Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[Snyk] Upgrade i18next from 19.4.4 to 21.8.16 #9

Merged
merged 1 commit into from
Sep 24, 2022
Merged

[Snyk] Upgrade i18next from 19.4.4 to 21.8.16 #9

merged 1 commit into from
Sep 24, 2022

Conversation

snyk-bot
Copy link

Snyk has created this PR to upgrade i18next from 19.4.4 to 21.8.16.

merge advice
ℹ️ Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.

Warning: This is a major version upgrade, and may be a breaking change.

  • The recommended version is 105 versions ahead of your current version.
  • The recommended version was released 22 days ago, on 2022-07-30.

The recommended version fixes:

Severity Issue PriorityScore (*) Exploit Maturity
Prototype Pollution
SNYK-JS-Y18N-1021887		 472/1000
Why? Proof of Concept exploit, CVSS 7.3		 Proof of Concept
Arbitrary File Write
SNYK-JS-TAR-1579155		 472/1000
Why? Proof of Concept exploit, CVSS 7.3		 No Known Exploit
Arbitrary File Write
SNYK-JS-TAR-1579152		 472/1000
Why? Proof of Concept exploit, CVSS 7.3		 No Known Exploit
Arbitrary File Write
SNYK-JS-TAR-1579147		 472/1000
Why? Proof of Concept exploit, CVSS 7.3		 No Known Exploit
Arbitrary File Overwrite
SNYK-JS-TAR-1536531		 472/1000
Why? Proof of Concept exploit, CVSS 7.3		 No Known Exploit
Arbitrary File Overwrite
SNYK-JS-TAR-1536528		 472/1000
Why? Proof of Concept exploit, CVSS 7.3		 No Known Exploit
Arbitrary File Write
SNYK-JS-TAR-1579155		 472/1000
Why? Proof of Concept exploit, CVSS 7.3		 No Known Exploit
Arbitrary File Write
SNYK-JS-TAR-1579152		 472/1000
Why? Proof of Concept exploit, CVSS 7.3		 No Known Exploit
Arbitrary File Write
SNYK-JS-TAR-1579147		 472/1000
Why? Proof of Concept exploit, CVSS 7.3		 No Known Exploit
Arbitrary File Overwrite
SNYK-JS-TAR-1536531		 472/1000
Why? Proof of Concept exploit, CVSS 7.3		 No Known Exploit
Arbitrary File Overwrite
SNYK-JS-TAR-1536528		 472/1000
Why? Proof of Concept exploit, CVSS 7.3		 No Known Exploit
Remote Code Execution (RCE)
SNYK-JS-SHELLQUOTE-1766506		 472/1000
Why? Proof of Concept exploit, CVSS 7.3		 No Known Exploit
Improper Privilege Management
SNYK-JS-SHELLJS-2332187		 472/1000
Why? Proof of Concept exploit, CVSS 7.3		 Proof of Concept
Regular Expression Denial of Service (ReDoS)
SNYK-JS-SEMVERREGEX-1585624		 472/1000
Why? Proof of Concept exploit, CVSS 7.3		 Proof of Concept
Regular Expression Denial of Service (ReDoS)
SNYK-JS-SEMVERREGEX-1584358		 472/1000
Why? Proof of Concept exploit, CVSS 7.3		 No Known Exploit
Prototype Pollution
SNYK-JS-MERGEDEEP-1070277		 472/1000
Why? Proof of Concept exploit, CVSS 7.3		 No Known Exploit
Prototype Pollution
SNYK-JS-JSONSCHEMA-1920922		 472/1000
Why? Proof of Concept exploit, CVSS 7.3		 No Known Exploit
Prototype Pollution
SNYK-JS-I18NEXT-1065979		 472/1000
Why? Proof of Concept exploit, CVSS 7.3		 No Known Exploit
Remote Code Execution (RCE)
SNYK-JS-EJS-2803307		 472/1000
Why? Proof of Concept exploit, CVSS 7.3		 Proof of Concept
Prototype Pollution
SNYK-JS-ASYNC-2441827		 472/1000
Why? Proof of Concept exploit, CVSS 7.3		 Proof of Concept
Prototype Pollution
SNYK-JS-ASYNC-2441827		 472/1000
Why? Proof of Concept exploit, CVSS 7.3		 Proof of Concept
Prototype Pollution
SNYK-JS-AJV-584908		 472/1000
Why? Proof of Concept exploit, CVSS 7.3		 No Known Exploit
Regular Expression Denial of Service (ReDoS)
SNYK-JS-WS-1296835		 472/1000
Why? Proof of Concept exploit, CVSS 7.3		 Proof of Concept
Regular Expression Denial of Service (ReDoS)
SNYK-JS-SEMVERREGEX-2824151		 472/1000
Why? Proof of Concept exploit, CVSS 7.3		 Proof of Concept
Regular Expression Denial of Service (ReDoS)
SNYK-JS-SEMVERREGEX-1047770		 472/1000
Why? Proof of Concept exploit, CVSS 7.3		 Proof of Concept
Prototype Pollution
SNYK-JS-PATHVAL-596926		 472/1000
Why? Proof of Concept exploit, CVSS 7.3		 Proof of Concept
Regular Expression Denial of Service (ReDoS)
SNYK-JS-PATHPARSE-1077067		 472/1000
Why? Proof of Concept exploit, CVSS 7.3		 Proof of Concept
Information Exposure
SNYK-JS-NODEFETCH-2342118		 472/1000
Why? Proof of Concept exploit, CVSS 7.3		 No Known Exploit
Information Exposure
SNYK-JS-NANOID-2332193		 472/1000
Why? Proof of Concept exploit, CVSS 7.3		 Proof of Concept
Prototype Pollution
SNYK-JS-I18NEXT-585930		 472/1000
Why? Proof of Concept exploit, CVSS 7.3		 Proof of Concept
Buffer Overflow
SNYK-JS-I18NEXT-575536		 472/1000
Why? Proof of Concept exploit, CVSS 7.3		 No Known Exploit
Regular Expression Denial of Service (ReDoS)
SNYK-JS-HAPISTATEHOOD-2769251		 472/1000
Why? Proof of Concept exploit, CVSS 7.3		 No Known Exploit
Prototype Pollution
SNYK-JS-FLAT-596927		 472/1000
Why? Proof of Concept exploit, CVSS 7.3		 Proof of Concept
Arbitrary Code Injection
SNYK-JS-EJS-1049328		 472/1000
Why? Proof of Concept exploit, CVSS 7.3		 Proof of Concept
Regular Expression Denial of Service (ReDoS)
SNYK-JS-COLORSTRING-1082939		 472/1000
Why? Proof of Concept exploit, CVSS 7.3		 Proof of Concept
Regular Expression Denial of Service (ReDoS)
SNYK-JS-TAR-1536758		 472/1000
Why? Proof of Concept exploit, CVSS 7.3		 No Known Exploit
Regular Expression Denial of Service (ReDoS)
SNYK-JS-TAR-1536758		 472/1000
Why? Proof of Concept exploit, CVSS 7.3		 No Known Exploit
Prototype Pollution
SNYK-JS-MINIMIST-2429795		 472/1000
Why? Proof of Concept exploit, CVSS 7.3		 Proof of Concept

(*) Note that the real score may have changed since the PR was raised.

Release notes
Package name: i18next
  • 21.8.16 - 2022-07-30
    • types: fix getDataByLanguage type 1810
  • 21.8.15 - 2022-07-30
    • fix: make sure retry logic ends for failed backend reads
  • 21.8.14 - 2022-07-13
    • allow overriding keyPrefix option t function returned from getFixedT (does not work for normal t function)
  • 21.8.13 - 2022-07-06
    • types: new optional unescape option for react-i18next
  • 21.8.12 - 2022-07-04
    • fix: respect pluralSeparator for special _zero handling
  • 21.8.11 - 2022-06-27
    • fix: types should always come first in exports 1796
  • 21.8.10 - 2022-06-16
    • types: fix loaded event result
  • 21.8.9 - 2022-06-07
    • fix: deepFind for null values 1790
  • 21.8.8 - 2022-06-03
    • fix: loadNamespaces() doesn't keep resolving order when the second request completes before the first one 1785
  • 21.8.7 - 2022-06-02

    21.8.7

  • 21.8.6 - 2022-06-02
  • 21.8.5 - 2022-05-29
  • 21.8.4 - 2022-05-23
  • 21.8.3 - 2022-05-18
  • 21.8.2 - 2022-05-13
  • 21.8.1 - 2022-05-11
  • 21.8.0 - 2022-05-08
  • 21.7.1 - 2022-05-06
  • 21.7.0 - 2022-05-06
  • 21.6.16 - 2022-04-11
  • 21.6.15 - 2022-04-10
  • 21.6.14 - 2022-03-09
  • 21.6.13 - 2022-03-03
  • 21.6.12 - 2022-02-23
  • 21.6.11 - 2022-02-07
  • 21.6.10 - 2022-01-26
  • 21.6.9 - 2022-01-25
  • 21.6.8 - 2022-01-25
  • 21.6.7 - 2022-01-21
  • 21.6.6 - 2022-01-11
  • 21.6.5 - 2022-01-04
  • 21.6.4 - 2021-12-28
  • 21.6.3 - 2021-12-18
  • 21.6.2 - 2021-12-16
  • 21.6.1 - 2021-12-16
  • 21.6.0 - 2021-12-08
  • 21.5.6 - 2021-12-07
  • 21.5.5 - 2021-12-07
  • 21.5.4 - 2021-11-29
  • 21.5.3 - 2021-11-23
  • 21.5.2 - 2021-11-16
  • 21.5.1 - 2021-11-16
  • 21.5.0 - 2021-11-15
  • 21.4.2 - 2021-11-09
  • 21.4.1 - 2021-11-08
  • 21.4.0 - 2021-11-02
  • 21.3.3 - 2021-10-21
  • 21.3.2 - 2021-10-16
  • 21.3.1 - 2021-10-13
  • 21.3.0 - 2021-10-12
  • 21.2.6 - 2021-10-10
  • 21.2.5 - 2021-10-10
  • 21.2.4 - 2021-10-02
  • 21.2.3 - 2021-10-01
  • 21.2.2 - 2021-10-01
  • 21.2.1 - 2021-10-01
  • 21.2.0 - 2021-09-29
  • 21.1.1 - 2021-09-27
  • 21.1.0 - 2021-09-24
  • 21.0.2 - 2021-09-23
  • 21.0.1 - 2021-09-21
  • 21.0.0 - 2021-09-20
  • 20.6.1 - 2021-09-08
  • 20.6.0 - 2021-09-01
  • 20.5.0 - 2021-08-31
  • 20.4.0 - 2021-08-10
  • 20.3.5 - 2021-07-25
  • 20.3.4 - 2021-07-20
  • 20.3.3 - 2021-07-14
  • 20.3.2 - 2021-06-17
  • 20.3.1 - 2021-05-28
  • 20.3.0 - 2021-05-22
  • 20.2.4 - 2021-05-15
  • 20.2.3 - 2021-05-15
  • 20.2.2 - 2021-04-26
  • 20.2.1 - 2021-04-07
  • 20.2.0 - 2021-04-06
  • 20.1.0 - 2021-03-24
  • 20.0.0 - 2021-03-22
  • 19.9.2 - 2021-03-09
  • 19.9.1 - 2021-03-01
  • 19.9.0 - 2021-02-24
  • 19.8.9 - 2021-02-17
  • 19.8.8 - 2021-02-16
  • 19.8.7 - 2021-02-02
  • 19.8.6 - 2021-02-01
  • 19.8.5 - 2021-01-28
  • 19.8.4 - 2020-11-18
  • 19.8.3 - 2020-10-25
  • 19.8.2 - 2020-10-06
  • 19.8.1 - 2020-10-03
  • 19.8.0 - 2020-10-02
  • 19.7.0 - 2020-08-19
  • 19.6.3 - 2020-07-24
  • 19.6.2 - 2020-07-16
  • 19.6.1 - 2020-07-15
  • 19.6.0 - 2020-07-11
  • 19.5.6 - 2020-07-09
  • 19.5.5 - 2020-07-09
  • 19.5.4 - 2020-07-03
  • 19.5.3 - 2020-07-02
  • 19.5.2 - 2020-07-01
  • 19.5.1 - 2020-06-21
  • 19.5.0 - 2020-06-19
  • 19.4.5 - 2020-05-25
  • 19.4.4 - 2020-04-27
from i18next GitHub release notes
Commit messages
Package name: i18next

Compare

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.

For more information:

🧐 View latest project report

🛠 Adjust upgrade PR settings

🔕 Ignore this dependency or unsubscribe from future upgrade PRs

@MarcelRaschke MarcelRaschke merged commit 545e6b7 into master Sep 24, 2022
@delete-merged-branch delete-merged-branch bot deleted the snyk-upgrade-3598d81df1d446d7f5e2f1cfde0b8819 branch September 24, 2022 03:29
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
@MarcelRaschke's dev
Status: Todo
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

Blank window when download, Fedora
2 participants
@snyk-bot @MarcelRaschke