[Snyk] Fix for 35 vulnerabilities

[snyk-bot]

Snyk has created this PR to fix one or more vulnerable packages in the `npm` dependencies of this project.

Changes included in this PR

• Changes to the following files to upgrade the vulnerable dependencies to a fixed version:

  • package.json
  • package-lock.json

• Adding or updating a Snyk policy (.snyk) file; this file is required in order to apply Snyk vulnerability patches.
  Find out more.

Vulnerabilities that will be fixed

With an upgrade:

Severity	Priority Score (*)	Issue	Breaking Change	Exploit Maturity
	696/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 7.5	Regular Expression Denial of Service (ReDoS) SNYK-JS-ANSIREGEX-1583908	Yes	Proof of Concept
	616/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 5.9	Server-Side Request Forgery (SSRF) SNYK-JS-AXIOS-1038255	No	Proof of Concept
	696/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 7.5	Regular Expression Denial of Service (ReDoS) SNYK-JS-AXIOS-1579269	No	Proof of Concept
	586/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 5.3	Regular Expression Denial of Service (ReDoS) SNYK-JS-BROWSERSLIST-1090194	Yes	Proof of Concept
	586/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 5.3	Regular Expression Denial of Service (ReDoS) SNYK-JS-COLORSTRING-1082939	No	Proof of Concept
	601/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 5.6	Cross-site Scripting (XSS) SNYK-JS-DOMPURIFY-1016634	No	Proof of Concept
	539/1000 Why? Has a fix available, CVSS 6.5	Cross-site Scripting (XSS) SNYK-JS-DOMPURIFY-1035544	No	No Known Exploit
	539/1000 Why? Has a fix available, CVSS 6.5	Cross-site Scripting (XSS) SNYK-JS-DOMPURIFY-2863266	No	No Known Exploit
	526/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 4.1	Arbitrary Code Injection SNYK-JS-EJS-1049328	Yes	Proof of Concept
	726/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 8.1	Remote Code Execution (RCE) SNYK-JS-EJS-2803307	Yes	Proof of Concept
	696/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 7.5	Denial of Service (DoS) SNYK-JS-ENGINEIO-1056749	No	Proof of Concept
	589/1000 Why? Has a fix available, CVSS 7.5	Denial of Service (DoS) SNYK-JS-FILETYPE-2958042	Yes	No Known Exploit
	586/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 5.3	Information Exposure SNYK-JS-FOLLOWREDIRECTS-2332181	No	Proof of Concept
	344/1000 Why? Has a fix available, CVSS 2.6	Information Exposure SNYK-JS-FOLLOWREDIRECTS-2396346	No	No Known Exploit
	726/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 8.1	Deserialization of Untrusted Data SNYK-JS-GATSBYPLUGINMDX-2405699	Yes	Proof of Concept
	586/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 5.3	Regular Expression Denial of Service (ReDoS) SNYK-JS-GLOBPARENT-1016905	Yes	Proof of Concept
	484/1000 Why? Has a fix available, CVSS 5.4	Open Redirect SNYK-JS-GOT-2932019	Yes	No Known Exploit
	504/1000 Why? Has a fix available, CVSS 5.8	Prototype Pollution SNYK-JS-HIGHLIGHTJS-1045326	Yes	No Known Exploit
	479/1000 Why? Has a fix available, CVSS 5.3	Regular Expression Denial of Service (ReDoS) SNYK-JS-HIGHLIGHTJS-1048676	Yes	No Known Exploit
	696/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 7.5	Prototype Pollution SNYK-JS-IMMER-1019369	Yes	Proof of Concept
	601/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 5.6	Prototype Pollution SNYK-JS-IMMER-1540542	Yes	Proof of Concept
	696/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 7.5	Regular Expression Denial of Service (ReDoS) SNYK-JS-NTHCHECK-1586032	Yes	Proof of Concept
	718/1000 Why? Proof of Concept exploit, Recently disclosed, Has a fix available, CVSS 6.5	Server-side Request Forgery (SSRF) SNYK-JS-PARSEURL-3023021	Yes	Proof of Concept
	643/1000 Why? Proof of Concept exploit, Recently disclosed, Has a fix available, CVSS 5	Improper Input Validation SNYK-JS-PARSEURL-3024398	Yes	Proof of Concept
	586/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 5.3	Regular Expression Denial of Service (ReDoS) SNYK-JS-POSTCSS-1255640	Yes	Proof of Concept
	696/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 7.5	Regular Expression Denial of Service (ReDoS) SNYK-JS-PRISMJS-1076581	Yes	Proof of Concept
	584/1000 Why? Has a fix available, CVSS 7.4	Regular Expression Denial of Service (ReDoS) SNYK-JS-PRISMJS-1314893	Yes	No Known Exploit
	696/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 7.5	Regular Expression Denial of Service (ReDoS) SNYK-JS-PRISMJS-1585202	Yes	Proof of Concept
	484/1000 Why? Has a fix available, CVSS 5.4	Cross-site Scripting (XSS) SNYK-JS-PRISMJS-2404333	Yes	No Known Exploit
	629/1000 Why? Has a fix available, CVSS 8.3	Cross-site Scripting (XSS) SNYK-JS-PRISMJS-597628	Yes	No Known Exploit
	601/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 5.6	Command Injection SNYK-JS-REACTDEVUTILS-1083268	Yes	Proof of Concept
	539/1000 Why? Has a fix available, CVSS 6.5	Remote Code Execution (RCE) SNYK-JS-SHARP-2848109	Yes	No Known Exploit
	619/1000 Why? Has a fix available, CVSS 8.1	Remote Code Execution (RCE) SNYK-JS-SHELLQUOTE-1766506	Yes	No Known Exploit
	696/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 7.5	Regular Expression Denial of Service (ReDoS) SNYK-JS-TRIM-1017038	Yes	Proof of Concept

(*) Note that the real score may have changed since the PR was raised.

Commit messages

Package name: @mdx-js/mdx

The new version differs by 30 commits.

• bf7deab v2.0.0-next.5
• 5c15a00 fix(remark-mdx): move remark-stringify to deps (chore: run npm audit fix nodejs/nodejs.dev#1190)
• f59b174 Make type test run in their own action, closes fix: Fix 'have each have' to 'each have' in OKR.md nodejs/nodejs.dev#1172 (Grammatical correction. nodejs/nodejs.dev#1179)
• 9ac9755 docs(typescript): document how to use mdx 2 with typescript (#1181)
• 42077e4 ci(github): update github actions to latest versions (#1180)
• cc95646 ci(github): update github actions and dtslint to latest (Upgrade storybook to 6.2 & attempt to use webpack 5 nodejs/nodejs.dev#1178)
• 6098d94 Remove deprecated plugin options, fixes Merge staging into master nodejs/nodejs.dev#718 (feat: Added sidebar component to community page nodejs/nodejs.dev#1174)
• 0da2fcf Specify pre-dist-tag
• e1b45e3 v2.0.0-next.4
• 649dbd8 Implement inline link serialization that doesn't wrap them in angle (docs: Change 'like like that' to 'look like' in 'Node.js with Typescript' and add a comma nodejs/nodejs.dev#1171)
• d08c5b6 Make testing matrix simpler (docs: Change 'that' to 'this' in 'Node.js with Typescript' nodejs/nodejs.dev#1173)
• d0059c8 v2.0.0-next.3
• fa091d2 v2.0.0-next.2
• 7829b88 Move publish to its own action
• afd60c2 Break out linting into its own action
• 3ca8e0a Fix linting (fix(homepage): Remove placeholder text from homepage nodejs/nodejs.dev#1161)
• 577d48f Fix some linting
• db93304 Improve export name extraction for shortcode generation (chore: Run CI when landing on default branch nodejs/nodejs.dev#1160)
• ea9970a Bump deps, fix core-js version in babel configs
• 166fd9d v2.0.0-next.1
• 569f82f Make preid next to match dist tag
• a3d8f08 types: add types to test utils (Fix: Speed up font color transition nodejs/nodejs.dev#1083)
• e2eb4ee types: add typescript typings for remark-mdx, remark-mdx-remove-exports, remark-mdx-remove-imports, @ mdx-js/util (#1082)
• 65af47c Break three main tests into their own scripts

See the full diff

Package name: @storybook/addon-actions

The new version differs by 250 commits.

• e89e51a v6.1.0
• d004d19 Update root, peer deps, version.ts/json to 6.1.0
• 1d07f01 6.1.0 changelog
• 178e9bd 6.1.0-rc.6 next.json version file
• 971eccd Update git head to 6.1.0-rc.6
• 9009e53 v6.1.0-rc.6
• eaceece Update root, peer deps, version.ts/json to 6.1.0-rc.6
• 5c0049b 6.1.0-rc.6 changelog
• 76d53b5 Merge pull request #13165 from storybookjs/13156-fix-cached-manager
• 4747fea Merge pull request #12845 from Tomastomaslol/12324_zoom_buttons_in_docs_do_not_work
• 74693f4 Drop the cache prop from managerConfig to make caching work on the 2nd run.
• 428b6e0 6.1.0-rc.5 next.json version file
• a72852d Update git head to 6.1.0-rc.5
• a8822ed v6.1.0-rc.5
• 6deb946 Update root, peer deps, version.ts/json to 6.1.0-rc.5
• 06b55c8 update 6.1-rc.5
• 875b933 Merge branch 'next' of github.com:storybookjs/storybook into next
• f701930 Merge pull request #13141 from ThibaudAV/update-angular-ex
• c8a819d Merge pull request #13162 from S1ngS1ng/patch-1
• cd7766e 6.1.0-rc.5 changelog addition
• 45ddc0c Merge pull request #13159 from storybookjs/12386-ie11-layout-centered
• f2123da 6.1.0-rc.5 changelog
• 30c5e98 fix incorrect component reference
• f6d4f0a Merge pull request #13155 from storybookjs/feature/sidebarClassNames

See the full diff

Package name: @storybook/react

The new version differs by 250 commits.

• d0c1e8a v6.4.13
• ad95877 Update root, peer deps, version.ts/json to 6.4.13 [ci skip]
• 908cda1 6.4.13 changelog
• ee5c044 Merge pull request #17245 from storybookjs/fix-prettier-2-3-formatting-main
• c3311c0 Update snapshots
• a533573 Fix prettier 2.3 formatting on main
• 59b85c7 Merge pull request #17241 from storybookjs/17008-fix-staticdirs-favicon
• f2a7256 Merge pull request #17022 from Taillook/chore/react-dev-utils
• ec142c8 Merge pull request #17239 from storybookjs/16820-fix-prettier-transpilation
• de25e19 Merge pull request #17206 from storybookjs/angular/fix-angular-13.1
• 8fe4027 Merge pull request #17240 from storybookjs/15574-fix-namedexportsorder-warning
• 8346850 Merge pull request #17213 from storybookjs/16067-fix-manager-process
• 3a0fd74 Merge pull request #17244 from storybookjs/chore_docs_fix_composition_link
• 7e43adc Merge pull request #17224 from storybookjs/chore_docs_update_addons_install_docs
• 373ca10 Merge pull request #17221 from storybookjs/chore_docs_fix_addon_knowledge_base
• 1e1331d Merge pull request #17208 from storybookjs/chore_docs_updates_syntax_highlight_docs
• 00a6c36 Merge pull request #17203 from storybookjs/chore_fix_repro_docs
• f0a2216 6.4.12 latest.json version file
• 180e481 Update git head to 6.4.12, update yarn.lock
• 9ce1a3b v6.4.12
• b278a84 Update root, peer deps, version.ts/json to 6.4.12 [ci skip]
• 7610bf0 6.4.12 changelog
• 704d82a Update git head to 6.4.11, update yarn.lock
• dc7fc7b v6.4.11

See the full diff

Package name: color-string

The new version differs by 4 commits.

• 966ae4d 1.5.5
• 0789e21 fix ReDos in hwb() parser (low-severity)
• 60f3f66 1.5.4
• 6f7d6f1 don't fix alpha to 2 decimal points (ref qix-/color#174)

See the full diff

Package name: dompurify

The new version differs by 134 commits.

• e7086f7 chore: prepared 2.2.3 release
• 0c2edea fix: addressed an mXSS problem caused by nested headlines
• 2c0017c see Broken snapshots tests nodejs/nodejs.dev#490
• feeeaa9 docs: Changed granlem's URL
• 042dac1 docs: added a fellow sponsor to the README
• 89fee39 Fix fix(homepage): Removed mailing list signup nodejs/nodejs.dev#489
• 66de7be Merge branch 'main' of git@github.com:cure53/DOMPurify.git into main
• 185abbb Merge pull request Update index.md nodejs/nodejs.dev#488 from jochenberger/patch-2
• 9dd85f4 Fix multi-license declaration
• 77d1281 Merge branch 'main' of git@github.com:cure53/DOMPurify.git into main
• 4aacbcd Merge pull request build(deps-dev): bump babel-preset-gatsby from 0.2.20 to 0.3.1 nodejs/nodejs.dev#483 from yejiel/patch-1
• 25b269f Update license Header to match current Version
• b84f6ba fix: oh dear, reverted the code removal
• 4c8a84c chore: experimentally removed some possibly redundant mXSS check
• 7923e10 chore: Preparing 2.2.2 release
• 7719c5b test: Added test cases for reported bypasses
• e43de71 fix: squished another variation of the mXSS
• 0771f47 chore: Preparing 2.2.1 release
• ee33fae fix: Fixed a mXSS bypass reported in build(deps-dev): bump jest from 25.2.3 to 25.2.4 nodejs/nodejs.dev#482
• e95b0de see build(deps): bump react from 16.9.0 to 16.13.1 nodejs/nodejs.dev#480
• 83b7acb See build(deps): bump tslint from 5.19.0 to 5.20.1 nodejs/nodejs.dev#479
• 0e31dce chore: preparing 2.2.0 release
• 307c7d0 test: added tests to cover new RETURN_DOM_IMPORT default being true
• 5aab0bb fix: fixed a typo in the config option logic for DOM_RETURN_IMPORT

See the full diff

Package name: gatsby

The new version differs by 250 commits.

• 2c324f6 chore(release): Publish
• 55c7183 feat(contentful): add support for tables in Rich Text (#33870)
• 053180a fix(gatsby): Better TS compilation error (#35594)
• 0cf0bd9 chore(release): Publish next
• 9a91295 fix(gatsby-plugin-image): fix image flickers (#35226)
• f358dc3 chore(release): Publish next
• 966aca8 feat(gatsby): Improvements to GraphQL TypeScript Generation (#35581)
• 8bad9b3 perf(gatsby): Minify page-data (#35578)
• 39e9840 chore(gatsby): Expose `serverDataStatus` field in SSR type declaration file (#35505)
• ebd63b2 feat(gatsby-source-wordpress): use image cdn for non-resizable images in html (svgs/gifs mainly) (#35529)
• 5e51519 fix(gatsby-source-wordpress): update test deps and fix int tests (#35582)
• 128c7bb feat(gatsby-source-wordpress): always include draft slugs (#35573)
• abc6dca feat(gatsby-plugin-image): add check for node.gatsbyImage in the getImage helper (#35507)
• e51c3a3 chore(release): Publish next
• c9d98a4 feat(gatsby): Initial GraphQL Typegen Implementation (#35487)
• 17cbc7c fix(deps): update minor and patch dependencies for gatsby-source-graphql (#35545)
• 10752ed fix(deps): update dependency fs-extra to ^10.1.0 (#34976)
• 0abdcd6 fix(deps): update dependency coffeescript to ^2.7.0 for gatsby-plugin-coffeescript (#35550)
• 7cda002 fix(deps): update dependency eslint-plugin-import to ^2.26.0 (#35551)
• 3e74a9f fix(deps): update dependency eslint-plugin-react-hooks to ^4.5.0 (#35552)
• fb98116 fix(deps): update minor and patch dependencies for gatsby-source-drupal (#35554)
• c09287a chore(deps): update starters and examples (#35565)
• bf854ca fix(deps): update dependency prop-types to ^15.8.1 for gatsby-link (#35291)
• 71eb414 chore(deps): update dependency typescript to ^4.6.4 (#34984)

See the full diff

Package name: gatsby-plugin-manifest

The new version differs by 250 commits.

• f6734b9 chore(release): Publish
• 9a616c0 fix(gatsby): wait for LMDB upserts to finish before emitting ENGINES_READY (#34853) (#34896)
• f5705b9 fix(create-gatsby): Add required deps for theme-ui option (#34885) (#34897)
• 9a579f1 fix(gatsby-core-utils): fix 304 when file does not exists (#34842) (#34888)
• 148d016 fix(gatsby): Remove double enhanced-resolve dep (#34854) (#34889)
• 19b0304 feat(gatsby-core-utils): improve fetch-remote-file (#34758)
• ac1d777 fix(gatsby-source-contentful): avoid confusion of Gatsby node and Contentful node count in logs (#34830)
• ee8c874 refactor(gatsby-source-contentful): remove unnecessary check for existing node (#34829)
• 056b48e test(gatsby): Add a memory test suite command to the memory benchmark (#34810)
• 45cb1f1 chore(release): Publish next
• 4c832bf documentation: Add Third Party Schema (#34820)
• 9f23dec chore(gatsby): cache shouldn't reference nodes strongly (#34821)
• f2d4830 feat(gatsby-core-utils): create proper mutex (#34761)
• 21ef185 chore(changelogs): update changelogs (#34826)
• a2f99af fix(deps): update starters and examples gatsby packages to ^4.7.2 (#34822)
• 76c89d8 chore(release): Publish next
• 54d29c4 chore(gatsby): upgrade from lmdb-store to lmdb (#34576)
• 3df8583 fix(core): Make filter/sort query only hold onto node properties it needs (#34747)
• 3c3362b refactor(core): Make load plugins modular, prepare for TS (#34813)
• 3d74584 feat(gatsby): allow referencing derived types in schema customization (#34787)
• bfd04d3 fix(gatsby): Content Sync DSG bug (#34799)
• 326a483 fix(deps): update dependency sharp to ^0.30.1 (#34755)
• 7b958f9 docs: update typo Forestry (#34805)
• ba8e21c feat(gatsby): Match node manifest pages by page context slug (#34790)

See the full diff

Package name: gatsby-plugin-mdx

The new version differs by 250 commits.

• b8eac2d chore(release): Publish
• 3253a38 fix(gatsby-plugin-mdx): Hashing and pluginOptions (#36387) (#36395)
• 1880491 fix(gatsby-script): Reach router import (#36385) (#36394)
• f664ad2 feat(gatsby): Telemetry tracking for Head API (#36352)
• ab55e4e chore: Update `got` (#36366)
• 2b4ff76 fix(gatsby): Make runtime error overlay work in non-v8 browsers (#36365)
• f990e08 fix(test): clear and close lmdb after each test suite (#36343)
• 7fcf580 fix(gatsby): e.remove() is not a function when using Gatsby Head API (#36338)
• 25fb9d1 chore: Fix pipeline tests (#36363)
• a9132a5 chore(deps): update sharp (#35539)
• bc80c23 chore: Add note about rehype-slug-custom-id
• 5b6f1f6 chore(gatsby): upgrade multer (#36359)
• f2f0acf chore(gatsby-telemetry): upgrade git-up (#36358)
• 86a8efc chore(release): Publish next
• 0705ac7 chore(gatsby-plugin-mdx): Update .gitignore
• c92db36 BREAKING CHANGE(gatsby-plugin-mdx): MDX v2 (#35650)
• 3c0dd6d chore(release): Publish next
• 86b6ee9 Revert "chore(gatsby): Make `plugins` in `PluginOptions` type optional (#36351)"
• a2fa5a2 chore(gatsby): Make `plugins` in `PluginOptions` type optional (#36351)
• 6ecfe4a fix(gatsby-source-contentful): Correctly overwrite field type on Assets (#36337)
• 0ed362c chore(docs): Pre-encoded unicode characters can't be used in paths (#36325)
• 2bbe96d fix(deps): update dependency file-type to ^16.5.4 for gatsby-source-filesystem (#36276)
• 2be3fa7 chore(docs): Add first batch of Cloud docs (#36218)
• 4238142 chore(docs): Remove outdated examples and recipes (#36335)

See the full diff

Package name: gatsby-plugin-sharp

The new version differs by 250 commits.

• 92543af chore(release): Publish
• e79623c fix(create-gatsby): Missing "plugins" in cmses.json (#36566)
• a373d80 chore(docs): Remove `content` from sourcing guide (#36562)
• 8b59183 fix(gatsby): Remove default support for non ESM browsers (#36522)
• fab2db2 chore: setup v5 release channel (#36540)
• bac1e7a chore(gatsby): Update `react-refresh` to `^0.14.0` (#36553)
• 5f6ad91 chore(deps): update dependency autoprefixer to ^10.4.8 for gatsby-plugin-sass (#36273)
• cc3ef79 fix(deps): update dependency eslint-plugin-react-hooks to ^4.6.0 (#36040)
• 856b695 chore(deps): update [dev] minor and patch dependencies for gatsby-legacy-polyfills (#35547)
• 0b6e823 chore(deps): update dependency @ types/semver to ^7.3.12 (#36510)
• 0e56ad6 chore(deps): update dependency microbundle to ^0.15.1 for gatsby-link (#36512)
• 80f6616 chore(deps): update dependency microbundle to ^0.15.1 for gatsby-script (#36513)
• 34c8e51 fix(deps): update dependency eslint-plugin-jsx-a11y to ^6.6.1 (#36039)
• afba8ca chore(deps): update [dev] minor and patch dependencies for gatsby-source-shopify (#34363)
• b55e1d5 chore(docs): monorepos support (#36504)
• 8aeae21 fix(gatsby): pass custom graphql context provided by createResolverContext to materialization executor (#36552)
• 9c5eacf fix(gatsby): Handle renderToPipeableStream errors (#36555)
• 42e241c feat(gatsby): split up head & page component loading (#36545)
• dc9aa9a chore(gatsby): perfect `GatsbyConfig.proxy` type (#36548)
• 1125e58 fix: ci pipeline (#36544)
• 7fe8e51 fix(deps): update dependency react-docgen to ^5.4.3 for gatsby-transformer-react-docgen (#36277)
• bc04e8f chore(docs): migrate cloud docs to dotcom(1) (#36452)
• 59c1f4f fix(deps): update starters and examples - gatsby (#36503)
• 0d4dfe9 chore(docs): update url of `deleteNode` (#36502)

See the full diff

Package name: gatsby-remark-images

The new version differs by 250 commits.

• e98cb62 chore(release): Publish
• 164f9a1 fix(gatsby-source-contentful): De-dupe type names (#30834) (#30850)
• 0b99d00 fix(gatsby): webpack warnings are no longer in object format by default (#30801) (#30853)
• f561724 fix(gatsby): lower memory pressure in SSR (#30793) (#30851)
• 96805d5 fix(gatsby-source-wordpress): change `console.warning` to `console.warn` (#30764) (#30852)
• e40c83d chore(release): Publish next
• a5b5cf8 feat: upgrade to remark 13 (#29678)
• 172cf4d chore(docs): Add link to perf implications siteContext (#30778)
• 4336d04 fix(gatsby-plugin-gatsby-cloud): Add missing index.js (so the plugin can be resolved in workspaces) (#30761)
• 2bdd5a5 fix(gatsby-source-wordpress): only log out duplicate node if we have all the data we want to log (#30751)
• 1a9b830 fix(gatsby-plugin-image): Don't inherit all img styles (#30754)
• e0df4cc chore(docs): Change "whitelist" to "allow list" (#30756)
• 81ec270 chore: Add backport script (#30732)
• 63cc8fa fix(docs): Copy edits for debugging html doc + add React-specific example (#30745)
• eed1d43 fix(docs): Add link to how to enable DEV_SSR for fixing inconsistent css styles between dev/prod (#30746)
• ecd823f perf(gatsby): cache babel config items (#28738)
• a60e92f chore(release): Publish next
• dd9e95c docs(gatsby-plugin-image): Note on tracedSVG options name change (#30736)
• a5869e3 fix(gatsby-plugin-image): Use bare GATSBY___IMAGE global (#30713)
• 0f3fa4e fix(contentful): make gatsby-plugin-image a peer dependency (#30709)
• 6b2fd94 fix(gatsby-source-wordpress): pass missing property helpers to gql fetch util (#30727)
• c6fa488 chore(docs): Update wording of tutorial part 8 (#30606)
• a777367 fix(gatsby-cli): Update docs links in error-map (#30493)
• c473abf chore(docs): include autoprefixer in tailwind install command (#30718)

See the full diff

Package name: gatsby-source-filesystem

The new version differs by 250 commits.

• b8eac2d chore(release): Publish
• 3253a38 fix(gatsby-plugin-mdx): Hashing and pluginOptions (#36387) (#36395)
• 1880491 fix(gatsby-script): Reach router import (#36385) (#36394)
• f664ad2 feat(gatsby): Telemetry tracking for Head API (#36352)
• ab55e4e chore: Update `got` (#36366)
• 2b4ff76 fix(gatsby): Make runtime error overlay work in non-v8 browsers (#36365)
• f990e08 fix(test): clear and close lmdb after each test suite (#36343)
• 7fcf580 fix(gatsby): e.remove() is not a function when using Gatsby Head API (#36338)
• 25fb9d1 chore: Fix pipeline tests (#36363)
• a9132a5 chore(deps): update sharp (#35539)
• bc80c23 chore: Add note about rehype-slug-custom-id
• 5b6f1f6 chore(gatsby): upgrade multer (#36359)
• f2f0acf chore(gatsby-telemetry): upgrade git-up (#36358)
• 86a8efc chore(release): Publish next
• 0705ac7 chore(gatsby-plugin-mdx): Update .gitignore
• c92db36 BREAKING CHANGE(gatsby-plugin-mdx): MDX v2 (#35650)
• 3c0dd6d chore(release): Publish next
• 86b6ee9 Revert "chore(gatsby): Make `plugins` in `PluginOptions` type optional (#36351)"
• a2fa5a2 chore(gatsby): Make `plugins` in `PluginOptions` type optional (#36351)
• 6ecfe4a fix(gatsby-source-contentful): Correctly overwrite field type on Assets (#36337)
• 0ed362c chore(docs): Pre-encoded unicode characters can't be used in paths (#36325)
• 2bbe96d fix(deps): update dependency file-type to ^16.5.4 for gatsby-source-filesystem (#36276)
• 2be3fa7 chore(docs): Add first batch of Cloud docs (#36218)
• 4238142 chore(docs): Remove outdated examples and recipes (#36335)

See the full diff

Package name: gatsby-transformer-remark

The new version differs by 250 commits.

• e98cb62 chore(release): Publish
• 164f9a1 fix(gatsby-source-contentful): De-dupe type names (#30834) (#30850)
• 0b99d00 fix(gatsby): webpack warnings are no longer in object format by default (#30801) (#30853)
• f561724 fix(gatsby): lower memory pressure in SSR (#30793) (#30851)
• 96805d5 fix(gatsby-source-wordpress): change `console.warning` to `console.warn` (#30764) (#30852)
• e40c83d chore(release): Publish next
• a5b5cf8 feat: upgrade to remark 13 (#29678)
• 172cf4d chore(docs): Add link to perf implications siteContext (#30778)
• 4336d04 fix(gatsby-plugin-gatsby-cloud): Add missing index.js (so the plugin can be resolved in workspaces) (#30761)
• 2bdd5a5 fix(gatsby-source-wordpress): only log out duplicate node if we have all the data we want to log (#30751)
• 1a9b830 fix(gatsby-plugin-image): Don't inherit all img styles (#30754)
• e0df4cc chore(docs): Change "whitelist" to "allow list" (#30756)
• 81ec270 chore: Add backport script (#30732)
• 63cc8fa fix(docs): Copy edits for debugging html doc + add React-specific example (#30745)
• eed1d43 fix(docs): Add link to how to enable DEV_SSR for fixing inconsistent css styles between dev/prod (#30746)
• ecd823f perf(gatsby):...