[Snyk] Upgrade nuxt from 2.15.2 to 2.18.1 #289
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Snyk has created this PR to upgrade nuxt from 2.15.2 to 2.18.1. See this package in npm: nuxt See this project in Snyk: https://app.snyk.io/org/mayko780/project/dd211909-b2fe-4a54-b627-bc26a90f064d?utm_source=github&utm_medium=referral&page=upgrade-pr
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Snyk has created this PR to upgrade nuxt from 2.15.2 to 2.18.1.
ℹ️ Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.
The recommended version is 17 versions ahead of your current version.
The recommended version was released on 2 months ago.
Issues fixed by the recommended upgrade:
SNYK-JS-ANSIHTML-1296849
SNYK-JS-BABELTRAVERSE-5962462
SNYK-JS-TAR-1579155
SNYK-JS-NTHCHECK-1586032
SNYK-JS-SHELLQUOTE-1766506
SNYK-JS-TAR-1536528
SNYK-JS-TAR-1536531
SNYK-JS-TAR-1579147
SNYK-JS-TAR-1579152
SNYK-JS-WEBPACKDEVMIDDLEWARE-6476555
SNYK-JS-PARSEPATH-2936439
SNYK-JS-IP-6240864
SNYK-JS-ISSVG-1085627
SNYK-JS-ISSVG-1243891
SNYK-JS-TAR-6476909
SNYK-JS-BROWSERSLIST-1090194
SNYK-JS-NANOID-2332193
SNYK-JS-UGLIFYJS-1727251
SNYK-JS-PARSEURL-2935944
SNYK-JS-PARSEURL-2935947
SNYK-JS-PARSEURL-2942134
SNYK-JS-PARSEURL-3023021
SNYK-JS-PARSEURL-3024398
SNYK-JS-PATHPARSE-1077067
SNYK-JS-POSTCSS-1090595
SNYK-JS-POSTCSS-1255640
SNYK-JS-COLORSTRING-1082939
SNYK-JS-HTMLMINIFIER-3091181
SNYK-JS-MINIMIST-2429795
SNYK-JS-TAR-1536758
SNYK-JS-PARSEURL-2936249
Release notes
Package name: nuxt
-
2.18.1 - 2024-06-28
- webpack: Depend on earlier version of
- Daniel Roe (@ danielroe)
-
2.18.0 - 2024-06-27
- webpack: Migrate to
- vue-app: Don't throw if we can't read
- config: Add back md4 monkey-patch for wider ecosystem (#27865)
- Bump internal versions (9e829b59a)
- Add non-applicable advisory GHSA-3h5v-q93c-6h6q (5ef7311f0)
- Daniel Roe (@ danielroe)
-
2.17.4 - 2024-06-14
- types: Bump
- generator: Use maintained
- vue-app: Prevent double page mount (#10874)
- core: Don't skip loading runtime modules if one is improperly resolved (#10193)
- vue-app: Prevent error page mounting twice (#27484)
- Update repository field for
- Mark GHSA-2p57-rm9w-gvfp as not applicable (4782e3c90)
- Update repository urls (07668eafb)
- Mark GHSA-grv7-fg5c-xmjg as not applicable (eeb6207c9)
- Refresh yarn lockfile (#27612)
- Properly close
- Wait for navigation in redirect test (e74715606)
- Don't register promise in external nav (#27468)
- Add label PR workflow (#25580)
- Make edge releases on commit basis (1eb08d1ba)
- Remove ref for release workflows (06f91349f)
- Don't skip tests from branch named
- Update test conditions (940fc7dcb)
- Dmitriy (@ Kolobok12309)
- Ivan Ehreshi (@ IvanEh)
- Daniel Roe (@ danielroe)
- Damian Głowala (@ DamianGlowala)
-
2.17.3 - 2024-01-12
-
2.17.2 - 2023-10-24
-
2.17.1 - 2023-07-14
-
2.17.0 - 2023-06-09
-
2.16.3 - 2023-03-17
-
2.16.2 - 2023-03-01
-
2.16.1 - 2023-02-13
-
2.16.0 - 2023-02-03
-
2.15.8 - 2021-08-11
-
2.15.7 - 2021-06-14
-
2.15.6 - 2021-05-12
-
2.15.5 - 2021-05-09
-
2.15.4 - 2021-04-01
-
2.15.3 - 2021-03-10
-
2.15.2 - 2021-02-23
from nuxt GitHub release notes👉 Changelog
compare changes
🩹 Fixes
mkdirp(f67056b9e)❤️ Contributors
👉 Changelog
compare changes
🚀 Enhancements
memfs(#27652)🩹 Fixes
sessionStorage(#27662)🏡 Chore
❤️ Contributors
👉 Changelog
compare changes
🩹 Fixes
serve-statictypes to v1.15.7 (1c44c376d)html-minifier-terser(#26914)🏡 Chore
@ nuxt/config(c283cc039)✅ Tests
pagein e2e tests (1700aa131)🤖 CI
dev(2a5d05257)❤️ Contributors
Important
Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.
For more information:
[//]: # 'snyk:metadata:{"customTemplate":{"variablesUsed":[],"fieldsUsed":[]},"dependencies":[{"name":"nuxt","from":"2.15.2","to":"2.18.1"}],"env":"prod","hasFixes":true,"isBreakingChange":false,"isMajorUpgrade":false,"issuesToFix":[{"exploit_maturity":"proof-of-concept","id":"SNYK-JS-ANSIHTML-1296849","issue_id":"SNYK-JS-ANSIHTML-1296849","priority_score":696,"priority_score_factors":[{"type":"exploit","label":"Proof of Concept","score":107},{"type":"fixability","label":true,"score":214},{"type":"cvssScore","label":"7.5","score":375},{"type":"scoreVersion","label":"v1","score":1}],"severity":"high","title":"Regular Expression Denial of Service (ReDoS)"},{"exploit_maturity":"proof-of-concept","id":"SNYK-JS-BABELTRAVERSE-5962462","issue_id":"SNYK-JS-BABELTRAVERSE-5962462","priority_score":786,"priority_score_factors":[{"type":"exploit","label":"Proof of Concept","score":107},{"type":"fixability","label":true,"score":214},{"type":"cvssScore","label":"9.3","score":465},{"type":"scoreVersion","label":"v1","score":1}],"severity":"critical","title":"Incomplete List of Disallowed Inputs"},{"exploit_maturity":"no-known-exploit","id":"SNYK-JS-TAR-1579155","issue_id":"SNYK-JS-TAR-1579155","priority_score":639,"priority_score_factors":[{"type":"fixability","label":true,"score":214},{"type":"cvssScore","label":"8.5","score":425},{"type":"scoreVersion","label":"v1","score":1}],"severity":"high","title":"Arbitrary File Write"},{"exploit_maturity":"proof-of-concept","id":"SNYK-JS-NTHCHECK-1586032","issue_id":"SNYK-JS-NTHCHECK-1586032","priority_score":696,"priority_score_factors":[{"type":"exploit","label":"Proof of Concept","score":107},{"type":"fixability","label":true,"score":214},{"type":"cvssScore","label":"7.5","score":375},{"type":"scoreVersion","label":"v1","score":1}],"severity":"high","title":"Regular Expression Denial of Service (ReDoS)"},{"exploit_maturity":"no-known-exploit","id":"SNYK-JS-SHELLQUOTE-1766506","issue_id":"SNYK-JS-SHELLQUOTE-1766506","priority_score":619,"priority_score_factors":[{"type":"fixability","label":true,"score":214},{"type":"cvssScore","label":"8.1","score":405},{"type":"scoreVersion","label":"v1","score":1}],"severity":"high","title":"Remote Code Execution (RCE)"},{"exploit_maturity":"no-known-exploit","id":"SNYK-JS-TAR-1536528","issue_id":"SNYK-JS-TAR-1536528","priority_score":624,"priority_score_factors":[{"type":"fixability","label":true,"score":214},{"type":"cvssScore","label":"8.2","score":410},{"type":"scoreVersion","label":"v1","score":1}],"severity":"high","title":"Arbitrary File Overwrite"},{"exploit_maturity":"no-known-exploit","id":"SNYK-JS-TAR-1536531","issue_id":"SNYK-JS-TAR-1536531","priority_score":624,"priority_score_factors":[{"type":"fixability","label":true,"score":214},{"type":"cvssScore","label":"8.2","score":410},{"type":"scoreVersion","label":"v1","score":1}],"severity":"high","title":"Arbitrary File Overwrite"},{"exploit_maturity":"no-known-exploit","id":"SNYK-JS-TAR-1579147","issue_id":"SNYK-JS-TAR-1579147","priority_score":639,"priority_score_factors":[{"type":"fixability","label":true,"score":214},{"type":"cvssScore","label":"8.5","score":425},{"type":"scoreVersion","label":"v1","score":1}],"severity":"high","title":"Arbitrary File Write"},{"exploit_maturity":"no-known-exploit","id":"SNYK-JS-TAR-1579152","issue_id":"SNYK-JS-TAR-1579152","priority_score":639,"priority_score_factors":[{"type":"fixability","label":true,"score":214},{"type":"cvssScore","label":"8.5","score":425},{"type":"scoreVersion","label":"v1","score":1}],"severity":"high","title":"Arbitrary File Write"},{"exploit_maturity":"proof-of-concept","id":"SNYK-JS-WEBPACKDEVMIDDLEWARE-6476555","issue_id":"SNYK-JS-WEBPACKDEVMIDDLEWARE-6476555","priority_score":691,"priority_score_factors":[{"type":"exploit","label":"Proof of Concept","score":107},{"type":"fixability","label":true,"score":214},{"type":"cvssScore","label":"7.4","score":370},{"type":"scoreVersion","label":"v1","score":1}],"severity":"high","title":"Path Traversal"},{"exploit_maturity":"proof-of-concept","id":"SNYK-JS-PARSEPATH-2936439","issue_id":"SNYK-JS-PARSEPATH-2936439","priority_score":686,"priority_score_factors":[{"type":"exploit","label":"Proof of Concept","score":107},{"type":"fixability","label":true,"score":214},{"type":"cvssScore","label":"7.3","score":365},{"type":"scoreVersion","label":"v1","score":1}],"severity":"high","title":"Authorization Bypass Through User-Controlled Key"},{"exploit_maturity":"proof-of-concept","id":"SNYK-JS-IP-6240864","issue_id":"SNYK-JS-IP-6240864","priority_score":751,"priority_score_factors":[{"type":"exploit","label":"Proof of Concept","score":107},{"type":"fixability","label":true,"score":214},{"type":"cvssScore","label":"8.6","score":430},{"type":"scoreVersion","label":"v1","score":1}],"severity":"high","title":"Server-side Request Forgery (SSRF)"},{"exploit_maturity":"proof-of-concept","id":"SNYK-JS-ISSVG-1085627","issue_id":"SNYK-JS-ISSVG-1085627","priority_score":586,"priority_score_factors":[{"type":"exploit","label":"Proof of Concept","score":107},{"type":"fixability","label":true,"score":214},{"type":"cvssScore","label":"5.3","score":265},{"type":"scoreVersion","label":"v1","score":1}],"severity":"medium","title":"Regular Expression Denial of Service (ReDoS)"},{"exploit_maturity":"proof-of-concept","id":"SNYK-JS-ISSVG-1243891","issue_id":"SNYK-JS-ISSVG-1243891","priority_score":586,"priority_score_factors":[{"type":"exploit","label":"Proof of Concept","score":107},{"type":"fixability","label":true,"score":214},{"type":"cvssScore","label":"5.3","score":265},{"type":"scoreVersion","label":"v1","score":1}],"severity":"medium","title":"Regular Expression Denial of Service (ReDoS)"},{"exploit_maturity":"proof-of-concept","id":"SNYK-JS-TAR-6476909","issue_id":"SNYK-JS-TAR-6476909","priority_score":646,"priority_score_factors":[{"type":"exploit","label":"Proof of Concept","score":107},{"type":"fixability","label":true,"score":214},{"type":"cvssScore","label":"6.5","score":325},{"type":"scoreVersion","label":"v1","score":1}],"severity":"medium","title":"Uncontrolled Resource Consumption ('Resource Exhaustion')"},{"exploit_maturity":"proof-of-concept","id":"SNYK-JS-BROWSERSLIST-1090194","issue_id":"SNYK-JS-BROWSERSLIST-1090194","priority_score":586,"priority_score_factors":[{"type":"exploit","label":"Proof of Concept","score":107},{"type":"fixability","label":true,"score":214},{"type":"cvssScore","label":"5.3","score":265},{"type":"scoreVersion","label":"v1","score":1}],"severity":"medium","title":"Regular Expression Denial of Service (ReDoS)"},{"exploit_maturity":"proof-of-concept","id":"SNYK-JS-NANOID-2332193","issue_id":"SNYK-JS-NANOID-2332193","priority_score":521,"priority_score_factors":[{"type":"exploit","label":"Proof of Concept","score":107},{"type":"fixability","label":true,"score":214},{"type":"cvssScore","label":"4","score":200},{"type":"scoreVersion","label":"v1","score":1}],"severity":"medium","title":"Information Exposure"},{"exploit_maturity":"no-known-exploit","id":"SNYK-JS-UGLIFYJS-1727251","issue_id":"SNYK-JS-UGLIFYJS-1727251","priority_score":479,"priority_score_factors":[{"type":"fixability","label":true,"score":214},{"type":"cvssScore","label":"5.3","score":265},{"type":"scoreVersion","label":"v1","score":1}],"severity":"medium","title":"Regular Expression Denial of Service (ReDoS)"},{"exploit_maturity":"proof-of-concept","id":"SNYK-JS-PARSEURL-2935944","issue_id":"SNYK-JS-PARSEURL-2935944","priority_score":591,"priority_score_factors":[{"type":"exploit","label":"Proof of Concept","score":107},{"type":"fixability","label":true,"score":214},{"type":"cvssScore","label":"5.4","score":270},{"type":"scoreVersion","label":"v1","score":1}],"severity":"medium","title":"Cross-site Scripting (XSS)"},{"exploit_maturity":"proof-of-concept","id":"SNYK-JS-PARSEURL-2935947","issue_id":"SNYK-JS-PARSEURL-2935947","priority_score":561,"priority_score_factors":[{"type":"exploit","label":"Proof of Concept","score":107},{"type":"fixability","label":true,"score":214},{"type":"cvssScore","label":"4.8","score":240},{"type":"scoreVersion","label":"v1","score":1}],"severity":"medium","title":"Information Exposure"},{"exploit_maturity":"proof-of-concept","id":"SNYK-JS-PARSEURL-2942134","issue_id":"SNYK-JS-PARSEURL-2942134","priority_score":591,"priority_score_factors":[{"type":"exploit","label":"Proof of Concept","score":107},{"type":"fixability","label":true,"score":214},{"type":"cvssScore","label":"5.4","score":270},{"type":"scoreVersion","label":"v1","score":1}],"severity":"medium","title":"Cross-site Scripting (XSS)"},{"exploit_maturity":"proof-of-concept","id":"SNYK-JS-PARSEURL-3023021","issue_id":"SNYK-JS-PARSEURL-3023021","priority_score":646,"priority_score_factors":[{"type":"exploit","label":"Proof of Concept","score":107},{"type":"fixability","label":true,"score":214},{"type":"cvssScore","label":"6.5","score":325},{"type":"scoreVersion","label":"v1","score":1}],"severity":"medium","title":"Server-side Request Forgery (SSRF)"},{"exploit_maturity":"proof-of-concept","id":"SNYK-JS-PARSEURL-3024398","issue_id":"SNYK-JS-PARSEURL-3024398","priority_score":571,"priority_score_factors":[{"type":"exploit","label":"Proof of Concept","score":107},{"type":"fixability","label":true,"score":214},{"type":"cvssScore","label":"5","score":250},{"type":"scoreVersion","label":"v1","score":1}],"severity":"medium","title":"Improper Input Validation"},{"exploit_maturity":"proof-of-concept","id":"SNYK-JS-PATHPARSE-1077067","issue_id":"SNYK-JS-PATHPARSE-1077067","priority_score":586,"priority_score_factors":[{"type":"exploit","label":"Proof of Concept","score":107},{"type":"fixability","label":true,"score":214},{"type":"cvssScore","label":"5.3","score":265},{"type":"scoreVersion","label":"v1","score":1}],"severity":"medium","title":"Regular Expression Denial of Service (ReDoS)"},{"exploit_maturity":"proof-of-concept","id":"SNYK-JS-POSTCSS-1090595","issue_id":"SNYK-JS-POSTCSS-1090595","priority_score":586,"priority_score_factors":[{"type":"exploit","label":"Proof of Concept","score":107},{"type":"fixability","label":true,"score":214},{"type":"cvssScore","label":"5.3","score":265},{"type":"scoreVersion","label":"v1","score":1}],"severity":"medium","title":"Regular Expression Denial of Service (ReDoS)"},{"exploit_maturity":"proof-of-concept","id":"SNYK-JS-POSTCSS-1255640","issue_id":"SNYK-JS-POSTCSS-1255640","priority_score":586,"priority_score_factors":[{"type":"exploit","label":"Proof of Concept","score":107},{"type":"fixability","label":true,"score":214},{"type":"cvssScore","label":"5.3","score":265},{"type":"scoreVersion","label":"v1","score":1}],"severity":"medium","title":"Regular Expression Denial of Service (ReDoS)"},{"exploit_maturity":"proof-of-concept","id":"SNYK-JS-COLORSTRING-1082939","issue_id":"SNYK-JS-COLORSTRING-1082939","priority_score":586,"priority_score_factors":[{"type":"exploit","label":"Proof of Concept","score":107},{"type":"fixability","label":true,"score":214},{"type":"cvssScore","label":"5.3","score":265},{"type":"scoreVersion","label":"v1","score":1}],"severity":"medium","title":"Regular Expression Denial of Service (ReDoS)"},{"exploit_maturity":"proof-of-concept","id":"SNYK-JS-HTMLMINIFIER-3091181","issue_id":"SNYK-JS-HTMLMINIFIER-3091181","priority_score":586,"priority_score_factors":[{"type":"exploit","label":"Proof of Concept","score":107},{"type":"fixability","label":true,"score":214},{"type":"cvssScore","label":"5.3","score":265},{"type":"scoreVersion","label":"v1","score":1}],"severity":"medium","title":"Regular Expression Denial of Service (ReDoS)"},{"exploit_maturity":"proof-of-concept","id":"SNYK-JS-MINIMIST-2429795","issue_id":"SNYK-JS-MINIMIST-2429795","priority_score":506,"priority_score_factors":[{"type":"exploit","label":"Proof of Concept","score":107},{"type":"fixability","label":true,"score":214},{"type":"cvssScore","label":"3.7","score":185},{"type":"scoreVersion","label":"v1","score":1}],"severity":"low","title":"Prototype Pollution"},{"exploit_maturity":"no-known-exploit","id":"SNYK-JS-TAR-1536758","issue_id":"SNYK-JS-TAR-1536758","priority_score":410,"priority_score_factors":[{"type":"exploit","label":"Unproven","score":11},{"type":"fixability","label":true,"score":214},{"type":"cvssScore","label":"3.7","score":185},{"type":"scoreVersion","label":"v1","score":1}],"severity":"low","title":"Regular Expression Denial of Service (ReDoS)"},{"exploit_maturity":"proof-of-concept","id":"SNYK-JS-PARSEURL-2936249","issue_id":"SNYK-JS-PARSEURL-2936249","priority_score":791,"priority_score_factors":[{"type":"exploit","label":"Proof of Concept","score":107},{"type":"fixability","label":true,"score":214},{"type":"cvssScore","label":"9.4","score":470},{"type":"scoreVersion","label":"v1","score":1}],"severity":"critical","title":"Server-side Request Forgery (SSRF)"}],"prId":"9aef1f61-c2b9-473d-a79d-23ccaefb85fb","prPublicId":"9aef1f61-c2b9-473d-a79d-23ccaefb85fb","packageManager":"npm","priorityScoreList":[696,786,639,696,619,624,624,639,639,691,686,751,586,586,646,586,521,479,591,561,591,646,571,586,586,586,586,586,506,410,791],"projectPublicId":"dd211909-b2fe-4a54-b627-bc26a90f064d","projectUrl":"https://app.snyk.io/org/mayko780/project/dd211909-b2fe-4a54-b627-bc26a90f064d?utm_source=github&utm_medium=referral&page=upgrade-pr","prType":"upgrade","templateFieldSources":{"branchName":"default","commitMessage":"default","description":"default","title":"default"},"templateVariants":["priorityScore"],"type":"auto","upgrade":["SNYK-JS-ANSIHTML-1296849","SNYK-JS-BABELTRAVERSE-5962462","SNYK-JS-TAR-1579155","SNYK-JS-NTHCHECK-1586032","SNYK-JS-SHELLQUOTE-1766506","SNYK-JS-TAR-1536528","SNYK-JS-TAR-1536531","SNYK-JS-TAR-1579147","SNYK-JS-TAR-1579152","SNYK-JS-WEBPACKDEVMIDDLEWARE-6476555","SNYK-JS-PARSEPATH-2936439","SNYK-JS-IP-6240864","SNYK-JS-ISSVG-1085627","SNYK-JS-ISSVG-1243891","SNYK-JS-TAR-6476909","SNYK-JS-BROWSERSLIST-1090194","SNYK-JS-NANOID-2332193","SNYK-JS-UGLIFYJS-1727251","SNYK-JS-PARSEURL-2935944","SNYK-JS-PARSEURL-2935947","SNYK-JS-PARSEURL-2942134","SNYK-JS-PARSEURL-3023021","SNYK-JS-PARSEURL-3024398","SNYK-JS-PATHPARSE-1077067","SNYK-JS-POSTCSS-1090595","SNYK-JS-POSTCSS-1255640","SNYK-JS-COLORSTRING-1082939","SNYK-JS-HTMLMINIFIER-3091181","SNYK-JS-MINIMIST-2429795","SNYK-JS-TAR-1536758","SNYK-JS-PARSEURL-2936249"],"upgradeInfo":{"versionsDiff":17,"publishedDate":"2024-06-28T11:35:15.434Z"},"vulns":["SNYK-JS-ANSIHTML-1296849","SNYK-JS-BABELTRAVERSE-5962462","SNYK-JS-TAR-1579155","SNYK-JS-NTHCHECK-1586032","SNYK-JS-SHELLQUOTE-1766506","SNYK-JS-TAR-1536528","SNYK-JS-TAR-1536531","SNYK-JS-TAR-1579147","SNYK-JS-TAR-1579152","SNYK-JS-WEBPACKDEVMIDDLEWARE-6476555","SNYK-JS-PARSEPATH-2936439","SNYK-JS-IP-6240864","SNYK-JS-ISSVG-1085627","SNYK-JS-ISSVG-1243891","SNYK-JS-TAR-6476909","SNYK-JS-BROWSERSLIST-1090194","SNYK-JS-NANOID-2332193","SNYK-JS-UGLIFYJS-1727251","SNYK-JS-PARSEURL-2935944","SNYK-JS-PARSEURL-2935947","SNYK-JS-PARSEURL-2942134","SNYK-JS-PARSEURL-3023021","SNYK-JS-PARSEURL-3024398","SNYK-JS-PATHPARSE-1077067","SNYK-JS-POSTCSS-1090595","SNYK-JS-POSTCSS-1255640","SNYK-JS-COLORSTRING-1082939","SNYK-JS-HTMLMINIFIER-3091181","SNYK-JS-MINIMIST-2429795","SNYK-JS-TAR-1536758","SNYK-JS-PARSEURL-2936249"]}'