[Snyk] Upgrade gatsby-plugin-image from 3.0.0 to 3.12.0

[X-oss-byte]

This PR was automatically created by Snyk using the credentials of a real user.

Snyk has created this PR to upgrade gatsby-plugin-image from 3.0.0 to 3.12.0.

ℹ️ Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.

---

• The recommended version is 39 versions ahead of your current version.
• The recommended version was released a month ago, on 2023-08-24.

The recommended version fixes:

Severity	Issue	PriorityScore (*)	Exploit Maturity
	Prototype Pollution SNYK-JS-IMMER-1019369	482/1000 Why? Proof of Concept exploit, CVSS 7.5	Proof of Concept
	Denial of Service (DoS) SNYK-JS-DECODEURICOMPONENT-3149970	482/1000 Why? Proof of Concept exploit, CVSS 7.5	Proof of Concept
	Regular Expression Denial of Service (ReDoS) SNYK-JS-SEMVER-3247795	482/1000 Why? Proof of Concept exploit, CVSS 7.5	Proof of Concept
	Regular Expression Denial of Service (ReDoS) SNYK-JS-SEMVER-3247795	482/1000 Why? Proof of Concept exploit, CVSS 7.5	Proof of Concept
	Regular Expression Denial of Service (ReDoS) SNYK-JS-SEMVER-3247795	482/1000 Why? Proof of Concept exploit, CVSS 7.5	Proof of Concept
	Regular Expression Denial of Service (ReDoS) SNYK-JS-SEMVER-3247795	482/1000 Why? Proof of Concept exploit, CVSS 7.5	Proof of Concept
	Denial of Service (DoS) SNYK-JS-SOCKETIOPARSER-5596892	482/1000 Why? Proof of Concept exploit, CVSS 7.5	No Known Exploit
	Sandbox Bypass SNYK-JS-WEBPACK-3358798	482/1000 Why? Proof of Concept exploit, CVSS 7.5	Proof of Concept
	Prototype Pollution SNYK-JS-LOADERUTILS-3043105	482/1000 Why? Proof of Concept exploit, CVSS 7.5	No Known Exploit
	Denial of Service (DoS) SNYK-JS-ENGINEIO-3136336	482/1000 Why? Proof of Concept exploit, CVSS 7.5	No Known Exploit
	Prototype Pollution SNYK-JS-IMMER-1540542	482/1000 Why? Proof of Concept exploit, CVSS 7.5	Proof of Concept
	Regular Expression Denial of Service (ReDoS) SNYK-JS-LOADERUTILS-3105943	482/1000 Why? Proof of Concept exploit, CVSS 7.5	No Known Exploit
	Regular Expression Denial of Service (ReDoS) SNYK-JS-SIDEWAYFORMULA-3317169	482/1000 Why? Proof of Concept exploit, CVSS 7.5	No Known Exploit
	Regular Expression Denial of Service (ReDoS) SNYK-JS-UAPARSERJS-3244450	482/1000 Why? Proof of Concept exploit, CVSS 7.5	Proof of Concept
	Prototype Pollution SNYK-JS-JSON5-3182856	482/1000 Why? Proof of Concept exploit, CVSS 7.5	Proof of Concept
	Prototype Pollution SNYK-JS-JSON5-3182856	482/1000 Why? Proof of Concept exploit, CVSS 7.5	Proof of Concept
	Regular Expression Denial of Service (ReDoS) SNYK-JS-LOADERUTILS-3042992	482/1000 Why? Proof of Concept exploit, CVSS 7.5	No Known Exploit
	Regular Expression Denial of Service (ReDoS) SNYK-JS-LOADERUTILS-3105943	482/1000 Why? Proof of Concept exploit, CVSS 7.5	No Known Exploit
	Regular Expression Denial of Service (ReDoS) SNYK-JS-LOADERUTILS-3042992	482/1000 Why? Proof of Concept exploit, CVSS 7.5	No Known Exploit
	Regular Expression Denial of Service (ReDoS) SNYK-JS-LOADERUTILS-3105943	482/1000 Why? Proof of Concept exploit, CVSS 7.5	No Known Exploit
	Regular Expression Denial of Service (ReDoS) SNYK-JS-LOADERUTILS-3042992	482/1000 Why? Proof of Concept exploit, CVSS 7.5	No Known Exploit
	Information Exposure SNYK-JS-GATSBY-5671647	482/1000 Why? Proof of Concept exploit, CVSS 7.5	Proof of Concept
	Information Exposure SNYK-JS-GATSBYCLI-5671903	482/1000 Why? Proof of Concept exploit, CVSS 7.5	Proof of Concept
	Information Exposure SNYK-JS-GATSBYPLUGINSHARP-5425803	482/1000 Why? Proof of Concept exploit, CVSS 7.5	No Known Exploit
	Information Exposure SNYK-JS-GATSBYPLUGINSHARP-5671648	482/1000 Why? Proof of Concept exploit, CVSS 7.5	Proof of Concept
	Denial of Service (DoS) SNYK-JS-GRAPHQL-5905181	482/1000 Why? Proof of Concept exploit, CVSS 7.5	Proof of Concept
	Regular Expression Denial of Service (ReDoS) SNYK-JS-HTTPCACHESEMANTICS-3248783	482/1000 Why? Proof of Concept exploit, CVSS 7.5	Proof of Concept
	Regular Expression Denial of Service (ReDoS) SNYK-JS-WORDWRAP-3149973	482/1000 Why? Proof of Concept exploit, CVSS 7.5	Proof of Concept

(*) Note that the real score may have changed since the PR was raised.

Release notes

Package name: gatsby-plugin-image

• 3.12.0 - 2023-08-24
• 3.12.0-next.1 - 2023-07-03
• 3.12.0-next.0 - 2023-06-15
• 3.11.0 - 2023-06-15
• 3.11.0-next.1 - 2023-06-05
• 3.11.0-next.0 - 2023-05-16
• 3.10.0 - 2023-05-16
• 3.10.0-next.2 - 2023-05-03
• 3.10.0-next.1 - 2023-04-27
• 3.10.0-next.0 - 2023-04-18
• 3.9.0 - 2023-04-18
• 3.9.0-next.1 - 2023-04-06
• 3.9.0-next.0 - 2023-03-21
• 3.9.0-image-cdn-configurable.4 - 2023-04-11
• 3.8.0 - 2023-03-21
• 3.8.0-next.0 - 2023-02-16
• 3.7.0 - 2023-02-21
• 3.7.0-next.0 - 2023-02-03
• 3.6.0 - 2023-02-07
• 3.6.0-next.1 - 2023-01-26
• 3.6.0-next.0 - 2023-01-19
• 3.5.0 - 2023-01-24
• 3.5.0-next.1 - 2023-01-17
• 3.5.0-next.0 - 2023-01-05
• 3.4.0 - 2023-01-10
• 3.4.0-next.2 - 2023-01-04
• 3.4.0-next.1 - 2022-12-14
• 3.4.0-next.0 - 2022-12-08
• 3.3.2 - 2022-12-14
• 3.3.1 - 2022-12-14
• 3.3.0 - 2022-12-13
• 3.3.0-next.3 - 2022-12-07
• 3.3.0-next.2 - 2022-12-06
• 3.3.0-next.1 - 2022-12-01
• 3.3.0-next.0 - 2022-11-25
• 3.2.0 - 2022-11-25
• 3.2.0-next.0 - 2022-11-17
• 3.1.0 - 2022-11-22
• 3.1.0-next.0 - 2022-11-08
• 3.0.0 - 2022-11-08

from gatsby-plugin-image GitHub release notes

Commit messages

Package name: gatsby-plugin-image

• a1c87bc chore(release): Publish
• b2d4aef feat(gatsby): Adapters (feat(gatsby): Adapters gatsbyjs/gatsby#38232)
• 7a2778b fix(gatsby-source-contentful): handle nullable fields (fix(gatsby-source-contentful): handle nullable fields gatsbyjs/gatsby#38358)
• 2e08202 chore(docs): clarify react upgrade with --legacy-peer-deps (chore(docs): clarify react upgrade with --legacy-peer-deps gatsbyjs/gatsby#38359)
• e5126f9 fix(gatsby-source-wordpress): Set empty default alt tag for inline images (fix(gatsby-source-wordpress): Set empty default alt tag for inline images gatsbyjs/gatsby#38341)
• 668aa5f fix(deps): update dependency algoliasearch to ^4.18.0 for gatsby-source-npm-package-search (fix(deps): update dependency algoliasearch to ^4.18.0 for gatsby-source-npm-package-search gatsbyjs/gatsby#38308)
• 06015b9 fix(deps): update minor and patch dependencies for gatsby-source-contentful (fix(deps): update minor and patch dependencies for gatsby-source-contentful gatsbyjs/gatsby#38322)
• 544862b fix(deps): update minor and patch dependencies for gatsby (fix(deps): update minor and patch dependencies for gatsby gatsbyjs/gatsby#38297)
• cde8b49 fix(deps): update dependency verdaccio to ^5.25.0 for gatsby-dev-cli (fix(deps): update dependency verdaccio to ^5.25.0 for gatsby-dev-cli gatsbyjs/gatsby#38318)
• b074b85 fix(deps): update minor and patch dependencies for gatsby-source-wordpress (fix(deps): update minor and patch dependencies for gatsby-source-wordpress gatsbyjs/gatsby#38293)
• 176b1cc fix(deps): update dependency core-js to ^3.31.0 (fix(deps): update dependency core-js to ^3.31.0 gatsbyjs/gatsby#38309)
• 31df9ef chore(deps): update dependency webpack to ^5.88.1 for gatsby-plugin-mdx (chore(deps): update dependency webpack to ^5.88.1 for gatsby-plugin-mdx gatsbyjs/gatsby#38306)
• 39c4987 chore(deps): update [dev] minor and patch dependencies for gatsby-graphiql-explorer (chore(deps): update [dev] minor and patch dependencies for gatsby-graphiql-explorer gatsbyjs/gatsby#38279)
• 1ebae56 chore(release): Publish next
• 6c7a0e3 fix(gatsby): copy slices overrides to 404.html copy (fix(gatsby): copy slices overrides to 404.html copy gatsbyjs/gatsby#38337)
• 0c8f948 chore(docs): Add DSG webpack limitation
• 87a3412 fix(deps): update dependency sanitize-html to ^2.11.0 for gatsby-transformer-remark (fix(deps): update dependency sanitize-html to ^2.11.0 for gatsby-transformer-remark gatsbyjs/gatsby#38315)
• 7ffaebe fix(deps): update dependency @ apollo/client to ^3.7.16 for gatsby-source-graphql (fix(deps): update dependency @apollo/client to ^3.7.16 for gatsby-source-graphql gatsbyjs/gatsby#38290)
• e3f01a1 chore(deps): update gatsby monorepo (chore(deps): update gatsby monorepo gatsbyjs/gatsby#38289)
• 1d2dd04 fix(deps): update dependency xstate to ^4.38.0 for gatsby-source-filesystem (fix(deps): update dependency xstate to ^4.38.0 for gatsby-source-filesystem gatsbyjs/gatsby#38319)
• b049e02 fix(deps): update dependency theme-ui to ^0.16.0 (fix(deps): update dependency theme-ui to ^0.16.0 gatsbyjs/gatsby#38317)
• d67485e fix(deps): update dependency sass to ^1.63.6 (fix(deps): update dependency sass to ^1.63.6 gatsbyjs/gatsby#38316)
• a621c85 fix(deps): update dependency gatsby-core-utils to ^4.11.0 (fix(deps): update dependency gatsby-core-utils to ^4.11.0 gatsbyjs/gatsby#38313)
• 5f7f910 fix(deps): update dependency envinfo to ^7.10.0 for gatsby-cli (fix(deps): update dependency envinfo to ^7.10.0 for gatsby-cli gatsbyjs/gatsby#38312)

Compare

---

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.

For more information:

🧐 View latest project report

🛠 Adjust upgrade PR settings

🔕 Ignore this dependency or unsubscribe from future upgrade PRs

[stackblitz]

Run & review this pull request in StackBlitz Codeflow.

[changeset-bot]

⚠️ No Changeset found

Latest commit: 9682e26

Merging this PR will not cause a version bump for any packages. If these changes should not result in a new version, you're good to go. If these changes should result in a version bump, you need to add a changeset.

Click here to learn what changesets are, and how to add one.

Click here if you're a maintainer who wants to add a changeset to this PR