Skip to content

[Snyk] Upgrade: gatsby, gatsby-plugin-google-analytics, gatsby-plugin-manifest, gatsby-plugin-netlify#440

Open
snyk-bot wants to merge 1 commit intomasterfrom
snyk-upgrade-c64a59e48cd3968eec81604f538c986b
Open

[Snyk] Upgrade: gatsby, gatsby-plugin-google-analytics, gatsby-plugin-manifest, gatsby-plugin-netlify#440
snyk-bot wants to merge 1 commit intomasterfrom
snyk-upgrade-c64a59e48cd3968eec81604f538c986b

Conversation

@snyk-bot
Copy link
Copy Markdown
Contributor

@snyk-bot snyk-bot commented Oct 9, 2021

Snyk has created this PR to upgrade multiple dependencies.

👯 The following dependencies are linked and will therefore be updated together.

ℹ️ Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.

Name Versions Released on
gatsby
from 2.17.15 to 2.32.13		 646 versions ahead of your current version 5 months ago
on 2021-05-04
gatsby-plugin-google-analytics
from 2.1.27 to 2.11.0		 56 versions ahead of your current version 8 months ago
on 2021-02-02
gatsby-plugin-manifest
from 2.2.28 to 2.12.1		 105 versions ahead of your current version 7 months ago
on 2021-02-24
gatsby-plugin-netlify
from 2.1.25 to 2.11.1		 61 versions ahead of your current version 7 months ago
on 2021-03-18

The recommended version fixes:

Severity Issue PriorityScore (*) Exploit Maturity
Access Restriction Bypass
SNYK-JS-XMLHTTPREQUESTSSL-1255647		 472/1000
Why? Proof of Concept exploit, CVSS 7.3		 Proof of Concept
Arbitrary Code Injection
SNYK-JS-XMLHTTPREQUESTSSL-1082936		 472/1000
Why? Proof of Concept exploit, CVSS 7.3		 Proof of Concept
Regular Expression Denial of Service (ReDoS)
SNYK-JS-UAPARSERJS-610226		 472/1000
Why? Proof of Concept exploit, CVSS 7.3		 Proof of Concept
Regular Expression Denial of Service (ReDoS)
SNYK-JS-UAPARSERJS-1023599		 472/1000
Why? Proof of Concept exploit, CVSS 7.3		 Proof of Concept
Denial of Service (DoS)
SNYK-JS-SOCKETIOPARSER-1056752		 472/1000
Why? Proof of Concept exploit, CVSS 7.3		 Proof of Concept
Arbitrary Code Injection
SNYK-JS-SERIALIZEJAVASCRIPT-570062		 472/1000
Why? Proof of Concept exploit, CVSS 7.3		 Proof of Concept
Cross-site Scripting (XSS)
SNYK-JS-SERIALIZEJAVASCRIPT-536840		 472/1000
Why? Proof of Concept exploit, CVSS 7.3		 No Known Exploit
Prototype Pollution
SNYK-JS-NODEFORGE-598677		 472/1000
Why? Proof of Concept exploit, CVSS 7.3		 Proof of Concept
Denial of Service (DoS)
SNYK-JS-ENGINEIO-1056749		 472/1000
Why? Proof of Concept exploit, CVSS 7.3		 Proof of Concept
Regular Expression Denial of Service (ReDoS)
SNYK-JS-AXIOS-1579269		 472/1000
Why? Proof of Concept exploit, CVSS 7.3		 Proof of Concept
Denial of Service (DoS)
npm:mem:20180117		 472/1000
Why? Proof of Concept exploit, CVSS 7.3		 No Known Exploit
Prototype Pollution
SNYK-JS-YARGSPARSER-560381		 472/1000
Why? Proof of Concept exploit, CVSS 7.3		 Proof of Concept
Prototype Pollution
SNYK-JS-YARGSPARSER-560381		 472/1000
Why? Proof of Concept exploit, CVSS 7.3		 Proof of Concept
Prototype Pollution
SNYK-JS-YARGSPARSER-560381		 472/1000
Why? Proof of Concept exploit, CVSS 7.3		 Proof of Concept
Regular Expression Denial of Service (ReDoS)
SNYK-JS-UAPARSERJS-1072471		 472/1000
Why? Proof of Concept exploit, CVSS 7.3		 Proof of Concept
Denial of Service (DoS)
SNYK-JS-SOCKJS-575261		 472/1000
Why? Proof of Concept exploit, CVSS 7.3		 Proof of Concept
Insecure Defaults
SNYK-JS-SOCKETIO-1024859		 472/1000
Why? Proof of Concept exploit, CVSS 7.3		 Proof of Concept
Denial of Service
SNYK-JS-NODEFETCH-674311		 472/1000
Why? Proof of Concept exploit, CVSS 7.3		 No Known Exploit
Denial of Service
SNYK-JS-NODEFETCH-674311		 472/1000
Why? Proof of Concept exploit, CVSS 7.3		 No Known Exploit
Denial of Service
SNYK-JS-NODEFETCH-674311		 472/1000
Why? Proof of Concept exploit, CVSS 7.3		 No Known Exploit
Cross-site Scripting (XSS)
SNYK-JS-GRAPHQLPLAYGROUNDHTML-571775		 472/1000
Why? Proof of Concept exploit, CVSS 7.3		 Mature
Prototype Pollution
SNYK-JS-FLAT-596927		 472/1000
Why? Proof of Concept exploit, CVSS 7.3		 Proof of Concept
Server-Side Request Forgery (SSRF)
SNYK-JS-AXIOS-1038255		 472/1000
Why? Proof of Concept exploit, CVSS 7.3		 Proof of Concept

(*) Note that the real score may have changed since the PR was raised.

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.

For more information:

🧐 View latest project report

🛠 Adjust upgrade PR settings

🔕 Ignore this dependency or unsubscribe from future upgrade PRs

@snyk-bot
fix: upgrade multiple dependencies with Snyk
adc40f1 
Snyk has created this PR to upgrade:
  - gatsby from 2.17.15 to 2.32.13.
    See this package in npm: 
  - gatsby-plugin-google-analytics from 2.1.27 to 2.11.0.
    See this package in npm: 
  - gatsby-plugin-manifest from 2.2.28 to 2.12.1.
    See this package in npm: 
  - gatsby-plugin-netlify from 2.1.25 to 2.11.1.
    See this package in npm: 

See this project in Snyk:
https://app.snyk.io/org/hacksterjs/project/42f824ae-4e8d-4913-ada8-72b08eefef44?utm_source=github&utm_medium=referral&page=upgrade-pr
@gatsby-cloud
Copy link
Copy Markdown

gatsby-cloud bot commented Oct 9, 2021
edited
Loading

Gatsby Cloud Build Report

dfdigital

🎉 Your build was successful! See the Deploy preview here.

Build Details

View the build logs here.

🕐 Build time: 2m

Performance

Lighthouse report

Metric Score
Performance 💚 99
Accessibility 💚 100
Best Practices 💚 100
SEO 💚 92

🔗 View full report

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@snyk-bot