[Snyk] Upgrade three from 0.125.1 to 0.160.0 #44

bcopy · 2024-02-10T14:08:00Z

This PR was automatically created by Snyk using the credentials of a real user.

Snyk has created this PR to upgrade three from 0.125.1 to 0.160.0.

ℹ️ Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.

The recommended version is 63 versions ahead of your current version.
The recommended version was released 2 months ago, on 2023-12-22.

The recommended version fixes:

Issue	PriorityScore (*)	Exploit Maturity
Prototype Pollution SNYK-JS-LOADERUTILS-3043105	375/1000 Why? CVSS 7.5	No Known Exploit
Denial of Service (DoS) SNYK-JS-DECODEURICOMPONENT-3149970	375/1000 Why? CVSS 7.5	Proof of Concept
Prototype Pollution SNYK-JS-LOADERUTILS-3043105	375/1000 Why? CVSS 7.5	No Known Exploit
Regular Expression Denial of Service (ReDoS) SNYK-JS-NTHCHECK-1586032	375/1000 Why? CVSS 7.5	Proof of Concept
Prototype Poisoning SNYK-JS-QS-3153490	375/1000 Why? CVSS 7.5	Proof of Concept
Regular Expression Denial of Service (ReDoS) SNYK-JS-SEMVER-3247795	375/1000 Why? CVSS 7.5	Proof of Concept
Regular Expression Denial of Service (ReDoS) SNYK-JS-SEMVER-3247795	375/1000 Why? CVSS 7.5	Proof of Concept
Regular Expression Denial of Service (ReDoS) SNYK-JS-SEMVER-3247795	375/1000 Why? CVSS 7.5	Proof of Concept
Sandbox Bypass SNYK-JS-WEBPACK-3358798	375/1000 Why? CVSS 7.5	Proof of Concept
Command Injection SNYK-JS-LODASH-1040724	375/1000 Why? CVSS 7.5	Proof of Concept
Regular Expression Denial of Service (ReDoS) SNYK-JS-BROWSERSLIST-1090194	375/1000 Why? CVSS 7.5	Proof of Concept
Regular Expression Denial of Service (ReDoS) SNYK-JS-LOADERUTILS-3105943	375/1000 Why? CVSS 7.5	No Known Exploit
Regular Expression Denial of Service (ReDoS) SNYK-JS-LODASH-1018905	375/1000 Why? CVSS 7.5	Proof of Concept
Prototype Pollution SNYK-JS-JSON5-3182856	375/1000 Why? CVSS 7.5	Proof of Concept
Prototype Pollution SNYK-JS-JSON5-3182856	375/1000 Why? CVSS 7.5	Proof of Concept
Regular Expression Denial of Service (ReDoS) SNYK-JS-LOADERUTILS-3042992	375/1000 Why? CVSS 7.5	No Known Exploit
Regular Expression Denial of Service (ReDoS) SNYK-JS-MINIMATCH-3050818	375/1000 Why? CVSS 7.5	No Known Exploit
Information Exposure SNYK-JS-NANOID-2332193	375/1000 Why? CVSS 7.5	Proof of Concept
Improper Input Validation SNYK-JS-POSTCSS-5926692	375/1000 Why? CVSS 7.5	No Known Exploit
Regular Expression Denial of Service (ReDoS) SNYK-JS-LOADERUTILS-3105943	375/1000 Why? CVSS 7.5	No Known Exploit
Regular Expression Denial of Service (ReDoS) SNYK-JS-LOADERUTILS-3042992	375/1000 Why? CVSS 7.5	No Known Exploit
Cross-site Scripting (XSS) SNYK-JS-SERIALIZEJAVASCRIPT-6147607	375/1000 Why? CVSS 7.5	Proof of Concept
Regular Expression Denial of Service (ReDoS) SNYK-JS-TERSER-2806366	375/1000 Why? CVSS 7.5	No Known Exploit
Regular Expression Denial of Service (ReDoS) SNYK-JS-TERSER-2806366	375/1000 Why? CVSS 7.5	No Known Exploit
Prototype Pollution SNYK-JS-MINIMIST-2429795	375/1000 Why? CVSS 7.5	Proof of Concept

(*) Note that the real score may have changed since the PR was raised.

Release notes

Package name: three

0.160.0 - 2023-12-22
0.159.0 - 2023-11-30
0.158.0 - 2023-10-27
0.157.0 - 2023-09-28
0.156.1 - 2023-09-05
0.156.0 - 2023-08-31
0.155.0 - 2023-07-27
0.154.0 - 2023-06-29
0.153.0 - 2023-05-31
0.152.2 - 2023-04-28
0.152.1 - 2023-04-28
0.152.0 - 2023-04-27
0.151.3 - 2023-04-03
0.151.2 - 2023-03-31
0.151.1 - 2023-03-30
0.151.0 - 2023-03-30
0.150.1 - 2023-02-27
0.150.0 - 2023-02-23
0.149.0 - 2023-01-26
0.148.0 - 2022-12-22
0.147.0 - 2022-11-30
0.146.0 - 2022-10-27
0.145.0 - 2022-09-29
0.144.0 - 2022-08-31
0.143.0 - 2022-07-28
0.142.0 - 2022-06-29
0.141.0 - 2022-05-26
0.140.2 - 2022-05-10
0.140.1 - 2022-05-09
0.140.0 - 2022-04-30
0.139.2 - 2022-03-31
0.139.1 - 2022-03-31
0.139.0 - 2022-03-24
0.138.3 - 2022-03-03
0.138.2 - 2022-03-01
0.138.1 - 2022-02-28
0.138.0 - 2022-02-23
0.137.5 - 2022-01-28
0.137.4 - 2022-01-27
0.137.3 - 2022-01-27
0.137.2 - 2022-01-27
0.137.1 - 2022-01-27
0.137.0 - 2022-01-26
0.136.0 - 2021-12-24
0.135.0 - 2021-11-26
0.134.0 - 2021-10-28
0.133.1 - 2021-10-04
0.133.0 - 2021-09-30
0.132.2 - 2021-08-27
0.132.1 - 2021-08-27
0.132.0 - 2021-08-26
0.131.3 - 2021-08-04
0.131.2 - 2021-08-03
0.131.1 - 2021-07-30
0.131.0 - 2021-07-29
0.130.1 - 2021-07-05
0.130.0 - 2021-06-30
0.129.0 - 2021-05-27
0.128.0 - 2021-04-23
0.127.0 - 2021-03-31
0.126.1 - 2021-03-03
0.126.0 - 2021-02-24
0.125.2 - 2021-01-29
0.125.1 - 2021-01-27

from three GitHub release notes

Commit messages

Package name: three

d04539a r160
fc292ae Examples: Clean up.
de3d5ff Examples: Improved webgpu_compute_particles_snow.
caf8c1f Examples: Improved webgpu_backdrop_water.
b7ebd00 Examples: Improved webgpu_compute_particles.
3a5de8c Examples: Change default tonemapping in webgl_tonemapping.
edb0af3 Editor: Added AgXToneMapping support.
08b24a1 Timer: Added FixedTimer (#27423)
f163ee9 OrbitControls: use scroll event delta to modulate zoom speed (#27418)
bc0be46 OrbitControls: pointers list only used for identification (#27420)
e049f9c Add optional timestamp parameter (#27421)
a2235b2 Docs: Improve `Material` page. (#27416)
4acb780 WebGPURenderer: bug fixes for WebGLBackend (#27410)
cf7a464 Docs: Clean up. (#27409)
e78475f Docs: Improve Chinese translation. (#27408)
1139719 Examples: Improve performance - Compute Snow and Backdrop Water (#27404)
b806995 Add AgX tone mapping constant (#27403)
3e1c5f4 Nodes: use relative references inside examples/jsm (#27381)
fe312e1 WebGPURenderer: Screenshots (#27402)
6df11e6 Updated builds.
e041e08 WebGLRenderer: Add support for AgX Tone Mapping (#27366)
74ca7d8 WebGPURenderer: Compute Snow Example (#27400)
73fafde WebGPURenderer: Backdrop Water Example (#27397)
e5c2a56 WebGPURenderer: Fix the use of same Material with different Skeleton (#27398)