[Snyk] Upgrade @astrojs/node from 3.1.0 to 8.3.4 #1030
+2,117
−2,415
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Snyk has created this PR to upgrade @astrojs/node from 3.1.0 to 8.3.4.
ℹ️ Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.
Warning: This is a major version upgrade, and may be a breaking change.
The recommended version fixes:
SNYK-JS-SEMVER-3247795
Why? Confidentiality impact: None, Integrity impact: None, Availability impact: High, Scope: Unchanged, Exploit Maturity: Proof of Concept, User Interaction (UI): None, Privileges Required (PR): None, Attack Complexity: Low, Attack Vector: Network, EPSS: 0.00152, Social Trends: No, Days since published: 481, Reachable: No, Transitive dependency: Yes, Is Malicious: No, Business Criticality: High, Provider Urgency: High, Package Popularity Score: 99, Impact: 5.99, Likelihood: 2.64, Score Version: V5
SNYK-JS-SEND-7926862
Why? Confidentiality impact: None, Integrity impact: None, Availability impact: High, Scope: Unchanged, Exploit Maturity: Proof of Concept, User Interaction (UI): None, Privileges Required (PR): None, Attack Complexity: Low, Attack Vector: Network, EPSS: 0.00152, Social Trends: No, Days since published: 481, Reachable: No, Transitive dependency: Yes, Is Malicious: No, Business Criticality: High, Provider Urgency: High, Package Popularity Score: 99, Impact: 5.99, Likelihood: 2.64, Score Version: V5
(*) Note that the real score may have changed since the PR was raised.
Release notes
Package name: @astrojs/node
Patch Changes
0cf7e91
Thanks @ bluwy! - Updatessend
dependency to 0.19.0Major Changes
#367
e02b54a
Thanks @ alexanderniebuhr! - Removed support for the Squoosh image service. As the underlying librarylibsquoosh
is no longer maintained, and the image service sees very little usage we have decided to remove it from Astro.Our recommendation is to use the base Sharp image service, which is more powerful, faster, and more actively maintained.
import { defineConfig } from "astro/config";
export default defineConfig({
- image: {
- service: squooshImageService()
- }
});
If you are using this service, and cannot migrate to the base Sharp image service, a third-party extraction of the previous service is available here: https://github.com/Princesseuh/astro-image-service-squoosh
#367
e02b54a
Thanks @ alexanderniebuhr! - Deprecates thefunctionPerRoute
optionThis option is now deprecated, and will be removed entirely in Astro v5.0. We suggest removing this option from your configuration as soon as you are able to:
}),
});
#375
e7881f7
Thanks @ Princesseuh! - Updates internal code to works with Astro 5 changes to hybrid rendering. No changes are necessary to your project, apart from using Astro 5#397
776a266
Thanks @ Princesseuh! - Welcome to the Astro 5 beta! This release has no changes from the latest alpha of this package, but it does bring us one step closer to the final, stable release.Starting from this release, no breaking changes will be introduced unless absolutely necessary.
To learn how to upgrade, check out the Astro v5.0 upgrade guide in our beta docs site.
#392
3a49eb7
Thanks @ Princesseuh! - Updates internal code for Astro 5 changes. No changes is required to your project, apart from using Astro 5Minor Changes
bb725b7
Thanks @ florian-lefebvre! - Cleans upastro:env
supportNote: You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.
For more information:
🧐 View latest project report
🛠 Adjust upgrade PR settings
🔕 Ignore this dependency or unsubscribe from future upgrade PRs