Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[Snyk] Upgrade @parcel/plugin from 2.0.0-rc.0 to 2.0.0 #88

Open
wants to merge 1 commit into
base: master
Choose a base branch
from
Open

[Snyk] Upgrade @parcel/plugin from 2.0.0-rc.0 to 2.0.0 #88

wants to merge 1 commit into from

Conversation

snyk-bot
Copy link

@snyk-bot snyk-bot commented Nov 3, 2021

Snyk has created this PR to upgrade @parcel/plugin from 2.0.0-rc.0 to 2.0.0.

merge advice
ℹ️ Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.

  • The recommended version is 1 version ahead of your current version.
  • The recommended version was released 21 days ago, on 2021-10-13.

The recommended version fixes:

Severity Issue PriorityScore (*) Exploit Maturity
Regular Expression Denial of Service (ReDoS)
SNYK-JS-ANSIHTML-1296849		 482/1000
Why? Proof of Concept exploit, CVSS 7.5		 Proof of Concept

(*) Note that the real score may have changed since the PR was raised.

Release notes
Package name: @parcel/plugin from @parcel/plugin GitHub release notes
Commit messages
Package name: @parcel/plugin
  • 84da50a v2.0.0
  • aa0a369 Small copy change
  • c78601b shouldVisitChild: Check parent and child node previously deferred separately (#7043)
  • 2c83842 Fix scope resolution for TS enums (#7057)
  • dbe1153 Fix order of hoisted variable declarations (#7053)
  • bea9442 Fix named export with different export name for wrapped assets (#7052)
  • 2175e1b Mark '*' as used when the reexport is only decided at runtime (#7049)
  • 4312b91 Update Micromatch (#6958)
  • 5afe766 Fail when unable to build a native package (#6962)
  • 971ed24 Update watcher and source-map library to 2.0.0 (#7044)
  • 810a854 Add missing C flags for SIMD support in build workflow (#7045)
  • d6de61d Fix shaking for functions types with overload signatures (#7036)
  • daf2cd9 Safely position the HMR script (#6961)
  • 89b4e51 Unmark defer for dependency that become used ('does not export') (#7035)
  • b575212 Bump swc (#7033)
  • 415710f Fix CSS tree shaking with 'build --no-scope-hoist' (#5728)
  • ea0f4e4 Allow jsx and tsx as lang for script block in Vue SFCs (#6983)
  • d2d4f1c Never enable JSX in a .ts file (#7031)
  • aafc318 Don't use deprecated querystring package (#6806)
  • a6a6fb2 Fix cache invalidation when shouldOptimize changes (#7030)
  • 7d4d53a Update all references to v2.parceljs.org to just parceljs.org (#7029)
  • 91de5c0 Ensure symbol order is consistent (#7021)
  • 2ebed00 Ensure named exports are prioritized over wildcard re-exports (#7016)
  • 4904f20 Fix autoinstall with Yarn 2+ (#7023)

Compare

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.

For more information:

🧐 View latest project report

🛠 Adjust upgrade PR settings

🔕 Ignore this dependency or unsubscribe from future upgrade PRs

@atlassian-cla-bot
Copy link

Thank you for your submission! Like many open source projects, we ask that you sign our CLA (Contributor License Agreement) before we can accept your contribution.
If your email is listed below, please ensure that you sign the CLA with the same email address.

The following users still need to sign our CLA:
❌snyk-bot

Already signed the CLA? To re-check, try refreshing the page.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
1 participant
@snyk-bot