Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[Snyk] Upgrade @strapi/strapi from 4.2.3 to 4.5.3 #2

Open
wants to merge 1 commit into
base: main
Choose a base branch
from
Open

[Snyk] Upgrade @strapi/strapi from 4.2.3 to 4.5.3 #2

wants to merge 1 commit into from

Conversation

snyk-bot
Copy link

@snyk-bot snyk-bot commented Jan 3, 2023

Snyk has created this PR to upgrade @strapi/strapi from 4.2.3 to 4.5.3.

ℹ️ Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.

  • The recommended version is 33 versions ahead of your current version.
  • The recommended version was released a month ago, on 2022-11-30.

The recommended version fixes:

Severity Issue PriorityScore (*) Exploit Maturity
Prototype Pollution
SNYK-JS-LOADERUTILS-3043105		 375/1000
Why? CVSS 7.5		 No Known Exploit
Denial of Service (DoS)
SNYK-JS-DECODEURICOMPONENT-3149970		 375/1000
Why? CVSS 7.5		 Proof of Concept
Regular Expression Denial of Service (ReDoS)
SNYK-JS-SANITIZEHTML-2957526		 375/1000
Why? CVSS 7.5		 No Known Exploit
Session Fixation
SNYK-JS-PASSPORT-2840631		 375/1000
Why? CVSS 7.5		 No Known Exploit
Regular Expression Denial of Service (ReDoS)
SNYK-JS-LOADERUTILS-3105943		 375/1000
Why? CVSS 7.5		 No Known Exploit
Regular Expression Denial of Service (ReDoS)
SNYK-JS-LOADERUTILS-3042992		 375/1000
Why? CVSS 7.5		 No Known Exploit

(*) Note that the real score may have changed since the PR was raised.

Release notes
Package name: @strapi/strapi
  • 4.5.3 - 2022-11-30

    🚀 New feature

    • [core:database] generate db config with all clients (#14233) @ Elhebert
    • [core:database] [Feature] Populate fragments for polymorphic relations (#14879) @ Convly

    💅 Enhancement

    ⚙️ Chore

    🔥 Bug fix

    📚 Update and Migration Guides

    • General update guide can be found here
    • Migration guides can be found here 📚
  • 4.5.2 - 2022-11-22
    Read more
  • 4.5.1 - 2022-11-16
    Read more
  • 4.5.0 - 2022-11-09
    Read more
  • 4.5.0-beta.0 - 2022-10-12
  • 4.5.0-alpha.0 - 2022-09-23
  • 4.4.7 - 2022-11-04

    🔥 Bug fix

    • [core:admin] Fix: Bump @ strapi/design-system to 1.2.7 (#14786) @ gu-stav

    📚 Update and Migration Guides

    • General update guide can be found here
    • Migration guides can be found here 📚
  • 4.4.6 - 2022-11-02
    Read more
  • 4.4.5 - 2022-10-19

    ⚙️ Chore

    • [core:content-type-builder] Swedish translations for content-type builder (#14549) @ alvesvaren

    🔥 Bug fix

    • [core:strapi] Fix breaking change introduced by koa/cors patch version bump (#14677) @ Convly

    📚 Update and Migration Guides

    • General update guide can be found here
    • Migration guides can be found here 📚
  • 4.4.4 - 2022-10-19
  • 4.4.3 - 2022-10-05
  • 4.4.2 - 2022-10-05
  • 4.4.1 - 2022-09-29
  • 4.4.0 - 2022-09-28
  • 4.4.0-rc.1 - 2022-09-22
  • 4.4.0-rc.0 - 2022-09-21
  • 4.4.0-beta.4 - 2022-09-15
  • 4.4.0-beta.3 - 2022-09-15
  • 4.4.0-beta.1 - 2022-09-09
  • 4.4.0-alpha.0 - 2022-08-25
  • 4.3.9 - 2022-09-21
  • 4.3.8 - 2022-09-07
  • 4.3.7 - 2022-09-07
  • 4.3.6 - 2022-08-24
  • 4.3.5 - 2022-08-24
  • 4.3.4 - 2022-08-11
  • 4.3.3 - 2022-08-10
  • 4.3.2 - 2022-08-01
  • 4.3.2-alpha.0 - 2022-08-01
  • 4.3.1 - 2022-08-01
  • 4.3.0 - 2022-07-27
  • 4.3.0-beta.2 - 2022-07-07
  • 4.3.0-beta.1 - 2022-06-15
  • 4.2.3 - 2022-07-13
from @strapi/strapi GitHub release notes
Commit messages
Package name: @strapi/strapi
  • 5453885 v4.5.3
  • eb69fb6 Merge pull request #15043 from strapi/fix/standardize-commander-version
  • a8c7d46 use commander to 8.2.0
  • fb4f335 Merge pull request #15026 from strapi/chore/ds-140
  • a39b999 Merge branch 'main' into chore/ds-140
  • 3ebd2db Merge pull request #14879 from strapi/features/morphs-populate
  • f6af89b Merge pull request #14878 from strapi/fix/github-test-mysql5
  • 5d9faf3 fix test - array's order
  • bbd318d Merge branch 'main' into fix/github-test-mysql5
  • 1ffef66 Merge pull request #14873 from strapi/fix/custom-fields-breaking-inputs
  • c31a334 Merge branch 'main' into chore/ds-140
  • 3e7d720 upgrade ds version and tests
  • 25bcd1c Merge pull request #14885 from raphaelmue/fix/swaggerParameterLocale
  • 78b8319 remove unecessary checks in tests breaking with mysql 5
  • 19eb795 replace mysql by bitnami/mysql image
  • 15127e8 Merge pull request #14724 from strapi/fix/file-upload-components
  • 00a3f69 Merge pull request #14835 from strapi/chore/fix-iso-locales
  • 0343495 Select custom field uids from layout using reselect
  • cfd9262 Merge branch 'main' of github.com:strapi/strapi into fix/custom-fields-breaking-inputs
  • 94cd474 Merge pull request #14881 from strapi/chore/refactor-edit-view
  • 988d1bd Merge pull request #14976 from strapi/chore/ci-caching
  • 6658018 Add caching to all tests
  • d526d80 PoC cache actions
  • f67c4b4 Merge branch 'main' into features/morphs-populate

Compare

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.

For more information:

🧐 View latest project report

🛠 Adjust upgrade PR settings

🔕 Ignore this dependency or unsubscribe from future upgrade PRs

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
1 participant
@snyk-bot