[Snyk] Upgrade @primer/react from 35.27.0 to 35.32.2

[colorado392]

This PR was automatically created by Snyk using the credentials of a real user.

Snyk has created this PR to upgrade @primer/react from 35.27.0 to 35.32.2.

ℹ️ Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.

---

• The recommended version is 115 versions ahead of your current version.
• The recommended version was released 3 months ago, on 2023-10-26.

The recommended version fixes:

Severity	Issue	PriorityScore (*)	Exploit Maturity
	Incomplete List of Disallowed Inputs SNYK-JS-BABELTRAVERSE-5962462	294/1000 Why? Confidentiality impact: High, Integrity impact: High, Availability impact: High, Scope: Changed, Exploit Maturity: Proof of Concept, User Interaction (UI): None, Privileges Required (PR): None, Attack Complexity: Low, Attack Vector: Local, EPSS: 0.0006, Social Trends: No, Days since published: 108, Reachable: No, Transitive dependency: Yes, Is Malicious: No, Business Criticality: Critical, Provider Urgency: Critical, Package Popularity Score: 99, Impact: 12.6, Likelihood: 2.33, Score Version: V5	Proof of Concept
	Improper Input Validation SNYK-JS-FOLLOWREDIRECTS-6141137	294/1000 Why? Confidentiality impact: High, Integrity impact: High, Availability impact: High, Scope: Changed, Exploit Maturity: Proof of Concept, User Interaction (UI): None, Privileges Required (PR): None, Attack Complexity: Low, Attack Vector: Local, EPSS: 0.0006, Social Trends: No, Days since published: 108, Reachable: No, Transitive dependency: Yes, Is Malicious: No, Business Criticality: Critical, Provider Urgency: Critical, Package Popularity Score: 99, Impact: 12.6, Likelihood: 2.33, Score Version: V5	Proof of Concept

(*) Note that the real score may have changed since the PR was raised.

Release notes

Package name: @primer/react

• 35.32.2 - 2023-10-26
  

  Permalink to documentation

  Patch Changes

  • #3861 85d9e515 Thanks @ langermank! - Use button CSS vars for border-color to support a feature flag

  • #3862 8cd6007e Thanks @ TylerJDev! - Adds aria-disabled to inactive pagination buttons.

• 35.32.2-rc.c11ae56d - 2023-10-24
• 35.32.2-rc.abdbe8e6 - 2023-10-26
• 35.32.2-rc.991824d6 - 2023-10-23
• 35.32.2-rc.9133f239 - 2023-10-26
• 35.32.2-rc.5e318146 - 2023-10-23
• 35.32.2-rc.50d87fc7 - 2023-10-26
• 35.32.2-rc.3b296a49 - 2023-10-25
• 35.32.2-rc.29d14eb5 - 2023-10-20
• 35.32.2-rc.1332f325 - 2023-10-25
• 35.32.2-rc.0eee3c8d - 2023-10-24
• 35.32.2-rc.06cdc2f4 - 2023-10-20
• 35.32.1 - 2023-10-18
  

  Permalink to documentation

  Patch Changes

  • #3839 d463d547 Thanks @ joshblack! - Restore Link underline preference to original behavior

  • #3836 038a7899 Thanks @ xiaolou86! - docs: fix typo

• 35.32.1-rc.f0ccebd7 - 2023-10-18
• 35.32.1-rc.0c3b0e6d - 2023-10-17
• 35.32.0 - 2023-10-16
• 35.32.0-rc.f9eb6d68 - 2023-10-12
• 35.32.0-rc.f06e2819 - 2023-10-16
• 35.32.0-rc.e24a21c5 - 2023-10-09
• 35.32.0-rc.e044b98a - 2023-10-13
• 35.32.0-rc.d2236036 - 2023-10-09
• 35.32.0-rc.c4859d3e - 2023-10-12
• 35.32.0-rc.c1b79ea5 - 2023-10-12
• 35.32.0-rc.c06d499c - 2023-10-16
• 35.32.0-rc.be7902e5 - 2023-10-08
• 35.32.0-rc.be4b175d - 2023-10-14
• 35.32.0-rc.a5cdd8a5 - 2023-10-16
• 35.32.0-rc.a4b0656f - 2023-10-09
• 35.32.0-rc.a35f8d1d - 2023-10-16
• 35.32.0-rc.86c91b3b - 2023-10-09
• 35.32.0-rc.85e916ff - 2023-10-16
• 35.32.0-rc.7c06bf1b - 2023-10-09
• 35.32.0-rc.78307b54 - 2023-10-10
• 35.32.0-rc.6f8bc4e1 - 2023-10-16
• 35.32.0-rc.6db49ffc - 2023-10-09
• 35.32.0-rc.6b47aa3f - 2023-10-12
• 35.32.0-rc.61f3e796 - 2023-10-16
• 35.32.0-rc.56eb5644 - 2023-10-09
• 35.32.0-rc.40cb2c28 - 2023-10-10
• 35.32.0-rc.3049330e - 2023-10-11
• 35.32.0-rc.27d0216d - 2023-10-13
• 35.32.0-rc.244f1939 - 2023-10-16
• 35.32.0-rc.2218631d - 2023-10-16
• 35.32.0-rc.1c32be5e - 2023-10-16
• 35.32.0-rc.09f7708d - 2023-10-16
• 35.32.0-rc.07e8a474 - 2023-10-07
• 35.31.0 - 2023-09-29
• 35.31.0-rc.f6db146e - 2023-09-26
• 35.31.0-rc.ece42293 - 2023-09-27
• 35.31.0-rc.dcc53cde - 2023-09-26
• 35.31.0-rc.760beab0 - 2023-09-27
• 35.31.0-rc.54950f5d - 2023-09-25
• 35.31.0-rc.4741df1e - 2023-09-25
• 35.30.0 - 2023-09-20
• 35.30.0-rc.ffbc3a76 - 2023-09-15
• 35.30.0-rc.fb8d40b4 - 2023-09-11
• 35.30.0-rc.f55965c2 - 2023-09-11
• 35.30.0-rc.ed43f815 - 2023-09-18
• 35.30.0-rc.debc9d55 - 2023-09-13
• 35.30.0-rc.d76a68f0 - 2023-09-13
• 35.30.0-rc.cbe30e7b - 2023-09-08
• 35.30.0-rc.bca4dfe6 - 2023-09-18
• 35.30.0-rc.ba766a41 - 2023-09-15
• 35.30.0-rc.b98c2760 - 2023-09-07
• 35.30.0-rc.a32552d0 - 2023-09-18
• 35.30.0-rc.8f63598d - 2023-09-11
• 35.30.0-rc.78f3e511 - 2023-09-12
• 35.30.0-rc.6e3e981d - 2023-09-07
• 35.30.0-rc.5b12f2d6 - 2023-09-19
• 35.30.0-rc.47875cd5 - 2023-09-07
• 35.30.0-rc.4123face - 2023-09-18
• 35.30.0-rc.2d68b603 - 2023-09-07
• 35.30.0-rc.2ce229c6 - 2023-09-13
• 35.30.0-rc.1a1e99d4 - 2023-09-11
• 35.30.0-rc.16649d88 - 2023-09-11
• 35.30.0-rc.07453b4b - 2023-09-11
• 35.30.0-rc.97067018 - 2023-09-07
• 35.29.0 - 2023-09-06
• 35.29.0-rc.f6e1650b - 2023-08-31
• 35.29.0-rc.eec3cc92 - 2023-08-31
• 35.29.0-rc.daf9746b - 2023-09-06
• 35.29.0-rc.d8e446f9 - 2023-08-29
• 35.29.0-rc.d43fe95e - 2023-09-05
• 35.29.0-rc.a33d5801 - 2023-09-05
• 35.29.0-rc.95dc9c03 - 2023-09-04
• 35.29.0-rc.70726bcb - 2023-09-06
• 35.29.0-rc.6be77fd0 - 2023-08-30
• 35.29.0-rc.619fd09f - 2023-09-06
• 35.29.0-rc.49025f8b - 2023-08-29
• 35.29.0-rc.3e83a2d2 - 2023-08-28
• 35.29.0-rc.2ee91b24 - 2023-08-29
• 35.29.0-rc.261f9e1a - 2023-09-05
• 35.29.0-rc.202a3328 - 2023-09-05
• 35.29.0-rc.1719a0d1 - 2023-08-30
• 35.29.0-rc.1055e552 - 2023-09-05
• 35.29.0-rc.08615ff3 - 2023-08-30
• 35.28.0 - 2023-08-21
• 35.28.0-rc.93e28301 - 2023-08-16
• 35.28.0-rc.18933b35 - 2023-08-16
• 35.27.2-rc.e9a43aee - 2023-08-11
• 35.27.2-rc.e7c85907 - 2023-08-14
• 35.27.2-rc.9ba61fd0 - 2023-08-14
• 35.27.2-rc.96e81e5d - 2023-08-09
• 35.27.2-rc.903a784c - 2023-08-14
• 35.27.2-rc.892befa6 - 2023-08-16
• 35.27.2-rc.61889a22 - 2023-08-15
• 35.27.2-rc.50de6b10 - 2023-08-15
• 35.27.2-rc.4da2920f - 2023-08-10
• 35.27.2-rc.4aabb7ca - 2023-08-14
• 35.27.2-rc.369bfd31 - 2023-08-14
• 35.27.2-rc.22b0f9a2 - 2023-08-15
• 35.27.2-rc.012487b4 - 2023-08-15
• 35.27.1 - 2023-08-04
• 35.27.1-rc.59d2174d - 2023-08-03
• 35.27.1-rc.054062e2 - 2023-08-04
• 35.27.0 - 2023-08-01

from @primer/react GitHub release notes

Commit messages

Package name: @primer/react

• a6d6907 Version Packages (Update set-up-git.md github/docs#3847)
• 85d9e51 Use `button` CSS vars for border-color to support a feature flag (update docs to specify Metadata access github/docs#3861)
• f3dd5f6 chore(deps-dev): bump jscodeshift from 0.14.0 to 0.15.0 (Your personal GreggJuanEduardoPH:patch-18 github/docs#3849)
• 49dfc0e SelectPanel2: Keyboard navigation for list (copying-a-project-board.md github/docs#3768)
• 8cd6007 Add `aria-disabled` to inactive pagination buttons (Tr github/docs#3862)
• add9689 Delete changelog for story file (aaa__aaax@hotmail.com github/docs#3857)
• efa4650 SelectPanel2: Instant selection variant (use pull_request_target github/docs#3783)
• 0227cc3 ci: update release-schedule.yml (fix: change sender field for CodeScanningAlert event to match other payloads github/docs#3855)
• 44b0b6b chore(docs): update docs site to latest doctocat (Update index.md github/docs#3842)
• 7a5685c chore(deps-dev): bump jest and @ types/jest (Thanks for opening this issue. A GitHub docs team member should be by to give feedback soon. In the meantime, please check out the [contributing guidelines](https://github.com/github/docs/blob/main/CONTRIBUTING.md). github/docs#3850)
• 0d264ec chore(deps-dev): bump prettier from 3.0.1 to 3.0.3 (> @shati-patel I've updated my git version and the command works now. Interesting that it needed an exe for older versions though. github/docs#3851)
• 096f4cc Updates ActionList async filter example to be accessible (#3808)
• c1e340b SelectPanel anchors should have aria-haspopup="dialog" (Docs-GreggJuanEduardoPH:patch-9 github/docs#3636)
• 216d2a9 Remove eslint-disable-next-line jsx-a11y/anchor-has-content (Update and rename index.md to indexes github/docs#3841)
• 77f8d98 Version Packages (👋 github/docs#3837)
• d463d54 Revert "Support link underline preference" (> https://atom.atomxplus.com github/docs#3839)
• 4dbc972 docs(DataTable): add stories under drafts (About protec github/docs#3832)
• 038a789 docs: fix typo (Permiso de acceso githubGreggJuanEduardoPH:patch-17 github/docs#3836)
• 32b8705 PageHeader: Address general sign-off review feedback in storybook (missing href values, non-working menus) (Update and rename content/github/administering-a-repository/about-pro… github/docs#3817)
• 436d2fc Update assign_release_conductor.yml (Update "Verify a Domian" Documentation github/docs#3834)
• 7e8cdf5 Version Packages (Update licensing-a-repository.md github/docs#3794)
• 1fcfc47 feat(ToggleSwitch): add support for a ref on the inner <button> element (Thanks for opening this issue. A GitHub docs team member should be by to give feedback soon. In the meantime, please check out the [contributing guidelines](https://github.com/github/docs/blob/main/CONTRIBUTING.md). github/docs#3813)
• 6a08271 bump @ github/markdownlint-github from 0.3.0 to 0.6.0 (Trunk github/docs#3828)
• 34587e1 chore(deps-dev): bump @ babel/traverse from 7.22.8 to 7.23.2 (A puño request to an issue-GreggJuanEduardoPH:patch-15 github/docs#3831)

Compare

---

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.

For more information:

🧐 View latest project report

🛠 Adjust upgrade PR settings

🔕 Ignore this dependency or unsubscribe from future upgrade PRs