[Snyk] Fix for 38 vulnerabilities

[yuhonghong66]

This PR was automatically created by Snyk using the credentials of a real user.

Snyk has created this PR to fix one or more vulnerable packages in the `npm` dependencies of this project.

Changes included in this PR

• Changes to the following files to upgrade the vulnerable dependencies to a fixed version:
  • client/package.json
  • client/package-lock.json
  • client/.snyk

Vulnerabilities that will be fixed

With an upgrade:

Severity	Priority Score (*)	Issue	Breaking Change	Exploit Maturity
	619/1000 Why? Has a fix available, CVSS 8.1	Prototype Pollution SNYK-JS-AJV-584908	No	No Known Exploit
	696/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 7.5	Regular Expression Denial of Service (ReDoS) SNYK-JS-ANSIREGEX-1583908	Yes	Proof of Concept
	616/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 5.9	Server-Side Request Forgery (SSRF) SNYK-JS-AXIOS-1038255	No	Proof of Concept
	696/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 7.5	Regular Expression Denial of Service (ReDoS) SNYK-JS-AXIOS-1579269	No	Proof of Concept
	586/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 5.3	Denial of Service (DoS) SNYK-JS-AXIOS-174505	No	Proof of Concept
	586/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 5.3	Regular Expression Denial of Service (ReDoS) SNYK-JS-BROWSERSLIST-1090194	No	Proof of Concept
	696/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 7.5	Denial of Service (DoS) SNYK-JS-ENGINEIO-1056749	No	Proof of Concept
	586/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 5.3	Regular Expression Denial of Service (ReDoS) SNYK-JS-GLOBPARENT-1016905	Yes	Proof of Concept
	484/1000 Why? Has a fix available, CVSS 5.4	Open Redirect SNYK-JS-GOT-2932019	Yes	No Known Exploit
	586/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 5.3	Regular Expression Denial of Service (ReDoS) SNYK-JS-LODASH-1018905	No	Proof of Concept
	681/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 7.2	Command Injection SNYK-JS-LODASH-1040724	No	Proof of Concept
	686/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 7.3	Prototype Pollution SNYK-JS-LODASH-450202	No	Proof of Concept
	731/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 8.2	Prototype Pollution SNYK-JS-LODASH-567746	No	Proof of Concept
	686/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 7.3	Prototype Pollution SNYK-JS-LODASH-608086	No	Proof of Concept
	686/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 7.3	Prototype Pollution SNYK-JS-LODASH-73638	No	Proof of Concept
	541/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 4.4	Regular Expression Denial of Service (ReDoS) SNYK-JS-LODASH-73639	No	Proof of Concept
	506/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 3.7	Prototype Pollution SNYK-JS-MINIMIST-2429795	No	Proof of Concept
	601/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 5.6	Prototype Pollution SNYK-JS-MINIMIST-559764	No	Proof of Concept
	539/1000 Why? Has a fix available, CVSS 6.5	Information Exposure SNYK-JS-NODEFETCH-2342118	No	No Known Exploit
	520/1000 Why? Has a fix available, CVSS 5.9	Denial of Service SNYK-JS-NODEFETCH-674311	No	No Known Exploit
	696/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 7.5	Regular Expression Denial of Service (ReDoS) SNYK-JS-NTHCHECK-1586032	Yes	Proof of Concept
	586/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 5.3	Regular Expression Denial of Service (ReDoS) SNYK-JS-POSTCSS-1255640	No	Proof of Concept
	696/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 7.5	Regular Expression Denial of Service (ReDoS) SNYK-JS-PRISMJS-1076581	No	Proof of Concept
	584/1000 Why? Has a fix available, CVSS 7.4	Regular Expression Denial of Service (ReDoS) SNYK-JS-PRISMJS-1314893	No	No Known Exploit
	696/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 7.5	Regular Expression Denial of Service (ReDoS) SNYK-JS-PRISMJS-1585202	No	Proof of Concept
	484/1000 Why? Has a fix available, CVSS 5.4	Cross-site Scripting (XSS) SNYK-JS-PRISMJS-2404333	No	No Known Exploit
	629/1000 Why? Has a fix available, CVSS 8.3	Cross-site Scripting (XSS) SNYK-JS-PRISMJS-597628	No	No Known Exploit
	601/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 5.6	Command Injection SNYK-JS-REACTDEVUTILS-1083268	Yes	Proof of Concept
	539/1000 Why? Has a fix available, CVSS 6.5	Remote Code Execution (RCE) SNYK-JS-SHARP-2848109	Yes	No Known Exploit
	619/1000 Why? Has a fix available, CVSS 8.1	Remote Code Execution (RCE) SNYK-JS-SHELLQUOTE-1766506	Yes	No Known Exploit
	696/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 7.5	Regular Expression Denial of Service (ReDoS) SNYK-JS-TRIM-1017038	Yes	Proof of Concept
	586/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 5.3	Regular Expression Denial of Service (ReDoS) SNYK-JS-VALIDATOR-1090599	Yes	Proof of Concept
	586/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 5.3	Regular Expression Denial of Service (ReDoS) SNYK-JS-VALIDATOR-1090600	Yes	Proof of Concept
	586/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 5.3	Regular Expression Denial of Service (ReDoS) SNYK-JS-VALIDATOR-1090601	Yes	Proof of Concept
	586/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 5.3	Regular Expression Denial of Service (ReDoS) SNYK-JS-VALIDATOR-1090602	Yes	Proof of Concept
	601/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 5.6	Prototype Pollution SNYK-JS-YARGSPARSER-560381	No	Proof of Concept
	506/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 3.7	Regular Expression Denial of Service (ReDoS) npm:braces:20180219	No	Proof of Concept
	469/1000 Why? Has a fix available, CVSS 5.1	Denial of Service (DoS) npm:mem:20180117	No	No Known Exploit

(*) Note that the real score may have changed since the PR was raised.

Commit messages

Package name: @reach/router

The new version differs by 82 commits.

• 1f26ef0 useRouteMatch => useMatch, add null context warnings (Embed not working on "Build Web Apps with Express" freeCodeCamp/freeCodeCamp#347)
• 99576e7 1.3.0
• 56d4dca Add Hooks APIs (Can't login ERR_TOO_MANY_REDIRECTS freeCodeCamp/freeCodeCamp#346)
• 15298df fix createNamedContext (Test slack integration issue freeCodeCamp/freeCodeCamp#305)
• 95a8aa5 Bump react-dom from 16.4.1 to 16.4.2 (Challenge Syllabus freeCodeCamp/freeCodeCamp#329)
• 3832202 Bump mixin-deep from 1.3.1 to 1.3.2 in /website (Add FCC progress title to users freeCodeCamp/freeCodeCamp#330)
• 2dd1c31 Bump lodash from 4.17.10 to 4.17.15 in /website (Add gist exporting from bonfire solutions. freeCodeCamp/freeCodeCamp#331)
• 0908a5f Merge pull request Update the MongoDB challenge. freeCodeCamp/freeCodeCamp#334 from reach/1.3.0-beta.1
• 31c07a3 update snapshots
• 6f82408 bump to 1.3 in docs
• edea55d remove group role from focus wrapper
• 234523a Fix failing unit tests (Update bonfire Instructions and Help Text freeCodeCamp/freeCodeCamp#333)
• 11e9ed6 Fix/active routes push new state to history (If a camper has completed all Waypoints, but not all Bonfires, root should redirect to /bonfires/ instead freeCodeCamp/freeCodeCamp#302)
• 0d38c82 Fix the getProps example ("Pairwise" Bonfire wording issue freeCodeCamp/freeCodeCamp#306)
• ccfc3c8 Support for named trailing wildcard (dependency on fbgraph is missing freeCodeCamp/freeCodeCamp#323)
• 0b4d21b Update accessibility.md (login freeCodeCamp/freeCodeCamp#317)
• 3154b75 Merge pull request Ux improvements freeCodeCamp/freeCodeCamp#319 from stof/upgrade_create_react_context
• ad52cd3 Upgrade create-react-context to 0.3.0
• 28a79e7 Add `?` to location.search in memory history
• f045ba8 Failing test for memory history location.search
• 0a8af93 Don’t copy everything from history.location
• 77fa233 Add displayName to Link
• 64a24e8 Add server configuration guide
• 2cc803d 1.3.0-beta.0

See the full diff

Package name: axios

The new version differs by 250 commits.

• e367be5 [Releasing] 0.21.3
• 83ae383 Correctly add response interceptors to interceptor chain (Waypoint: Target the Parent of an Element Using jQuery freeCodeCamp/freeCodeCamp#4013)
• c0c8761 [Updating] changelog to include links to issues and contributors
• 619bb46 [Releasing] v0.21.2
• 82c9455 Create SECURITY.md (Has program execution error and logs 'chai is not defined' when there is no variable 'chai' in the code freeCodeCamp/freeCodeCamp#3981)
• 5b45711 Security fix for ReDoS (Issue with http://freecodecamp.com/challenges/waypoint-delete-properties-from-a-javascript-object freeCodeCamp/freeCodeCamp#3980)
• 5bc9ea2 Update ECOSYSTEM.md (Sum all odd fibonacci numbers. Browser freezes due to recursive solution. freeCodeCamp/freeCodeCamp#3817)
• e72813a Fixing README.md ("$ is not defined" freeCodeCamp/freeCodeCamp#3818)
• e10a027 Fix README typo under Request Config (Fix Waypoint Create Slot Machine Tests freeCodeCamp/freeCodeCamp#3825)
• e091491 Update README.md (Fix example for black background color in Objective 2 freeCodeCamp/freeCodeCamp#3936)
• b42fbad Removed un-needed bracket
• 520c8dc Updating CI status badge (wrong calculating freeCodeCamp/freeCodeCamp#3953)
• 4fbeecb Adding CI on Github Actions. (Undefined? freeCodeCamp/freeCodeCamp#3938)
• e9965bf Fixing the sauce labs tests (Fix Waypoint Nest Anchor in Paragraph Code Guidance freeCodeCamp/freeCodeCamp#3813)
• dbc634c Remove charset in tests (Nest an Anchor Element within a Paragraph freeCodeCamp/freeCodeCamp#3807)
• 3958e9f Add explanation of cancel token (Improve readme to avoid setting up confusion freeCodeCamp/freeCodeCamp#3803)
• 69949a6 Adding custom return type support to interceptor (Typo in challenge freeCodeCamp/freeCodeCamp#3783)
• 49509f6 Create FUNDING.yml (Remove text decoration from social media icons in user profile page. freeCodeCamp/freeCodeCamp#3796)
• 199c8aa Adding parseInt to config.timeout (Waypoint: Build Web Apps with Express.js - what's in the query exercise fails to verify - expressworks  freeCodeCamp/freeCodeCamp#3781)
• 94fc4ea Adding isAxiosError typeguard documentation (update git icon for landing freeCodeCamp/freeCodeCamp#3767)
• 0ece97c Fixing quadratic runtime when setting a maxContentLength (title case a sentence freeCodeCamp/freeCodeCamp#3738)
• a18a0ec Updating `lib/core/README.md` about Dispatching requests ("Create my Github issue" button is not working freeCodeCamp/freeCodeCamp#3772)
• 59fa614 [Updated] follow-redirects to the latest version (Waypoint: Get Set for Basejumps error while installation freeCodeCamp/freeCodeCamp#3771)
• 7821ed2 Feat/json improvements (Compiler error for - str = str.replace(/\//g,""); works fine in Dev tools freeCodeCamp/freeCodeCamp#3763)

See the full diff

Package name: gatsby

The new version differs by 250 commits.

• 2c324f6 chore(release): Publish
• 55c7183 feat(contentful): add support for tables in Rich Text (Changed sentences freeCodeCamp/freeCodeCamp#33870)
• 053180a fix(gatsby): Better TS compilation error (Missing Project Euler Challenges freeCodeCamp/freeCodeCamp#35594)
• 0cf0bd9 chore(release): Publish next
• 9a91295 fix(gatsby-plugin-image): fix image flickers (Rocks: Buttons not redirecting properly freeCodeCamp/freeCodeCamp#35226)
• f358dc3 chore(release): Publish next
• 966aca8 feat(gatsby): Improvements to GraphQL TypeScript Generation (Added the Introduction to the Coding Interview Take Home Projects freeCodeCamp/freeCodeCamp#35581)
• 8bad9b3 perf(gatsby): Minify page-data (Fixed Typographical Error in guide/english/git/index.md freeCodeCamp/freeCodeCamp#35578)
• 39e9840 chore(gatsby): Expose `serverDataStatus` field in SSR type declaration file (Remove stub text from filled guide articles freeCodeCamp/freeCodeCamp#35505)
• ebd63b2 feat(gatsby-source-wordpress): use image cdn for non-resizable images in html (svgs/gifs mainly) (The advice in 'How to work on coding challenges' could use fleshing out freeCodeCamp/freeCodeCamp#35529)
• 5e51519 fix(gatsby-source-wordpress): update test deps and fix int tests (Solution not working - "Truncate A String" freeCodeCamp/freeCodeCamp#35582)
• 128c7bb feat(gatsby-source-wordpress): always include draft slugs (fix(challenge): add support for IIFE arrow function freeCodeCamp/freeCodeCamp#35573)
• abc6dca feat(gatsby-plugin-image): add check for node.gatsbyImage in the getImage helper (Fixed Typographical Error in guide/english/accessibility/index.md freeCodeCamp/freeCodeCamp#35507)
• e51c3a3 chore(release): Publish next
• c9d98a4 feat(gatsby): Initial GraphQL Typegen Implementation (feat(interview-prep): Converting and transferring Rosetta problems freeCodeCamp/freeCodeCamp#35487)
• 17cbc7c fix(deps): update minor and patch dependencies for gatsby-source-graphql (fix: update sass challenge - russian description freeCodeCamp/freeCodeCamp#35545)
• 10752ed fix(deps): update dependency fs-extra to ^10.1.0 (Deleted an unneccessary comma freeCodeCamp/freeCodeCamp#34976)
• 0abdcd6 fix(deps): update dependency coffeescript to ^2.7.0 for gatsby-plugin-coffeescript (Fill in introduction sections freeCodeCamp/freeCodeCamp#35550)
• 7cda002 fix(deps): update dependency eslint-plugin-import to ^2.26.0 (fix: landing page image css fix freeCodeCamp/freeCodeCamp#35551)
• 3e74a9f fix(deps): update dependency eslint-plugin-react-hooks to ^4.5.0 (A solution was missing for Data Structures: Use Breadth First Search in a Binary Search Tree freeCodeCamp/freeCodeCamp#35552)
• fb98116 fix(deps): update minor and patch dependencies for gatsby-source-drupal (Broken Tests in Add Axes to a Visualization challenge in D3 freeCodeCamp/freeCodeCamp#35554)
• c09287a chore(deps): update starters and examples ([NEW] A clearer, more readable return statement freeCodeCamp/freeCodeCamp#35565)
• bf854ca fix(deps): update dependency prop-types to ^15.8.1 for gatsby-link (fix: normalize font weights globally and font hierarchy on map freeCodeCamp/freeCodeCamp#35291)
• 71eb414 chore(deps): update dependency typescript to ^4.6.4 (Donate page freeCodeCamp/freeCodeCamp#34984)

See the full diff

Package name: gatsby-cli

The new version differs by 250 commits.

• a3815c3 chore(release): Publish
• 2b1de8c chore: bump yargs parser version to avoid flagged vulnerable dependencies (Correction of a spelling mistake freeCodeCamp/freeCodeCamp#23839)
• 197614e chore(gatsby): Migrate nodes reducer and last-action reducer to TypeScript (Update index.md freeCodeCamp/freeCodeCamp#23771)
• 8e68d32 update(docs) Fix broken links in "How Queries Work" article (Update with Font Library freeCodeCamp/freeCodeCamp#23894)
• ce198e7 feat(www): Meta title support (Added Python Playground freeCodeCamp/freeCodeCamp#23797)
• a173fd3 chore(docs): prevent use of h1s in markdown (Update index.md freeCodeCamp/freeCodeCamp#23664)
• d98e2ad fix(gatsby-recipes): Also call telemetry when selecting a recipe from the list (Adds more resources and common methods freeCodeCamp/freeCodeCamp#23882)
• 2d502c8 fix(www): Allow API docs to reference top level TS exports (Added my changes to the article freeCodeCamp/freeCodeCamp#23863)
• 29e3acb chore(gatsby-benchmark-wordpress): update to latest packages (Add new course for Angular 2++ freeCodeCamp/freeCodeCamp#23876)
• 5fcd6dc fix(gatsby-link): replace current path in history rather than pushing it ([Russian] responsive-web-design: imporved translate freeCodeCamp/freeCodeCamp#23414)
• 8e6d5c6 add Impossible Burgers case study (Change in formatting freeCodeCamp/freeCodeCamp#23873)
• 29dc9e1 update(docs) Fix broken links in node-tracking.md (Update transition delay and shorthand freeCodeCamp/freeCodeCamp#23874)
• b3e41f5 chore(docs): Fix file extension on TS doc (Update grammar freeCodeCamp/freeCodeCamp#23824)
• 02bd7ed fix(gatsby-remark-images): allow default max-width to be overwritten with `wrapperStyle` (Translated html comment  freeCodeCamp/freeCodeCamp#23854)
• d2de7f7 chore(release): Publish
• cb24974 add Storybook (ts) to recipes (removed "history of the" from line 12 freeCodeCamp/freeCodeCamp#23728)
• 2e17593 chore(release): Publish
• a29aca1 fix(gatsby-dev-cli): fix "expected manifest" errors (change to bullets freeCodeCamp/freeCodeCamp#23871)
• bc34171 Add Cognifide Tech to Gatsby Showcase (Translated html comment freeCodeCamp/freeCodeCamp#23868)
• 2ea0302 Make ButterCMS all one word in title (Clarification freeCodeCamp/freeCodeCamp#23804)
• 986f7b8 perf(gatsby): replace `mitt` with a modern Map/Set based version of it (changed OSs to "operating system" on line 34 freeCodeCamp/freeCodeCamp#23223)
• 4f35247 Add www.chandraveena.com to Gatsby Site Showcase (Added more info and symbols freeCodeCamp/freeCodeCamp#23861)
• 11221c5 fix(docs): add missing comma between properties in code example (Adds extra information about multiline comments in regards to style and creation. freeCodeCamp/freeCodeCamp#23859)
• 6568560 chore(gitkeep): remove useless files (Made the title bold freeCodeCamp/freeCodeCamp#23847)

See the full diff

Package name: gatsby-plugin-manifest

The new version differs by 250 commits.

• f6734b9 chore(release): Publish
• 9a616c0 fix(gatsby): wait for LMDB upserts to finish before emitting ENGINES_READY (Production freeCodeCamp/freeCodeCamp#34853) ([PRODUCTION]chore: Update gulp to support node 10 freeCodeCamp/freeCodeCamp#34896)
• f5705b9 fix(create-gatsby): Add required deps for theme-ui option (Added solution. freeCodeCamp/freeCodeCamp#34885) (Fixed bad redireccion of the link with "Storing Values with the Equal Operator" freeCodeCamp/freeCodeCamp#34897)
• 9a579f1 fix(gatsby-core-utils): fix 304 when file does not exists (Bank of Scotland Job Vacancies And Opportunities freeCodeCamp/freeCodeCamp#34842) (ES6 Challenge requiring const does not require the variable to be in all caps freeCodeCamp/freeCodeCamp#34888)
• 148d016 fix(gatsby): Remove double enhanced-resolve dep (Intermediate explanation number two freeCodeCamp/freeCodeCamp#34854) (decodeHTMLEntities causes build failure freeCodeCamp/freeCodeCamp#34889)
• 19b0304 feat(gatsby-core-utils): improve fetch-remote-file (Solution to check-for-all-or-none.english.md javascript challenge  freeCodeCamp/freeCodeCamp#34758)
• ac1d777 fix(gatsby-source-contentful): avoid confusion of Gatsby node and Contentful node count in logs (fix: bump donor no as of Jan 8, 2019 freeCodeCamp/freeCodeCamp#34830)
• ee8c874 refactor(gatsby-source-contentful): remove unnecessary check for existing node (Metro Bank Job Vacancies And Opportunities For Freshers & Experienced freeCodeCamp/freeCodeCamp#34829)
• 056b48e test(gatsby): Add a memory test suite command to the memory benchmark (changes to no validate comment freeCodeCamp/freeCodeCamp#34810)
• 45cb1f1 chore(release): Publish next
• 4c832bf documentation: Add Third Party Schema (Fixed typo in JavaScript curriculum freeCodeCamp/freeCodeCamp#34820)
• 9f23dec chore(gatsby): cache shouldn't reference nodes strongly (fix: the guide for header tag is not well fromatted freeCodeCamp/freeCodeCamp#34821)
• f2d4830 feat(gatsby-core-utils): create proper mutex (Intermediate Algorithm Search And Replace needs to have solution replaced freeCodeCamp/freeCodeCamp#34761)
• 21ef185 chore(changelogs): update changelogs (Feature request: Redesigning the curriculum UI freeCodeCamp/freeCodeCamp#34826)
• a2f99af fix(deps): update starters and examples gatsby packages to ^4.7.2 (feat(interview-prep): Transfering Rosetta problems from Curriculum freeCodeCamp/freeCodeCamp#34822)
• 76c89d8 chore(release): Publish next
• 54d29c4 chore(gatsby): upgrade from lmdb-store to lmdb (fix(client): wait for async tests to finish freeCodeCamp/freeCodeCamp#34576)
• 3df8583 fix(core): Make filter/sort query only hold onto node properties it needs (fix(client): formatting challenge descriptions and instructions freeCodeCamp/freeCodeCamp#34747)
• 3c3362b refactor(core): Make load plugins modular, prepare for TS (Added a solution to fix stub freeCodeCamp/freeCodeCamp#34813)
• 3d74584 feat(gatsby): allow referencing derived types in schema customization (Minor rephrasing of the lesson's description freeCodeCamp/freeCodeCamp#34787)
• bfd04d3 fix(gatsby): Content Sync DSG bug (Replace stub page with new hints freeCodeCamp/freeCodeCamp#34799)
• 326a483 fix(deps): update dependency sharp to ^0.30.1 (Pig Latin Chllenge - Test for vowel at end of the word. freeCodeCamp/freeCodeCamp#34755)
• 7b958f9 docs: update typo Forestry (Peninsula HOTEL Job Application Form 2019 freeCodeCamp/freeCodeCamp#34805)
• ba8e21c feat(gatsby): Match node manifest pages by page context slug (Adjusted Copyright to 2019 freeCodeCamp/freeCodeCamp#34790)

See the full diff

Package name: gatsby-source-filesystem

The new version differs by 250 commits.

• b8eac2d chore(release): Publish
• 3253a38 fix(gatsby-plugin-mdx): Hashing and pluginOptions (update translation gcd-euclidean freeCodeCamp/freeCodeCamp#36387) (Fixed typos in description of challenge: "Use a Template Engine's Powers" freeCodeCamp/freeCodeCamp#36395)
• 1880491 fix(gatsby-script): Reach router import (fix: Remove non-functional css freeCodeCamp/freeCodeCamp#36385) (Removed erroneous apostrophes from test line 3 - create-a-controlled-input freeCodeCamp/freeCodeCamp#36394)
• f664ad2 feat(gatsby): Telemetry tracking for Head API (fix: Update docs, recommending install all packages freeCodeCamp/freeCodeCamp#36352)
• ab55e4e chore: Update `got` (Update to "Search and Replace" intermediate solution freeCodeCamp/freeCodeCamp#36366)
• 2b4ff76 fix(gatsby): Make runtime error overlay work in non-v8 browsers (Final Projects Accept Any Link as a Solution freeCodeCamp/freeCodeCamp#36365)
• f990e08 fix(test): clear and close lmdb after each test suite (Why use mlab in "Implement the Serialization of a Passport User"? freeCodeCamp/freeCodeCamp#36343)
• 7fcf580 fix(gatsby): e.remove() is not a function when using Gatsby Head API (fix(challenge): rename challenge, change fields to properties, fix test freeCodeCamp/freeCodeCamp#36338)
• 25fb9d1 chore: Fix pipeline tests ( update translation graph-algorithms freeCodeCamp/freeCodeCamp#36363)
• a9132a5 chore(deps): update sharp (Update challenge descriptions with code tags freeCodeCamp/freeCodeCamp#35539)
• bc80c23 chore: Add note about rehype-slug-custom-id
• 5b6f1f6 chore(gatsby): upgrade multer (Bump normalizr from 2.3.1 to 3.4.0 freeCodeCamp/freeCodeCamp#36359)
• f2f0acf chore(gatsby-telemetry): upgrade git-up (Bump remark-parse from 5.0.0 to 6.0.3 freeCodeCamp/freeCodeCamp#36358)
• 86a8efc chore(release): Publish next
• 0705ac7 chore(gatsby-plugin-mdx): Update .gitignore
• c92db36 BREAKING CHANGE(gatsby-plugin-mdx): MDX v2 (fix: add solution to Bootstrap challenge freeCodeCamp/freeCodeCamp#35650)
• 3c0dd6d chore(release): Publish next
• 86b6ee9 Revert "chore(gatsby): Make `plugins` in `PluginOptions` type optional (Get a hint link broken for "Basic CSS: Improve Compatibility with Browser Fallbacks" freeCodeCamp/freeCodeCamp#36351)"
• a2fa5a2 chore(gatsby): Make `plugins` in `PluginOptions` type optional (Get a hint link broken for "Basic CSS: Improve Compatibility with Browser Fallbacks" freeCodeCamp/freeCodeCamp#36351)
• 6ecfe4a fix(gatsby-source-contentful): Correctly overwrite field type on Assets (update translation flood-fill freeCodeCamp/freeCodeCamp#36337)
• 0ed362c chore(docs): Pre-encoded unicode characters can't be used in paths (ES6: Write Concise Object Literal Declarations Using Simple Fields freeCodeCamp/freeCodeCamp#36325)
• 2bbe96d fix(deps): update dependency file-type to ^16.5.4 for gatsby-source-filesystem (chore: bump eslint-config-prettier from 4.1.0 to 4.3.0 freeCodeCamp/freeCodeCamp#36276)
• 2be3fa7 chore(docs): Add first batch of Cloud docs (fix(server): Update donor num - June 9, 2019 freeCodeCamp/freeCodeCamp#36218)
• 4238142 chore(docs): Remove outdated examples and recipes (Empty white space between the navbar and main content under dark theme.  freeCodeCamp/freeCodeCamp#36335)

See the full diff

Package name: gatsby-transformer-remark

The new version differs by 250 commits.

• e98cb62 chore(release): Publish
• 164f9a1 fix(gatsby-source-contentful): De-dupe type names (Arch Linux installation freeCodeCamp/freeCodeCamp#30834) (Portuguese translation and corrections freeCodeCamp/freeCodeCamp#30850)
• 0b99d00 fix(gatsby): webpack warnings are no longer in object format by default (Added methods to go to beginning and end of line freeCodeCamp/freeCodeCamp#30801) (Usage of Throw and Throws keywords in exception handling. freeCodeCamp/freeCodeCamp#30853)
• f561724 fix(gatsby): lower memory pressure in SSR (removed redundant sentence fragment freeCodeCamp/freeCodeCamp#30793) (Updating readme.md file freeCodeCamp/freeCodeCamp#30851)
• 96805d5 fix(gatsby-source-wordpress): change `console.warning` to `console.warn` (Added punctuation mark to README.md freeCodeCamp/freeCodeCamp#30764) (Added topcoder tutorial links freeCodeCamp/freeCodeCamp#30852)
• e40c83d chore(release): Publish next
• a5b5cf8 feat: upgrade to remark 13 (Altered grammar of "Case Cooling" section freeCodeCamp/freeCodeCamp#29678)
• 172cf4d chore(docs): Add link to perf implications siteContext (Created new section with link to bulma website freeCodeCamp/freeCodeCamp#30778)
• 4336d04 fix(gatsby-plugin-gatsby-cloud): Add missing index.js (so the plugin can be resolved in workspaces) (Add guidelines for "Make Typography Responsive" chapter freeCodeCamp/freeCodeCamp#30761)
• 2bdd5a5 fix(gatsby-source-wordpress): only log out duplicate node if we have all the data we want to log (added "##" freeCodeCamp/freeCodeCamp#30751)
• 1a9b830 fix(gatsby-plugin-image): Don't inherit all img styles (Added "the" to line 17 and comma to line 33 freeCodeCamp/freeCodeCamp#30754)
• e0df4cc chore(docs): Change "whitelist" to "allow list" (Fixed typo on line 27 freeCodeCamp/freeCodeCamp#30756)
• 81ec270 chore: Add backport script (Added bug bounty links freeCodeCamp/freeCodeCamp#30732)
• 63cc8fa fix(docs): Copy edits for debugging html doc + add React-specific example (Update README.md freeCodeCamp/freeCodeCamp#30745)
• eed1d43 fix(docs): Add link to how to enable DEV_SSR for fixing inconsistent css styles between dev/prod (Added a conference website freeCodeCamp/freeCodeCamp#30746)
• ecd823f perf(gatsby): cache babel config items (Add href statement to hide link address freeCodeCamp/freeCodeCamp#28738)
• a60e92f chore(release): Publish next
• dd9e95c docs(gatsby-plugin-image): Note on tracedSVG options name change (updated. freeCodeCamp/freeCodeCamp#30736)
• a5869e3 fix(gatsby-plugin-image): Use bare GATSBY___IMAGE global (he traducido la etiqueta h1 y p al español freeCodeCamp/freeCodeCamp#30713)
• 0f3fa4e fix(contentful): make gatsby-plugin-image a peer dependency (CI: Optimize the tests performance. freeCodeCamp/freeCodeCamp#30709)
• 6b2fd94 fix(gatsby-source-wordpress): pass missing property helpers to gql fetch util ([german] Translation of style-guide-for-guide-articles.md freeCodeCamp/freeCodeCamp#30727)
• c6fa488 chore(docs): Update wording of tutorial part 8 (Refined the explanation of pointers & their syntax freeCodeCamp/freeCodeCamp#30606)
• a777367 fix(gatsby-cli): Update docs links in error-map (Adding alternative tools for coding style freeCodeCamp/freeCodeCamp#30493)
• c473abf chore(docs): include autoprefixer in tailwind install command (Added info about array value addressing freeCodeCamp/freeCodeCamp#30718)

See the full diff

Package name: prismjs

The new version differs by 250 commits.

• 703881e 1.27.0
• 7ac1373 Updated changelog for v1.27.0 (Fixes "Javascript uses use" typos freeCodeCamp/freeCodeCamp#3342)
• e002e78 Command Line: Escape markup in command line output (make "basejump" singular instead of plural on the map freeCodeCamp/freeCodeCamp#3341)
• 13b56a9 Bump follow-redirects from 1.14.7 to 1.14.8 (Test cases need to be extended freeCodeCamp/freeCodeCamp#3338)
• f094c4a Bump yargs-parser from 5.0.0 to 5.0.1 (Fix typo in bonfire test case freeCodeCamp/freeCodeCamp#3334)
• 9fd4c74 Bump ajv from 6.10.0 to 6.12.6 (Cannot seed database on OS X freeCodeCamp/freeCodeCamp#3333)
• 3fcca6b Bump pathval from 1.1.0 to 1.1.1 (Error: "You should have made use of the reduce/filter method" freeCodeCamp/freeCodeCamp#3331)
• 1784b17 Command Line: Add support for line continuation and improved colors (changed user-named function: replace to myReplace freeCodeCamp/freeCodeCamp#3326)
• f545843 ESLint: Allow `Map` and `Set` in ES5 code (Run Tests is not working freeCodeCamp/freeCodeCamp#3328)
• d6c5372 PureBasic: Added missing keyword and fixed constants ending with `$` (changed test from expect to assert style, Advanced-Bonfires freeCodeCamp/freeCodeCamp#3320)
• 82d0ca1 Command Line: Added span around command and output (bug report: remove checkmark, always include user code freeCodeCamp/freeCodeCamp#3312)
• 2cc4660 Core: Added better error message for missing grammars (add google font into codebase freeCodeCamp/freeCodeCamp#3311)
• 3f8cc5a Added UO Razor Script (Chrome 45 on a surface... the code lines dont all show up freeCodeCamp/freeCodeCamp#3309)
• bcb2e2c AutoIt: Allow hyphen in directive (Changed 'background color of blue' to 'color of blue' freeCodeCamp/freeCodeCamp#3308)
• deb3a97 INI: Swap out `header` for `section` (Refactor basic bonfire tests to use assert instead of expect freeCodeCamp/freeCodeCamp#3304)
• e46501b editorconfig: Change alias of `section` from `keyword` to `selector` (Fix description Bonfire: Arguments Optional freeCodeCamp/freeCodeCamp#3305)
• 2eb89e1 Swap out `operator` for `punctuation` ("Target the Children of an Element Using jQuery" example "background color of blue" freeCodeCamp/freeCodeCamp#3306)
• 3a20bdc Bump node-fetch from 2.6.1 to 3.1.1 (Nth to last character in a String freeCodeCamp/freeCodeCamp#3307)
• 081d515 Bump copy-props from 2.0.4 to 2.0.5 (Adds ability to 1-click expand images freeCodeCamp/freeCodeCamp#3300)
• b90e97c Bump follow-redirects from 1.13.1 to 1.14.7 (Paragraph framed incorrectly  freeCodeCamp/freeCodeCamp#3299)
• 8458c41 MongoDB: Added v5 support (test freeCodeCamp/freeCodeCamp#3297)
• 441a142 Scala: Added support for interpolated strings (Issue: Saved code no longer matches updated problems freeCodeCamp/freeCodeCamp#3293)
• 0b6b1e2 1.26.0
• 3ae61a8 Updated changelog for v1.26.0 (adjust map font size and simplify Facebook share call to action freeCodeCamp/freeCodeCamp#3292)

See the full diff

Package name: validator

The new version differs by 250 commits.

• 47ee5ad 13.7.0
• 496fc8b fix(rtrim): remove regex to prevent ReDOS attack (Bonfire: Check for Palindromes freeCodeCamp/freeCodeCamp#1738)
• 45901ec Merge pull request Fixed #1848 freeCodeCamp/freeCodeCamp#1851 from validatorjs/chore/fix-merge-conflicts
• 83cb7f8 chore: merge conflict clean-up
• f17e220 feat(isMobilePhone): add El Salvador es-SV locale
• 5b06703 feat(isMobilePhone): add Palestine ar-PS locale
• a3faa83 feat(isMobilePhone): add Botswana en-BW locale
• 26605f9 feat(isMobilePhone): add Turkmenistan tk-TM
• 0e5d5d4 feat(isMobilePhone): add Guyana en-GY locale
• f7ff349 feat(isMobilePhone): add Frech Polynesia fr-PF locale
• 8627e48 feat(isMobilePhone): add Kiribati en-KI locale
• ed60123 feat(isMobilePhone): add Tajikistan tg-TJ locale (misleading comments freeCodeCamp/freeCodeCamp#1846)
• c96d805 feat(isMobilePhone): add Maldives dv-MV locale
• 5c2d69e feat(isMobilePhone): regex for Burkina Faso fr-BF and Namibia en-NA locales
• fc0fefc feat(isMobilePhone): add Bhutan dz-BT locale (News item missing and yet not mising freeCodeCamp/freeCodeCamp#1770)
• 01d3da3 feat(isMobilePhone): add Tajikistan tg-TJ locale (misleading comments freeCodeCamp/freeCodeCamp#1846)
• af2b43c feat(isUUID): add support for validation of version v1 and v2 (Extra ">" at end of example freeCodeCamp/freeCodeCamp#1848)
• 769f6d5 feat(contains): add possibility to check that string contains seed multiple times (adds projecttalk messageboard freeCodeCamp/freeCodeCamp#1836)
• f2381e0 feat: (isMobilePhone): add Cameroon fr-CM locale (Bonfire: Meet Bonefire - Unable to run code to submit freeCodeCamp/freeCodeCamp#1772)
• 5773869 feat(isVAT): add dutch NL locale (can't go to next challenge freeCodeCamp/freeCodeCamp#1825)
• de1cb29 fix: Russian passport number regex (Had already solved this challenge before update and now same answer won't work freeCodeCamp/freeCodeCamp#1810)
• 7bee611 add CDN use option with unpkg (Incorrect text freeCodeCamp/freeCodeCamp#1844)
• 57cc14e feat(isIdentityCard): add finnish locale (Filter Arrays with filter - contradicting assignment and assert freeCodeCamp/freeCodeCamp#1838)
• 2201869 feat: added finnish locale to isAlpha and isAlphanumeric (Hex code is wrong freeCodeCamp/freeCodeCamp#1837)

See the full diff

With a Snyk patch:

Severity	Priority Score (*)	Issue	Exploit Maturity
	731/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 8.2	Prototype Pollution SNYK-JS-LODASH-567746	Proof of Concept

(*) Note that the real score may have changed since the PR was raised.

Check the changes in this PR to ensure they won't cause issues with your project.

---

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information:
🧐 View latest project report

🛠 Adjust project settings

📚 Read more about Snyk's upgrade and patch logic

---

Learn how to fix vulnerabilities with free interactive lessons:

🦉 Denial of Service (DoS)
🦉 Regular Expression Denial of Service (ReDoS)
🦉 Prototype Pollution
🦉 More lessons are available in Snyk Learn