Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

[Snyk] Upgrade @docusaurus/core from 2.4.3 to 3.3.2 #5

Open
wants to merge 1 commit into
base: master
Choose a base branch
from

Conversation

YoutacRandS-VA
Copy link
Owner

This PR was automatically created by Snyk using the credentials of a real user.


![snyk-top-banner](https://github.com/andygongea/OWASP-Benchmark/assets/818805/c518c423-16fe-447e-b67f-ad5a49b5d123)

Snyk has created this PR to upgrade @docusaurus/core from 2.4.3 to 3.3.2.

ℹ️ Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.


⚠️ Warning: This PR contains major version upgrade(s), and may be a breaking change.

  • The recommended version is 13 versions ahead of your current version.

  • The recommended version was released on 2 months ago.

Issues fixed by the recommended upgrade:

Issue Score Exploit Maturity
high severity Path Traversal
SNYK-JS-WEBPACKDEVMIDDLEWARE-6476555
477 Proof of Concept
high severity Denial of Service (DoS)
SNYK-JS-WS-7266574
477 Proof of Concept
high severity Denial of Service (DoS)
SNYK-JS-WS-7266574
477 Proof of Concept
high severity Uncontrolled resource consumption
SNYK-JS-BRACES-6838727
477 Proof of Concept
high severity Improper Input Validation
SNYK-JS-FOLLOWREDIRECTS-6141137
477 Proof of Concept
high severity Inefficient Regular Expression Complexity
SNYK-JS-MICROMATCH-6838728
477 No Known Exploit
medium severity Open Redirect
SNYK-JS-EXPRESS-6474509
477 No Known Exploit
medium severity Information Exposure
SNYK-JS-FOLLOWREDIRECTS-6444610
477 Proof of Concept
medium severity Cross-site Scripting (XSS)
SNYK-JS-SERIALIZEJAVASCRIPT-6147607
477 Proof of Concept
Release notes
Package name: @docusaurus/core
  • 3.3.2 - 2024-05-03

    v3.3.2

  • 3.3.1 - 2024-05-03

    v3.3.1

  • 3.3.0 - 2024-05-03

    3.3.0 (2024-05-03)

    🚀 New Feature

    • docusaurus-plugin-sitemap
    • docusaurus-mdx-loader, docusaurus-types, docusaurus
      • #10064 feat(core): add new site config option siteConfig.markdown.anchors.maintainCase (@ iAdramelk)
    • docusaurus
      • #9767 feat(cli): docusaurus deploy should support a --target-dir option (@ SandPod)
    • docusaurus-plugin-content-blog, docusaurus-plugin-content-docs, docusaurus-plugin-content-pages, docusaurus-plugin-debug, docusaurus-types, docusaurus
    • docusaurus-plugin-content-pages, docusaurus-theme-classic, docusaurus-theme-common
      • #10032 feat(pages): add LastUpdateAuthor & LastUpdateTime & editUrl (@ OzakIOne)

    🐛 Bug Fix

    • docusaurus-cssnano-preset, docusaurus-utils, docusaurus
    • docusaurus-theme-classic
      • #10091 fix(theme): <Tabs> props should allow overriding defaults (@ gagdiez)
      • #10080 fix(theme): <Admonition> should render properly without heading/icon (@ andrmaz)
    • docusaurus
      • #10090 fix(core): docusaurus serve redirects should include the site /baseUrl/ prefix (@ slorber)
    • docusaurus-module-type-aliases, docusaurus-preset-classic, docusaurus-theme-classic, docusaurus-theme-live-codeblock, docusaurus
    • docusaurus-theme-translations
      • #10070 fix(theme-translations): add missing theme translations for pt-BR (@ h3nr1ke)
      • #10051 fix(theme-translations): correct label for tip admonition in italian (@ tomsotte)
    • docusaurus-theme-search-algolia
      • #10048 fix(algolia): add insights property on Algolia Theme Config object TS definition (@ Virgil993)
    • docusaurus-plugin-content-docs, docusaurus
      • #10054 fix(core): sortRoutes shouldn't have a default baseUrl value, this led to a bug (@ slorber)
    • docusaurus-plugin-content-docs
    • docusaurus-utils
      • #10022 fix(utils): getFileCommitDate should support log.showSignature=true (@ slorber)

    🏃‍♀️ Performance

    • docusaurus
      • #10060 refactor(core): optimize App entrypoint, it should not re-render when navigating (@ slorber)

    💅 Polish

    • docusaurus-theme-classic
      • #10061 refactor(theme): simplify CSS solution to solve empty search container (@ slorber)
    • docusaurus-theme-common

    📝 Documentation

    🤖 Dependencies

    🔧 Maintenance

    • create-docusaurus, docusaurus-cssnano-preset, docusaurus-logger, docusaurus-mdx-loader, docusaurus-plugin-client-redirects, docusaurus-plugin-content-blog, docusaurus-plugin-content-docs, docusaurus-plugin-content-pages, docusaurus-plugin-debug, docusaurus-plugin-google-analytics, docusaurus-plugin-google-gtag, docusaurus-plugin-google-tag-manager, docusaurus-plugin-ideal-image, docusaurus-plugin-pwa, docusaurus-plugin-sitemap, docusaurus-plugin-vercel-analytics, docusaurus-preset-classic, docusaurus-remark-plugin-npm2yarn, docusaurus-theme-classic, docusaurus-theme-common, docusaurus-theme-live-codeblock, docusaurus-theme-mermaid, docusaurus-theme-search-algolia, docusaurus-theme-translations, docusaurus-utils-common, docusaurus-utils-validation, docusaurus-utils, docusaurus, eslint-plugin, lqip-loader, stylelint-copyright
      • #10065 refactor: extract base TS client config + upgrade TS + refactor TS setup (@ slorber)
    • Other
      • #10063 test(e2e): TypeCheck website/starter in min/max range of TS versions (@ slorber)
      • #10049 fix(website): fix website manifest.json name "Docusaurus v2" to just "Docusaurus" (@ volcanofr)

    Committers: 20

  • 3.2.1 - 2024-04-04

    3.2.1 (2024-04-04)

    🐛 Bug Fix

    • docusaurus

    📝 Documentation

    🤖 Dependencies

    Committers: 2

  • 3.2.0 - 2024-03-29

    3.2.0 (2024-03-29)

    🚀 New Feature

    • docusaurus-plugin-content-blog, docusaurus-plugin-content-docs, docusaurus-plugin-content-pages, docusaurus-plugin-sitemap, docusaurus-types, docusaurus-utils, docusaurus
    • docusaurus-plugin-content-blog, docusaurus-plugin-content-docs, docusaurus-theme-classic, docusaurus-theme-common, docusaurus-utils-validation, docusaurus-utils
    • docusaurus-plugin-debug, docusaurus-types, docusaurus
      • #9931 feat(core): add new plugin allContentLoaded lifecycle (@ slorber)
    • docusaurus-theme-translations
    • docusaurus-plugin-content-blog
      • #9886 feat(blog): allow processing blog posts through a processBlogPosts function (@ OzakIOne)
      • #9838 feat(blog): add blog pageBasePath plugin option (@ ilg-ul)
    • docusaurus
      • #9681 feat(swizzle): ask user preferred language if no language CLI option provided (@ yixiaojiu)
    • create-docusaurus, docusaurus-utils
      • #9442 feat(create-docusaurus): ask user for preferred language when no language CLI option provided (@ Rafael-Martins)
    • docusaurus-plugin-vercel-analytics
      • #9687 feat(plugin-vercel-analytics): add new vercel analytics plugin (@ OzakIOne)
    • docusaurus-mdx-loader
      • #9684 feat(mdx-loader): the table-of-contents should display toc/headings of imported MDX partials (@ anatolykopyl)

    🐛 Bug Fix

    • docusaurus-mdx-loader
      • #9999 fix(mdx-loader): Ignore contentTitle coming after Markdown thematicBreak (@ slorber)
    • docusaurus-theme-search-algolia
      • #9945 fix(a11y): move focus algolia-search focus back to search input on Escape (@ mxschmitt)
    • docusaurus-plugin-content-blog
    • docusaurus-theme-classic
      • #9944 fix(theme): improve a11y of DocSidebarItemCategory expand/collapsed button (@ mxschmitt)
    • docusaurus-theme-translations
    • docusaurus-utils
      • #9897 fix(mdx-loader): mdx-code-block should support CRLF (@ slorber)
    • docusaurus
      • #9878 fix(core): fix default i18n calendar used, infer it from locale if possible (@ slorber)
      • #9852 fix(core): ensure core error boundary is able to render theme layout (@ slorber)
    • docusaurus-remark-plugin-npm2yarn
      • #9861 fix(remark-npm2yarn): update npm-to-yarn from 2.0.0 to 2.2.1, fix pnpm extra args syntax (@ OzakIOne)
    • docusaurus-theme-classic, docusaurus-theme-translations
      • #9851 fix(theme-classic): should use plurals for category items description (@ baradusov)

    🏃‍♀️ Performance

    • docusaurus-types, docusaurus-utils, docusaurus
      • #9975 refactor(core): improve dev perf, fine-grained site reloads - part 3 (@ slorber)
    • docusaurus-types, docusaurus
      • #9968 refactor(core): improve dev perf, fine-grained site reloads - part2 (@ slorber)
    • docusaurus-plugin-content-docs, docusaurus-plugin-content-pages, docusaurus-types, docusaurus
      • #9903 refactor(core): improve dev perf, fine-grained site reloads - part1 (@ slorber)
    • docusaurus-plugin-content-blog, docusaurus-plugin-content-docs, docusaurus-utils
    • docusaurus
      • #9798 refactor(core): internalize, simplify and optimize the SSG logic (@ slorber)

    💅 Polish

    • docusaurus-plugin-content-blog, docusaurus-plugin-content-docs, docusaurus-theme-classic, docusaurus-theme-common
      • #9868 refactor(theme): dates should be formatted on the client-side instead of in nodejs code (@ OzakIOne)
    • docusaurus-plugin-content-blog, docusaurus-theme-classic, docusaurus-theme-common, docusaurus-types
      • #9669 refactor(theme): use JSON-LD instead of microdata for blog structured data (@ johnnyreilly)
    • docusaurus-plugin-content-docs
      • #9839 refactor(blog): improve doc global data hook error message + add doc warning to blogOnly mode (@ OzakIOne)

    📝 Documentation

    🤖 Dependencies

    🔧 Maintenance

    • docusaurus-plugin-client-redirects, docusaurus-plugin-content-docs, docusaurus-utils-common, docusaurus-utils-validation, docusaurus-utils, docusaurus
    • Other
    • docusaurus-plugin-content-blog, docusaurus-plugin-content-docs, docusaurus-theme-classic, docusaurus-theme-common, docusaurus-utils
      • #9963 refactor(docs,blog): last update timestamp should be in milliseconds instead of seconds (@ slorber)

    Committers: 22

  • 3.1.1 - 2024-01-26

    3.1.1 (2024-01-26)

    🐛 Bug Fix

    • docusaurus-types, docusaurus
      • #9791 fix(core): broken links optimization behaves differently than non-optimized logic (@ slorber)
    • docusaurus
      • #9788 fix(core): links with target "_blank" should no be checked by the broken link checker (@ slorber)
      • #9407 fix(core): conditionally include hostname parameter when using… (@ jack-robson)
    • docusaurus-utils
      • #9776 fix(mdx-loader): allow spaces before mdx-code-block info string (@ eitsupi)
    • create-docusaurus
    • docusaurus-theme-common
      • #9727 fix(theme-common): fix missing code block MagicComments style in Visual Basic (.NET) 16 (@ tats-u)
    • docusaurus-theme-classic, docusaurus-theme-mermaid
    • docusaurus-module-type-aliases, docusaurus-theme-classic, docusaurus-theme-common, docusaurus-utils, docusaurus

    🏃‍♀️ Performance

    • docusaurus

    💅 Polish

    • docusaurus-theme-classic

    Committers: 6

  • 3.1.0 - 2024-01-05

    3.1.0 (2024-01-05)

    🚀 New Feature

    • docusaurus-mdx-loader, docusaurus-module-type-aliases, docusaurus-theme-classic, docusaurus-types, docusaurus-utils, docusaurus
      • #9528 feat(core): make broken link checker detect broken anchors - add onBrokenAnchors config (@ OzakIOne)
    • docusaurus-mdx-loader, docusaurus-types, docusaurus
      • #9674 feat(mdx-loader): add support for siteConfig.markdown.remarkRehypeOptions (@ slorber)
    • docusaurus-theme-common
      • #9671 feat(theme-common): code block MagicComments support for (Visual) Basic/Batch/Fortran/COBOL/ML (@ tats-u)
    • docusaurus-mdx-loader, docusaurus-plugin-content-blog, docusaurus-plugin-content-docs, docusaurus-plugin-content-pages, docusaurus-types, docusaurus-utils, docusaurus
    • docusaurus-utils
      • #9610 feat(core): enable port configuration via environment variable (@ OzakIOne)

    🐛 Bug Fix

    • docusaurus-theme-classic, docusaurus-theme-live-codeblock
      • #9704 fix(theme): allow empty code blocks and live playgrounds (@ slorber)
    • create-docusaurus
      • #9696 fix(create-docusaurus): fix init template code blocks, and little improvements (@ slorber)
    • docusaurus-plugin-pwa
    • docusaurus
      • #9648 fix(cli): output help when no conventional config + no subcommand (@ Josh-Cena)
    • docusaurus-theme-live-codeblock
      • #9631 fix(live-codeblock): stabilize react-live transformCode callback, fix editor/preview desync (@ slorber)
    • docusaurus-utils
      • #9617 fix(utils): Markdown link replacement with <> but no spaces (@ Josh-Cena)
    • docusaurus-module-type-aliases
      • #9612 fix(type-aliases): add title prop for imported inline SVG React components (@ axmmisaka)
    • docusaurus-plugin-content-blog
    • docusaurus-theme-translations
      • #9477 fix(i18n): complete translations for theme-common.json Brazilian Portuguese (pt-BR) (@ c0h1b4)

    💅 Polish

    • docusaurus-theme-common
      • #9335 refactor(theme-common): allow optional desktopBreakpoint param in useWindowSize (@ jgarrow)

    🔧 Maintenance

    • docusaurus-theme-search-algolia

    Committers: 8

  • 3.0.1 - 2023-11-30

    3.0.1 (2023-11-30)

    🐛 Bug Fix

    • docusaurus-utils
      • #9570 fix: add v2 retrocompatible support for quoted admonitions (@ slorber)
      • #9535 fix: v3 admonitions should support v2 title syntax for nested admonitions (@ slorber)
    • create-docusaurus, docusaurus-theme-classic, docusaurus-theme-common
      • #9567 fix(theme): upgrade prism-react-renderer, fix html script and style tag highlighting (@ slorber)
    • docusaurus-theme-common
      • #9531 fix(theme): docs html sidebar items should always be visible (@ slorber)
    • docusaurus-theme-classic
    • create-docusaurus
      • #9487 fix(create-docusaurus): fix readme docusaurus 2 ref (@ slorber)

    🤖 Dependencies

    • docusaurus-plugin-debug
      • #9566 chore(debug-plugin): migrate to a new maintained JSON Viewer (@ mcrstudio)
    • create-docusaurus, docusaurus-theme-classic, docusaurus-theme-common
      • #9572 chore: upgrade prism-react-renderer to 2.3.0 to avoid older clsx (@ harryzcy)
      • #9567 fix(theme): upgrade prism-react-renderer, fix html script and style tag highlighting (@ slorber)
    • create-docusaurus, docusaurus-plugin-pwa, docusaurus-theme-classic, docusaurus-theme-common, docusaurus-theme-live-codeblock, docusaurus-theme-search-algolia
    • docusaurus
    • docusaurus-plugin-pwa, docusaurus

    Committers: 6

  • 3.0.0 - 2023-10-31

    3.0.0 (2023-10-31)

    💥 Breaking Change

    • create-docusaurus, docusaurus-mdx-loader, docusaurus-plugin-content-blog, docusaurus-remark-plugin-npm2yarn, docusaurus-theme-classic
    • create-docusaurus, docusaurus-plugin-content-docs, docusaurus-plugin-ideal-image, docusaurus-types, docusaurus-utils, docusaurus
    • create-docusaurus, docusaurus-theme-classic, docusaurus-theme-common, docusaurus-theme-live-codeblock, docusaurus
      • #9316 chore: upgrade syntax highlighting dependencies, prism-react-renderer to v2, react-live to v4 (@ harryzcy)
    • create-docusaurus, docusaurus-cssnano-preset, docusaurus-logger, docusaurus-mdx-loader, docusaurus-migrate, docusaurus-plugin-client-redirects, docusaurus-plugin-content-blog, docusaurus-plugin-content-docs, docusaurus-plugin-content-pages, docusaurus-plugin-debug, docusaurus-plugin-google-analytics, docusaurus-plugin-google-gtag, docusaurus-plugin-google-tag-manager, docusaurus-plugin-ideal-image, docusaurus-plugin-pwa, docusaurus-plugin-sitemap, docusaurus-preset-classic, docusaurus-remark-plugin-npm2yarn, docusaurus-theme-classic, docusaurus-theme-common, docusaurus-theme-live-codeblock, docusaurus-theme-mermaid, docusaurus-theme-search-algolia, docusaurus-theme-translations, docusaurus-utils-common, docusaurus-utils-validation, docusaurus-utils, docusaurus, eslint-plugin, lqip-loader
    • docusaurus-plugin-content-docs, docusaurus-theme-classic
      • #9310 chore(plugin-docs): remove legacy versioned prefix on doc ids and sidebar names in versioned sidebars (@ slorber)
    • docusaurus-theme-classic, docusaurus-theme-translations
      • #9308 fix(theme): make warning a first-class admonition, and deprecate caution admonition (@ slorber)
    • docusaurus-theme-common, docusaurus-theme-live-codeblock, docusaurus-theme-mermaid
      • #9305 feat(theme-mermaid): upgrade Mermaid to v10.4 - handle async rendering (@ slorber)
    • create-docusaurus, docusaurus-plugin-content-docs, docusaurus-plugin-debug, docusaurus-plugin-google-analytics, docusaurus-plugin-google-gtag, docusaurus-plugin-google-tag-manager, docusaurus-plugin-ideal-image, docusaurus-plugin-pwa, docusaurus-theme-classic, docusaurus-theme-common, docusaurus-theme-live-codeblock, docusaurus-theme-mermaid, docusaurus-theme-search-algolia, docusaurus-tsconfig, docusaurus
      • #9258 feat: Docusaurus v3 upgrades and require TypeScript 5 (@ slorber)
    • docusaurus-plugin-content-blog

Snyk has created this PR to upgrade @docusaurus/core from 2.4.3 to 3.3.2.

See this package in npm:
@docusaurus/core

See this project in Snyk:
https://app.snyk.io/org/youtacrands-va/project/9b8bfd74-2535-4b49-8054-9c565fddfc6e?utm_source=github&utm_medium=referral&page=upgrade-pr
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

2 participants