[Snyk] Upgrade astro from 3.1.2 to 4.16.8 #55

drumsta · 2024-11-25T06:00:52Z

Snyk has created this PR to upgrade astro from 3.1.2 to 4.16.8.

ℹ️ Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.

⚠️ Warning: This PR contains major version upgrade(s), and may be a breaking change.

The recommended version is 173 versions ahead of your current version.
The recommended version was released on 25 days ago.

Issues fixed by the recommended upgrade:

Issue	Score	Exploit Maturity
Access Control Bypass SNYK-JS-VITE-6182924	479	Proof of Concept
Uncontrolled resource consumption SNYK-JS-BRACES-6838727	479	Proof of Concept
Regular Expression Denial of Service (ReDoS) SNYK-JS-CROSSSPAWN-8303230	479	Proof of Concept
Prototype Pollution SNYK-JS-DSET-7116691	479	Proof of Concept
Inefficient Regular Expression Complexity SNYK-JS-MICROMATCH-6838728	479	No Known Exploit
Improper Input Validation SNYK-JS-POSTCSS-5926692	479	No Known Exploit
Cross-site Scripting (XSS) SNYK-JS-ROLLUP-8073097	479	Proof of Concept
Information Exposure SNYK-JS-VITE-8023174	479	Proof of Concept
Cross-site Scripting (XSS) SNYK-JS-ASTRO-7547139	479	No Known Exploit
Cross-site Scripting (XSS) SNYK-JS-ASTRO-8186178	479	Proof of Concept
Cross-Site Scripting (XSS) SNYK-JS-VITE-6098386	479	Proof of Concept
Improper Access Control SNYK-JS-VITE-6531286	479	Proof of Concept
Cross-site Scripting (XSS) SNYK-JS-COOKIE-8163060	479	No Known Exploit
Regular Expression Denial of Service (ReDoS) SNYK-JS-PATHTOREGEXP-7925106	479	Proof of Concept
Information Exposure SNYK-JS-UNDICI-5962466	479	No Known Exploit
Permissive Cross-domain Policy with Untrusted Domains SNYK-JS-UNDICI-6252336	479	No Known Exploit
Improper Access Control SNYK-JS-UNDICI-6564963	479	No Known Exploit
Improper Authorization SNYK-JS-UNDICI-6564964	479	No Known Exploit
Cross-site Scripting (XSS) SNYK-JS-VITE-8022916	479	Proof of Concept
Incomplete List of Disallowed Inputs SNYK-JS-BABELTRAVERSE-5962462	479	Proof of Concept

Release notes

Package name: astro

4.16.8 - 2024-10-31
4.16.7 - 2024-10-22
4.16.6 - 2024-10-17
4.16.5 - 2024-10-15
4.16.4 - 2024-10-15
4.16.3 - 2024-10-14
4.16.2 - 2024-10-12
4.16.1 - 2024-10-11
4.16.0 - 2024-10-10
4.15.12 - 2024-10-07
4.15.11 - 2024-10-03
4.15.10 - 2024-10-01
4.15.9 - 2024-09-23
4.15.8 - 2024-09-19
4.15.7 - 2024-09-17
4.15.6 - 2024-09-13
4.15.5 - 2024-09-13
4.15.4 - 2024-09-06
4.15.3 - 2024-09-05
4.15.2 - 2024-09-02
4.15.1 - 2024-08-29
4.15.0 - 2024-08-29
4.14.6 - 2024-08-28
4.14.5 - 2024-08-22
4.14.4 - 2024-08-21
4.14.3 - 2024-08-20
4.14.2 - 2024-08-15
4.14.1 - 2024-08-15
4.14.0 - 2024-08-15
4.13.4 - 2024-08-14
4.13.3 - 2024-08-09
4.13.2 - 2024-08-08
4.13.1 - 2024-08-02
4.13.0 - 2024-08-01
4.12.3 - 2024-07-30
4.12.2 - 2024-07-19
4.12.1 - 2024-07-18
4.12.0 - 2024-07-18
4.11.6 - 2024-07-17
4.11.5 - 2024-07-03
4.11.4 - 2024-07-03
4.11.3 - 2024-06-26
4.11.2 - 2024-06-26
4.11.1 - 2024-06-24
4.11.0 - 2024-06-20
4.10.3 - 2024-06-17
4.10.2 - 2024-06-11
4.10.1 - 2024-06-08
4.10.0 - 2024-06-06
4.9.3 - 2024-06-05
4.9.2 - 2024-05-27
4.9.1 - 2024-05-23
4.9.0 - 2024-05-23
4.8.7 - 2024-05-22
4.8.6 - 2024-05-17
4.8.5 - 2024-05-16
4.8.4 - 2024-05-15
4.8.3 - 2024-05-13
4.8.2 - 2024-05-09
4.8.1 - 2024-05-09
4.8.0 - 2024-05-09
4.7.1 - 2024-05-02
4.7.0 - 2024-04-25
4.6.4 - 2024-04-23
4.6.3 - 2024-04-18
4.6.2 - 2024-04-16
4.6.1 - 2024-04-12
4.6.0 - 2024-04-11
4.5.18 - 2024-04-10
4.5.17 - 2024-04-09
4.5.16 - 2024-04-04
4.5.15 - 2024-04-03
4.5.14 - 2024-04-02
4.5.13 - 2024-04-02
4.5.12 - 2024-03-28
4.5.11 - 2024-03-28
4.5.10 - 2024-03-26
4.5.9 - 2024-03-22
4.5.8 - 2024-03-20
4.5.7 - 2024-03-20
4.5.6 - 2024-03-18
4.5.5 - 2024-03-15
4.5.4 - 2024-03-14
4.5.3 - 2024-03-13
Patch Changes
- #12481 8a46e80 Thanks @ marbrex! - Resolve vite peer dependency problem for strict package managers like Yarn in PnP mode.
4.5.2 - 2024-03-12
4.5.1 - 2024-03-11
4.5.0 - 2024-03-11
4.4.15 - 2024-03-08
4.4.14 - 2024-03-07
4.4.13 - 2024-03-06
4.4.12 - 2024-03-06
4.4.11 - 2024-03-04
4.4.10 - 2024-03-04
4.4.9 - 2024-03-02
4.4.8 - 2024-03-01
4.4.7 - 2024-03-01
4.4.6 - 2024-02-28
4.4.5 - 2024-02-26
4.4.4 - 2024-02-23
Patch Changes
- #12481 8a46e80 Thanks @ marbrex! - Resolve vite peer dependency problem for strict package managers like Yarn in PnP mode.
4.4.3 - 2024-02-22
4.4.2 - 2024-02-21
4.4.1 - 2024-02-20
4.4.0 - 2024-02-15
4.3.7 - 2024-02-13
4.3.6 - 2024-02-12
4.3.5 - 2024-02-07
4.3.4 - 2024-02-07
4.3.3 - 2024-02-06
4.3.2 - 2024-02-02
4.3.1 - 2024-02-01
4.3.0 - 2024-02-01
4.2.8 - 2024-01-31
4.2.7 - 2024-01-30
4.2.6 - 2024-01-26
4.2.5 - 2024-01-26
4.2.4 - 2024-01-24
4.2.3 - 2024-01-22
4.2.2 - 2024-01-22
4.2.1 - 2024-01-18
4.2.0 - 2024-01-18
4.1.3 - 2024-01-16
4.1.2 - 2024-01-11
4.1.1 - 2024-01-05
4.1.0 - 2024-01-04
4.0.9 - 2024-01-02
4.0.8 - 2023-12-27
4.0.7 - 2023-12-20
4.0.6 - 2023-12-15
4.0.5 - 2023-12-14
4.0.4 - 2023-12-11
4.0.3 - 2023-12-06
4.0.2 - 2023-12-06
4.0.1 - 2023-12-05
4.0.0 - 2023-12-05
4.0.0-beta.7 - 2023-12-04
4.0.0-beta.6 - 2023-12-04
4.0.0-beta.5 - 2023-12-04
4.0.0-beta.4 - 2023-12-01
4.0.0-beta.3 - 2023-12-01
4.0.0-beta.2 - 2023-11-29
4.0.0-beta.1 - 2023-11-28
4.0.0-beta.0 - 2023-11-27
3.6.5 - 2024-03-01
3.6.4 - 2023-11-30
3.6.3 - 2023-11-28
Patch Changes
- #12481 8a46e80 Thanks @ marbrex! - Resolve vite peer dependency problem for strict package managers like Yarn in PnP mode.
3.6.2 - 2023-11-28
3.6.1 - 2023-11-27
3.6.0 - 2023-11-22
3.5.7 - 2023-11-21
3.5.6 - 2023-11-21
3.5.5 - 2023-11-16
3.5.4 - 2023-11-14
Patch Changes
- #12481 8a46e80 Thanks @ marbrex! - Resolve vite peer dependency problem for strict package managers like Yarn in PnP mode.
3.5.3 - 2023-11-12
3.5.2 - 2023-11-10
3.5.1 - 2023-11-10
3.5.0 - 2023-11-09
3.4.4 - 2023-11-08
3.4.3 - 2023-11-02
3.4.2 - 2023-11-01
3.4.1 - 2023-11-01
3.4.0 - 2023-10-26
3.3.4 - 2023-10-24
3.3.3 - 2023-10-23
3.3.2 - 2023-10-18
3.3.1 - 2023-10-16
3.3.0 - 2023-10-12
3.2.4 - 2023-10-10
3.2.3 - 2023-10-05
3.2.2 - 2023-10-02
3.2.1 - 2023-10-02
3.2.0 - 2023-09-28
3.1.4 - 2023-09-25
3.1.3 - 2023-09-25
3.1.2 - 2023-09-21

from astro GitHub release notes

Important

Warning: This PR contains a major version upgrade, and may be a breaking change.
Check the changes in this PR to ensure they won't cause issues with your project.
This PR was automatically created by Snyk using the credentials of a real user.
Max score is 1000. Note that the real score may have changed since the PR was raised.

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.

For more information:

🧐 View latest project report

📜 Customise PR templates

🛠 Adjust upgrade PR settings

🔕 Ignore this dependency or unsubscribe from future upgrade PRs

Snyk has created this PR to upgrade astro from 3.1.2 to 4.16.8. See this package in npm: astro See this project in Snyk: https://app.snyk.io/org/drumsta/project/67c45c62-7f15-4571-b33d-4a7efe1b142a?utm_source=github&utm_medium=referral&page=upgrade-pr

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

[Snyk] Upgrade astro from 3.1.2 to 4.16.8 #55

[Snyk] Upgrade astro from 3.1.2 to 4.16.8 #55

drumsta commented Nov 25, 2024

Patch Changes

Patch Changes

Patch Changes

Patch Changes

[Snyk] Upgrade astro from 3.1.2 to 4.16.8 #55

Are you sure you want to change the base?

[Snyk] Upgrade astro from 3.1.2 to 4.16.8 #55

Conversation

drumsta commented Nov 25, 2024

Snyk has created this PR to upgrade astro from 3.1.2 to 4.16.8.

Issues fixed by the recommended upgrade:

Patch Changes

Patch Changes

Patch Changes

Patch Changes