[Snyk] Upgrade: gatsby, gatsby-plugin-manifest, gatsby-plugin-offline, gatsby-plugin-sharp, gatsby-source-filesystem, gatsby-transformer-remark, gatsby-transformer-sharp

[blakegreendev]

This PR was automatically created by Snyk using the credentials of a real user.

Snyk has created this PR to upgrade multiple dependencies.

👯 The following dependencies are linked and will therefore be updated together.

ℹ️ Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.

Name	Versions	Released on
gatsby from 2.32.3 to 2.32.13	12 versions ahead of your current version	3 years ago on 2021-05-04
gatsby-plugin-manifest from 2.12.0 to 2.12.1	1 version ahead of your current version	3 years ago on 2021-02-24
gatsby-plugin-offline from 3.10.0 to 3.10.2	2 versions ahead of your current version	3 years ago on 2021-02-24
gatsby-plugin-sharp from 2.14.1 to 2.14.4	3 versions ahead of your current version	3 years ago on 2021-05-04
gatsby-source-filesystem from 2.11.0 to 2.11.1	1 version ahead of your current version	3 years ago on 2021-02-24
gatsby-transformer-remark from 2.16.0 to 2.16.1	1 version ahead of your current version	3 years ago on 2021-02-24
gatsby-transformer-sharp from 2.12.0 to 2.12.1	1 version ahead of your current version	3 years ago on 2021-03-08

The recommended version fixes:

Severity	Issue	PriorityScore (*)	Exploit Maturity
	Denial of Service (DoS) SNYK-JS-ENGINEIO-1056749	696/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 7.5	Proof of Concept
	Arbitrary Code Injection SNYK-JS-XMLHTTPREQUESTSSL-1082936	696/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 7.5	Proof of Concept
	Access Restriction Bypass SNYK-JS-XMLHTTPREQUESTSSL-1255647	696/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 7.5	Proof of Concept
	Improper Input Validation SNYK-JS-URLPARSE-2407770	696/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 7.5	Proof of Concept
	Cross-site Scripting (XSS) SNYK-JS-PARSEURL-2942134	696/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 7.5	Proof of Concept
	Information Exposure SNYK-JS-FOLLOWREDIRECTS-2332181	696/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 7.5	Proof of Concept
	Authorization Bypass Through User-Controlled Key SNYK-JS-URLPARSE-2412697	696/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 7.5	Proof of Concept
	Regular Expression Denial of Service (ReDoS) SNYK-JS-PROMPTS-1729737	696/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 7.5	Proof of Concept
	Regular Expression Denial of Service (ReDoS) SNYK-JS-BROWSERSLIST-1090194	696/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 7.5	Proof of Concept
	Insecure Defaults SNYK-JS-SOCKETIO-1024859	696/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 7.5	Proof of Concept
	Access Restriction Bypass SNYK-JS-URLPARSE-2401205	696/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 7.5	Proof of Concept
	Information Exposure SNYK-JS-FOLLOWREDIRECTS-2396346	696/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 7.5	No Known Exploit
	Incomplete List of Disallowed Inputs SNYK-JS-BABELTRAVERSE-5962462	696/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 7.5	No Known Exploit
	Improper Input Validation SNYK-JS-SOCKETIOPARSER-3091012	696/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 7.5	No Known Exploit
	Improper Input Validation SNYK-JS-SOCKETIOPARSER-3091012	696/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 7.5	No Known Exploit
	Cross-site Scripting (XSS) SNYK-JS-PARSEURL-2935944	696/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 7.5	Proof of Concept
	Information Exposure SNYK-JS-PARSEURL-2935947	696/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 7.5	Proof of Concept
	Server-side Request Forgery (SSRF) SNYK-JS-PARSEURL-2936249	696/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 7.5	Proof of Concept
	Improper Input Validation SNYK-JS-URLPARSE-1078283	696/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 7.5	No Known Exploit
	Open Redirect SNYK-JS-URLPARSE-1533425	696/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 7.5	Proof of Concept
	Authorization Bypass SNYK-JS-URLPARSE-2407759	696/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 7.5	Proof of Concept

(*) Note that the real score may have changed since the PR was raised.

Release notes

Package name: gatsby

• 2.32.13 - 2021-05-04
• 2.32.12 - 2021-04-07
• 2.32.11 - 2021-03-09
• 2.32.10 - 2021-03-08
• 2.32.9 - 2021-03-01
• 2.32.8 - 2021-02-25
• 2.32.7 - 2021-02-25
• 2.32.6 - 2021-02-24
• 2.32.5 - 2021-02-24
• 2.32.5-pin-babel-7-12.3 - 2021-02-23
• 2.32.4 - 2021-02-18
• 2.32.4-runtime-tick.2 - 2021-02-21
• 2.32.3 - 2021-02-05

from gatsby GitHub release notes

Package name: gatsby-plugin-manifest

• 2.12.1 - 2021-02-24
• 2.12.0 - 2021-02-02

from gatsby-plugin-manifest GitHub release notes

Package name: gatsby-plugin-offline

• 3.10.2 - 2021-02-24
• 3.10.1 - 2021-02-18
• 3.10.0 - 2021-02-02

from gatsby-plugin-offline GitHub release notes

Package name: gatsby-plugin-sharp

• 2.14.4 - 2021-05-04
• 2.14.3 - 2021-02-25
• 2.14.2 - 2021-02-24
• 2.14.1 - 2021-02-05

from gatsby-plugin-sharp GitHub release notes

Package name: gatsby-source-filesystem

• 2.11.1 - 2021-02-24
• 2.11.0 - 2021-02-02

from gatsby-source-filesystem GitHub release notes

Package name: gatsby-transformer-remark

• 2.16.1 - 2021-02-24
• 2.16.0 - 2021-02-02

from gatsby-transformer-remark GitHub release notes

Package name: gatsby-transformer-sharp

• 2.12.1 - 2021-03-08
• 2.12.0 - 2021-02-02

from gatsby-transformer-sharp GitHub release notes

Commit messages

Package name: gatsby

• 5a654fa chore(release): Publish
• c8b9b7c fix(gatsby-telemetry): Read installedGatsbyVersion correctly for workspaces (#31196) (#31208)
• 08cc344 chore(release): Publish
• 9095266 fix(gatsby-plugin-netlify-cms): align mini-css-extract-plugin version (#31093)
• 83c26f8 chore(release): Publish
• 8d7c3a1 fix(gatsby-source-wordpress): schema customization errors (#30358) (#30650)
• 4ffcf78 fix(gatsby-source-contentful): Contentful page limit backoff (#30549) (#30618)
• fc61c88 feat(gatsby-source-contentful): Increase Contentful sync by up to 10x (#30422) (#30643)
• b3315a0 fix(gatsby-source-contentful): Improve network error handling (#30257) (#30617)
• 0eac672 fix(gatsby): fix incorrect intersection of filtered results (#30594) (#30619)
• fa95904 fix(gatsby-legacy-polyfills): add dom collections to polyfills (#30483) (#30616)
• 322e550 chore(release): Publish
• ebbb41b fix(gatsby-plugin-netlify): Add an allow list for redirect options (#30155) (#30215)
• c536730 chore(release): Publish
• ff7d46e fix(gatsby): set program.verbose when VERBOSE env var is used (#30123) (#30138)
• 123e47c fix(gatsby): don't ignore SOURCE_FILE_CHANGED event (#30127) (#30129)
• 37079ab chore(release): Publish
• 4abcb15 chore: adjust npm release dist tag for v2 (#30090)
• b576211 will git stop being weird (#29897) (#30005)
• c7a6e9f fix(gatsby-source-wordpress): image fixes (#29813) (#29881)
• 890d5e5 fix(gatsby): Fix various small DEV_SSR bugs exposed in development_runtime tests (#29748)
• 6c6837b chore(release): Publish
• 8986b12 fix(gatsby-source-wordpress): auto-rename types named "Filter" (#29718) (#29884)
• c2ea9b9 fix(gatsby-source-wordpress): HTML image regex's (#29778) (#29883)

Compare

Package name: gatsby-plugin-manifest

• 6fa14e4 chore(release): Publish
• 01d07b3 fix(gatsby): more reliable way to use prod versions of react/react-dom (#29683)
• 2022f2b chore(gatsby-core-utils): Move isTruthy to gatsby-core-utils (#29707) (#29710)
• ac65482 chore: remove --cache from eslint (#29706) (#29709)
• 22dadae fix(gatsby): Fix snapshot for integration-tests/ssr tests (#29697)
• 9183a6b fix(gatsby-plugin-image): Apply inline styles and img size (#29603) (#29668)
• 2625159 fix(contentful): retry on network errors when checking credentials (#29664) (#29672)
• 255b565 chore: fix reset hard in assert-changed-files (#29328) (#29677)
• be9d9f9 fix(gatsby-plugin-sharp): Fix defaults handling (#29564) (#29589)
• d1f303a tests: Fix cli integration test (#29525) (#29594)
• 2035475 chore(release): Publish
• febd5e4 fix(gatsby-source-contentful): Correct supported image formats (#29562)
• 6374419 fix: drop terminal-link (#29472) (#29477)
• 72c4a5a fix(gatsby-plugin-offline): Cache avif images (#29394) (#29429)
• 1d95cfe chore(release): Publish
• 794b387 fix(babel-preset-gatsby): remove spread operator from node builds (#29346) (#29357)
• 1bbde7f chore(release): Publish
• 4ef8ce1 fix(gatsby-plugin-image): Fix blur up on navigate issue (#29333) (#29354)
• 4432c39 chore(release): Publish
• 0a31b64 Feat: launch gatsby-source-wordpress v4 (#29150) (#29330)
• 2191733 chore(release): Publish
• 488e5d3 fix(gatsby): use separate eslint-loader for rules that are always required (#29317) (#29327)

Compare

Package name: gatsby-plugin-offline

• 6fa14e4 chore(release): Publish
• 01d07b3 fix(gatsby): more reliable way to use prod versions of react/react-dom (#29683)
• 2022f2b chore(gatsby-core-utils): Move isTruthy to gatsby-core-utils (#29707) (#29710)
• ac65482 chore: remove --cache from eslint (#29706) (#29709)
• 22dadae fix(gatsby): Fix snapshot for integration-tests/ssr tests (#29697)
• 9183a6b fix(gatsby-plugin-image): Apply inline styles and img size (#29603) (#29668)
• 2625159 fix(contentful): retry on network errors when checking credentials (#29664) (#29672)
• 255b565 chore: fix reset hard in assert-changed-files (#29328) (#29677)
• be9d9f9 fix(gatsby-plugin-sharp): Fix defaults handling (#29564) (#29589)
• d1f303a tests: Fix cli integration test (#29525) (#29594)
• 2035475 chore(release): Publish
• febd5e4 fix(gatsby-source-contentful): Correct supported image formats (#29562)
• 6374419 fix: drop terminal-link (#29472) (#29477)
• 72c4a5a fix(gatsby-plugin-offline): Cache avif images (#29394) (#29429)
• 1d95cfe chore(release): Publish
• 794b387 fix(babel-preset-gatsby): remove spread operator from node builds (#29346) (#29357)
• 1bbde7f chore(release): Publish
• 4ef8ce1 fix(gatsby-plugin-image): Fix blur up on navigate issue (#29333) (#29354)
• 4432c39 chore(release): Publish
• 0a31b64 Feat: launch gatsby-source-wordpress v4 (#29150) (#29330)
• 2191733 chore(release): Publish
• 488e5d3 fix(gatsby): use separate eslint-loader for rules that are always required (#29317) (#29327)

Compare

Package name: gatsby-plugin-sharp

• 5a654fa chore(release): Publish
• c8b9b7c fix(gatsby-telemetry): Read installedGatsbyVersion correctly for workspaces (#31196) (#31208)
• 08cc344 chore(release): Publish
• 9095266 fix(gatsby-plugin-netlify-cms): align mini-css-extract-plugin version (#31093)
• 83c26f8 chore(release): Publish
• 8d7c3a1 fix(gatsby-source-wordpress): schema customization errors (#30358) (#30650)
• 4ffcf78 fix(gatsby-source-contentful): Contentful page limit backoff (#30549) (#30618)
• fc61c88 feat(gatsby-source-contentful): Increase Contentful sync by up to 10x (#30422) (#30643)
• b3315a0 fix(gatsby-source-contentful): Improve network error handling (#30257) (#30617)
• 0eac672 fix(gatsby): fix incorrect intersection of filtered results (#30594) (#30619)
• fa95904 fix(gatsby-legacy-polyfills): add dom collections to polyfills (#30483) (#30616)
• 322e550 chore(release): Publish
• ebbb41b fix(gatsby-plugin-netlify): Add an allow list for redirect options (#30155) (#30215)
• c536730 chore(release): Publish
• ff7d46e fix(gatsby): set program.verbose when VERBOSE env var is used (#30123) (#30138)
• 123e47c fix(gatsby): don't ignore SOURCE_FILE_CHANGED event (#30127) (#30129)
• 37079ab chore(release): Publish
• 4abcb15 chore: adjust npm release dist tag for v2 (#30090)
• b576211 will git stop being weird (#29897) (#30005)
• c7a6e9f fix(gatsby-source-wordpress): image fixes (#29813) (#29881)
• 890d5e5 fix(gatsby): Fix various small DEV_SSR bugs exposed in development_runtime tests (#29748)
• 6c6837b chore(release): Publish
• 8986b12 fix(gatsby-source-wordpress): auto-rename types named "Filter" (#29718) (#29884)
• c2ea9b9 fix(gatsby-source-wordpress): HTML image regex's (#29778) (#29883)

Compare

Package name: gatsby-source-filesystem

• 6fa14e4 chore(release): Publish
• 01d07b3 fix(gatsby): more reliable way to use prod versions of react/react-dom (#29683)
• 2022f2b chore(gatsby-core-utils): Move isTruthy to gatsby-core-utils (#29707) (#29710)
• ac65482 chore: remove --cache from eslint (#29706) (#29709)
• 22dadae fix(gatsby): Fix snapshot for integration-tests/ssr tests (#29697)
• 9183a6b fix(gatsby-plugin-image): Apply inline styles and img size (#29603) (#29668)
• 2625159 fix(contentful): retry on network errors when checking credentials (#29664) (#29672)
• 255b565 chore: fix reset hard in assert-changed-files (#29328) (#29677)
• be9d9f9 fix(gatsby-plugin-sharp): Fix defaults handling (#29564) (#29589)
• d1f303a tests: Fix cli integration test (#29525) (#29594)
• 2035475 chore(release): Publish
• febd5e4 fix(gatsby-source-contentful): Correct supported image formats (#29562)
• 6374419 fix: drop terminal-link (#29472) (#29477)
• 72c4a5a fix(gatsby-plugin-offline): Cache avif images (#29394) (#29429)
• 1d95cfe chore(release): Publish
• 794b387 fix(babel-preset-gatsby): remove spread operator from node builds (#29346) (#29357)
• 1bbde7f chore(release): Publish
• 4ef8ce1 fix(gatsby-plugin-image): Fix blur up on navigate issue (#29333) (#29354)
• 4432c39 chore(release): Publish
• 0a31b64 Feat: launch gatsby-source-wordpress v4 (#29150) (#29330)
• 2191733 chore(release): Publish
• 488e5d3 fix(gatsby): use separate eslint-loader for rules that are always required (#29317) (#29327)

Compare

Package name: gatsby-transformer-remark

• 6fa14e4 chore(release): Publish
• 01d07b3 fix(gatsby): more reliable way to use prod versions of react/react-dom (#29683)
• 2022f2b chore(gatsby-core-utils): Move isTruthy to gatsby-core-utils (#29707) (#29710)
• ac65482 chore: remove --cache from eslint (#29706) (#29709)
• 22dadae fix(gatsby): Fix snapshot for integration-tests/ssr tests (#29697)
• 9183a6b fix(gatsby-plugin-image): Apply inline styles and img size (#29603) (#29668)
• 2625159 fix(contentful): retry on network errors when checking credentials (#29664) (#29672)
• 255b565 chore: fix reset hard in assert-changed-files (#29328) (#29677)
• be9d9f9 fix(gatsby-plugin-sharp): Fix defaults handling (#29564) (#29589)
• d1f303a tests: Fix cli integration test (#29525) (#29594)
• 2035475 chore(release): Publish
• febd5e4 fix(gatsby-source-contentful): Correct supported image formats (#29562)
• 6374419 fix: drop terminal-link (#29472) (#29477)
• 72c4a5a fix(gatsby-plugin-offline): Cache avif images (#29394) (#29429)
• 1d95cfe chore(release): Publish
• 794b387 fix(babel-preset-gatsby): remove spread operator from node builds (#29346) (#29357)
• 1bbde7f chore(release): Publish
• 4ef8ce1 fix(gatsby-plugin-image): Fix blur up on navigate issue (#29333) (#29354)
• 4432c39 chore(release): Publish
• 0a31b64 Feat: launch gatsby-source-wordpress v4 (#29150) (#29330)
• 2191733 chore(release): Publish
• 488e5d3 fix(gatsby): use separate eslint-loader for rules that are always required (#29317) (#29327)

Compare

Package name: gatsby-transformer-sharp

• 37079ab chore(release): Publish
• 4abcb15 chore: adjust npm release dist tag for v2 (#30090)
• b576211 will git stop being weird (#29897) (#30005)
• c7a6e9f fix(gatsby-source-wordpress): image fixes (#29813) (#29881)
• 890d5e5 fix(gatsby): Fix various small DEV_SSR bugs exposed in development_runtime tests (#29748)
• 6c6837b chore(release): Publish
• 8986b12 fix(gatsby-source-wordpress): auto-rename types named "Filter" (#29718) (#29884)
• c2ea9b9 fix(gatsby-source-wordpress): HTML image regex's (#29778) (#29883)
• 706a754 fix: query on demand loading indicator always active on preact. (#29829) (#29882)
• 9ecbc81 chore(release): Publish
• 180ebad chore(gatsby): upgrade socket.io (#29765) (#29769)
• 65274d6 chore(release): Publish
• 21f02de fix(gatsby-plugin-feed): Exists function and update version fs-extra (#29616) (#29764)
• 997985a Update index.js (#29758) (#29761)
• 61bdabd force cherry-pick (#29749)
• 91b9d66 feat(gatsby): ignore case option in create redirect (#29742)
• 662fe41 chore(release): Publish
• 8a2fac9 Release gatsby plugin gatsby cloud for Gatsby v2 (#29738)
• d806703 fix(gatsby-source-wordpress):issue #29535 not finished createSchemaCu… (#29554) (#29712)
• 49f19fd feat(gatsby): Respect VERBOSE env var (#29708) (#29713)
• 6fa14e4 chore(release): Publish
• 01d07b3 fix(gatsby): more reliable way to use prod versions of react/react-dom (#29683)
• 2022f2b chore(gatsby-core-utils): Move isTruthy to gatsby-core-utils (#29707) (#29710)
• ac65482 chore: remove --cache from eslint (#29706) (#29709)

Compare

---

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.

For more information:

🧐 View latest project report

🛠 Adjust upgrade PR settings

🔕 Ignore this dependency or unsubscribe from future upgrade PRs