[Snyk] Security upgrade gatsby-source-contentful from 6.1.3 to 7.18.0

[ukitomato]

This PR was automatically created by Snyk using the credentials of a real user.

Snyk has created this PR to fix one or more vulnerable packages in the `npm` dependencies of this project.

Changes included in this PR

• Changes to the following files to upgrade the vulnerable dependencies to a fixed version:
  • package.json

⚠️ Warning

Failed to update the package-lock.json, please update manually before merging.

Vulnerabilities that will be fixed

With an upgrade:

Severity	Priority Score (*)	Issue	Breaking Change	Exploit Maturity
	748/1000 Why? Proof of Concept exploit, Recently disclosed, Has a fix available, CVSS 7.1	Cross-site Request Forgery (CSRF) SNYK-JS-AXIOS-6032459	Yes	Proof of Concept

(*) Note that the real score may have changed since the PR was raised.

Commit messages

Package name: gatsby-source-contentful

The new version differs by 250 commits.

• 3ec74ac chore(release): Publish
• 718d693 fix(gatsby): Add DEV_SSR note to 95312 error (#36295) (#36300)
• 6c0316e fix(gatsby): Make <script> in Head behave correctly (#36212) (#36299)
• a6ff9e9 feat(gatsby-source-shopify): Add query runtime warning for CI environments (#36142) (#36296)
• 32ad041 fix(gatsby): move require out of hot function (#36253)
• 94a3264 chore(deps): update dependency typescript to ^4.7.4 (#36030)
• 483d18e fix(gatsby): add `webhookBody` to `SourceNodesArgs` interface (#36255)
• 9d33b10 fix(gatsby): refactor sourceNodes api and add I&C/CFLOW as a codeowner (#36244)
• abc65a6 fix(gatsby): fix --https option for develop (#36248)
• 5a5f5b9 chore(release): Publish next
• f623eea chore: Move packages to deprecated-packages folder (#36235)
• cc548c0 chore(starters): Migrate starters to Head API (#36234)
• 5443479 fix: add missing dependencies (#36230)
• 3b141a2 chore: update peril settings for starters (#36239)
• abad94f fix(gatsby-plugin-sharp): Ensure min 1px height for `BLURRED` placeholder (#35914)
• ae5adb4 fix(starters): Key prop to docs list (#36236)
• 922874d chore(release): Publish next
• 3dee0f6 fix(gatsby): use pathPrefix for SSR/DSG page-data requests with `gatsby serve` (#36231)
• 40073f8 chore(gatsby-source-contentful): migrate to latest Contentful SDK (#35501)
• 82172de chore(release): Publish next
• 1eef8e0 chore(create-gatsby): Remove gatsby-plugin-react-helmet (#36222)
• b125296 fix(gatsby-link): Update resolve import (#36229)
• 79036b3 chore(docs): Upgrade Cypress to v10 in E2E Testing (#36204)
• b22c2bf chore(docs): Add `react-helmet` note in Gatsby Head reference (#36216)

See the full diff

Check the changes in this PR to ensure they won't cause issues with your project.

---

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information:
🧐 View latest project report

🛠 Adjust project settings

📚 Read more about Snyk's upgrade and patch logic

---

Learn how to fix vulnerabilities with free interactive lessons:

🦉 Cross-site Request Forgery (CSRF)

[vercel]

The latest updates on your projects. Learn more about Vercel for Git ↗︎

Name	Status	Preview	Comments	Updated (UTC)
portfolio	❌ Failed (Inspect)			Oct 27, 2023 2:24pm

[aws-amplify-us-east-1]

This pull request is automatically being deployed by Amplify Hosting (learn more).

Access this pull request here: https://pr-180.d1e5l685esdd1w.amplifyapp.com