[Snyk] Upgrade: gatsby-cli, gatsby, gatsby-plugin-create-client-paths, gatsby-plugin-manifest, gatsby-plugin-postcss, gatsby-plugin-react-helmet, gatsby-remark-prismjs, gatsby-source-filesystem, gatsby-transformer-remark #139
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
This PR was automatically created by Snyk using the credentials of a real user.
Snyk has created this PR to upgrade multiple dependencies.
👯 The following dependencies are linked and will therefore be updated together.ℹ️ Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.
from 3.10.0 to 3.14.2
on 2021-10-15
from 3.10.0 to 3.14.6
on 2021-11-18
from 3.10.0 to 3.14.0
on 2021-09-17
from 3.10.0 to 3.14.0
on 2021-09-17
from 4.10.0 to 4.14.0
on 2021-09-17
from 4.10.0 to 4.14.0
on 2021-09-17
from 5.7.0 to 5.11.0
on 2021-09-17
from 3.10.0 to 3.14.0
on 2021-09-17
from 4.7.0 to 4.11.0
on 2021-09-17
The recommended version fixes:
npm:underscore.string:20170908
Why? CVSS 7.5
SNYK-JS-XSS-1584355
Why? CVSS 7.5
SNYK-JS-URLPARSE-2407770
Why? CVSS 7.5
SNYK-JS-SIMPLEGET-2361683
Why? CVSS 7.5
SNYK-JS-NODEFORGE-2430339
Why? CVSS 7.5
SNYK-JS-ENGINEIO-2336356
Why? CVSS 7.5
SNYK-JS-ASYNC-2441827
Why? CVSS 7.5
SNYK-JS-URLPARSE-2412697
Why? CVSS 7.5
SNYK-JS-URLPARSE-2407759
Why? CVSS 7.5
SNYK-JS-URLPARSE-2401205
Why? CVSS 7.5
SNYK-JS-URLPARSE-1533425
Why? CVSS 7.5
SNYK-JS-SOCKETIOPARSER-3091012
Why? CVSS 7.5
SNYK-JS-PARSEURL-2942134
Why? CVSS 7.5
SNYK-JS-PARSEURL-2936249
Why? CVSS 7.5
SNYK-JS-FILETYPE-2958042
Why? CVSS 7.5
SNYK-JS-PARSEURL-2935947
Why? CVSS 7.5
SNYK-JS-PARSEURL-2935944
Why? CVSS 7.5
SNYK-JS-NODEFORGE-2430341
Why? CVSS 7.5
SNYK-JS-NODEFORGE-2430337
Why? CVSS 7.5
SNYK-JS-NODEFORGE-2331908
Why? CVSS 7.5
SNYK-JS-NODEFORGE-2330875
Why? CVSS 7.5
SNYK-JS-GLOBPARENT-1016905
Why? CVSS 7.5
SNYK-JS-EVENTSOURCE-2823375
Why? CVSS 7.5
SNYK-JS-DEVCERT-2808183
Why? CVSS 7.5
(*) Note that the real score may have changed since the PR was raised.
Release notes
Package name: gatsby-cli
Package name: gatsby
Package name: gatsby-plugin-create-client-paths
Package name: gatsby-plugin-manifest
Package name: gatsby-plugin-postcss
Package name: gatsby-plugin-react-helmet
Package name: gatsby-remark-prismjs
Package name: gatsby-source-filesystem
Package name: gatsby-transformer-remark
Commit messages
Package name: gatsby-cli
Compare
Package name: gatsby
Compare
Package name: gatsby-plugin-create-client-paths
Compare
Package name: gatsby-plugin-manifest
Compare
Package name: gatsby-plugin-postcss
Compare
Package name: gatsby-plugin-react-helmet
Compare
Package name: gatsby-remark-prismjs