[Snyk] Fix for 1 vulnerabilities

[kopax]

This PR was automatically created by Snyk using the credentials of a real user.

Snyk has created this PR to fix one or more vulnerable packages in the `npm` dependencies of this project.

Changes included in this PR

• Changes to the following files to upgrade the vulnerable dependencies to a fixed version:
  • package.json

Vulnerabilities that will be fixed

With an upgrade:

Severity	Priority Score (*)	Issue	Breaking Change	Exploit Maturity
	713/1000 Why? Proof of Concept exploit, Recently disclosed, Has a fix available, CVSS 6.4	Prototype Pollution SNYK-JS-JSON5-3182856	Yes	Proof of Concept

(*) Note that the real score may have changed since the PR was raised.

Commit messages

Package name: exports-loader

The new version differs by 11 commits.

• 8dece9c chore(release): 1.0.0
• fa0b87d feat: better validation string value ([JSdoc] link to data type in jsdoc are not rendering markdown #40)
• 0cf1096 feat: object notation ([JSdoc] Create a <Result /> global component to omprove rendering of result of non react code mirror example #39)
• 234e4d0 docs: improve (fix(dependencies): fix highlight.js to version 9.12.0 due to issue ht… #38)
• 8b03f42 feat: next
• d823dbc feat: validate options
• d947a5c docs: improve (fix(dependencies): Upgrade @bootstrap-styled/rsg-components to v1.1.12 #35)
• d0705ba fix: always rewrite existing exports
• a2541ac chore(defaults): update (fix(dependencies): install missing loaders #33)
• d43d199 docs(readme): fix CONTRIBUTING link ([Bug] CSS for @description annotation and markdown are different #25)
• c015150 refactor(defaults): update to latest webpack-defaults (test(coverage): reduce threshold for branch to 29% #23)

See the full diff

Package name: file-loader

The new version differs by 3 commits.

• e44eb73 chore(release): 6.0.0
• ad39022 chore(deps): update (#369)
• e1fe27c docs: update README.md (#368)

See the full diff

Package name: image-webpack-loader

The new version differs by 74 commits.

• d9cca9b 7.0.0
• 7d91d45 lts not found?
• 8ea85e3 update changelog
• 044ccaf require node 10
• 8d386e2 Merge pull request #238 from tcoopman/dependabot/npm_and_yarn/imagemin-mozjpeg-9.0.0
• d0f574c Bump imagemin-mozjpeg from 8.0.0 to 9.0.0
• 73e4acc Merge pull request #259 from tcoopman/dependabot/npm_and_yarn/imagemin-pngquant-9.0.1
• 42b776f Merge pull request #236 from tcoopman/dependabot/npm_and_yarn/imagemin-webp-6.0.0
• 63b3d18 Merge pull request #248 from tcoopman/dependabot/npm_and_yarn/webpack-4.44.1
• 953073e Bump imagemin-pngquant from 8.0.0 to 9.0.1
• 12a9da6 Bump webpack from 4.42.0 to 4.44.1
• 569b13c Bump imagemin-webp from 5.1.0 to 6.0.0
• 7fcf273 Merge pull request #258 from tcoopman/dependabot/npm_and_yarn/bl-1.2.3
• 2367e00 Merge pull request #255 from tcoopman/dependabot/npm_and_yarn/decompress-4.2.1
• 7714554 Merge pull request #253 from tcoopman/dependabot/npm_and_yarn/schema-utils-2.7.1
• b601c5c Merge pull request #247 from tcoopman/dependabot/npm_and_yarn/elliptic-6.5.3
• 96197b4 Merge pull request #241 from tcoopman/dependabot/npm_and_yarn/webpack-cli-3.3.12
• 5cf2d90 [Security] Bump bl from 1.2.2 to 1.2.3
• 7e4116c Bump schema-utils from 2.6.5 to 2.7.1
• 605a580 Merge pull request #235 from tcoopman/dependabot/npm_and_yarn/imagemin-svgo-8.0.0
• 6fd3a22 [Security] Bump decompress from 4.2.0 to 4.2.1
• c37a782 Merge pull request #234 from tcoopman/dependabot/npm_and_yarn/imagemin-optipng-8.0.0
• 830a392 Merge pull request #211 from tcoopman/dependabot/npm_and_yarn/imagemin-gifsicle-7.0.0
• 168a70c [Security] Bump elliptic from 6.5.2 to 6.5.3

See the full diff

Package name: react-styleguidist

The new version differs by 223 commits.

• 2b7bfe2 fix: [CVE-2020-7753] Update remark to 13.0.0 (#1710)
• d80a190 chore: Clean up lint-staged config
• 1261891 chore: Fix formatting, update Pretter and lint-staged
• 559da33 chore: Fix indentation
• 8b68d0b chore: Fix indentation in .prettierrc files
• 4a16f00 chore: Remove ESLint import/no-unresolved rule
• 3499c5d chore: Partial webpack 5 support (#1707)
• 669a917 test: Fix tests — no idea what happened here 🍄
• da8564a chore: Fix lint 🦀
• 85c627d fix: Add missing lang attribute on HTML element
• 804e314 chore: Update ESLint and Prettier
• e0e7043 chore: Update Jest and React Testing Library
• 4d44efa docs: Update cookbook documentation on CSS animation usage (#1697)
• 8512315 Add learning page
• 9e0f3b7 docs(site): Fix focus outline on image link
• 81baaa6 docs(site): Docusaurus 2.0.0-alpha.64
• 29d908b docs(site): Docusaurus 2.0.0-alpha.62
• d29cfb1 docs(site): Docusaurus 2.0.0-alpha.58, more visible focus outlines
• 3ab6f8d feat: Add `expand` option for sections and allow custom root section options (#1689)
• 43e19df fix: Fix broken assetsDir due to updated copy-webpack-plugin (#1690)
• a31f348 Build(deps): Bump prismjs from 1.17.1 to 1.21.0 (#1652)
• fc29f90 fix: Don't show warning that @ returns JSDoc tag has no name (#1671)
• 356906e Build(deps): Bump http-proxy from 1.18.0 to 1.18.1 in /examples/preact (#1687)
• ab6d33b Build(deps): Bump http-proxy in /examples/customised (#1688)

See the full diff

Package name: url-loader

The new version differs by 27 commits.

• 8828d64 chore(release): 4.0.0
• fc8721f chore(deps): migrate on `mime-types` package (#209)
• f13757a chore(deps): update (#208)
• a2f127d fix: description on the `esModule` option (#204)
• 4301f87 chore(release): 3.0.0
• 3f0bbc5 refactor: next (#198)
• 2451157 chore(release): 2.3.0
• 0ee2b99 feat: new `esModules` option to output ES modules
• cbd1950 chore(release): 2.2.0
• 196110e fix: yarn pnp support (#195)
• 9431124 docs: improve documentation about `fallback` (#194)
• a251a23 chore(deps): update (#193)
• 2bffcfd fix: limit must allow infinity and max value (#192)
• 1b9dbd1 chore(release): 2.1.0
• f3d4dd2 feat: improved validation error messages (#187)
• 37c6acc chore(release): 2.0.1
• 4842f93 fix: allow using limit as string when you use loader with query string (#185)
• c0341da chore(defaults): update (#184)
• 78833ac chore(release): 2.0.0
• 4386b3e chore(deps): update (#182)
• 60d2cb3 feat: limit option can be boolean (#181)
• d82e453 fix: `limit` should always be a number and 0 value handles as number (#180)
• 3c24545 fix: fallback loader will be used than limit is equal or greater (#179)
• a6705cc test: test svg scenario. #176 (#177)

See the full diff

Check the changes in this PR to ensure they won't cause issues with your project.

---

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information:
🧐 View latest project report

🛠 Adjust project settings

📚 Read more about Snyk's upgrade and patch logic

---

Learn how to fix vulnerabilities with free interactive lessons:

🦉 Prototype Pollution