[Snyk] Upgrade: , rxjs, , material-icons, ngx-spinner, typescript, zone.js #88

dvulnx · 2024-09-08T09:06:39Z

Snyk has created this PR to upgrade multiple dependencies.

👯‍♂ The following dependencies are linked and will therefore be updated together.

ℹ️ Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.

Name	Versions	Released on

@angular-devkit/build-angular
from 0.900.7 to 0.1102.19 | 120 versions ahead of your current version | 2 years ago
on 2022-03-31
rxjs
from 6.5.4 to 6.6.7 | 8 versions ahead of your current version | 3 years ago
on 2021-03-28
@nguniversal/express-engine
from 9.0.0-rc.2 to 9.1.1 | 5 versions ahead of your current version | 4 years ago
on 2020-05-11
material-icons
from 0.3.1 to 0.7.7 | 20 versions ahead of your current version | 3 years ago
on 2021-07-22
ngx-spinner
from 8.0.3 to 8.1.0 | 1 version ahead of your current version | 5 years ago
on 2019-12-12
typescript
from 3.7.7 to 3.9.10 | 156 versions ahead of your current version | 3 years ago
on 2021-06-16
zone.js
from 0.10.3 to 0.14.10 | 24 versions ahead of your current version | a month ago
on 2024-08-05

Issues fixed by the recommended upgrade:

Issue	Score	Exploit Maturity
Regular Expression Denial of Service (ReDoS) SNYK-JS-NTHCHECK-1586032	601	Proof of Concept
Arbitrary Code Injection SNYK-JS-SERIALIZEJAVASCRIPT-570062	601	Proof of Concept
Prototype Pollution SNYK-JS-AJV-584908	601	No Known Exploit
Regular Expression Denial of Service (ReDoS) SNYK-JS-ANSIHTML-1296849	601	Proof of Concept
Prototype Pollution SNYK-JS-YARGSPARSER-560381	601	Proof of Concept
Regular Expression Denial of Service (ReDoS) SNYK-JS-POSTCSS-1090595	601	Proof of Concept
Regular Expression Denial of Service (ReDoS) SNYK-JS-POSTCSS-1255640	601	Proof of Concept
Denial of Service (DoS) SNYK-JS-SOCKJS-575261	601	Proof of Concept

Release notes

Package name: @angular-devkit/build-angular

0.1102.19 - 2022-03-31
0.1102.18 - 2022-01-13
0.1102.17 - 2021-12-16
0.1102.16 - 2021-12-15
0.1102.15 - 2021-10-27
0.1102.14 - 2021-06-03
0.1102.13 - 2021-05-12
0.1102.12 - 2021-05-06
0.1102.11 - 2021-04-28
0.1102.10 - 2021-04-21
0.1102.9 - 2021-04-14
0.1102.8 - 2021-04-07
0.1102.7 - 2021-04-02
0.1102.6 - 2021-03-24
0.1102.5 - 2021-03-17
0.1102.4 - 2021-03-10
0.1102.3 - 2021-03-03
0.1102.2 - 2021-02-24
0.1102.1 - 2021-02-17
0.1102.0 - 2021-02-11
0.1102.0-rc.1 - 2021-02-05
0.1102.0-rc.0 - 2021-02-05
0.1102.0-next.0 - 2021-01-28
0.1101.4 - 2021-02-05
0.1101.3 - 2021-02-05
0.1101.2 - 2021-01-28
0.1101.1 - 2021-01-22
0.1101.0 - 2021-01-20
0.1101.0-rc.0 - 2021-01-14
0.1101.0-next.4 - 2021-01-06
0.1101.0-next.3 - 2020-12-17
0.1101.0-next.2 - 2020-12-09
0.1101.0-next.1 - 2020-12-03
0.1101.0-next.0 - 2020-11-18
0.1100.7 - 2021-01-14
0.1100.6 - 2021-01-06
0.1100.5 - 2020-12-17
0.1100.4 - 2020-12-09
0.1100.3 - 2020-12-02
0.1100.2 - 2020-11-18
0.1100.1 - 2020-11-12
0.1100.0 - 2020-11-11
0.1100.0-rc.3 - 2020-11-10
0.1100.0-rc.2 - 2020-11-05
0.1100.0-rc.1 - 2020-10-28
0.1100.0-rc.0 - 2020-10-22
0.1100.0-next.7 - 2020-10-15
0.1100.0-next.6 - 2020-10-08
0.1100.0-next.5 - 2020-10-08
0.1100.0-next.4 - 2020-10-01
0.1100.0-next.3 - 2020-09-23
0.1100.0-next.2 - 2020-09-17
0.1100.0-next.1 - 2020-09-10
0.1100.0-next.0 - 2020-09-02
0.1002.4 - 2021-12-16
0.1002.3 - 2021-02-25
0.1002.2 - 2021-02-05
0.1002.1 - 2020-12-17
0.1002.0 - 2020-10-22
0.1001.7 - 2020-10-15
0.1001.6 - 2020-10-08
0.1001.5 - 2020-10-08
0.1001.4 - 2020-10-01
0.1001.3 - 2020-09-23
0.1001.2 - 2020-09-17
0.1001.1 - 2020-09-10
0.1001.0 - 2020-09-02
0.1001.0-rc.0 - 2020-08-26
0.1001.0-next.7 - 2020-08-25
0.1001.0-next.6 - 2020-08-21
0.1001.0-next.5 - 2020-08-13
0.1001.0-next.4 - 2020-08-06
0.1001.0-next.3 - 2020-07-31
0.1001.0-next.2 - 2020-07-22
0.1001.0-next.1 - 2020-07-15
0.1001.0-next.0 - 2020-07-09
0.1000.8 - 2020-08-26
0.1000.7 - 2020-08-21
0.1000.6 - 2020-08-13
0.1000.5 - 2020-07-31
0.1000.4 - 2020-07-22
0.1000.3 - 2020-07-15
0.1000.2 - 2020-07-09
0.1000.1 - 2020-07-01
0.1000.0 - 2020-06-24
0.1000.0-rc.5 - 2020-06-16
0.1000.0-rc.4 - 2020-06-16
0.1000.0-rc.3 - 2020-06-10
0.1000.0-rc.2 - 2020-06-01
0.1000.0-rc.1 - 2020-06-01
0.1000.0-rc.0 - 2020-05-21
0.1000.0-next.6 - 2020-05-18
0.1000.0-next.5 - 2020-05-13
0.1000.0-next.4 - 2020-05-08
0.1000.0-next.3 - 2020-04-29
0.1000.0-next.2 - 2020-04-22
0.1000.0-next.1 - 2020-04-21
0.1000.0-next.0 - 2020-04-08
0.901.15 - 2021-02-25
0.901.14 - 2021-02-05
0.901.13 - 2020-12-17
0.901.12 - 2020-07-22
0.901.11 - 2020-07-09
0.901.10 - 2020-07-02
0.901.9 - 2020-06-17
0.901.8 - 2020-06-10
0.901.7 - 2020-05-21
0.901.6 - 2020-05-13
0.901.5 - 2020-05-08
0.901.4 - 2020-04-29
0.901.3 - 2020-04-22
0.901.2 - 2020-04-21
0.901.1 - 2020-04-08
0.901.0 - 2020-03-25
0.901.0-rc.0 - 2020-03-24
0.901.0-next.4 - 2020-03-19
0.901.0-next.3 - 2020-03-11
0.901.0-next.2 - 2020-03-04
0.901.0-next.1 - 2020-02-27
0.901.0-next.0 - 2020-02-19
0.900.7 - 2020-03-19

from @angular-devkit/build-angular GitHub release notes

Package name: rxjs

6.6.7 - 2021-03-28
6.6.6 - 2021-02-25
6.6.4 - 2021-02-24
6.6.3 - 2020-09-06
6.6.2 - 2020-07-31
6.6.1 - 2020-07-31
6.6.0 - 2020-07-02
6.5.5 - 2020-04-03
6.5.4 - 2019-12-27

from rxjs GitHub release notes

Package name: @nguniversal/express-engine

9.1.1 - 2020-05-11
commit 73f4b70
Author: Keen Yee Liau kyliau@google.com
Date: Mon May 11 12:30:28 2020 -0700
```
release: v9.1.1
```
commit 4ddf727
Author: Wagner Maciel wagnermaciel@google.com
Date: Wed Apr 15 03:16:03 2020 -0700

fix(prerender): use browser builder's index option in prerender builder
Fixes #1585

commit cf295cc
Author: Alan Agius alan.agius4@gmail.com
Date: Mon Mar 30 17:32:20 2020 +0200
```
docs: @ nguniversal/module-map-ngfactory-loader deprecation notice
```
9.1.0 - 2020-03-28
commit 304a93d
Author: Keen Yee Liau kyliau@google.com
Date: Sat Mar 28 13:49:35 2020 -0700
```
release: v9.1.0
```
commit 4379112
Author: Renovate Bot bot@renovateapp.com
Date: Sat Mar 28 17:14:17 2020 +0000
```
build: update @ bazel/hide-bazel-files to version ~1.5.0
```
commit 38e5ce2
Author: Renovate Bot bot@renovateapp.com
Date: Fri Mar 27 05:13:55 2020 +0000
```
build: update codelyzer to version 5.2.2
```
commit d38b97e
Author: Alan Agius alan.agius4@gmail.com
Date: Thu Mar 26 19:53:00 2020 +0100
```
build: update version of Angular packages
```
commit 9f51e03
Author: Renovate Bot bot@renovateapp.com
Date: Mon Mar 23 14:48:37 2020 +0000
```
build: update jasmine-spec-reporter to version 5.0.1
```
commit 4b26d87
Author: Renovate Bot bot@renovateapp.com
Date: Wed Mar 25 05:12:32 2020 +0000
```
build: update karma-jasmine-html-reporter to version 1.5.3
```
commit db4ff54
Author: Renovate Bot bot@renovateapp.com
Date: Tue Mar 24 05:40:59 2020 +0000
```
build: update @ types/express-serve-static-core to version 4.17.3
```
commit 6dd1682
Author: Renovate Bot bot@renovateapp.com
Date: Mon Mar 23 07:15:16 2020 +0000
```
build: update to version
```
commit c401c51
Author: Renovate Bot bot@renovateapp.com
Date: Sun Mar 22 02:08:13 2020 +0000
```
build: update ts-node to version 8.8.1
```
commit 7daffec
Author: Alan Agius alan.agius4@gmail.com
Date: Thu Mar 19 10:07:47 2020 +0100
```
build: update to typescript 3.8
```
commit 9d09d79
Author: Renovate Bot bot@renovateapp.com
Date: Thu Mar 19 05:16:57 2020 +0000
```
build: update ts-node to version 8.7.0
```
commit e68a46e
Author: Renovate Bot bot@renovateapp.com
Date: Mon Mar 16 07:14:30 2020 +0000
```
build: update to version
```
commit 6fe88cc
Author: George Kalpakas kalpakas.g@gmail.com
Date: Fri Mar 13 14:37:54 2020 +0200
```
docs: fix variable name in commented out code (`app` --> `server`)
```
commit 707c276
Author: Renovate Bot bot@renovateapp.com
Date: Fri Mar 13 05:18:55 2020 +0000
```
build: update angular-in-memory-web-api to version ^0.10.0
```
commit a9b2499
Author: Renovate Bot bot@renovateapp.com
Date: Thu Mar 12 05:17:38 2020 +0000
```
build: update tslint to version ^6.0.0
```
9.0.2 - 2020-03-11
commit 1928b3c
Author: Keen Yee Liau kyliau@google.com
Date: Wed Mar 11 12:21:07 2020 -0700
```
release: v9.0.2
```
commit ad4742a
Author: Renovate Bot bot@renovateapp.com
Date: Wed Mar 11 16:09:13 2020 +0000
```
build: update @ bazel/buildifier to version ^2.0.0
```
commit a279fa6
Author: Alan Agius alan.agius4@gmail.com
Date: Tue Mar 10 09:39:08 2020 +0100

fix(builders): don't spawn server until browser build finishes In some cases, we spawned the server to early, which caused the views not to be found. This happened when the browser build too a long time.
With this change we spawn the server only after both browser and server have emitted.

commit 5a52406
Author: Alan Agius alan.agius4@gmail.com
Date: Mon Mar 9 15:35:44 2020 +0100

ci: remove cache key fallback
While having a cache key fallback can be beneficial it also results in increased cache size the currently the cache size almost doubled in size to 2.6Gib because it is never cleaned and results in slower builds.

commit 08657f9
Author: Alan Agius alan.agius4@gmail.com
Date: Mon Mar 9 15:14:27 2020 +0100

fix: ng update showing packages that do not exist in my package By default if no packageGroupName is provided ng-update will use the first item in packageGroup which in this case it is always @ nguniversal/aspnetcore-engine. With this change we set the packageGroupName of each package, also we remove ng-update from @ nguniversal/builders as this gets updated when running ng update on @ nguniversal/express-engine or @ nguniversal/hapi-engine.
Closes #1542 and closes #1533

commit db6c9f2
Author: Renovate Bot bot@renovateapp.com
Date: Mon Mar 9 09:16:49 2020 +0000
```
build: update to version
```
commit a4da24e
Author: Renovate Bot bot@renovateapp.com
Date: Sat Mar 7 12:58:51 2020 +0000
```
build: update karma-typescript to version ^5.0.0
```
commit 969bff4
Author: Renovate Bot bot@renovateapp.com
Date: Sat Mar 7 06:14:34 2020 +0000
```
build: update build_bazel_rules_nodejs to version 1.4.1
```
commit 984bed3
Author: Renovate Bot bot@renovateapp.com
Date: Wed Mar 4 06:14:39 2020 +0000
```
build: update @ types/express to version 4.17.3
```
commit f0bc182
Author: Renovate Bot bot@renovateapp.com
Date: Tue Mar 3 06:14:06 2020 +0000
```
build: update @ bazel/hide-bazel-files to version ~1.4.0
```
commit ad8673f
Author: Alan Agius alan.agius4@gmail.com
Date: Tue Mar 3 08:16:07 2020 +0100
```
docs: fix typo
```
commit 276e3c9
Author: Renovate Bot bot@renovateapp.com
Date: Mon Feb 24 08:14:00 2020 +0000
```
build: update to version
```
commit 53ecee6
Author: Renovate Bot bot@renovateapp.com
Date: Fri Feb 21 06:14:11 2020 +0000
```
build: update tslib to version ~1.11.0
```
9.0.1 - 2020-02-21
commit cf8913b
Author: Keen Yee Liau kyliau@google.com
Date: Thu Feb 20 13:30:35 2020 -0800
```
release: v9.0.1
```
commit 6b4d116
Author: Keen Yee Liau kyliau@google.com
Date: Thu Feb 20 13:24:35 2020 -0800

build: Update publish script
Update the publish script to invoke existing build command, then run the script generated by Bazel npm_package target to publish to npm.

commit 01838b6
Author: Keen Yee Liau kyliau@google.com
Date: Thu Feb 20 13:18:44 2020 -0800

build: Change --symlink_prefix to dist/
--symlink_prefix=/ will not generate bazel-out in the repository, which would cause the npm_package.publish script to fail, since it looks for the bazel-out directory to find package directory and package.json

commit a063e68
Author: Alan Agius alan.agius4@gmail.com
Date: Thu Feb 20 09:14:16 2020 +0100

build: add @ types/node resolutions
This addresses Conflicting definitions for 'node'

commit 25abb20
Author: Renovate Bot bot@renovateapp.com
Date: Wed Feb 19 17:40:55 2020 +0000
```
build: update to version
```
commit 9faaa66
Author: Alan Agius alan.agius4@gmail.com
Date: Wed Feb 19 08:17:56 2020 +0100
```
build: update @ types/express and http-proxy-middleware
```
commit 281a3c8
Author: Alan Agius alan.agius4@gmail.com
Date: Wed Feb 19 15:02:37 2020 +0100

fix(builders): only remove reload script leading slash when having a public host with a path name We should only remove the leading slash of BrowserSync script when having a public host with a path name, this will other cause the browser sync script not to be found when using a base href.
Closes #1495

commit 78eeb9f
Author: Renovate Bot bot@renovateapp.com
Date: Wed Feb 19 06:16:11 2020 +0000
```
build: update @ bazel/ibazel to version ^0.12.0
```
commit 57a0399
Author: Renovate Bot bot@renovateapp.com
Date: Fri Feb 14 06:15:16 2020 +0000
```
build: update @ bazel/bazel to version 2.1.0
```
commit 01d641a
Author: Renovate Bot bot@renovateapp.com
Date: Tue Feb 11 06:15:08 2020 +0000
```
build: update karma-jasmine to version 3.1.1
```
commit 12df979
Author: Willem Meints willem.meints@gmail.com
Date: Mon Feb 10 23:20:33 2020 +0100
```
Change ServerAppModule to AppServerModule (#1498)
```
commit 7ecdd13
Author: Renovate Bot bot@renovateapp.com
Date: Sat Feb 8 06:15:22 2020 +0000
```
build: update @ bazel/hide-bazel-files to version ~1.3.0
```
9.0.0 - 2020-02-06
commit 3aa454d
Author: Keen Yee Liau kyliau@google.com
Date: Thu Feb 6 11:17:03 2020 -0800
```
release: v9.0.0
```
commit e05ca5d
Author: Alan Agius alan.agius4@gmail.com
Date: Thu Feb 6 18:47:04 2020 +0100
```
build: update packages for release
```
commit 5cd4d11
Author: Keen Yee Liau kyliau@google.com
Date: Wed Feb 5 12:55:19 2020 -0800
```
release: v9.0.0-rc.2
```
commit a9a258c
Author: Renovate Bot bot@renovateapp.com
Date: Tue Feb 4 06:14:02 2020 +0000
```
build: update karma-jasmine-html-reporter to version 1.5.2
```
commit 5065237
Author: Renovate Bot bot@renovateapp.com
Date: Sat Feb 1 06:15:43 2020 +0000
```
build: update build_bazel_rules_nodejs to version 1.2.4
```
commit 0fec40b
Author: Renovate Bot bot@renovateapp.com
Date: Fri Jan 31 06:13:58 2020 +0000
```
build: update build_bazel_rules_nodejs to version 1.2.2
```
commit a3deb68
Author: Renovate Bot bot@renovateapp.com
Date: Fri Jan 31 06:31:21 2020 +0000
```
build: update rollup to version ~1.31.0
```
commit 099749d
Author: Renovate Bot bot@renovateapp.com
Date: Thu Jan 30 07:34:39 2020 +0000
```
build: update build_bazel_rules_nodejs to version 1.2.1
```
commit e71da18
Author: Renovate Bot bot@renovateapp.com
Date: Wed Jan 29 06:13:30 2020 +0000
```
build: update protractor to version 5.4.3
```
commit 8fc1703
Author: Renovate Bot bot@renovateapp.com
Date: Tue Jan 28 19:12:04 2020 +0000
```
build: update @ bazel/hide-bazel-files to version ~1.2.0
```
commit fbef541
Author: Alan Agius alan.agius4@gmail.com
Date: Tue Jan 28 19:48:17 2020 +0100
```
ci: reduce ci steps
```
commit f46432a
Author: Alan Agius alan.agius4@gmail.com
Date: Thu Jan 23 06:43:22 2020 +0100

test: disable flaky ci test
While this works locally, on ci this is causing 90% of our builds to be red,.

commit 5df2fb7
Author: Wagner Maciel wagnermaciel@google.com
Date: Tue Jan 28 10:02:34 2020 -0800

fix(builders): add "/" as the default route in angular.json
Closes #1452

commit 847f87a
Author: Alan Agius alan.agius4@gmail.com
Date: Mon Jan 27 21:01:45 2020 +0100

build: change bazel nodejs rules to ~
This will enable renovate to open seperate PR when there is a a new minor version.

commit 42a2d6d
Author: Renovate Bot bot@renovateapp.com
Date: Sat Jan 25 06:14:09 2020 +0000
```
build: update build_bazel_rules_nodejs to version 1.2.0
```
commit 2aeaed9
Author: Renovate Bot bot@renovateapp.com
Date: Mon Jan 27 08:02:31 2020 +0000
```
build: update rollup to version ~1.30.0
```
commit b5ece98
Author: Renovate Bot bot@renovateapp.com
Date: Mon Jan 27 07:57:08 2020 +0000
```
build: update concurrently to version 5.1.0
```
commit cf5509f
Author: Alan Agius alan.agius4@gmail.com
Date: Fri Jan 24 06:38:54 2020 +0100

fix(builders): default to a minimum of 1 CPU when sharding builds
Closes #1466

commit d2e1b12
Author: Alan Agius alan.agius4@gmail.com
Date: Thu Jan 23 09:13:51 2020 +0100
```
build: update nodejs rules to 1.0+
```
commit 1f055d5
Author: Alan Agius alan.agius4@gmail.com
Date: Wed Jan 22 12:46:28 2020 +0100

fix(builders): send X-Forwarded headers when using ssr-dev-server
Fixes: #1459

commit 01356cd
Author: Keen Yee Liau kyliau@google.com
Date: Wed Jan 22 11:49:38 2020 -0800
```
chore: replace vikram with keen in codeowners
```
commit 117b247
Author: Alan Agius alan.agius4@gmail.com
Date: Wed Jan 22 08:52:19 2020 +0100
```
fix: update `@ types/hapi__hapi` as they are incompatible with `@ hapi/inert`
```
commit dde4fed
Author: Alan Agius alan.agius4@gmail.com
Date: Wed Jan 22 08:09:56 2020 +0100

Snyk has created this PR to upgrade: - @angular-devkit/build-angular from 0.900.7 to 0.1102.19. See this package in npm: https://www.npmjs.com/package/@angular-devkit/build-angular - rxjs from 6.5.4 to 6.6.7. See this package in npm: https://www.npmjs.com/package/rxjs - @nguniversal/express-engine from 9.0.0-rc.2 to 9.1.1. See this package in npm: https://www.npmjs.com/package/@nguniversal/express-engine - material-icons from 0.3.1 to 0.7.7. See this package in npm: https://www.npmjs.com/package/material-icons - ngx-spinner from 8.0.3 to 8.1.0. See this package in npm: https://www.npmjs.com/package/ngx-spinner - typescript from 3.7.7 to 3.9.10. See this package in npm: https://www.npmjs.com/package/typescript - zone.js from 0.10.3 to 0.14.10. See this package in npm: https://www.npmjs.com/package/zone.js See this project in Snyk: https://app.snyk.io/org/dvuln/project/3256d3c3-77eb-482f-85c3-485dad220c0c?utm_source=github&utm_medium=referral&page=upgrade-pr

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

[Snyk] Upgrade: , rxjs, , material-icons, ngx-spinner, typescript, zone.js #88

[Snyk] Upgrade: , rxjs, , material-icons, ngx-spinner, typescript, zone.js #88

dvulnx commented Sep 8, 2024

[Snyk] Upgrade: , rxjs, , material-icons, ngx-spinner, typescript, zone.js #88

Are you sure you want to change the base?

[Snyk] Upgrade: , rxjs, , material-icons, ngx-spinner, typescript, zone.js #88

Conversation

dvulnx commented Sep 8, 2024

Snyk has created this PR to upgrade multiple dependencies.

Issues fixed by the recommended upgrade: