[Snyk] Upgrade @nuxtjs/pwa from 3.0.0-beta.20 to 3.3.5

[snyk-bot]

Snyk has created this PR to upgrade @nuxtjs/pwa from 3.0.0-beta.20 to 3.3.5.

ℹ️ Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.

---

• The recommended version is 15 versions ahead of your current version.
• The recommended version was released 6 months ago, on 2021-01-26.

The recommended version fixes:

Severity	Issue	PriorityScore (*)	Exploit Maturity
	Prototype Pollution SNYK-JS-Y18N-1021887	472/1000 Why? Proof of Concept exploit, CVSS 7.3	Proof of Concept
	Access Restriction Bypass SNYK-JS-XMLHTTPREQUESTSSL-1255647	472/1000 Why? Proof of Concept exploit, CVSS 7.3	Proof of Concept
	Arbitrary Code Injection SNYK-JS-XMLHTTPREQUESTSSL-1082936	472/1000 Why? Proof of Concept exploit, CVSS 7.3	Proof of Concept
	Regular Expression Denial of Service (ReDoS) SNYK-JS-UAPARSERJS-610226	472/1000 Why? Proof of Concept exploit, CVSS 7.3	Proof of Concept
	Regular Expression Denial of Service (ReDoS) SNYK-JS-UAPARSERJS-1023599	472/1000 Why? Proof of Concept exploit, CVSS 7.3	Proof of Concept
	Regular Expression Denial of Service (ReDoS) SNYK-JS-SSRI-1246392	472/1000 Why? Proof of Concept exploit, CVSS 7.3	Proof of Concept
	Regular Expression Denial of Service (ReDoS) SNYK-JS-SSRI-1085630	472/1000 Why? Proof of Concept exploit, CVSS 7.3	No Known Exploit
	Regular Expression Denial of Service (ReDoS) SNYK-JS-SSRI-1246392	472/1000 Why? Proof of Concept exploit, CVSS 7.3	Proof of Concept
	Regular Expression Denial of Service (ReDoS) SNYK-JS-SSRI-1085630	472/1000 Why? Proof of Concept exploit, CVSS 7.3	No Known Exploit
	Denial of Service (DoS) SNYK-JS-SOCKETIOPARSER-1056752	472/1000 Why? Proof of Concept exploit, CVSS 7.3	Proof of Concept
	Arbitrary Code Injection SNYK-JS-SERIALIZEJAVASCRIPT-570062	472/1000 Why? Proof of Concept exploit, CVSS 7.3	Proof of Concept
	Arbitrary Code Injection SNYK-JS-SERIALIZEJAVASCRIPT-570062	472/1000 Why? Proof of Concept exploit, CVSS 7.3	Proof of Concept
	Regular Expression Denial of Service (ReDoS) SNYK-JS-NORMALIZEURL-1296539	472/1000 Why? Proof of Concept exploit, CVSS 7.3	No Known Exploit
	Regular Expression Denial of Service (ReDoS) SNYK-JS-NORMALIZEURL-1296539	472/1000 Why? Proof of Concept exploit, CVSS 7.3	No Known Exploit
	Prototype Pollution SNYK-JS-LODASH-608086	472/1000 Why? Proof of Concept exploit, CVSS 7.3	Proof of Concept
	Prototype Pollution SNYK-JS-LODASH-590103	472/1000 Why? Proof of Concept exploit, CVSS 7.3	No Known Exploit
	Command Injection SNYK-JS-LODASH-1040724	472/1000 Why? Proof of Concept exploit, CVSS 7.3	Proof of Concept
	Prototype Pollution SNYK-JS-LODASH-590103	472/1000 Why? Proof of Concept exploit, CVSS 7.3	No Known Exploit
	Command Injection SNYK-JS-LODASH-1040724	472/1000 Why? Proof of Concept exploit, CVSS 7.3	Proof of Concept
	Prototype Pollution SNYK-JS-INI-1048974	472/1000 Why? Proof of Concept exploit, CVSS 7.3	Proof of Concept
	Prototype Pollution SNYK-JS-GRPCGRPCJS-1038818	472/1000 Why? Proof of Concept exploit, CVSS 7.3	Proof of Concept
	Prototype Pollution SNYK-JS-AJV-584908	472/1000 Why? Proof of Concept exploit, CVSS 7.3	No Known Exploit
	Prototype Pollution SNYK-JS-AJV-584908	472/1000 Why? Proof of Concept exploit, CVSS 7.3	No Known Exploit
	Regular Expression Denial of Service (ReDoS) SNYK-JS-WS-1296835	472/1000 Why? Proof of Concept exploit, CVSS 7.3	No Known Exploit
	Regular Expression Denial of Service (ReDoS) SNYK-JS-WS-1296835	472/1000 Why? Proof of Concept exploit, CVSS 7.3	No Known Exploit
	Regular Expression Denial of Service (ReDoS) SNYK-JS-UAPARSERJS-1072471	472/1000 Why? Proof of Concept exploit, CVSS 7.3	No Known Exploit
	Regular Expression Denial of Service (ReDoS) SNYK-JS-SEMVERREGEX-1047770	472/1000 Why? Proof of Concept exploit, CVSS 7.3	No Known Exploit
	Regular Expression Denial of Service (ReDoS) SNYK-JS-POSTCSS-1255640	472/1000 Why? Proof of Concept exploit, CVSS 7.3	No Known Exploit
	Regular Expression Denial of Service (ReDoS) SNYK-JS-POSTCSS-1090595	472/1000 Why? Proof of Concept exploit, CVSS 7.3	No Known Exploit
	Regular Expression Denial of Service (ReDoS) SNYK-JS-PATHPARSE-1077067	472/1000 Why? Proof of Concept exploit, CVSS 7.3	No Known Exploit
	Denial of Service SNYK-JS-NODEFETCH-674311	472/1000 Why? Proof of Concept exploit, CVSS 7.3	No Known Exploit
	Denial of Service SNYK-JS-NODEFETCH-674311	472/1000 Why? Proof of Concept exploit, CVSS 7.3	No Known Exploit
	Prototype Pollution SNYK-JS-LODASH-567746	472/1000 Why? Proof of Concept exploit, CVSS 7.3	Proof of Concept
	Regular Expression Denial of Service (ReDoS) SNYK-JS-LODASH-1018905	472/1000 Why? Proof of Concept exploit, CVSS 7.3	Proof of Concept
	Regular Expression Denial of Service (ReDoS) SNYK-JS-LODASH-1018905	472/1000 Why? Proof of Concept exploit, CVSS 7.3	Proof of Concept
	Regular Expression Denial of Service (ReDoS) SNYK-JS-ISSVG-1243891	472/1000 Why? Proof of Concept exploit, CVSS 7.3	Proof of Concept
	Regular Expression Denial of Service (ReDoS) SNYK-JS-ISSVG-1085627	472/1000 Why? Proof of Concept exploit, CVSS 7.3	Proof of Concept
	Regular Expression Denial of Service (ReDoS) SNYK-JS-HOSTEDGITINFO-1088355	472/1000 Why? Proof of Concept exploit, CVSS 7.3	Proof of Concept
	Cryptographic Issues SNYK-JS-ELLIPTIC-1064899	472/1000 Why? Proof of Concept exploit, CVSS 7.3	No Known Exploit
	Arbitrary Code Injection SNYK-JS-EJS-1049328	472/1000 Why? Proof of Concept exploit, CVSS 7.3	Proof of Concept
	Regular Expression Denial of Service (ReDoS) SNYK-JS-COLORSTRING-1082939	472/1000 Why? Proof of Concept exploit, CVSS 7.3	No Known Exploit
	Regular Expression Denial of Service (ReDoS) SNYK-JS-BROWSERSLIST-1090194	472/1000 Why? Proof of Concept exploit, CVSS 7.3	Proof of Concept
	Server-Side Request Forgery (SSRF) SNYK-JS-AXIOS-1038255	472/1000 Why? Proof of Concept exploit, CVSS 7.3	Proof of Concept

(*) Note that the real score may have changed since the PR was raised.

Release notes

Package name: @nuxtjs/pwa

• 3.3.5 - 2021-01-26
  

  Bug Fixes

  • meta: add missing hid to icon tags (#428) (d9addb7)
• 3.3.4 - 2021-01-07
  

  Bug Fixes

  • types: mark module options fields as optional (#420) (7d75c28)
• 3.3.3 - 2020-12-20
  

  Bug Fixes

  • workbox: add additional details for uncaught errors and fix chromium cors (#417) (f20489c)
  • workbox: deepClone options to avoid cross-build mutation (e39027e)

  Update Notes

  If you was previously using workbox.clientsClaim: false option in nuxt.config to handle uncaught error, you have to revert it because disabling makes caching issues

• 3.3.2 - 2020-11-30
  

  Bug Fixes

  • avoid adding revision to start_url (1c44cff)
• 3.3.1 - 2020-11-29
  

  Bug Fixes

  • append to start_url without query param (fixes #403) (054b8a2)
• 3.3.0 - 2020-11-28
  

  Features

  • manifest: add revision to start_url (ad26827)

  Bug Fixes

  • manifest: invalidate start_url cache (240d4a1)
  • add revision to precache assets (#386) (872dce1)
• 3.2.2 - 2020-10-13
  

  Bug Fixes

  • serve static webpack assets from disk in dev mode (fixes #373) (8298f95)
• 3.2.1 - 2020-10-13
  

  Bug Fixes

  • workbox: precache start_url (resolves #372) (27e19a0)

  

• 3.2.0 - 2020-10-13
  

  Changes

  • Support static mode build cache (#371) (9a825c9) (resolves #367, #353, #352)
  • meta: fix mergeMeta cjs export (774f1a8) (resolves #369)
• 3.1.2 - 2020-10-07
  

  Bug Fixes

  • meta: avoid unnecessary log for meta.json (de8e039)
  • meta: fix issues regarding favicon.ico fallback (7a1e773)
• 3.1.1 - 2020-10-07
• 3.1.0 - 2020-10-06
• 3.0.2 - 2020-08-26
• 3.0.1 - 2020-08-17
• 3.0.0 - 2020-08-16
• 3.0.0-beta.20 - 2020-02-02

from @nuxtjs/pwa GitHub release notes

Commit messages

Package name: @nuxtjs/pwa

• 79322c1 chore(release): 3.3.5
• 00fec07 chore: maintain yarn.lock
• afa62b2 chore(deps): update all non-major dependencies (IE Support hoppscotch/hoppscotch#425)
• d9addb7 fix(meta): add missing `hid` to icon tags (I18n hoppscotch/hoppscotch#428)
• 245aadc chore(release): 3.3.4
• 7d75c28 fix(types): mark module options fields as optional (Feature Request: Consumer Driven Contract Testing hoppscotch/hoppscotch#420)
• 8a45184 chore(release): 3.3.3
• e39027e fix(workbox): deepClone options to avoid cross-build mutation
• f07d7e8 chore: update yarn.lock
• 3d00a6a chore: use dm in readme
• c7e0c02 chore(deps): update dependency execa to v5 (Fixing bug on request saving hoppscotch/hoppscotch#410)
• cffb3ff chore(deps): update all non-major dependencies (I18n hoppscotch/hoppscotch#404)
• 9ddc582 chore(deps): update actions/setup-node action to v2 (Improving translation for id-ID hoppscotch/hoppscotch#414)
• f20489c fix(workbox): add additional details for uncaught errors and fix chromium CORS (Toggling options will reset the UI to English hoppscotch/hoppscotch#417)
• be2bc76 docs: fixes dev npm syntax (Update id-ID.js hoppscotch/hoppscotch#416)
• 22a9ba2 chore: remove start_url from fixture
• 0bc67ff chore(release): 3.3.2
• f9158ab test: update snapshot
• 1c44cff fix: avoid adding revision to start_url
• ec31f0f chore(release): 3.3.1
• 054b8a2 fix: append to start_url without query param (fixes Does it not support the post method? hoppscotch/hoppscotch#403)
• f4fe081 chore(release): 3.3.0
• ad26827 feat(manifest): add revision to start_url
• 240d4a1 fix(manifest): invalidate start_url cache

Compare

---

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.

For more information:

🧐 View latest project report

🛠 Adjust upgrade PR settings

🔕 Ignore this dependency or unsubscribe from future upgrade PRs