[Snyk] Fix for 1 vulnerabilities
Created by: GTVolk
This PR was automatically created by Snyk using the credentials of a real user.
Snyk has created this PR to fix one or more vulnerable packages in the `npm` dependencies of this project.
Changes included in this PR
- Changes to the following files to upgrade the vulnerable dependencies to a fixed version:
- package.json
Vulnerabilities that will be fixed
With an upgrade:
| Severity | Priority Score (*) | Issue | Breaking Change | Exploit Maturity |
|---|---|---|---|---|
 |
551/1000 Why? Recently disclosed, Has a fix available, CVSS 5.3 |
Improper Input Validation SNYK-JS-POSTCSS-5926692 |
Yes | No Known Exploit |
(*) Note that the real score may have changed since the PR was raised.
Commit messages
Package name: gatsby
The new version differs by 242 commits.- f1d3f7b chore(release): Publish
- 6e6ea56 chore(release): Publish rc
- df50ce7 fix(gatsby): Add dir=ltr to Fast Refresh overlay (#29900) (#29908)
- 83adec5 chore(docs): update readme (#29837) (#29909)
- b2628da will git stop being weird (#29897) (#29907)
- c98c87f chore(release): Publish rc
- c8bf571 fix(gatsby-source-wordpress): image fixes (#29813) (#29886)
- 85bb8ea fix(gatsby-plugin-image): Update peerdeps (#29880) (#29888)
- c266b83 fix(gatsby): Remove `react-hot-loader` deps & other unused deps (#29864) (#29876)
- 222ca3f fix(gatsby): with some custom babel configs array spreading with Set is not safe (#29885) (#29889)
- ea31900 chore(release): Publish rc
- f070422 fix(gatsby): Fix various small DEV_SSR bugs exposed in development_runtime tests (#29720) (#29866)
- cb3b1ca chore: update peerdeps to latest major versions (#29857) (#29867)
- 8639f7b fix(create-gatsby): Use legacy peer deps (#29856) (#29862)
- fdc1fe2 fix(gatsby): fix some css HMR edge cases (#29839) (#29865)
- e8a7e3b fix(gatsby-plugin-preact): fix fast-refresh (#29831) (#29860)
- e7453c3 fix(gatsby): Improve Fast Refresh overlay styles (#29855) (#29861)
- 76f4f96 chore: upgrade postcss & plugins (#29793)
- de6cba6 chore(release): Publish rc
- aafe584 fix: query on demand loading indicator always active on preact. (#29829) (#29836)
- 34f5b8c fix(hmr): accept hot updates for modules above page templates (#29752) (#29835)
- b8d21f8 fix(gatsby): workaround graphql-compose issue (#29822) (#29834)
- 32fee71 fix(gatsby): eslint linting (#29796) (#29814)
- bca7951 fix(gatsby-source-wordpress): HTML image regex's (#29778) (#29816)
Package name: gatsby-transformer-remark
The new version differs by 250 commits.- 0c6cd61 chore(release): Publish
- 5e8e621 chore: Update main README (#36954)
- 7130cd4 test(gatsby): Slices API integration tests (#36747)
- 6496eed chore(release): Publish next
- bc7ac84 chore: preserve previous webpack stats derived values, even if we restart webpack itself (#36980)
- 2b5af32 fix: drop `__renderedByLocation` prop when calculating slice props hashes and don't expose it to slice component (#36979)
- cc1ee9b chore(release): Publish next
- 6a53861 chore(gatsby-link): Correct type export (#36968)
- 0ad6314 fix(gatsby-graphiql-explorer): Use upstream exporter package (#36966)
- 964265c chore(release): Publish next
- b624442 chore: Update peerDeps (#36965)
- b2ab092 chore(release): Publish next
- e2a14bf feat(gatsby): Slices <> partial hydration interop (#36960)
- 0083e62 fix(deps): update starters and examples gatsby packages to ^4.24.7 (#36957)
- 68e9cab chore(changelogs): update changelogs (#36958)
- b9eb8d2 chore(deps): update dependency autoprefixer to ^10.4.13 for gatsby-plugin-sass (#36934)
- 58c37ea chore(deps): update dependency @ jridgewell/trace-mapping to ^0.3.17 for gatsby-legacy-polyfills (#36933)
- a5e4c47 fix(deps): update dependency body-parser to ^1.20.1 for gatsby-source-drupal (#36940)
- c86aa7e chore(docs): Add clarification for Pro Tip on Part 4 of tutorial (#36918)
- d5c775a feat(gatsby): handle graphql-import-node bundling (#36951)
- 59e2976 feat(gatsby-remark-embed-snippet): added csproj to language map so it will be recognized as xml (#36919)
- c8a7dda chore(docs): Valhalla Content Hub Reference Guide (#36949)
- 3044280 fix(gatsby): stitch slices if just page html was regenerating without any of used slices regenerating (#36950)
- 10abdcb chore(release): Publish next
Package name: stylelint
The new version differs by 250 commits.- 060310c 14.0.0
- ff4a1ef Prepare CHANGELOG
- 8d2f6e1 Bump postcss (#5619)
- f552608 Merge pull request #5618 from stylelint/dependabot/npm_and_yarn/husky-7.0.4
- 7ed17ad Bump husky from 7.0.2 to 7.0.4
- 4d9f75e Merge pull request #5617 from stylelint/dependabot/npm_and_yarn/jest-27.3.1
- bc9dd0b Bump jest from 27.2.5 to 27.3.1
- 82e2507 Merge pull request #5604 from stylelint/v14
- 16d259f Update CHANGELOG.md
- 70b1149 Fix false positives for dynamic-range keywords in media-feature-name-no-unknown (#5613)
- 8dca498 Show more info in missing customSyntax warning (#5611)
- 2eee0a9 Remove v14 CI triggers (#5610)
- 12f8081 14.0.0-0
- 5dd7ec1 Prepare 14.0.0
- 67313a3 Add support for `extends` in `overrides` config (#5603)
- b6fd2fc Document no need for postcss-html maintainer (#5602)
- bf28025 Recommend using shared configs (#5598)
- 07118d6 Update CHANGELOG.md
- 367142a Change `ignoreFiles` to be extendable (#5596)
- 1b4162f Fix conflicts in dependabot
- 87c5fde Bump picocolors from 0.2.1 to 1.0.0 (#5601)
- 1f32094 Bump typescript from 4.4.3 to 4.4.4 (#5599)
- 88b9575 Revise contributors section of README (#5585)
- e38da70 Use problem rather than violation in docs and types (#5592)
Check the changes in this PR to ensure they won't cause issues with your project.
Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.
For more information: 
🧐 View latest project report
Learn how to fix vulnerabilities with free interactive lessons: