[Snyk] Upgrade @primer/css from 15.1.0 to 16.3.0 #4

snyk-bot · 2021-05-10T02:24:43Z

Snyk has created this PR to upgrade @primer/css from 15.1.0 to 16.3.0.

ℹ️ Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.

Warning: This is a major version upgrade, and may be a breaking change.

The recommended version is 109 versions ahead of your current version.
The recommended version was released 25 days ago, on 2021-04-15.

The recommended version fixes:

Issue	PriorityScore (*)	Exploit Maturity
Prototype Pollution SNYK-JS-Y18N-1021887	472/1000 Why? Proof of Concept exploit, CVSS 7.3	Proof of Concept
Regular Expression Denial of Service (ReDoS) SNYK-JS-UAPARSERJS-610226	472/1000 Why? Proof of Concept exploit, CVSS 7.3	Proof of Concept
Regular Expression Denial of Service (ReDoS) SNYK-JS-UAPARSERJS-1023599	472/1000 Why? Proof of Concept exploit, CVSS 7.3	Proof of Concept
Regular Expression Denial of Service (ReDoS) SNYK-JS-SSRI-1246392	472/1000 Why? Proof of Concept exploit, CVSS 7.3	Proof of Concept
Regular Expression Denial of Service (ReDoS) SNYK-JS-SSRI-1085630	472/1000 Why? Proof of Concept exploit, CVSS 7.3	No Known Exploit
Regular Expression Denial of Service (ReDoS) SNYK-JS-SSRI-1246392	472/1000 Why? Proof of Concept exploit, CVSS 7.3	Proof of Concept
Regular Expression Denial of Service (ReDoS) SNYK-JS-SSRI-1085630	472/1000 Why? Proof of Concept exploit, CVSS 7.3	No Known Exploit
Prototype Pollution SNYK-JS-MERGEDEEP-1070277	472/1000 Why? Proof of Concept exploit, CVSS 7.3	No Known Exploit
Regular Expression Denial of Service (ReDoS) SNYK-JS-MARKED-1070800	472/1000 Why? Proof of Concept exploit, CVSS 7.3	No Known Exploit
Command Injection SNYK-JS-LODASH-1040724	472/1000 Why? Proof of Concept exploit, CVSS 7.3	Proof of Concept
Prototype Pollution SNYK-JS-LODASH-590103	472/1000 Why? Proof of Concept exploit, CVSS 7.3	No Known Exploit
Command Injection SNYK-JS-LODASH-1040724	472/1000 Why? Proof of Concept exploit, CVSS 7.3	Proof of Concept
Prototype Pollution SNYK-JS-AWSSDK-1059424	472/1000 Why? Proof of Concept exploit, CVSS 7.3	Proof of Concept
Prototype Pollution SNYK-JS-AJV-584908	472/1000 Why? Proof of Concept exploit, CVSS 7.3	No Known Exploit
Regular Expression Denial of Service (ReDoS) SNYK-JS-UAPARSERJS-1072471	472/1000 Why? Proof of Concept exploit, CVSS 7.3	No Known Exploit
Regular Expression Denial of Service (ReDoS) SNYK-JS-SEMVERREGEX-1047770	472/1000 Why? Proof of Concept exploit, CVSS 7.3	No Known Exploit
Regular Expression Denial of Service (ReDoS) SNYK-JS-REDIS-1255645	472/1000 Why? Proof of Concept exploit, CVSS 7.3	No Known Exploit
Regular Expression Denial of Service (ReDoS) SNYK-JS-LODASH-1018905	472/1000 Why? Proof of Concept exploit, CVSS 7.3	Proof of Concept
Regular Expression Denial of Service (ReDoS) SNYK-JS-LODASH-1018905	472/1000 Why? Proof of Concept exploit, CVSS 7.3	Proof of Concept
Regular Expression Denial of Service (ReDoS) SNYK-JS-HOSTEDGITINFO-1088355	472/1000 Why? Proof of Concept exploit, CVSS 7.3	Proof of Concept
Regular Expression Denial of Service (ReDoS) SNYK-JS-HOSTEDGITINFO-1088355	472/1000 Why? Proof of Concept exploit, CVSS 7.3	Proof of Concept
Regular Expression Denial of Service (ReDoS) SNYK-JS-HIGHLIGHTJS-1048676	472/1000 Why? Proof of Concept exploit, CVSS 7.3	No Known Exploit
Regular Expression Denial of Service (ReDoS) SNYK-JS-GLOBPARENT-1016905	472/1000 Why? Proof of Concept exploit, CVSS 7.3	No Known Exploit
Regular Expression Denial of Service (ReDoS) SNYK-JS-GLOBPARENT-1016905	472/1000 Why? Proof of Concept exploit, CVSS 7.3	No Known Exploit
Regular Expression Denial of Service (ReDoS) SNYK-JS-GLOBPARENT-1016905	472/1000 Why? Proof of Concept exploit, CVSS 7.3	No Known Exploit
Prototype Pollution SNYK-JS-FLAT-596927	472/1000 Why? Proof of Concept exploit, CVSS 7.3	No Known Exploit
Cryptographic Issues SNYK-JS-ELLIPTIC-1064899	472/1000 Why? Proof of Concept exploit, CVSS 7.3	No Known Exploit
Regular Expression Denial of Service (ReDoS) SNYK-JS-BROWSERSLIST-1090194	472/1000 Why? Proof of Concept exploit, CVSS 7.3	Proof of Concept
Server-Side Request Forgery (SSRF) SNYK-JS-AXIOS-1038255	472/1000 Why? Proof of Concept exploit, CVSS 7.3	Proof of Concept

(*) Note that the real score may have changed since the PR was raised.

Release notes

Package name: @primer/css

16.3.0 - 2021-04-15
Minor Changes
- #1306 5d42f1c5 Thanks @ jonrohan! - Adding a min-height to input-sm
Patch Changes
- #1340 8506c374 Thanks @ simurai! - Bump @ primer/primitives
- #1302 90902e1a Thanks @ jonrohan! - Moving the /fonts/ folder to /src/fonts/
16.3.0-rc.f9f0d548 - 2021-04-14
16.3.0-rc.f7a3928f - 2021-04-10
16.3.0-rc.f74680b6 - 2021-04-11
16.3.0-rc.f367843c - 2021-04-12
16.3.0-rc.f2d4786d - 2021-04-12
16.3.0-rc.ed964ad4 - 2021-04-07
16.3.0-rc.ea8c0468 - 2021-04-07
16.3.0-rc.e396911b - 2021-04-09
16.3.0-rc.d70a2bf8 - 2021-04-10
16.3.0-rc.d64d9314 - 2021-04-07
16.3.0-rc.d5b08570 - 2021-04-07
16.3.0-rc.d0a150d7 - 2021-04-08
16.3.0-rc.bfd4b97d - 2021-04-07
16.3.0-rc.b2df92a2 - 2021-04-07
16.3.0-rc.ac72c828 - 2021-04-14
16.3.0-rc.a52a0caa - 2021-04-09
16.3.0-rc.822e31c7 - 2021-04-07
16.3.0-rc.81d28589 - 2021-04-12
16.3.0-rc.7e91f303 - 2021-04-07
16.3.0-rc.785d9960 - 2021-04-10
16.3.0-rc.780505ad - 2021-04-09
16.3.0-rc.6734aa5e - 2021-04-12
16.3.0-rc.6731f843 - 2021-04-07
16.3.0-rc.60c46b59 - 2021-04-07
16.3.0-rc.59dd19d3 - 2021-04-08
16.3.0-rc.501d3797 - 2021-04-07
16.3.0-rc.41efcd57 - 2021-04-07
16.3.0-rc.3f539d72 - 2021-04-09
16.3.0-rc.3cb08af3 - 2021-04-07
16.3.0-rc.3c7a4cc5 - 2021-04-07
16.3.0-rc.2c79eaa0 - 2021-04-07
16.3.0-rc.298d864a - 2021-04-11
16.3.0-rc.292e2a1d - 2021-04-09
16.3.0-rc.2525efdd - 2021-04-07
16.3.0-rc.242a0bbc - 2021-04-12
16.3.0-rc.2374e398 - 2021-04-10
16.3.0-rc.1ee0c136 - 2021-04-10
16.3.0-rc.11746f34 - 2021-04-08
16.3.0-rc.0c176f63 - 2021-04-08
16.3.0-rc.0afa33ce - 2021-04-13
16.3.0-rc.07c9f54f - 2021-04-07
16.3.0-rc.039aa06a - 2021-04-07
16.2.0 - 2021-04-06
Minor Changes
- #1294 7609a074 Thanks @ jonrohan! - Adding a color text link on hover that will change a color utility class
- #1295 fea6ea69 Thanks @ jonrohan! - Adding text-semibold and text-light utility classes
Patch Changes
- #1297 7a374784 Thanks @ simurai! - Separate active and selected states for .btn
16.2.0-rc.a7f93553 - 2021-04-06
16.2.0-rc.8cdbec24 - 2021-04-06
16.2.0-rc.81e6ee95 - 2021-04-06
16.2.0-rc.81a65700 - 2021-04-06
16.2.0-rc.5878ec01 - 2021-04-06
16.2.0-rc.45959f2c - 2021-04-05
16.2.0-rc.3e1af06e - 2021-04-06
16.2.0-rc.37eabe42 - 2021-04-05
16.2.0-rc.34f0f747 - 2021-04-06
16.2.0-rc.15affff3 - 2021-04-05
16.2.0-rc.1505c2b7 - 2021-04-06
16.1.2 - 2021-03-31
Patch Changes
- #1282 5ee52dfe Thanks @ simurai! - Add bg to UnderlineNav Counter
- #1286 9044eecf Thanks @ jonrohan! - color-mode mixin fix for keyboard toggle
16.1.1 - 2021-03-29
Patch Changes
- #1278 fa4a7c71 Thanks @ jonrohan! - revert Fixing workflow for rc publishing
16.1.1-rc.0df004fab543fad55d9b3966736d2c4620786e89 - 2021-03-29
16.1.0 - 2021-03-29
Minor Changes
- #1254 5d2f0beb Thanks @ tobiasahlin! - Add common marketing utilities to primer/marketing
- #1201 29a83bdc Thanks @ vdepizzol! - Change TableObject status to deprecated
Patch Changes
- #1197 a355160a Thanks @ neildaniels! - Fix .btn-with-count documentation
- #1274 322379fe Thanks @ tobiasahlin! - Marketing buttons: don't animate everything
- #1272 88bcd1bf Thanks @ simurai! - Update Counter--secondary bg
- #1261 b1346678 Thanks @ jonrohan! - Fixing the color-mode-theme mixin. Currently the mixin doesn't take into account when mode="light" and light-theme="dark". This fix allows dark themes to be set as light themes and to toggle into single light mode.
16.1.0-rc.13738a8fce50553e847db58742fbec9acaeb8abb - 2021-03-29
16.0.2 - 2021-03-26
Patch Changes
- #1258 c6945cd5 Thanks @ jonrohan! - Removing post publish storybook hook
16.0.1 - 2021-03-26
16.0.0 - 2021-03-25
💥 Breaking Change
- Update to Primer Primitives 4.0.0 primer/primitives#43
- Add color modes #1131
🚀 Enhancement
- Add flex-shrink: 0 to .avatar #1183
- Adding timeline-badge success border #1246
- Add .anim-rotate utility class #1251
💅 Polish
- Move marketing @ font-face declarations from vars to type #1238
📝 Documentation
- Update documentation with color modes #1186
16.0.0-rename-rc.c9debf5 - 2021-03-23
16.0.0-rc.ef3ecf6 - 2021-03-25
16.0.0-rc.de5c865 - 2021-03-11
16.0.0-rc.ca1b19e - 2021-03-10
16.0.0-rc.c8dae02 - 2021-03-25
16.0.0-rc.c2a613c - 2021-03-25
16.0.0-rc.bbd0cb6 - 2021-03-10
16.0.0-rc.baf2db0 - 2021-03-25
16.0.0-rc.b501ecb - 2021-03-25
16.0.0-rc.b3adc47 - 2021-03-16
16.0.0-rc.b14d0e7 - 2021-03-25
16.0.0-rc.afb21fc - 2021-03-23
16.0.0-rc.ab7d4c7 - 2021-03-11
16.0.0-rc.a57b4a9 - 2021-03-10
16.0.0-rc.9bf343a - 2021-03-25
16.0.0-rc.914f4ba - 2021-03-11
16.0.0-rc.8cb9f2c - 2021-03-12
16.0.0-rc.878181d - 2021-03-17
16.0.0-rc.873c0d1 - 2021-03-11
16.0.0-rc.7df6199 - 2021-03-25
16.0.0-rc.765d5fa - 2021-03-24
16.0.0-rc.7516e96 - 2021-03-23
16.0.0-rc.74c5442 - 2021-03-11
16.0.0-rc.70036e1 - 2021-03-16
16.0.0-rc.527adf5 - 2021-03-25
16.0.0-rc.4918d31 - 2021-03-25
16.0.0-rc.3ec1a64 - 2021-03-10
16.0.0-rc.3eb311b - 2021-03-23
16.0.0-rc.33908e1 - 2021-03-19
16.0.0-rc.3150f02 - 2021-03-25
16.0.0-rc.0b8d88b - 2021-03-19
16.0.0-rc.052d44d - 2021-03-11
16.0.0-rc.6583707 - 2021-03-25
15.2.0 - 2020-09-21
🚀 Enhancements
- #1145 Make final position responsive
- #1148 flex wrap reverse added
- #1157 Overflow responsive variants
- #1156 Add missing rounded-3 utility
📝 Documentation
- #1160 Remove custom emoji from SelectMenu docs
- #1165 Replaced old octicons in examples
- #1146 Corrected a few typos
- #1142 Fix typo in Box documentation
- #1125 Remove reference to Crema
- #1155 Place search subnav example on new line
💅 Polish
- #1147 Increase input font-size on iOS
- #1152 Remove .autocomplete-results inset border that is occluded by items
Committers
- @ MauricioHernanCabrera
- @ ashygee
- @ esdraspavon
- @ neildaniels
- @ nicksloan
15.2.0-rc.f8ce8b9 - 2020-09-08
15.2.0-rc.edcd5a8 - 2020-09-10
15.2.0-rc.db82c2d - 2020-09-21
15.2.0-rc.c8132e6 - 2020-09-08
15.2.0-rc.9e70978 - 2020-09-08
15.2.0-rc.8562bda - 2020-09-08
15.2.0-rc.58eb1f3 - 2020-09-09
15.2.0-rc.53aa4b2 - 2020-09-10
15.2.0-rc.5353a57 - 2020-09-08
15.2.0-rc.48f9ed9 - 2020-09-10
15.2.0-rc.124be46 - 2020-09-08
15.2.0-rc.0f21d23 - 2020-09-08
15.1.0 - 2020-08-05
🚀 Enhancements
- #1062 Make tabnav responsive
- #1128 Add support for table border
- #1132 Add .bg-orange to the list of colors
📝 Documentation
- #1122 fix comment typo
💅 Polish
- #1121 Update layout when the Counter is empty
- #1126 Increase border contrast for Label--yellow
Committers
- @ colinkeany
- @ garman
- @ nikolasveneti
- @ nuthinking
- @ simurai

from @primer/css GitHub release notes

Commit messages

Package name: @primer/css

1bca1fa Merge pull request repo sync github/docs#1321 from primer/changeset-release/main
f9f0d54 Version Packages
fe65656 Merge pull request KRITKONGKOON github/docs#1343 from primer/dependabot/npm_and_yarn/filesize-6.2.2
b6d6d02 Merge pull request Rename creating-a-pull-request-template-for-your-repository.md to cre… github/docs#1342 from primer/dependabot/npm_and_yarn/table-6.1.0
943de47 Bump filesize from 6.1.0 to 6.2.2
926a334 Bump table from 6.0.9 to 6.1.0
936e181 Merge pull request Acc github/docs#1340 from primer/primitives-4.2.1
8506c37 Create empty-feet-tickle.md
23b14b6 yarn add @ primer/primitives@latest
c0c5d3d Merge pull request fix: update role and add missing label for search github/docs#1338 from primer/upgrade_docs_site
3ddfd6d Remove alias column
9fffed1 Remove refs
8a4bc02 on push
9ff5d1f [email protected]
8f2700d Specific version
f263577 The magic formula
de62986 using primitives
0df3396 Remove postcss-loader
6974237 Rebuild lock file
66ef659 Merge branch 'main' into upgrade_docs_site
d4d04ea don't use gpr
c632586 Freezing versions
1c8e133 Merge pull request Trayway ink inc github/docs#1337 from primer/dependabot/npm_and_yarn/postcss-8.2.10
57ee7e1 Don't run on target

Compare

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.

For more information:

🧐 View latest project report

🛠 Adjust upgrade PR settings

🔕 Ignore this dependency or unsubscribe from future upgrade PRs

Snyk has created this PR to upgrade @primer/css from 15.1.0 to 16.3.0. See this package in npm: https://www.npmjs.com/package/@primer/css See this project in Snyk: https://app.snyk.io/org/baby636/project/0b6177e0-b816-41f2-a265-91f20d4f63e4?utm_source=github&utm_medium=upgrade-pr

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

[Snyk] Upgrade @primer/css from 15.1.0 to 16.3.0 #4

[Snyk] Upgrade @primer/css from 15.1.0 to 16.3.0 #4

snyk-bot commented May 10, 2021

Minor Changes

Patch Changes

Minor Changes

Patch Changes

Patch Changes

Patch Changes

Minor Changes

Patch Changes

Patch Changes

💥 Breaking Change

🚀 Enhancement

💅 Polish

📝 Documentation

🚀 Enhancements

📝 Documentation

💅 Polish

Committers

🚀 Enhancements

📝 Documentation

💅 Polish

Committers

[Snyk] Upgrade @primer/css from 15.1.0 to 16.3.0 #4

Are you sure you want to change the base?

[Snyk] Upgrade @primer/css from 15.1.0 to 16.3.0 #4

Conversation

snyk-bot commented May 10, 2021

Snyk has created this PR to upgrade @primer/css from 15.1.0 to 16.3.0.

Minor Changes

Patch Changes

Minor Changes

Patch Changes

Patch Changes

Patch Changes

Minor Changes

Patch Changes

Patch Changes

💥 Breaking Change

🚀 Enhancement

💅 Polish

📝 Documentation

🚀 Enhancements

📝 Documentation

💅 Polish

Committers

🚀 Enhancements

📝 Documentation

💅 Polish

Committers