[Snyk] Fix for 12 vulnerabilities

[sathishcyberintelsysnew]

This PR was automatically created by Snyk using the credentials of a real user.

Snyk has created this PR to fix one or more vulnerable packages in the `npm` dependencies of this project.

Changes included in this PR

• Changes to the following files to upgrade the vulnerable dependencies to a fixed version:
  • website/package.json

Vulnerabilities that will be fixed

With an upgrade:

Severity	Priority Score (*)	Issue	Breaking Change	Exploit Maturity
	696/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 7.5	Regular Expression Denial of Service (ReDoS) SNYK-JS-ANSIHTML-1296849	Yes	Proof of Concept
	696/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 7.5	Regular Expression Denial of Service (ReDoS) SNYK-JS-ANSIREGEX-1583908	Yes	Proof of Concept
	676/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 7.1	Cross-site Request Forgery (CSRF) SNYK-JS-AXIOS-6032459	Yes	Proof of Concept
	646/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 6.5	Information Exposure SNYK-JS-EVENTSOURCE-2823375	Yes	Proof of Concept
	586/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 5.3	Regular Expression Denial of Service (ReDoS) SNYK-JS-GLOBPARENT-1016905	Yes	Proof of Concept
	479/1000 Why? Has a fix available, CVSS 5.3	Regular Expression Denial of Service (ReDoS) SNYK-JS-MINIMATCH-3050818	Yes	No Known Exploit
	539/1000 Why? Has a fix available, CVSS 6.5	Information Exposure SNYK-JS-NODEFETCH-2342118	Yes	No Known Exploit
	696/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 7.5	Regular Expression Denial of Service (ReDoS) SNYK-JS-NTHCHECK-1586032	Yes	Proof of Concept
	479/1000 Why? Has a fix available, CVSS 5.3	Improper Input Validation SNYK-JS-POSTCSS-5926692	Yes	No Known Exploit
	696/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 7.5	Regular Expression Denial of Service (ReDoS) SNYK-JS-TRIM-1017038	Yes	Proof of Concept
	589/1000 Why? Has a fix available, CVSS 7.5	Prototype Pollution SNYK-JS-UNSETVALUE-2400660	Yes	No Known Exploit
	586/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 5.3	Regular Expression Denial of Service (ReDoS) SNYK-JS-WS-1296835	Yes	Proof of Concept

(*) Note that the real score may have changed since the PR was raised.

Commit messages

Package name: @mdx-js/mdx

The new version differs by 30 commits.

• bf7deab v2.0.0-next.5
• 5c15a00 fix(remark-mdx): move remark-stringify to deps ([Android][Notification] getInitialNotification cant get notification data invertase/react-native-firebase#1190)
• f59b174 Make type test run in their own action, closes How to dismiss Notification when receiving Firebase Cloud Messages invertase/react-native-firebase#1172 ([iOS][Notifications] does not work when app is killed / background invertase/react-native-firebase#1179)
• 9ac9755 docs(typescript): document how to use mdx 2 with typescript (Typings for PhoneAuthListener is not right invertase/react-native-firebase#1181)
• 42077e4 ci(github): update github actions to latest versions (DocumentChange.type should have a more specific type invertase/react-native-firebase#1180)
• cc95646 ci(github): update github actions and dtslint to latest (ANDROID: firestore transaction causing app crash  invertase/react-native-firebase#1178)
• 6098d94 Remove deprecated plugin options, fixes Flow issues on 3.2.0 invertase/react-native-firebase#718 ( No task registered for key RNFirebaseBackgroundMessage invertase/react-native-firebase#1174)
• 0da2fcf Specify pre-dist-tag
• e1b45e3 v2.0.0-next.4
• 649dbd8 Implement inline link serialization that doesn't wrap them in angle (Captcha on iOS phone auth signup invertase/react-native-firebase#1171)
• d08c5b6 Make testing matrix simpler (onMessage not being triggered invertase/react-native-firebase#1173)
• d0059c8 v2.0.0-next.3
• fa091d2 v2.0.0-next.2
• 7829b88 Move publish to its own action
• afd60c2 Break out linting into its own action
• 3ca8e0a Fix linting (Remote Config no fetch Data invertase/react-native-firebase#1161)
• 577d48f Fix some linting
• db93304 Improve export name extraction for shortcode generation (Multi-App Realtime Database Use on Android doesn't seem to be working. invertase/react-native-firebase#1160)
• ea9970a Bump deps, fix core-js version in babel configs
• 166fd9d v2.0.0-next.1
• 569f82f Make preid next to match dist tag
• a3d8f08 types: add types to test utils (Integration without CocoaPods fails invertase/react-native-firebase#1083)
• e2eb4ee types: add typescript typings for remark-mdx, remark-mdx-remove-exports, remark-mdx-remove-imports, @ mdx-js/util (Undefined symbols for architecture x86_64 invertase/react-native-firebase#1082)
• 65af47c Break three main tests into their own scripts

See the full diff

Package name: gatsby

The new version differs by 250 commits.

• 78f8c7a chore(release): Publish
• 4dcdeb1 chore(gatsby): Add env log for build and remove incorrect log for functions (#36462) (#36466)
• 41de1f0 feat(gatsby): add partial hydration flag (#36436)
• b8c2072 fix(gatsby-source-graphql): add dataLoaderOptions validation to gatsby-source-graphql (#36112)
• b45debc chore(docs): fix incorrect closing tag in tutorial (#36459)
• 222793d chore(docs): Update plugin count in part 3 of the tutorial (#36455)
• 3222684 chore(docs): Fix page link to page 6 of remark tutorial (#36437)
• 0b458e6 chore(docs): Fix some typos (#36431)
• 1bf2358 fix(gatsby): remove resource query from warnings (#36439)
• 0d896ae chore(gatsby-plugin-sharp,gatsby-plugin-utils,gatsby-remark-images,gatsby-transformer-sharp): bump min potrace version (#36443)
• a21510e docs: plugin image / image cdn (#36423)
• 8043d7e feat(docs): add webiny to headless cms list (#36388)
• 240dfac chore: update using-image-processing example (#36421)
• b361081 chore(gatsby): drop eslint-plugin-graphql (#36364)
• 2e67161 chore(docs): Update tutorial to Head API (#36378)
• 77190f4 fix(deps): update starters and examples - gatsby (#36416)
• c92404b chore(changelogs): update changelogs (#36417)
• b7b3577 fix(gatsby-plugin-react-helmet): Typo in `onPreInit` warning (#36419)
• 7b3286c chore(docs): Add note about query name to MDX
• dc283d7 chore: Use GCS for pipeline tests (#36413)
• 3760a0e feat(gatsby): Add option to emit TS types during build (#36405)
• c01806e chore(release): Publish next
• a05201e fix(gatsby): Prevent errors if `Head` has root text node (#36402)
• 9d737b6 fix(gatsby): close parcel cache db before clearing cache and retrying (#36377)

See the full diff

Package name: gatsby-plugin-mdx

The new version differs by 250 commits.

• b8eac2d chore(release): Publish
• 3253a38 fix(gatsby-plugin-mdx): Hashing and pluginOptions (#36387) (#36395)
• 1880491 fix(gatsby-script): Reach router import (#36385) (#36394)
• f664ad2 feat(gatsby): Telemetry tracking for Head API (#36352)
• ab55e4e chore: Update `got` (#36366)
• 2b4ff76 fix(gatsby): Make runtime error overlay work in non-v8 browsers (#36365)
• f990e08 fix(test): clear and close lmdb after each test suite (#36343)
• 7fcf580 fix(gatsby): e.remove() is not a function when using Gatsby Head API (#36338)
• 25fb9d1 chore: Fix pipeline tests (#36363)
• a9132a5 chore(deps): update sharp (#35539)
• bc80c23 chore: Add note about rehype-slug-custom-id
• 5b6f1f6 chore(gatsby): upgrade multer (#36359)
• f2f0acf chore(gatsby-telemetry): upgrade git-up (#36358)
• 86a8efc chore(release): Publish next
• 0705ac7 chore(gatsby-plugin-mdx): Update .gitignore
• c92db36 BREAKING CHANGE(gatsby-plugin-mdx): MDX v2 (#35650)
• 3c0dd6d chore(release): Publish next
• 86b6ee9 Revert "chore(gatsby): Make `plugins` in `PluginOptions` type optional (#36351)"
• a2fa5a2 chore(gatsby): Make `plugins` in `PluginOptions` type optional (#36351)
• 6ecfe4a fix(gatsby-source-contentful): Correctly overwrite field type on Assets (#36337)
• 0ed362c chore(docs): Pre-encoded unicode characters can't be used in paths (#36325)
• 2bbe96d fix(deps): update dependency file-type to ^16.5.4 for gatsby-source-filesystem (#36276)
• 2be3fa7 chore(docs): Add first batch of Cloud docs (#36218)
• 4238142 chore(docs): Remove outdated examples and recipes (#36335)

See the full diff

Package name: gatsby-plugin-postcss

The new version differs by 37 commits.

• bdd723e chore(release): Publish
• 00f7c08 breaking(gatsby-plugin-postcss): Upgrade gatsby-plugin-postcss to PostCSS 8 (#26947)
• 57c79b1 chore(release): Publish
• c377aef chore: Fix dirty lock file (#27200)
• def8b37 Add siteHash and userAgent (#27170)
• f1d45d4 Try detecting codesandbox and mark it as CI (#26958)
• 710667f chore(deps): update dependency csstype to v2.6.13 (#27083)
• 668858f chore(deps): update minor and patch for gatsby-remark-copy-linked-files (#27112)
• b74ffaf chore(deps): update minor and patch for gatsby-remark-prismjs (#27113)
• a4cf33b chore(deps): update dependency @ types/fs-extra to ^8.1.1 (#27072)
• fcdedc0 chore(deps): update better-opn (#27100)
• e085f63 chore(deps): update dependency @ types/lodash to ^4.14.161 (#27074)
• 8d89796 chore(renovate): Fix typo
• aad6551 chore: update schedule renovatebot (#27175)
• 73dd4be chore(docs): Update gatsby-plugin-guess-js README (#25876)
• 10dfe01 fix(blog): July gazette: brand names, files in code fences.... (#26228)
• 152b524 Fix(gatsby-plugin-catch-links): SVGAnimatedString may not be available in some browsers. (#26047)
• bfd46f8 fix(gatsby-source-contentful): Add file-extension to remote cached items (#25924)
• 78abe26 fix(gatsby-telemetry): export typescript types, add captureEvent (#27167)
• 79d70be Add siteName to ITelemetryTagsPayload (#27169)
• 8d62b2c fix(gatsby): retry socket when connection closes (#27060)
• 4e7ab0e chore(deps): update dependency @ types/node-fetch to ^2.5.7 (#27076)
• 96e3935 chore(deps): update dependency @ types/got to ^9.6.11 (#27073)
• e4a37a4 tests: run CircleCI tests when only yarn.lock changes (#27162)

See the full diff

Package name: tailwindcss

The new version differs by 245 commits.

• fadd4c8 2.0.0
• 98b4405 Update resolve to version 1.19.0
• 4ab5672 Summarize 2.0 changelog
• 35f8211 2.0.0-alpha.25
• f80de6a Update changelog
• 3de0c48 Don't mix unitless values with units in the same scale
• e701c81 2.0.0-alpha.24
• ffb04c5 Update changelog
• e40079a Fix cascading shadow/ring bug, ensure default ring color
• 5e50367 Update changelog
• 2245f26 Rename plugin in compat mode
• c238ed1 Improve compat mode (🔥Unable to run Android in v6 - RN v0.61.2 invertase/react-native-firebase#2775)
• 83c685a 2.0.0-alpha.23
• 63f5b41 Update changelog
• 1536166 Merge branch 'master' of github.com:tailwindlabs/tailwindcss
• 1d8679d Postcss7 compatibility (🔥[v6][Firestore] Error trying to add a document to a collection: "this._firestore.native.documentSet is not a function" invertase/react-native-firebase#2773)
• 332f421 Update changelog
• d4cde73 2.0.0-alpha.22
• fb00d14 Update changelog
• b86bdbc Cleanup custom properties (🔥Database 'Collection was mutated while being enumerated' crash when reloading on iOS in debug mode invertase/react-native-firebase#2771)
• f57fbb6 2.0.0-alpha.21
• 979a4e5 Update changelog
• 729b400 Upgrade to PostCSS 8
• 042e259 2.0.0-alpha.20

See the full diff

Check the changes in this PR to ensure they won't cause issues with your project.

---

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information:
🧐 View latest project report

🛠 Adjust project settings

📚 Read more about Snyk's upgrade and patch logic

---

Learn how to fix vulnerabilities with free interactive lessons:

🦉 Regular Expression Denial of Service (ReDoS)
🦉 Cross-site Request Forgery (CSRF)
🦉 Improper Input Validation
🦉 More lessons are available in Snyk Learn