[Snyk] Upgrade dayjs from 1.8.14 to 1.11.11

[mdfkbtc]

This PR was automatically created by Snyk using the credentials of a real user.


Snyk has created this PR to upgrade dayjs from 1.8.14 to 1.11.11.

ℹ️ Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.

---

• The recommended version is 52 versions ahead of your current version.

• The recommended version was released on 2 months ago.

Issues fixed by the recommended upgrade:

	Issue	Score	Exploit Maturity
	Prototype Pollution SNYK-JS-INI-1048974	686	Proof of Concept
	Server-side Request Forgery (SSRF) SNYK-JS-IP-6240864	686	Proof of Concept
	Prototype Pollution SNYK-JS-LODASH-567746	686	Proof of Concept
	Prototype Pollution SNYK-JS-LODASH-608086	686	Proof of Concept
	Prototype Pollution SNYK-JS-LODASH-6139239	686	Proof of Concept
	Prototype Pollution SNYK-JS-LODASHSET-1320032	686	Proof of Concept
	Code Injection SNYK-JS-LODASH-1040724	686	Proof of Concept
	Remote Code Execution (RCE) SNYK-JS-PACRESOLVER-1564857	686	Proof of Concept
	Authorization Bypass Through User-Controlled Key SNYK-JS-PARSEPATH-2936439	686	Proof of Concept
	Denial of Service (DoS) SNYK-JS-DECODEURICOMPONENT-3149970	686	Proof of Concept
	Prototype Pollution SNYK-JS-ASYNC-2441827	686	Proof of Concept
	Improper Verification of Cryptographic Signature SNYK-JS-BROWSERIFYSIGN-6037026	686	No Known Exploit
	Server-Side Request Forgery (SSRF) SNYK-JS-IP-7148531	686	Proof of Concept
	Prototype Pollution SNYK-JS-JSON5-3182856	686	Proof of Concept
	Denial of Service (DoS) SNYK-JS-JSZIP-1251497	686	Proof of Concept
	Arbitrary File Write via Archive Extraction (Zip Slip) SNYK-JS-JSZIP-3188562	686	No Known Exploit
	Regular Expression Denial of Service (ReDoS) SNYK-JS-LODASH-1018905	686	Proof of Concept
	Command Injection SNYK-JS-NODENOTIFIER-1035794	686	No Known Exploit
	Prototype Pollution SNYK-JS-XML2JS-5414874	686	Proof of Concept
	Regular Expression Denial of Service (ReDoS) SNYK-JS-BROWSERSLIST-1090194	686	Proof of Concept
	Prototype Pollution SNYK-JS-DOTPROP-543489	686	Proof of Concept
	Cryptographic Issues SNYK-JS-ELLIPTIC-1064899	686	No Known Exploit
	Improper Input Validation SNYK-JS-PARSEURL-3024398	686	Proof of Concept
	Regular Expression Denial of Service (ReDoS) SNYK-JS-PATHPARSE-1077067	686	Proof of Concept
	Command Injection SNYK-JS-SNYKPYTHONPLUGIN-3039677	686	Proof of Concept
	Command Injection SNYK-JS-SNYKSBTPLUGIN-3038626	686	Proof of Concept
	Command Injection SNYK-JS-SNYKSNYKCOCOAPODSPLUGIN-3038625	686	Proof of Concept
	Information Exposure SNYK-JS-PARSEURL-2935947	686	Proof of Concept
	Cross-site Scripting (XSS) SNYK-JS-PARSEURL-2942134	686	Proof of Concept
	Validation Bypass SNYK-JS-KINDOF-537849	686	Proof of Concept
	Incomplete List of Disallowed Inputs SNYK-JS-BABELTRAVERSE-5962462	686	Proof of Concept
	Cross-site Scripting (XSS) SNYK-JS-PARSEURL-2935944	686	Proof of Concept
	Server-side Request Forgery (SSRF) SNYK-JS-PARSEURL-2936249	686	Proof of Concept
	Cryptographic Issues SNYK-JS-ELLIPTIC-571484	686	Proof of Concept
	Prototype Poisoning SNYK-JS-QS-3153490	686	Proof of Concept
	Prototype Pollution SNYK-JS-NCONF-2395478	686	Proof of Concept
	Server-side Request Forgery (SSRF) SNYK-JS-NETMASK-1089716	686	Proof of Concept
	Server-side Request Forgery (SSRF) SNYK-JS-NETMASK-6056519	686	Proof of Concept
	Arbitrary File Overwrite SNYK-JS-TAR-1536528	686	No Known Exploit
	Arbitrary File Overwrite SNYK-JS-TAR-1536531	686	No Known Exploit
	Arbitrary File Write SNYK-JS-TAR-1579147	686	No Known Exploit
	Arbitrary File Write SNYK-JS-TAR-1579152	686	No Known Exploit
	Arbitrary File Write SNYK-JS-TAR-1579155	686	No Known Exploit
	Regular Expression Denial of Service (ReDoS) SNYK-JS-TMPL-1583443	686	Proof of Concept
	Command Injection SNYK-JS-TREEKILL-536781	686	Proof of Concept
	Regular Expression Denial of Service (ReDoS) SNYK-JS-UAPARSERJS-1023599	686	Proof of Concept
	Regular Expression Denial of Service (ReDoS) SNYK-JS-UAPARSERJS-610226	686	Proof of Concept
	Prototype Pollution SNYK-JS-Y18N-1021887	686	Proof of Concept
	Prototype Pollution SNYK-JS-Y18N-1021887	686	Proof of Concept
	Server-side Request Forgery (SSRF) SNYK-JS-PARSEURL-3023021	686	Proof of Concept
	Command Injection SNYK-JS-SNYK-3037342	686	Proof of Concept
	Command Injection SNYK-JS-SNYK-3038622	686	Proof of Concept
	Code Injection SNYK-JS-SNYK-3111871	686	No Known Exploit
	Command Injection SNYK-JS-SNYKDOCKERPLUGIN-3039679	686	Proof of Concept
	Command Injection SNYK-JS-SNYKGOPLUGIN-3037316	686	Proof of Concept
	Command Injection SNYK-JS-SNYKGRADLEPLUGIN-3038624	686	Proof of Concept
	Command Injection SNYK-JS-SNYKMVNPLUGIN-3038623	686	Proof of Concept
	Timing Attack SNYK-JS-ELLIPTIC-511941	686	No Known Exploit
	Open Redirect SNYK-JS-GOT-2932019	686	No Known Exploit
	Prototype Pollution SNYK-JS-HAPIHOEK-548452	686	No Known Exploit
	Regular Expression Denial of Service (ReDoS) SNYK-JS-HOSTEDGITINFO-1088355	686	Proof of Concept
	Uncontrolled Resource Consumption ('Resource Exhaustion') SNYK-JS-TAR-6476909	686	Proof of Concept
	Regular Expression Denial of Service (ReDoS) SNYK-JS-UAPARSERJS-1072471	686	Proof of Concept
	Prototype Pollution SNYK-JS-XML2JS-5414874	686	Proof of Concept
	Regular Expression Denial of Service (ReDoS) SNYK-JS-TAR-1536758	686	No Known Exploit

Release notes

Package name: dayjs

• 1.11.11 - 2024-04-28
  

  1.11.11 (2024-04-28)

  Bug Fixes

  • day of week type literal (#2630) (f68d73e)
  • improve locale "zh-hk" format and meridiem (#2419) (a947a51)
  • Update 'da' locale to match correct first week of year (#2592) (44b0936)
  • update locale Bulgarian monthsShort Jan (#2538) (f0c9a41)
• 1.11.10 - 2023-09-19
  

  1.11.10 (2023-09-19)

  Bug Fixes

  • Add Korean Day of Month with ordinal (#2395) (dd55ee2)
  • change back fa locale to the Gregorian calendar equivalent (#2411) (95e9458)
  • duration plugin - MILLISECONDS_A_MONTH const calculation (#2362) (f0a0b54)
  • duration plugin getter get result 0 instead of undefined (#2369) (061aa7e)
  • fix isDayjs check logic (#2383) (5f3f878)
  • fix timezone plugin to get correct locale setting (#2420) (4f45012)
  • locale: add meridiem in ar locale (#2418) (361be5c)
  • round durations to millisecond precision for ISO string (#2367) (890a17a)
  • sub-second precisions need to be rounded at the seconds field to avoid adding floats (#2377) (a9d7d03)
  • update $x logic to avoid plugin error (#2429) (2254635)
  • Update Slovenian locale for relative time (#2396) (5470a15)
  • update uzbek language translation (#2327) (0a91056)
• 1.11.9 - 2023-07-01
  

  1.11.9 (2023-07-01)

  Bug Fixes

  • Add null to min and max plugin return type (#2355) (62d9042)
  • check if null passed to objectSupport parser (#2175) (013968f)
  • dayjs.diff improve performance (#2244) (33c80e1)
  • dayjs(null) throws error, not return dayjs object as invalid date (#2334) (c79e2f5)
  • objectSupport plugin causes an error when null is passed to dayjs function (closes #2277) (#2342) (89bf31c)
  • Optimize format method (#2313) (1fe1b1d)
  • update Duration plugin add/subtract take into account days in month (#2337) (3b1060f)
  • update MinMax plugin 1. ignore the 'null' in args 2. return the only one arg (#2330) (3c2c6ee)
• 1.11.8 - 2023-06-02
  

  1.11.8 (2023-06-02)

  Bug Fixes

  • .format add padding to 'YYYY' (#2231) (00c223b)
  • Added .valueOf method to Duration class (#2226) (9b4fcfd)
  • timezone type mark date parameter as optional (#2222) (b87aa0e)
  • type file first parameter date is optional in isSame(), isBefore(), isAfter() (#2272) (4d56f3e)
• 1.11.7 - 2022-12-06
  

  1.11.7 (2022-12-06)

  Bug Fixes

  • Add locale (zh-tw) meridiem (#2149) (1e9ba76)
  • update fa locale (#2151) (1c26732)
• 1.11.6 - 2022-10-21
  

  1.11.6 (2022-10-21)

  Bug Fixes

  • add BigIntSupport plugin (#2087) (f6dce48)
  • Fix objectSupport collides with Duration plugin - issue #2027 (#2038) (c9370ea)
• 1.11.5 - 2022-08-12
  

  1.11.5 (2022-08-12)

  Bug Fixes

  • ordinal for nl not working (#2011) (c93c85e)
  • wrong ordinal for french locale (#2010) (dd192a7)
• 1.11.4 - 2022-07-19
  

  1.11.4 (2022-07-19)

  Bug Fixes

  • correct past property in ku (kurdish) locale (#1916) (74e82b9)
  • fix French [fr] local ordinal (#1932) (8f09834)
  • fix objectSupport plugin ConfigTypeMap type (#1441) (#1990) (fd51fe4)
  • fix type error to add ordianl property in InstanceLocaleDataReturn and GlobalLocaleDataReturn types (#1931) (526f0ae)
  • update locale ar-* meridiem function (#1954) (3d31611)
  • zh-tw / zh-hk locale ordinal error (#1976) (0a1bd08)
• 1.11.3 - 2022-06-06
  

  1.11.3 (2022-06-06)

  Bug Fixes

  • customParseFormat plugin to parse comma as a separator character (#1913) (41b1405)
  • update Dutch [nl] locale ordinal (#1908) (5da98f8)
• 1.11.2 - 2022-05-06
  

  1.11.2 (2022-05-06)

  Bug Fixes

  • add OpUnitType (week) to quarterOfYear startOf/endOf types (#1865) (400bc3e)
  • Fix type issue with ManipulateType (#1864) (d033dfc)
  • fix UTC plugin .valueOf not taking DST into account (#1448) (27d1c50)
• 1.11.1 - 2022-04-15
• 1.11.0 - 2022-03-14
• 1.10.8 - 2022-02-28
• 1.10.7 - 2021-09-10
• 1.10.6 - 2021-07-06
• 1.10.5 - 2021-05-26
• 1.10.4 - 2021-01-22
• 1.10.3 - 2021-01-09
• 1.10.2 - 2021-01-05
• 1.10.1 - 2021-01-03
• 1.10.0 - 2021-01-03
• 1.9.8 - 2020-12-27
• 1.9.7 - 2020-12-05
• 1.9.6 - 2020-11-10
• 1.9.5 - 2020-11-05
• 1.9.4 - 2020-10-23
• 1.9.3 - 2020-10-13
• 1.9.2 - 2020-10-13
• 1.9.1 - 2020-09-28
• 1.9.0 - 2020-09-28
• 1.8.36 - 2020-09-17
• 1.8.35 - 2020-09-02
• 1.8.34 - 2020-08-20
• 1.8.33 - 2020-08-10
• 1.8.32 - 2020-08-04
• 1.8.31 - 2020-07-29
• 1.8.30 - 2020-07-22
• 1.8.29 - 2020-07-02
• 1.8.28 - 2020-05-28
• 1.8.27 - 2020-05-14
• 1.8.26 - 2020-04-30
• 1.8.25 - 2020-04-21
• 1.8.24 - 2020-04-10
• 1.8.23 - 2020-03-16
• 1.8.22 - 2020-03-08
• 1.8.21 - 2020-02-26
• 1.8.20 - 2020-02-04
• 1.8.19 - 2020-01-06
• 1.8.18 - 2019-12-18
• 1.8.17 - 2019-11-06
• 1.8.16 - 2019-08-27
• 1.8.15 - 2019-07-08
• 1.8.14 - 2019-05-07

from dayjs GitHub release notes

---

Important

• Check the changes in this PR to ensure they won't cause issues with your project.
• This PR was automatically created by Snyk using the credentials of a real user.
• Max score is 1000. Note that the real score may have changed since the PR was raised.

---

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.

For more information:

• 🧐 View latest project report
• 📜 Customise PR templates
• 🛠 Adjust upgrade PR settings
• 🔕 Ignore this dependency or unsubscribe from future upgrade PRs