[Snyk] Upgrade: , astro, prettier, prettier-plugin-astro

[WontonSam]

Snyk has created this PR to upgrade multiple dependencies.

👯 The following dependencies are linked and will therefore be updated together.

ℹ️ Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.

⚠️ Warning: This PR contains major version upgrade(s), and may be a breaking change.

Name	Versions	Released on

@astrojs/tailwind
from 5.0.0 to 5.1.0 | 5 versions ahead of your current version | 9 months ago
on 2023-12-27
astro
from 3.0.13 to 4.15.1 | 156 versions ahead of your current version
⚠️ This is a major version upgrade, and may be a breaking change | 22 days ago
on 2024-08-29
prettier
from 3.0.3 to 3.3.3 | 12 versions ahead of your current version | 2 months ago
on 2024-07-13
prettier-plugin-astro
from 0.12.0 to 0.14.1 | 6 versions ahead of your current version | 2 months ago
on 2024-07-16

Issues fixed by the recommended upgrade:

	Issue	Score	Exploit Maturity
	Access Control Bypass SNYK-JS-VITE-6182924	29	Proof of Concept
	Regular Expression Denial of Service (ReDoS) SNYK-JS-ZOD-5925617	29	Proof of Concept
	Uncontrolled resource consumption SNYK-JS-BRACES-6838727	29	Proof of Concept
	Prototype Pollution SNYK-JS-DSET-7116691	29	Proof of Concept
	Inefficient Regular Expression Complexity SNYK-JS-MICROMATCH-6838728	29	No Known Exploit
	Cross-Site Scripting (XSS) SNYK-JS-VITE-6098386	29	Proof of Concept
	Improper Access Control SNYK-JS-VITE-6531286	29	Proof of Concept
	Information Exposure SNYK-JS-VITE-8023174	29	Proof of Concept
	Cross-site Scripting (XSS) SNYK-JS-ASTRO-7547139	29	No Known Exploit
	Regular Expression Denial of Service (ReDoS) SNYK-JS-PATHTOREGEXP-7925106	29	Proof of Concept
	Improper Input Validation SNYK-JS-POSTCSS-5926692	29	No Known Exploit
	Improper Access Control SNYK-JS-UNDICI-6564963	29	No Known Exploit
	Improper Authorization SNYK-JS-UNDICI-6564964	29	No Known Exploit
	Cross-site Scripting (XSS) SNYK-JS-VITE-8022916	29	Proof of Concept
	Incomplete List of Disallowed Inputs SNYK-JS-BABELTRAVERSE-5962462	29	Proof of Concept
	Heap-based Buffer Overflow SNYK-JS-SHARP-5922108	29	Mature
	Information Exposure SNYK-JS-UNDICI-5962466	29	No Known Exploit
	Permissive Cross-domain Policy with Untrusted Domains SNYK-JS-UNDICI-6252336	29	No Known Exploit

Release notes

Package name: @astrojs/tailwind

• 5.1.0 - 2023-12-27
• 5.0.4 - 2023-12-20
• 5.0.3 - 2023-12-05
• 5.0.2 - 2023-10-10
• 5.0.1 - 2023-10-05
• 5.0.0 - 2023-08-30

from @astrojs/tailwind GitHub release notes

Package name: astro

• 4.15.1 - 2024-08-29
• 4.15.0 - 2024-08-29
• 4.14.6 - 2024-08-28
• 4.14.5 - 2024-08-22
• 4.14.4 - 2024-08-21
• 4.14.3 - 2024-08-20
• 4.14.2 - 2024-08-15
• 4.14.1 - 2024-08-15
• 4.14.0 - 2024-08-15
• 4.13.4 - 2024-08-14
• 4.13.3 - 2024-08-09
• 4.13.2 - 2024-08-08
• 4.13.1 - 2024-08-02
• 4.13.0 - 2024-08-01
• 4.12.3 - 2024-07-30
• 4.12.2 - 2024-07-19
• 4.12.1 - 2024-07-18
• 4.12.0 - 2024-07-18
• 4.11.6 - 2024-07-17
• 4.11.5 - 2024-07-03
• 4.11.4 - 2024-07-03
• 4.11.3 - 2024-06-26
• 4.11.2 - 2024-06-26
• 4.11.1 - 2024-06-24
• 4.11.0 - 2024-06-20
• 4.10.3 - 2024-06-17
• 4.10.2 - 2024-06-11
• 4.10.1 - 2024-06-08
• 4.10.0 - 2024-06-06
• 4.9.3 - 2024-06-05
• 4.9.2 - 2024-05-27
• 4.9.1 - 2024-05-23
• 4.9.0 - 2024-05-23
• 4.8.7 - 2024-05-22
• 4.8.6 - 2024-05-17
• 4.8.5 - 2024-05-16
• 4.8.4 - 2024-05-15
• 4.8.3 - 2024-05-13
• 4.8.2 - 2024-05-09
• 4.8.1 - 2024-05-09
• 4.8.0 - 2024-05-09
• 4.7.1 - 2024-05-02
• 4.7.0 - 2024-04-25
• 4.6.4 - 2024-04-23
• 4.6.3 - 2024-04-18
• 4.6.2 - 2024-04-16
• 4.6.1 - 2024-04-12
• 4.6.0 - 2024-04-11
• 4.5.18 - 2024-04-10
• 4.5.17 - 2024-04-09
• 4.5.16 - 2024-04-04
• 4.5.15 - 2024-04-03
• 4.5.14 - 2024-04-02
• 4.5.13 - 2024-04-02
• 4.5.12 - 2024-03-28
• 4.5.11 - 2024-03-28
• 4.5.10 - 2024-03-26
• 4.5.9 - 2024-03-22
• 4.5.8 - 2024-03-20
• 4.5.7 - 2024-03-20
• 4.5.6 - 2024-03-18
• 4.5.5 - 2024-03-15
• 4.5.4 - 2024-03-14
• 4.5.3 - 2024-03-13
• 4.5.2 - 2024-03-12
• 4.5.1 - 2024-03-11
  

  Patch Changes

  • #11946 b75bfc8 Thanks @ johannesspohr! - Fix vue islands keeping their state when using view transition persistence
• 4.5.0 - 2024-03-11
• 4.4.15 - 2024-03-08
• 4.4.14 - 2024-03-07
• 4.4.13 - 2024-03-06
• 4.4.12 - 2024-03-06
• 4.4.11 - 2024-03-04
• 4.4.10 - 2024-03-04
• 4.4.9 - 2024-03-02
• 4.4.8 - 2024-03-01
• 4.4.7 - 2024-03-01
• 4.4.6 - 2024-02-28
• 4.4.5 - 2024-02-26
• 4.4.4 - 2024-02-23
• 4.4.3 - 2024-02-22
• 4.4.2 - 2024-02-21
  

  Patch Changes

  • #11998 082f450 Thanks @ johannesspohr! - Fix view transition state persistence
• 4.4.1 - 2024-02-20
• 4.4.0 - 2024-02-15
• 4.3.7 - 2024-02-13
• 4.3.6 - 2024-02-12
• 4.3.5 - 2024-02-07
• 4.3.4 - 2024-02-07
• 4.3.3 - 2024-02-06
• 4.3.2 - 2024-02-02
• 4.3.1 - 2024-02-01
• 4.3.0 - 2024-02-01
• 4.2.8 - 2024-01-31
• 4.2.7 - 2024-01-30
• 4.2.6 - 2024-01-26
• 4.2.5 - 2024-01-26
• 4.2.4 - 2024-01-24
• 4.2.3 - 2024-01-22
• 4.2.2 - 2024-01-22
• 4.2.1 - 2024-01-18
• 4.2.0 - 2024-01-18
• 4.1.3 - 2024-01-16
• 4.1.2 - 2024-01-11
• 4.1.1 - 2024-01-05
• 4.1.0 - 2024-01-04
• 4.0.9 - 2024-01-02
• 4.0.8 - 2023-12-27
• 4.0.7 - 2023-12-20
• 4.0.6 - 2023-12-15
• 4.0.5 - 2023-12-14
• 4.0.4 - 2023-12-11
• 4.0.3 - 2023-12-06
• 4.0.2 - 2023-12-06
• 4.0.1 - 2023-12-05
• 4.0.0 - 2023-12-05
• 4.0.0-beta.7 - 2023-12-04
• 4.0.0-beta.6 - 2023-12-04
• 4.0.0-beta.5 - 2023-12-04
• 4.0.0-beta.4 - 2023-12-01
• 4.0.0-beta.3 - 2023-12-01
• 4.0.0-beta.2 - 2023-11-29
• 4.0.0-beta.1 - 2023-11-28
  

  Major Changes

  • #12008 5608338 Thanks @ Princesseuh! - Welcome to the Astro 5 beta! This release has no changes from the latest alpha of this package, but it does bring us one step closer to the final, stable release.

    Starting from this release, no breaking changes will be introduced unless absolutely necessary.

    To learn how to upgrade, check out the Astro v5.0 upgrade guide in our beta docs site.

  Patch Changes

  • Updated dependencies [5608338]:
    • @ astrojs/markdown-remark@6.0.0-beta.1
• 4.0.0-beta.0 - 2023-11-27
• 3.6.5 - 2024-03-01
• 3.6.4 - 2023-11-30
• 3.6.3 - 2023-11-28
• 3.6.2 - 2023-11-28
• 3.6.1 - 2023-11-27
• 3.6.0 - 2023-11-22
• 3.5.7 - 2023-11-21
• 3.5.6 - 2023-11-21
• 3.5.5 - 2023-11-16
• 3.5.4 - 2023-11-14
• 3.5.3 - 2023-11-12
• 3.5.2 - 2023-11-10
• 3.5.1 - 2023-11-10
• 3.5.0 - 2023-11-09
• 3.4.4 - 2023-11-08
• 3.4.3 - 2023-11-02
• 3.4.2 - 2023-11-01
• 3.4.1 - 2023-11-01
• 3.4.0 - 2023-10-26
• 3.3.4 - 2023-10-24
• 3.3.3 - 2023-10-23
• 3.3.2 - 2023-10-18
• 3.3.1 - 2023-10-16
• 3.3.0 - 2023-10-12
• 3.2.4 - 2023-10-10
• 3.2.3 - 2023-10-05
• 3.2.2 - 2023-10-02
• 3.2.1 - 2023-10-02
• 3.2.0 - 2023-09-28
• 3.1.4 - 2023-09-25
• 3.1.3 - 2023-09-25
• 3.1.2 - 2023-09-21
• 3.1.1 - 2023-09-19
• 3.1.0 - 2023-09-14
• 3.0.13 - 2023-09-12

from astro GitHub release notes

Package name: prettier

• 3.3.3 - 2024-07-13
  

  🔗 Changelog

• 3.3.2 - 2024-06-11
  

  🔗 Changelog

• 3.3.1 - 2024-06-05
  

  🔗 Changelog

• 3.3.0 - 2024-06-01
  

  diff

  🔗 Release note

• 3.2.5 - 2024-02-04
  

  🔗 Changelog

• 3.2.4 - 2024-01-17
  
  • Fix .eslintrc.json format #15947

  🔗 Changelog

• 3.2.3 - 2024-01-17
  
  • Format tsconfig.json file with jsonc parser #15927

  🔗 Changelog

• 3.2.2 - 2024-01-14
  

  🔗 Changelog

• 3.2.1 - 2024-01-12
• 3.2.0 - 2024-01-12
• 3.1.1 - 2023-12-10
• 3.1.0 - 2023-11-13
• 3.0.3 - 2023-08-29

from prettier GitHub release notes

Package name: prettier-plugin-astro

• 0.14.1 - 2024-07-16
  

  Patch Changes

  • 7282bcb: Fixes an issue where style and script tags would sometimes get moved to other tags
• 0.14.0 - 2024-05-24
  

  Minor Changes

  • bb756df: Adds a new option called astroSkipFrontmatter to disable formatting the frontmatter. This can be useful when using other tools to format the frontmatter, such as Biome or dprint.
• 0.13.0 - 2024-01-19
  

  Minor Changes

  • e97406a: Fix plugin sometimes including significant whitespace inside components, fragments and custom elements
• 0.12.3 - 2023-12-27
  

  Patch Changes

  • e75f9c7: Fix <br /> tags sometimes causing additional spaces to appear
  • b4b0918: Fix not being able to format expressions with more than 2 roots
• 0.12.2 - 2023-11-13
  

  Patch Changes

  • 11b0dc7: Fix attributes using optional chaining not formatting correctly
• 0.12.1 - 2023-10-25
  

  Patch Changes

  • 0188f04: Fix attributes with multiple invalid JSX characters in their key inside expressions causing the plugin to throw an error
• 0.12.0 - 2023-08-22
  

  Minor Changes

  • fa1a6e3: Do not delete line breaks and indentation of lines in class attribute

  Patch Changes

  • b806845: Format doctype as lowercase to match Prettier 3.0

from prettier-plugin-astro GitHub release notes

---

Important

• Warning: This PR contains a major version upgrade, and may be a breaking change.
• Check the changes in this PR to ensure they won't cause issues with your project.
• This PR was automatically created by Snyk using the credentials of a real user.
• Max score is 1000. Note that the real score may have changed since the PR was raised.

---

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.

For more information:

• 🧐 View latest project report
• 📜 Customise PR templates
• 🛠 Adjust upgrade PR settings
• 🔕 Ignore this dependency or unsubscribe from future upgrade PRs

[google-cla]

Thanks for your pull request! It looks like this may be your first contribution to a Google open source project. Before we can look at your pull request, you'll need to sign a Contributor License Agreement (CLA).

View this failed invocation of the CLA check for more information.

For the most up to date status, view the checks section at the bottom of the pull request.