[Snyk] Upgrade: , , , , , , , , , , , , , ajv, bootstrap, bootstrap-material-design, chartist, core-js, jquery, moment, perfect-scrollbar, popper.js, rxjs, web-animations-js, zone.js

[sumanthreddy-a]

Snyk has created this PR to upgrade multiple dependencies.

👯‍♂ The following dependencies are linked and will therefore be updated together.

ℹ️ Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.

Name	Versions	Released on

@angular/animations
from 5.2.9 to 5.2.11 | 2 versions ahead of your current version | 6 years ago
on 2018-05-16
@angular/common
from 5.2.9 to 5.2.11 | 2 versions ahead of your current version | 6 years ago
on 2018-05-16
@angular/compiler
from 5.2.9 to 5.2.11 | 2 versions ahead of your current version | 6 years ago
on 2018-05-16
@angular/core
from 5.2.9 to 5.2.11 | 2 versions ahead of your current version | 6 years ago
on 2018-05-16
@angular/forms
from 5.2.9 to 5.2.11 | 2 versions ahead of your current version | 6 years ago
on 2018-05-16
@angular/http
from 5.2.9 to 5.2.11 | 2 versions ahead of your current version | 6 years ago
on 2018-05-16
@angular/platform-browser
from 5.2.9 to 5.2.11 | 2 versions ahead of your current version | 6 years ago
on 2018-05-16
@angular/platform-browser-dynamic
from 5.2.9 to 5.2.11 | 2 versions ahead of your current version | 6 years ago
on 2018-05-16
@angular/platform-server
from 5.2.9 to 5.2.11 | 2 versions ahead of your current version | 6 years ago
on 2018-05-16
@angular/router
from 5.2.9 to 5.2.11 | 2 versions ahead of your current version | 6 years ago
on 2018-05-16
@angular/cdk
from 5.2.4 to 5.2.5 | 1 version ahead of your current version | 6 years ago
on 2018-04-17
@angular/material
from 5.2.4 to 5.2.5 | 1 version ahead of your current version | 6 years ago
on 2018-04-17
@agm/core
from 1.0.0-beta.2 to 1.1.0 | 7 versions ahead of your current version | 5 years ago
on 2019-11-21
ajv
from 6.4.0 to 6.12.6 | 26 versions ahead of your current version | 4 years ago
on 2020-10-10
bootstrap
from 4.1.0 to 4.6.2 | 15 versions ahead of your current version | 2 years ago
on 2022-07-19
bootstrap-material-design
from 4.1.1 to 4.1.3 | 2 versions ahead of your current version | 4 years ago
on 2020-05-26
chartist
from 0.11.0 to 0.11.4 | 4 versions ahead of your current version | 5 years ago
on 2019-09-12
core-js
from 2.4.1 to 2.6.12 | 21 versions ahead of your current version | 4 years ago
on 2020-11-25
jquery
from 3.2.1 to 3.7.1 | 13 versions ahead of your current version | a year ago
on 2023-08-28
moment
from 2.18.1 to 2.30.1 | 27 versions ahead of your current version | 8 months ago
on 2023-12-27
perfect-scrollbar
from 1.1.0 to 1.5.5 | 9 versions ahead of your current version | 3 years ago
on 2022-01-12
popper.js
from 1.14.3 to 1.16.1 | 8 versions ahead of your current version | 5 years ago
on 2020-01-22
rxjs
from 5.5.10 to 5.5.12 | 2 versions ahead of your current version | 6 years ago
on 2018-08-30
web-animations-js
from 2.3.1 to 2.3.2 | 1 version ahead of your current version | 5 years ago
on 2019-06-25
zone.js
from 0.8.4 to 0.14.10 | 54 versions ahead of your current version | a month ago
on 2024-08-05

Issues fixed by the recommended upgrade:

	Issue	Score	Exploit Maturity
	Prototype Pollution SNYK-JS-AJV-584908	539	No Known Exploit
	Directory Traversal SNYK-JS-MOMENT-2440688	539	No Known Exploit
	Regular Expression Denial of Service (ReDoS) SNYK-JS-MOMENT-2944238	539	Proof of Concept
	Cross-site Scripting (XSS) npm:bootstrap:20180529	539	No Known Exploit
	Prototype Pollution SNYK-JS-JQUERY-174006	539	Proof of Concept
	Cross-site Scripting (XSS) SNYK-JS-JQUERY-565129	539	Mature
	Cross-site Scripting (XSS) SNYK-JS-JQUERY-567880	539	Mature
	Cross-site Scripting (XSS) SNYK-JS-BOOTSTRAP-173700	539	No Known Exploit
	Cross-site Scripting (XSS) SNYK-JS-BOOTSTRAP-73560	539	No Known Exploit
	Regular Expression Denial of Service (ReDoS) npm:moment:20170905	539	No Known Exploit

Release notes

Package name: @angular/animations

• 5.2.11 - 2018-05-16
• 5.2.10 - 2018-04-16
• 5.2.9 - 2018-03-14

from @angular/animations GitHub release notes

Package name: @angular/common

• 5.2.11 - 2018-05-16
• 5.2.10 - 2018-04-16
• 5.2.9 - 2018-03-14

from @angular/common GitHub release notes

Package name: @angular/compiler

• 5.2.11 - 2018-05-16
• 5.2.10 - 2018-04-16
• 5.2.9 - 2018-03-14

from @angular/compiler GitHub release notes

Package name: @angular/core

• 5.2.11 - 2018-05-16
• 5.2.10 - 2018-04-16
• 5.2.9 - 2018-03-14

from @angular/core GitHub release notes

Package name: @angular/forms

• 5.2.11 - 2018-05-16
• 5.2.10 - 2018-04-16
• 5.2.9 - 2018-03-14

from @angular/forms GitHub release notes

Package name: @angular/http

• 5.2.11 - 2018-05-16
• 5.2.10 - 2018-04-16
• 5.2.9 - 2018-03-14

from @angular/http GitHub release notes

Package name: @angular/platform-browser

• 5.2.11 - 2018-05-16
• 5.2.10 - 2018-04-16
• 5.2.9 - 2018-03-14

from @angular/platform-browser GitHub release notes

Package name: @angular/platform-browser-dynamic

• 5.2.11 - 2018-05-16
• 5.2.10 - 2018-04-16
• 5.2.9 - 2018-03-14

from @angular/platform-browser-dynamic GitHub release notes

Package name: @angular/platform-server

• 5.2.11 - 2018-05-16
• 5.2.10 - 2018-04-16
• 5.2.9 - 2018-03-14

from @angular/platform-server GitHub release notes

Package name: @angular/router

• 5.2.11 - 2018-05-16
• 5.2.10 - 2018-04-16
• 5.2.9 - 2018-03-14

from @angular/router GitHub release notes

Package name: @angular/cdk

• 5.2.5 - 2018-04-17
• 5.2.4 - 2018-03-06

from @angular/cdk GitHub release notes

Package name: @angular/material

• 5.2.5 - 2018-04-17
• 5.2.4 - 2018-03-06

from @angular/material GitHub release notes

Package name: @agm/core

• 1.1.0 - 2019-11-21
  

  chore(release): add changelog and bump version

• 1.0.0 - 2019-09-17
  

  chore(release): add changelog and bump version to 1.0.0

• 1.0.0-beta.7 - 2019-07-14
  

  chore(release): add changelog and bump version

• 1.0.0-beta.6 - 2019-06-01
  

  chore(release): add changelog

• 1.0.0-beta.5 - 2018-09-24
  

  chore(release): bump version and add changelog

• 1.0.0-beta.4 - 2018-09-22
  

  chore(release): bump version and add changelog

• 1.0.0-beta.3 - 2018-05-24
  

  chore(release): add changelog and bump version

• 1.0.0-beta.2 - 2017-10-31
  

  chore(release): add changelog and bump version

from @agm/core GitHub release notes

Package name: ajv

• 6.12.6 - 2020-10-10
  

  Fix performance issue of "url" format.

• 6.12.5 - 2020-09-13
  

  Fix uri scheme validation (@ ChALkeR).
  Fix boolean schemas with strictKeywords option (#1270)

• 6.12.4 - 2020-08-15
  

  Fix: coercion of one-item arrays to scalar that should fail validation (failing example).

• 6.12.3 - 2020-07-04
  

  Pass schema object to processCode function
  Option for strictNumbers (@ issacgerges, #1128)
  Fixed vulnerability related to untrusted schemas (CVE-2020-15366)

• 6.12.2 - 2020-04-19
  

  Removed post-install script

• 6.12.1 - 2020-04-18
  

  Docs and dependency updates

• 6.12.0 - 2020-02-22
  

  Improved hostname validation (@ sambauers, #1143)
  Option keywords to add custom keywords (@ franciscomorais, #1137)
  Types fixes (@ boenrobot, @ MattiAstedrone)
  Docs:

  • error logging example (@ RadiationSickness)
  • TypeScript usage notes (@ thetric)
• 6.11.0 - 2020-01-18
• 6.10.2 - 2019-07-14
• 6.10.1 - 2019-07-06
• 6.10.0 - 2019-03-03
• 6.9.2 - 2019-02-22
• 6.9.1 - 2019-02-10
• 6.9.0 - 2019-02-09
• 6.8.1 - 2019-02-02
• 6.8.0 - 2019-02-02
• 6.7.0 - 2019-01-13
• 6.6.2 - 2018-12-16
• 6.6.1 - 2018-11-29
• 6.6.0 - 2018-11-29
• 6.5.5 - 2018-11-04
• 6.5.4 - 2018-09-23
• 6.5.3 - 2018-08-17
• 6.5.2 - 2018-06-30
• 6.5.1 - 2018-06-10
• 6.5.0 - 2018-05-08
• 6.4.0 - 2018-03-25

from ajv GitHub release notes

Package name: bootstrap

• 4.6.2 - 2022-07-19
  

  Highlights

  • Added an example to our Collapse plugin docs to show how to use horizontal collapsing. This has long been possible via our JS, but we never had an official class to utilize it.
  • We've replaced the deprecated color-adjust with print-color-adjust in our Sass files as part of the Autoprefixer v10.4.6 issues. This should quiet the issues folks have seen from that dependency change. If you're using our distribution CSS files, like bootstrap.min.css, you may still see the warning.
  • Tweaked the size of small and .small to compute to a whole pixel value (was 12.8px and now is 14px).
  • Improved accessibility around our dropdowns, color contrast, and role attributes.
  • Fixed some broken links to supporting documentation.
  • Updated dependencies across the board.

  What's Changed

  • Removed blurred background reference from the Toast Docs. by @ pricop in #35190
  • Update links to CCA, MQ5 prefers-reduced-motion, evergreen WCAG urls, more resources by @ patrickhlauke in #35427
  • v4-dev backports and updates by @ XhmikosR in #35482
  • Backport #35556 by @ julien-deramond in #35558
  • Tweak toast docs by @ patrickhlauke in #35633
  • v4-dev backports and updates by @ XhmikosR in #35642
  • Doc: Reorder alphabetically lists of components by @ julien-deramond in #36128
  • Updated the small-font-size to use a round value by @ pricop in #36172
  • v4 dev backports and updates by @ XhmikosR in #35767
  • _custom-forms.scss: fix order of attributes by @ twin-elements in #36231
  • Replace the deprecated color-adjust with print-color-adjust by @ AdrianCurtin in #36283
  • [v4] Doc: remove role="group" from some split drop* buttons by @ julien-deramond in #36254
  • Dynamic tabs: use buttons rather than links (backport to v4) by @ patrickhlauke in #33163
  • v4 dev updates by @ XhmikosR in #36430
  • Fix closing HTML tag in navs docs by @ julien-deramond in #36466
  • v4: Horizontal collapse by @ mdo in #36434
  • Fixing tabs' tests v4 by @ louismaximepiton in #36485
  • Docs: fix some ARIA Authoring Practices Guides broken links by @ julien-deramond in #36490
  • v4 - Remove confusing unnecessary id/aria-labelledby for dropdown menus by @ patrickhlauke in #36491
  • v4 Docs: outdated ARIA/PF link, expand contrast explanation in accessibility.md by @ patrickhlauke in #36492
  • v4: Improve accessible name of version dropdown in docs navbar by @ patrickhlauke in #36504
  • Update devDependencies by @ XhmikosR in #36522
  • Docs: update clipboard.js to v2.0.11 by @ julien-deramond in #36631
  • Update devDependencies by @ XhmikosR in #36724
  • v4: Add Fathom by @ mdo in #36727
  • Docs: Capitalize Unicode by @ julien-deramond in #36735
  • Release v4.6.2 by @ XhmikosR in #36725

  New Contributors

  • @ twin-elements made their first contribution in #36231
  • @ AdrianCurtin made their first contribution in #36283

  Full Changelog: v4.6.1...v4.6.2

• 4.6.1 - 2021-10-28
  

  What's changed

  • Replace Sass division with multiplication and custom divide() function by @ mdo in #34571
  • Update RFS to v8.1.0 by @ XhmikosR in #34571
  • fix(forms): input-group and validation icons by @ ffoodd in #32968
  • Fix minor visual bug in Firefox caused by moz-focusring by @ kremit in #32821
  • Adjust SAFE_URL_PATTERN regex for use with test method of regexes by @ nikonthethird in #33153
  • Add sms in the SAFE_URL_PATTERN for sanitizer by @ XhmikosR in #35074
  • Adjust feedback icon position and padding for select.form-control by @ mdo in #33206
  • Carousel: use buttons, not links, for prev/next controls by @ patrickhlauke in #33165
  • v4: Sass docs for default variables by @ mdo in #33392
  • Handle complex expressions in add() & subtract() by @ ffoodd in #34047
  • More concise improvements for add() and subtract() by @ ffoodd in #34432
  • Remove aria-haspopup from dropdowns by @ patrickhlauke in #33624
  • Dropdown: support .dropdown-item wrapped in <li> tags by @ cpsievert in #33649
  • Update Node versions in JS tests (drop Node 10, add Node 16), update docs JS assets and add variables for vertical-align in spinners by @ XhmikosR in #33807
  • Replace Freenode with Libera IRC server by @ midzer #34050
  • Fix repetition in the Navbar docs description by @ coliff in #34208
  • Enable 0.x with negative margins in utilities by @ k-utsumi in #33593
  • Remove print thead rule by @ coliff in #34426
  • Fix prevented show event disabling modals with fade class from being displayed again by @ alpadev in #34087
  • Input group validation with custom-file input by @ ffoodd in #33239
  • Add eslint-plugin-qunit and tighten JS tests by @ XhmikosR in #32270
  • Update our tests to Node 16 and npm 8 by @ XhmikosR in #35142
  • Disabled link cleanup by @ patrickhlauke in #34924
  • Updated our devDependencies including terser; also enabled two passes for terser by @ XhmikosR

  Full changelog

  v4.6.0...v4.6.1

• 4.6.0 - 2021-01-19
• 4.5.3 - 2020-10-13
• 4.5.2 - 2020-08-06
• 4.5.1 - 2020-08-04
• 4.5.0 - 2020-05-12
• 4.4.1 - 2019-11-28
• 4.4.0 - 2019-11-26
• 4.3.1 - 2019-02-13
• 4.3.0 - 2019-02-11
• 4.2.1 - 2018-12-21
• 4.1.3 - 2018-07-24
• 4.1.2 - 2018-07-12
• 4.1.1 - 2018-04-30
• 4.1.0 - 2018-04-09

from bootstrap GitHub release notes

Package name: bootstrap-material-design

• 4.1.3 - 2020-05-26
• 4.1.2 - 2019-05-22
• 4.1.1 - 2018-01-23

from bootstrap-material-design GitHub release notes

Package name: chartist

• 0.11.4 - 2019-09-12
  

  Version bump

• 0.11.3 - 2019-07-05
  

  Removed gif imageminification from the process

• 0.11.2 - 2019-05-23
• 0.11.1 - 2019-05-23
  

  Fixed package.json version

• 0.11.0 - 2017-04-11
  

  Version bump and latest dist

from chartist GitHub release notes

Package name: core-js

• 2.6.12 - 2020-11-25
  
  • Added code points / code units explicit feature detection in String#at for preventing breakage code which use obsolete String#at proposal polyfill
  • Added OPEN_SOURCE_CONTRIBUTOR detection in postinstall
  • Added Drone CI detection in postinstall
• 2.6.11 - 2019-12-08
• 2.6.10 - 2019-10-13
• 2.6.9 - 2019-05-27
• 2.6.8 - 2019-05-21
• 2.6.7 - 2019-05-20
• 2.6.6 - 2019-05-19
• 2.6.5 - 2019-02-15
• 2.6.4 - 2019-02-07
• 2.6.3 - 2019-01-22
• 2.6.2 - 2019-01-10
• 2.6.1 - 2018-12-18
• 2.6.0 - 2018-12-05
• 2.5.7 - 2018-05-26
• 2.5.6 - 2018-05-07
• 2.5.5 - 2018-04-09
• 2.5.4 - 2018-03-27
• 2.5.3 - 2017-12-11
• 2.5.2 - 2017-12-09
• 2.5.1 - 2017-08-31
• 2.5.0 - 2017-08-06
• 2.4.1 - 2016-07-17

from core-js GitHub release notes

Package name: jquery

• 3.7.1 - 2023-08-28
  

  https://blog.jquery.com/2023/08/28/jquery-3-7-1-released-reliable-table-row-dimensions/

• 3.7.0 - 2023-05-11
  

  https://blog.jquery.com/2023/05/11/jquery-3-7-0-released-staying-in-order/

• 3.6.4 - 2023-03-08
  

  https://blog.jquery.com/2023/03/08/jquery-3-6-4-released-selector-forgiveness/

• 3.6.3 - 2022-12-20
  

  https://blog.jquery.com/2022/12/20/jquery-3-6-3-released-a-quick-selector-fix/

• 3.6.2 - 2022-12-13
  

  https://blog.jquery.com/2022/12/13/jquery-3-6-2-released/

• 3.6.1 - 2022-08-26
  

  https://blog.jquery.com/2022/08/26/jquery-3-6-1-maintenance-release/

• 3.6.0 - 2021-03-02
  

  https://blog.jquery.com/2021/03/02/jquery-3-6-0-released/

• 3.5.1 - 2020-05-04
  

  3.5.1

• 3.5.0 - 2020-04-10
• 3.4.1 - 2019-05-01
• 3.4.0 - 2019-04-10
• 3.3.1 - 2018-01-20
• 3.3.0 - 2018-01-19
• 3.2.1 - 2017-03-20

from jquery GitHub release notes

Package name: moment

• 2.30.1 - 2023-12-27
  

  2.30.1

• 2.30.0 - 2023-12-26
  

  2.30.0

• 2.29.4 - 2022-07-06
  

  2.29.4

• 2.29.3 - 2022-04-17
  

  2.29.3

• 2.29.2 - 2022-04-03
  

  2.29.2

• 2.29.1 - 2020-10-06
  

  2.29.1

• 2.29.0 - 2020-09-22
  

  2.29.0

• 2.28.0 - 2020-09-13
  

  2.28.0

• 2.27.0 - 2020-06-18
  

  2.27.0

• 2.26.0 - 2020-05-20
  

  2.26.0

• 2.25.3 - 2020-05-04
• 2.25.2 - 2020-05-04
• 2.25.1 - 2020-05-01
• 2.25.0 - 2020-05-01
• 2.24.0 - 2019-01-21
• 2.23.0 - 2018-12-13
• 2.22.2 - 2018-06-01
• 2.22.1 - 2018-04-15
• 2.22.0 - 2018-03-30
• 2.21.0 - 2018-03-02
• 2.20.1 - 2017-12-19
• 2.20.0 - 2017-12-17
• 2.19.4 - 2017-12-11
• 2.19.3 - 2017-11-29
• 2.19.2 - 2017-11-11
• 2.19.1 - 2017-10-11
• 2.19.0 - 2017-10-10
• 2.18.1 - 2017-03-21

from moment GitHub release notes...