[Snyk] Upgrade file-loader from 0.8.5 to 0.11.2 #76

snyk-bot · 2022-01-03T01:35:04Z

Snyk has created this PR to upgrade file-loader from 0.8.5 to 0.11.2.

ℹ️ Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.

The recommended version is 6 versions ahead of your current version.
The recommended version was released 5 years ago, on 2017-06-05.

The recommended version fixes:

Issue	PriorityScore (*)	Exploit Maturity
Prototype Pollution npm:extend:20180424	579/1000 Why? Has a fix available, CVSS 7.3	No Known Exploit
Prototype Pollution npm:deep-extend:20180409	579/1000 Why? Has a fix available, CVSS 7.3	Proof of Concept
Arbitrary File Overwrite SNYK-JS-TAR-174125	579/1000 Why? Has a fix available, CVSS 7.3	Proof of Concept
Arbitrary File Write SNYK-JS-TAR-1579155	579/1000 Why? Has a fix available, CVSS 7.3	No Known Exploit
Arbitrary File Write SNYK-JS-TAR-1579152	579/1000 Why? Has a fix available, CVSS 7.3	No Known Exploit
Arbitrary File Write SNYK-JS-TAR-1579147	579/1000 Why? Has a fix available, CVSS 7.3	No Known Exploit
Arbitrary File Overwrite SNYK-JS-TAR-1536531	579/1000 Why? Has a fix available, CVSS 7.3	No Known Exploit
Arbitrary File Overwrite SNYK-JS-TAR-1536528	579/1000 Why? Has a fix available, CVSS 7.3	No Known Exploit
Prototype Pollution SNYK-JS-LODASH-73638	579/1000 Why? Has a fix available, CVSS 7.3	Proof of Concept
Prototype Pollution SNYK-JS-LODASH-608086	579/1000 Why? Has a fix available, CVSS 7.3	Proof of Concept
Prototype Pollution SNYK-JS-LODASH-450202	579/1000 Why? Has a fix available, CVSS 7.3	Proof of Concept
Command Injection SNYK-JS-LODASH-1040724	579/1000 Why? Has a fix available, CVSS 7.3	Proof of Concept
Prototype Pollution SNYK-JS-JSONSCHEMA-1920922	579/1000 Why? Has a fix available, CVSS 7.3	No Known Exploit
Arbitrary Code Execution SNYK-JS-ISMYJSONVALID-597167	579/1000 Why? Has a fix available, CVSS 7.3	Proof of Concept
Regular Expression Denial of Service (ReDoS) SNYK-JS-ISMYJSONVALID-597165	579/1000 Why? Has a fix available, CVSS 7.3	Proof of Concept
Prototype Pollution SNYK-JS-INI-1048974	579/1000 Why? Has a fix available, CVSS 7.3	Proof of Concept
Uninitialized Memory Exposure npm:stringstream:20180511	579/1000 Why? Has a fix available, CVSS 7.3	Mature
Time of Check Time of Use (TOCTOU) npm:chownr:20180731	579/1000 Why? Has a fix available, CVSS 7.3	No Known Exploit
Regular Expression Denial of Service (ReDoS) SNYK-JS-LODASH-73639	579/1000 Why? Has a fix available, CVSS 7.3	Proof of Concept
Prototype Pollution SNYK-JS-LODASH-567746	579/1000 Why? Has a fix available, CVSS 7.3	Proof of Concept
Regular Expression Denial of Service (ReDoS) SNYK-JS-LODASH-1018905	579/1000 Why? Has a fix available, CVSS 7.3	Proof of Concept
Regular Expression Denial of Service (ReDoS) SNYK-JS-TAR-1536758	579/1000 Why? Has a fix available, CVSS 7.3	No Known Exploit
Prototype Pollution SNYK-JS-LODASH-590103	579/1000 Why? Has a fix available, CVSS 7.3	No Known Exploit
Prototype Pollution SNYK-JS-JSONPOINTER-1577288	579/1000 Why? Has a fix available, CVSS 7.3	Proof of Concept
Validation Bypass SNYK-JS-KINDOF-537849	579/1000 Why? Has a fix available, CVSS 7.3	Proof of Concept
Prototype Pollution SNYK-JS-JSONPOINTER-598804	579/1000 Why? Has a fix available, CVSS 7.3	Proof of Concept

(*) Note that the real score may have changed since the PR was raised.

Release notes

Package name: file-loader

0.11.2 - 2017-06-05

0.11.2 (2017-06-05)

Bug Fixes
- index: allow to override publicPath with an empty string (#145) (26ab81a)
- init publicPath to undefined (#159) (e4c0b2a)
0.11.1 - 2017-04-01

0.11.1 (2017-04-01)

Bug Fixes
- outputPath function overriden by useRelativePath (#139) (80cdee2)
0.11.0 - 2017-03-31

0.11.0 (2017-03-31)

Features
- Emit files with relative urls (#135) (dbcd6cc)
0.10.1 - 2017-02-25

0.10.1 (2017-02-25)

Bug Fixes
- getOptions: deprecation warn in loaderUtils (#129) (a8358a0)
0.10.0 - 2017-01-28

0.10.0 (2017-01-28)

Features
- resources: specify custom public file name (6833c70)
0.9.0 - 2016-06-20
0.9.0
0.8.5 - 2015-11-23
0.8.5

from file-loader GitHub release notes

Commit messages

Package name: file-loader

743aef2 chore(release): 0.11.2
e4c0b2a fix: init `publicPath` to undefined (Bump http-cache-semantics and vue-resource in /admin-dev/themes/new-theme #159)
d4d8bbc docs(README): explain what the loader does (Bump global-modules-path and webpack-cli in /themes #156)
26ab81a fix(index): allow to override publicPath with an empty string (Bump qs from 6.5.2 to 6.5.3 in /admin-dev/themes/new-theme #145)
9afc205 chore(release): 0.11.1
80cdee2 fix: outputPath function overriden by useRelativePath (Bump qs from 6.4.0 to 6.4.1 in /themes/classic/_dev #139)
46cb916 chore(release): 0.11.0
dbcd6cc feat: Emit files with relative urls (Bump minimatch from 3.0.4 to 3.0.8 in /admin-dev/themes/default #135)
5d8f73e chore(release): 0.10.1
a8358a0 fix(getOptions): deprecation warn in loaderUtils (Bump css-what from 2.1.0 to 2.1.3 in /admin-dev/themes/default #129)
b01526a Merge pull request Bump terser from 4.6.3 to 4.8.1 in /admin-dev/themes/default #123 from simon04/master
32aada7 Remove license link
2d239df chore(release): 0.10.0
ba2e876 ci(Travis): update to webpack standard build
d82e8de docs(readme): update urls for contrib move
eaeaa0e docs(readme): fix icon url
6fec719 chore(release): add standard version & documentation
3e5985a docs(readme): fix maintainers section look
b5ea427 chore(readme): Update to webpack standard format
1462d4b chore(license): add js foundation LICENSE file
6833c70 feat(resources): specify custom public file name
0727efe chore(issues): add issue templates
9fdd47e Add -loader suffix to README to reflect new loader syntax webpack 2 requirement
162c8fa 0.9.0

Compare

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.

For more information:

🧐 View latest project report

🛠 Adjust upgrade PR settings

🔕 Ignore this dependency or unsubscribe from future upgrade PRs

Snyk has created this PR to upgrade file-loader from 0.8.5 to 0.11.2. See this package in npm: https://www.npmjs.com/package/file-loader See this project in Snyk: https://app.snyk.io/org/mikolajroszak/project/ca324900-7cb5-4078-81ed-83ad83366e72?utm_source=github&utm_medium=referral&page=upgrade-pr

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

[Snyk] Upgrade file-loader from 0.8.5 to 0.11.2 #76

[Snyk] Upgrade file-loader from 0.8.5 to 0.11.2 #76

snyk-bot commented Jan 3, 2022

0.11.2 (2017-06-05)

Bug Fixes

0.11.1 (2017-04-01)

Bug Fixes

0.11.0 (2017-03-31)

Features

0.10.1 (2017-02-25)

Bug Fixes

0.10.0 (2017-01-28)

Features

[Snyk] Upgrade file-loader from 0.8.5 to 0.11.2 #76

Are you sure you want to change the base?

[Snyk] Upgrade file-loader from 0.8.5 to 0.11.2 #76

Conversation

snyk-bot commented Jan 3, 2022

Snyk has created this PR to upgrade file-loader from 0.8.5 to 0.11.2.

0.11.2 (2017-06-05)

Bug Fixes

0.11.1 (2017-04-01)

Bug Fixes

0.11.0 (2017-03-31)

Features

0.10.1 (2017-02-25)

Bug Fixes

0.10.0 (2017-01-28)

Features