[Snyk] Upgrade @primer/css from 19.4.0 to 19.8.2

[sisamiul]

This PR was automatically created by Snyk using the credentials of a real user.

Snyk has created this PR to upgrade @primer/css from 19.4.0 to 19.8.2.

ℹ️ Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.

---

• The recommended version is 46 versions ahead of your current version.
• The recommended version was released 2 years ago, on 2022-04-06.

The recommended version fixes:

Severity	Issue	PriorityScore (*)	Exploit Maturity
	Prototype Poisoning SNYK-JS-QS-3153490	696/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 7.5	Proof of Concept
	Denial of Service (DoS) SNYK-JS-JPEGJS-2859218	696/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 7.5	Proof of Concept
	Regular Expression Denial of Service (ReDoS) SNYK-JS-SEMVER-3247795	696/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 7.5	Proof of Concept
	Regular Expression Denial of Service (ReDoS) SNYK-JS-SEMVER-3247795	696/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 7.5	Proof of Concept
	Regular Expression Denial of Service (ReDoS) SNYK-JS-SEMVER-3247795	696/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 7.5	Proof of Concept
	Regular Expression Denial of Service (ReDoS) SNYK-JS-ANSIREGEX-1583908	696/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 7.5	Proof of Concept
	Cross-site Request Forgery (CSRF) SNYK-JS-AXIOS-6032459	696/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 7.5	Proof of Concept
	Prototype Pollution SNYK-JS-AXIOS-6144788	696/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 7.5	No Known Exploit
	Improper Verification of Cryptographic Signature SNYK-JS-BROWSERIFYSIGN-6037026	696/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 7.5	No Known Exploit
	Improper Input Validation SNYK-JS-FOLLOWREDIRECTS-6141137	696/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 7.5	Proof of Concept
	Open Redirect SNYK-JS-GOT-2932019	696/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 7.5	No Known Exploit
	Regular Expression Denial of Service (ReDoS) SNYK-JS-HTTPCACHESEMANTICS-3248783	696/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 7.5	Proof of Concept
	Missing Release of Resource after Effective Lifetime SNYK-JS-INFLIGHT-6095116	696/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 7.5	Proof of Concept
	Prototype Pollution SNYK-JS-JSON5-3182856	696/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 7.5	Proof of Concept
	Regular Expression Denial of Service (ReDoS) SNYK-JS-SIDEWAYFORMULA-3317169	696/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 7.5	No Known Exploit
	Prototype Pollution SNYK-JS-XML2JS-5414874	696/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 7.5	Proof of Concept
	Regular Expression Denial of Service (ReDoS) SNYK-JS-AXIOS-6124857	696/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 7.5	Proof of Concept
	Incomplete List of Disallowed Inputs SNYK-JS-BABELTRAVERSE-5962462	696/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 7.5	Proof of Concept
	Open Redirect SNYK-JS-EXPRESS-6474509	696/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 7.5	No Known Exploit
	Information Exposure SNYK-JS-FOLLOWREDIRECTS-6444610	696/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 7.5	Proof of Concept
	Open Redirect SNYK-JS-GOT-2932019	696/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 7.5	No Known Exploit

(*) Note that the real score may have changed since the PR was raised.

Release notes

Package name: @primer/css

• 19.8.2 - 2022-04-06
• 19.8.2-rc.3a4e2a3d - 2022-04-06
• 19.8.1 - 2022-04-05
• 19.8.1-rc.edf7b456 - 2022-04-05
• 19.8.0 - 2022-04-04
• 19.8.0-rc.286d2b82 - 2022-04-03
• 19.8.0-rc.0728c970 - 2022-04-03
• 19.7.1 - 2022-03-29
• 19.7.1-rc.f6452a1d - 2022-03-29
• 19.7.1-rc.bebd5de8 - 2022-03-28
• 19.7.1-rc.0f7dd124 - 2022-03-25
• 19.7.0 - 2022-03-24
• 19.7.0-rc.73b391f8 - 2022-03-24
• 19.6.1-rc.29f30cfc - 2022-03-22
• 19.6.0 - 2022-03-18
• 19.6.0-rc.f60c761b - 2022-03-14
• 19.5.2-rc.dbec85fb - 2022-03-09
• 19.5.2-rc.7b52cd2f - 2022-03-09
• 19.5.2-rc.722cd24c - 2022-03-11
• 19.5.2-rc.4f5d173e - 2022-03-09
• 19.5.2-rc.1d222b18 - 2022-03-09
• 19.5.2-rc.12fb8883 - 2022-03-09
• 19.5.2-rc.06cbb76a - 2022-03-09
• 19.5.1 - 2022-03-09
• 19.5.1-rc.1ec8e7b2 - 2022-03-09
• 19.5.0 - 2022-03-04
• 19.5.0-rc.e5c3ce13 - 2022-03-01
• 19.5.0-rc.d973b4ea - 2022-03-04
• 19.5.0-rc.c86cf490 - 2022-03-01
• 19.5.0-rc.afacd676 - 2022-03-01
• 19.5.0-rc.abf376e2 - 2022-03-03
• 19.5.0-rc.a3f516ae - 2022-03-01
• 19.5.0-rc.7717ab35 - 2022-03-01
• 19.5.0-rc.7106ff9d - 2022-03-01
• 19.5.0-rc.493c4af7 - 2022-03-01
• 19.5.0-rc.2b8c3990 - 2022-03-04
• 19.5.0-rc.67671646 - 2022-02-28
• 19.4.1-rc.e35320ba - 2022-02-17
• 19.4.1-rc.d5a4d62f - 2022-02-24
• 19.4.1-rc.b4e7503e - 2022-02-28
• 19.4.1-rc.a8910254 - 2022-02-28
• 19.4.1-rc.a5a1e5ac - 2022-02-28
• 19.4.1-rc.7a1197b2 - 2022-02-28
• 19.4.1-rc.7721a053 - 2022-02-28
• 19.4.1-rc.236d6b83 - 2022-02-25
• 19.4.1-rc.1c11cf26 - 2022-02-28
• 19.4.0 - 2022-02-15

from @primer/css GitHub release notes

Commit messages

Package name: @primer/css

• ea97918 Version Packages (repo sync github/docs#2020)
• 57be2d5 [Bug] TreeView animation and padding fix (Update issue_comment link in GitHub Actions docs github/docs#2019)
• 3c6d30f Version Packages (xx github/docs#2018)
• a4293bf TreeView: remove bold active items + markup changes (#1996)
• ef3be81 Bump @ primer/octicons-react from 16.0.0 to 17.0.0 in /docs (Create a new release is documented as Draft a new release for GHE 2.21 github/docs#2010)
• 767b028 Bump @ changesets/changelog-github from 0.4.3 to 0.4.4 (Update the supported Language/platforms list github/docs#2007)
• cad6940 Version Packages (Automatically added for iOS & OS X Mail Outlook.office365.com github/docs#2013)
• a3bc51f Always break long `branch-name`s (Update README.md github/docs#2002)
• 9806b54 Add Tritanopia theme (first program bankaccount github/docs#1997)
• d7b8a78 Bump actions/setup-node from 2 to 3 (*PROTOCOL* github/docs#1962)
• 81b341f Bump minimist from 1.2.5 to 1.2.6 (Tiny headline adjustment for the Issue event types page github/docs#2004)
• 13f1691 Bump ansi-regex from 4.1.0 to 4.1.1 (fix: Update commit trailer Tip github/docs#2003)
• f362f4f Version Packages (Add files via upload github/docs#1999)
• 264a89a More CSS updates to `Autocomplete` (repo sync github/docs#2000)
• 47cec40 Remove IE11 support in tooltip (Revert "repo sync" github/docs#2001)
• 557b100 Add narrow/regular/wide viewport range utilities (Freelancegitit some credits for a couple hours github/docs#1995)
• 09f9d84 Version Packages (Not matching URLs for emoji-cheat-sheet github/docs#1992)
• 69fe8c6 Add support for inline, stack label in autocomplete (Fix filter pattern cheat sheet examples github/docs#1994)
• 5e87eff Fix `btn-primary` in flash alerts (this is a test - do not merge github/docs#1991)
• 1938596 Version Packages (#1986)
• f544ef8 Make `pane` an optional region for PageLayout component (Remove references to global webhooks REST API preview github/docs#1989)
• e3443f1 Fix color-fg utilities in links (Merge github/docs#1988)
• 315bfc1 Bump postcss-calc from 8.2.3 to 8.2.4 (repo sync github/docs#1975)
• 84e2129 Bump fs-extra from 10.0.0 to 10.0.1 (repo sync github/docs#1966)

Compare

---

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.

For more information:

🧐 View latest project report

🛠 Adjust upgrade PR settings

🔕 Ignore this dependency or unsubscribe from future upgrade PRs