby#3300)
• b90e97c Bump follow-redirects from 1.13.1 to 1.14.7 (Enable cross-origin requests in development mode gatsbyjs/gatsby#3299)
• 8458c41 MongoDB: Added v5 support (pass plugin options to setParserPlugin gatsbyjs/gatsby#3297)
• 441a142 Scala: Added support for interpolated strings (Add endpoint for refresh gatsbyjs/gatsby#3293)
• 0b6b1e2 1.26.0
• 3ae61a8 Updated changelog for v1.26.0 (add UX blog post gatsbyjs/gatsby#3292)

See the full diff

Check the changes in this PR to ensure they won't cause issues with your project.

---

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information:
🧐 View latest project report

🛠 Adjust project settings

📚 Read more about Snyk's upgrade and patch logic

---

Learn how to fix vulnerabilities with free interactive lessons:

🦉 Regular Expression Denial of Service (ReDoS)
🦉 Regular Expression Denial of Service (ReDoS)
🦉 Denial of Service (DoS)
🦉 More lessons are available in Snyk Learn