Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[Snyk] Security upgrade next-image-export-optimizer from 0.10.1 to 0.12.0 #11

Open
wants to merge 1 commit into
base: main
Choose a base branch
from
Open

[Snyk] Security upgrade next-image-export-optimizer from 0.10.1 to 0.12.0 #11

wants to merge 1 commit into from

Conversation

Krovikan-Vamp
Copy link
Owner

This PR was automatically created by Snyk using the credentials of a real user.


Snyk has created this PR to fix one or more vulnerable packages in the `npm` dependencies of this project.

Changes included in this PR

  • Changes to the following files to upgrade the vulnerable dependencies to a fixed version:
    • package.json
    • package-lock.json

Vulnerabilities that will be fixed

With an upgrade:
Severity Priority Score (*) Issue Breaking Change Exploit Maturity
critical severity 980/1000
Why? Currently trending on Twitter, Mature exploit, Recently disclosed, Has a fix available, CVSS 9.6		 Heap-based Buffer Overflow
SNYK-JS-SHARP-5922108		 No Mature

(*) Note that the real score may have changed since the PR was raised.

Commit messages
Package name: next-image-export-optimizer The new version differs by 23 commits.
  • 7672bb6 Merge pull request #26 from Niels-IO/newConfigLocation
  • 6e87f1c Merge pull request #25 from Niels-IO/Github-Actions
  • 5b1a79e New playwright setup
  • d85781b Add playwright to action
  • 6df3fc3 Only test with node v16
  • cfff767 Fix run command
  • 43178e6 Create node.js.yml
  • a4ca1ed 0.12.0
  • 70decee New config variables
  • fcf4496 Update packages
  • db0f7b4 Change image component to accept new config location
  • 6f47b46 New variable location in the optimzation file
  • f54eeb0 Test new config
  • 65fb752 Update packages
  • 0d2987f Update env types for new variable names
  • 3775918 Update packages
  • 30d90df 0.11.0
  • c512d40 Merge pull request #22 from stooit/feature/unoptimized-support
  • 2887626 Add test for unoptimized prop
  • ebcd45f Change order priority to passed blurDataURL over unoptimized src
  • 17c81c1 Adjusted readme for clarity
  • 54659c5 Change order priority to passed blurDataURL over unoptimized src
  • e65a253 Added support for unoptimized prop.

See the full diff

Check the changes in this PR to ensure they won't cause issues with your project.

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information:
🧐 View latest project report

🛠 Adjust project settings

📚 Read more about Snyk's upgrade and patch logic

Learn how to fix vulnerabilities with free interactive lessons:

🦉 Learn about vulnerability in an interactive lesson of Snyk Learn.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@Krovikan-Vamp @snyk-bot