Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[Snyk] Upgrade: , , , , css-loader, eslint-plugin-react-hooks, sass, webpack-dev-server #335

Open
wants to merge 1 commit into
base: master
Choose a base branch
from
Open

[Snyk] Upgrade: , , , , css-loader, eslint-plugin-react-hooks, sass, webpack-dev-server #335

wants to merge 1 commit into from

Conversation

Loonz206
Copy link
Owner

snyk-top-banner

Snyk has created this PR to upgrade multiple dependencies.

👯 The following dependencies are linked and will therefore be updated together.

ℹ️ Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.

Name Versions Released on

@babel/core
from 7.24.0 to 7.25.2 | 9 versions ahead of your current version | a month ago
on 2024-07-30
@babel/plugin-transform-runtime
from 7.24.0 to 7.25.4 | 5 versions ahead of your current version | 21 days ago
on 2024-08-22
@babel/preset-env
from 7.24.0 to 7.25.4 | 11 versions ahead of your current version | 21 days ago
on 2024-08-22
@babel/preset-react
from 7.23.3 to 7.24.7 | 3 versions ahead of your current version | 3 months ago
on 2024-06-05
css-loader
from 6.10.0 to 6.11.0 | 1 version ahead of your current version | 5 months ago
on 2024-04-03
eslint-plugin-react-hooks
from 4.6.0 to 4.6.2 | 2 versions ahead of your current version | 5 months ago
on 2024-04-26
sass
from 1.72.0 to 1.77.8 | 12 versions ahead of your current version | 2 months ago
on 2024-07-11
webpack-dev-server
from 5.0.3 to 5.0.4 | 1 version ahead of your current version | 6 months ago
on 2024-03-19

Issues fixed by the recommended upgrade:

Issue Score Exploit Maturity
high severity Inefficient Regular Expression Complexity
SNYK-JS-MICROMATCH-6838728		 375 No Known Exploit
medium severity Open Redirect
SNYK-JS-EXPRESS-6474509		 375 No Known Exploit
Release notes
Package name: @babel/core
  • 7.25.2 - 2024-07-30

    v7.25.2 (2024-07-30)

    🐛 Bug Fix

    • babel-core, babel-traverse

    Committers: 2

  • 7.24.9 - 2024-07-15

    v7.24.9 (2024-07-15)

    🐛 Bug Fix

    💅 Polish

    • babel-generator, babel-plugin-transform-optional-chaining

    🏠 Internal

    • babel-helper-module-transforms

    Committers: 5

  • 7.24.8 - 2024-07-11
  • 7.24.7 - 2024-06-05
  • 7.24.6 - 2024-05-24
  • 7.24.5 - 2024-04-29
  • 7.24.4 - 2024-04-03
  • 7.24.3 - 2024-03-20
  • 7.24.1 - 2024-03-19
  • 7.24.0 - 2024-02-28
from @babel/core GitHub release notes
Package name: @babel/plugin-transform-runtime
  • 7.25.4 - 2024-08-22

    v7.25.4 (2024-08-22)

    🐛 Bug Fix

    💅 Polish

    • babel-generator, babel-plugin-proposal-decorators, babel-plugin-proposal-destructuring-private, babel-plugin-proposal-pipeline-operator, babel-plugin-transform-class-properties, babel-plugin-transform-destructuring, babel-plugin-transform-optional-chaining, babel-plugin-transform-private-methods, babel-plugin-transform-private-property-in-object, babel-plugin-transform-typescript, babel-runtime-corejs2, babel-runtime, babel-traverse
    • babel-generator, babel-plugin-transform-class-properties
    • babel-generator, babel-plugin-proposal-decorators, babel-plugin-proposal-destructuring-private, babel-plugin-transform-object-rest-spread

    🔬 Output optimization

    Committers: 4

  • 7.24.7 - 2024-06-05
  • 7.24.6 - 2024-05-24
  • 7.24.3 - 2024-03-20
  • 7.24.1 - 2024-03-19
  • 7.24.0 - 2024-02-28
from @babel/plugin-transform-runtime GitHub release notes
Package name: @babel/preset-env
  • 7.25.4 - 2024-08-22

    v7.25.4 (2024-08-22)

    🐛 Bug Fix

    💅 Polish

    • babel-generator, babel-plugin-proposal-decorators, babel-plugin-proposal-destructuring-private, babel-plugin-proposal-pipeline-operator, babel-plugin-transform-class-properties, babel-plugin-transform-destructuring, babel-plugin-transform-optional-chaining, babel-plugin-transform-private-methods, babel-plugin-transform-private-property-in-object, babel-plugin-transform-typescript, babel-runtime-corejs2, babel-runtime, babel-traverse
    • babel-generator, babel-plugin-transform-class-properties
    • babel-generator, babel-plugin-proposal-decorators, babel-plugin-proposal-destructuring-private, babel-plugin-transform-object-rest-spread

    🔬 Output optimization

    Committers: 4

  • 7.25.3 - 2024-07-31

    v7.25.3 (2024-07-31)

    🐛 Bug Fix

    • babel-plugin-bugfix-firefox-class-in-computed-class-key, babel-traverse

    🏠 Internal

    Committers: 2

  • 7.25.2 - 2024-07-30

    v7.25.2 (2024-07-30)

    🐛 Bug Fix

    • babel-core, babel-traverse

    Committers: 2

  • 7.25.0 - 2024-07-26

    v7.25.0 (2024-07-26)

    Thanks @ davidtaylorhq and @ slatereax for your first PR!

    You can find the release blog post with some highlights at https://babeljs.io/blog/2024/07/26/7.25.0.

    👓 Spec Compliance

    • babel-helpers, babel-plugin-proposal-explicit-resource-management, babel-runtime-corejs3
    • babel-plugin-transform-typescript
      • #16602 Ensure enum members syntactically determinable to be strings do not get reverse mappings (@ liuxingbaoyu)

    🚀 New Feature

    • babel-helper-create-class-features-plugin, babel-helper-function-name, babel-helper-plugin-utils, babel-helper-wrap-function, babel-plugin-bugfix-safari-class-field-initializer-scope, babel-plugin-bugfix-safari-id-destructuring-collision-in-function-expression, babel-plugin-transform-classes, babel-plugin-transform-function-name, babel-preset-env, babel-traverse, babel-types
    • babel-helper-hoist-variables, babel-helper-plugin-utils, babel-plugin-proposal-async-do-expressions, babel-plugin-transform-modules-systemjs, babel-traverse
    • babel-helper-create-class-features-plugin, babel-helper-module-transforms, babel-helper-plugin-utils, babel-helper-split-export-declaration, babel-plugin-transform-classes, babel-traverse, babel-types
    • babel-helper-create-class-features-plugin, babel-helper-environment-visitor, babel-helper-module-transforms, babel-helper-plugin-utils, babel-helper-remap-async-to-generator, babel-helper-replace-supers, babel-plugin-bugfix-firefox-class-in-computed-class-key, babel-plugin-bugfix-v8-static-class-fields-redefine-readonly, babel-plugin-transform-async-generator-functions, babel-plugin-transform-classes, babel-traverse
    • babel-core, babel-parser
    • babel-compat-data, babel-plugin-bugfix-safari-class-field-initializer-scope, babel-preset-env
    • babel-plugin-transform-block-scoping, babel-traverse, babel-types
    • babel-helper-import-to-platform-api, babel-plugin-proposal-json-modules
    • babel-helper-transform-fixture-test-runner, babel-node
    • babel-compat-data, babel-helper-create-regexp-features-plugin, babel-plugin-proposal-duplicate-named-capturing-groups-regex, babel-plugin-transform-duplicate-named-capturing-groups-regex, babel-preset-env, babel-standalone
      • #16445 Add duplicate-named-capturing-groups-regex to preset-env (@ JLHwung)

    🐛 Bug Fix

    🏠 Internal

    • Other
    • babel-generator
    • babel-helper-function-name, babel-plugin-transform-arrow-functions, babel-plugin-transform-function-name, babel-preset-env, babel-traverse

    🏃‍♀️ Performance

    • babel-parser, babel-plugin-proposal-pipeline-operator

    🔬 Output optimization

    • babel-plugin-transform-classes
    • babel-helper-create-class-features-plugin, babel-helper-replace-supers, babel-helpers, babel-plugin-proposal-decorators, babel-plugin-transform-class-properties, babel-plugin-transform-classes, babel-plugin-transform-exponentiation-operator, babel-plugin-transform-object-super, babel-plugin-transform-private-methods, babel-runtime-corejs2, babel-runtime-corejs3, babel-runtime
    • babel-plugin-transform-class-properties, babel-plugin-transform-classes

    Committers: 6

  • 7.24.8 - 2024-07-11
  • 7.24.7 - 2024-06-05
  • 7.24.6 - 2024-05-24
  • 7.24.5 - 2024-04-29
  • 7.24.4 - 2024-04-03
  • 7.24.3 - 2024-03-20
  • 7.24.1 - 2024-03-19
  • 7.24.0 - 2024-02-28
from @babel/preset-env GitHub release notes
Package name: @babel/preset-react
  • 7.24.7 - 2024-06-05

    v7.24.7 (2024-06-05)

    🐛 Bug Fix

    • babel-node
    • babel-traverse
    • babel-helper-transform-fixture-test-runner, babel-plugin-proposal-explicit-resource-management

    🏠 Internal

    • babel-helpers, babel-runtime-corejs2, babel-runtime-corejs3, babel-runtime

    Committers: 7

  • 7.24.6 - 2024-05-24

    v7.24.6 (2024-05-24)

    Thanks @ amjed-98, @ blakewilson, @ coelhucas, and @ SukkaW for your first PRs!

    🐛 Bug Fix

    • babel-helper-create-class-features-plugin, babel-plugin-transform-class-properties
    • babel-core, babel-generator, babel-plugin-transform-modules-commonjs
    • babel-helper-create-class-features-plugin, babel-plugin-proposal-decorators
    • babel-helpers, babel-plugin-proposal-decorators, babel-runtime-corejs3
      • #16483 Fix: throw TypeError if addInitializer is called after finished (@ JLHwung)
    • babel-parser, babel-plugin-transform-typescript

    🏠 Internal

    • babel-core, babel-helpers, babel-plugin-transform-runtime, babel-preset-env, babel-runtime-corejs2, babel-runtime-corejs3, babel-runtime
    • babel-helpers
    • babel-cli, babel-helpers, babel-plugin-external-helpers, babel-plugin-proposal-decorators, babel-plugin-transform-class-properties, babel-plugin-transform-modules-commonjs, babel-plugin-transform-modules-systemjs, babel-plugin-transform-runtime, babel-preset-env, babel-runtime-corejs2, babel-runtime-corejs3, babel-runtime
    • babel-parser, babel-traverse
    • Other

    Committers: 9

  • 7.24.1 - 2024-03-19

    v7.24.1 (2024-03-19)

    🐛 Bug Fix

    • babel-helper-create-class-features-plugin, babel-plugin-proposal-decorators
    • babel-plugin-proposal-decorators, babel-plugin-proposal-json-modules, babel-plugin-transform-async-generator-functions, babel-plugin-transform-regenerator, babel-plugin-transform-runtime, babel-preset-env
    • babel-helper-create-class-features-plugin, babel-plugin-proposal-decorators, babel-plugin-proposal-pipeline-operator, babel-plugin-transform-class-properties
    • babel-helper-create-class-features-plugin, babel-helper-replace-supers, babel-plugin-proposal-decorators, babel-plugin-transform-class-properties

    📝 Documentation

    🏠 Internal

    • babel-code-frame, babel-highlight
    • babel-helper-fixtures, babel-helpers, babel-plugin-bugfix-safari-id-destructuring-collision-in-function-expression, babel-plugin-proposal-pipeline-operator, babel-plugin-transform-unicode-sets-regex, babel-preset-env, babel-preset-flow
    • babel-helper-module-imports, babel-plugin-proposal-import-wasm-source, babel-plugin-proposal-json-modules, babel-plugin-proposal-record-and-tuple, babel-plugin-transform-react-jsx-development, babel-plugin-transform-react-jsx
    • Other

    🔬 Output optimization

    • babel-helper-replace-supers, babel-plugin-transform-class-properties, babel-plugin-transform-classes, babel-plugin-transform-parameters, babel-plugin-transform-runtime
    • babel-plugin-transform-class-properties, babel-plugin-transform-classes
    • babel-plugin-proposal-decorators, babel-plugin-transform-class-properties, babel-plugin-transform-object-rest-spread, babel-traverse
    • babel-core, babel-plugin-external-helpers, babel-plugin-proposal-decorators, babel-plugin-proposal-function-bind, babel-plugin-transform-class-properties, babel-plugin-transform-classes, babel-plugin-transform-flow-comments, babel-plugin-transform-flow-strip-types, babel-plugin-transform-function-name, babel-plugin-transform-modules-systemjs, babel-plugin-transform-parameters, babel-plugin-transform-private-property-in-object, babel-plugin-transform-react-jsx, babel-plugin-transform-runtime, babel-plugin-transform-spread, babel-plugin-transform-typescript, babel-preset-env

    Committers: 4

  • 7.23.3 - 2023-11-09
from @babel/preset-react GitHub release notes
Package name: css-loader from css-loader GitHub release notes
Package name: eslint-plugin-react-hooks
  • 4.6.2 - 2024-04-26
  • 4.6.1 - 2024-04-25
  • 4.6.0 - 2022-06-14
from eslint-plugin-react-hooks GitHub release notes
Package name: sass
  • 1.77.8 - 2024-07-11

    To install Sass 1.77.8, download one of the packages below and add it to your PATH, or see the Sass website for full installation instructions.

    Changes

    • No user-visible changes.

    See the full changelog for changes in earlier releases.

  • 1.77.7 - 2024-07-09

    See sass/sass#3885

  • 1.77.6 - 2024-06-17

    …264)

  • 1.77.5 - 2024-06-11

    To install Sass 1.77.5, download one of the packages below and add it to your PATH, or see the Sass website for full installation instructions.

    Changes

    • Fully trim redundant selectors generated by @ extend.

    See the full changelog for changes in earlier releases.

  • 1.77.4 - 2024-05-30

    To install Sass 1.77.4, download one of the packages below and add it to your PATH, or see the Sass website for full installation instructions.

    Changes

    Embedded Sass

    • Support passing Version input for fatalDeprecations as string over embedded protocol.

    • Fix a bug in the JS Embedded Host where Version could be incorrectly accepted as input for silenceDeprecations and futureDeprecations in pure JS.

    See the full changelog for changes in earlier releases.

  • 1.77.3 - 2024-05-29
  • 1.77.2 - 2024-05-16
  • 1.77.1 - 2024-05-10
  • 1.77.0 - 2024-05-07
  • 1.76.0 - 2024-04-30
  • 1.75.0 - 2024-04-11
  • 1.74.1 - 2024-04-04
  • 1.72.0 - 2024-03-13
from sass GitHub release notes
Package name: webpack-dev-server from webpack-dev-server GitHub release notes

Important

  • Check the changes in this PR to ensure they won't cause issues with your project.
  • This PR was automatically created by Snyk using the credentials of a real user.
  • Max score is 1000. Note that the real score may have changed since the PR was raised.

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.

For more information:

@snyk-bot
fix: upgrade multiple dependencies with Snyk
daed057 
Snyk has created this PR to upgrade:
  - @babel/core from 7.24.0 to 7.25.2.
    See this package in npm: https://www.npmjs.com/package/@babel/core
  - @babel/plugin-transform-runtime from 7.24.0 to 7.25.4.
    See this package in npm: https://www.npmjs.com/package/@babel/plugin-transform-runtime
  - @babel/preset-env from 7.24.0 to 7.25.4.
    See this package in npm: https://www.npmjs.com/package/@babel/preset-env
  - @babel/preset-react from 7.23.3 to 7.24.7.
    See this package in npm: https://www.npmjs.com/package/@babel/preset-react
  - css-loader from 6.10.0 to 6.11.0.
    See this package in npm: https://www.npmjs.com/package/css-loader
  - eslint-plugin-react-hooks from 4.6.0 to 4.6.2.
    See this package in npm: https://www.npmjs.com/package/eslint-plugin-react-hooks
  - sass from 1.72.0 to 1.77.8.
    See this package in npm: https://www.npmjs.com/package/sass
  - webpack-dev-server from 5.0.3 to 5.0.4.
    See this package in npm: https://www.npmjs.com/package/webpack-dev-server

See this project in Snyk:
https://app.snyk.io/org/loonz206/project/e82dae86-fb5a-4723-802c-cca6ee0bb838?utm_source=github&utm_medium=referral&page=upgrade-pr
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@Loonz206 @snyk-bot