[Snyk] Upgrade gatsby-plugin-image from 3.0.0 to 3.12.2

[X-oss-byte]

This PR was automatically created by Snyk using the credentials of a real user.

Snyk has created this PR to upgrade gatsby-plugin-image from 3.0.0 to 3.12.2.

ℹ️ Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.

---

• The recommended version is 41 versions ahead of your current version.
• The recommended version was released 22 days ago, on 2023-10-20.

The recommended version fixes:

Severity	Issue	PriorityScore (*)	Exploit Maturity
	Incomplete List of Disallowed Inputs SNYK-JS-BABELTRAVERSE-5962462	465/1000 Why? CVSS 9.3	No Known Exploit
	Denial of Service (DoS) SNYK-JS-DECODEURICOMPONENT-3149970	465/1000 Why? CVSS 9.3	Proof of Concept
	Prototype Pollution SNYK-JS-LOADERUTILS-3043105	465/1000 Why? CVSS 9.3	No Known Exploit
	Denial of Service (DoS) SNYK-JS-SOCKETIOPARSER-5596892	465/1000 Why? CVSS 9.3	No Known Exploit
	Sandbox Bypass SNYK-JS-WEBPACK-3358798	465/1000 Why? CVSS 9.3	Proof of Concept
	Prototype Pollution SNYK-JS-IMMER-1019369	465/1000 Why? CVSS 9.3	Proof of Concept
	Denial of Service (DoS) SNYK-JS-ENGINEIO-3136336	465/1000 Why? CVSS 9.3	No Known Exploit
	Regular Expression Denial of Service (ReDoS) SNYK-JS-SEMVER-3247795	465/1000 Why? CVSS 9.3	Proof of Concept
	Regular Expression Denial of Service (ReDoS) SNYK-JS-SEMVER-3247795	465/1000 Why? CVSS 9.3	Proof of Concept
	Regular Expression Denial of Service (ReDoS) SNYK-JS-SEMVER-3247795	465/1000 Why? CVSS 9.3	Proof of Concept
	Regular Expression Denial of Service (ReDoS) SNYK-JS-SEMVER-3247795	465/1000 Why? CVSS 9.3	Proof of Concept
	Regular Expression Denial of Service (ReDoS) SNYK-JS-LOADERUTILS-3042992	465/1000 Why? CVSS 9.3	No Known Exploit
	Regular Expression Denial of Service (ReDoS) SNYK-JS-LOADERUTILS-3105943	465/1000 Why? CVSS 9.3	No Known Exploit
	Improper Input Validation SNYK-JS-POSTCSS-5926692	465/1000 Why? CVSS 9.3	No Known Exploit
	Regular Expression Denial of Service (ReDoS) SNYK-JS-UAPARSERJS-3244450	465/1000 Why? CVSS 9.3	Proof of Concept
	Denial of Service (DoS) SNYK-JS-GRAPHQL-5905181	465/1000 Why? CVSS 9.3	Proof of Concept
	Regular Expression Denial of Service (ReDoS) SNYK-JS-HTTPCACHESEMANTICS-3248783	465/1000 Why? CVSS 9.3	Proof of Concept
	Prototype Pollution SNYK-JS-IMMER-1540542	465/1000 Why? CVSS 9.3	Proof of Concept
	Prototype Pollution SNYK-JS-JSON5-3182856	465/1000 Why? CVSS 9.3	Proof of Concept
	Prototype Pollution SNYK-JS-JSON5-3182856	465/1000 Why? CVSS 9.3	Proof of Concept
	Regular Expression Denial of Service (ReDoS) SNYK-JS-LOADERUTILS-3042992	465/1000 Why? CVSS 9.3	No Known Exploit
	Regular Expression Denial of Service (ReDoS) SNYK-JS-LOADERUTILS-3105943	465/1000 Why? CVSS 9.3	No Known Exploit
	Regular Expression Denial of Service (ReDoS) SNYK-JS-LOADERUTILS-3042992	465/1000 Why? CVSS 9.3	No Known Exploit
	Information Exposure SNYK-JS-GATSBY-5671647	465/1000 Why? CVSS 9.3	Proof of Concept
	Information Exposure SNYK-JS-GATSBYCLI-5671903	465/1000 Why? CVSS 9.3	Proof of Concept
	Information Exposure SNYK-JS-GATSBYPLUGINSHARP-5425803	465/1000 Why? CVSS 9.3	No Known Exploit
	Information Exposure SNYK-JS-GATSBYPLUGINSHARP-5671648	465/1000 Why? CVSS 9.3	Proof of Concept
	Regular Expression Denial of Service (ReDoS) SNYK-JS-LOADERUTILS-3105943	465/1000 Why? CVSS 9.3	No Known Exploit
	Regular Expression Denial of Service (ReDoS) SNYK-JS-WORDWRAP-3149973	465/1000 Why? CVSS 9.3	Proof of Concept
	Heap-based Buffer Overflow SNYK-JS-SHARP-5922108	465/1000 Why? CVSS 9.3	Mature
	Regular Expression Denial of Service (ReDoS) SNYK-JS-SIDEWAYFORMULA-3317169	465/1000 Why? CVSS 9.3	No Known Exploit

(*) Note that the real score may have changed since the PR was raised.

Release notes

Package name: gatsby-plugin-image

• 3.12.2 - 2023-10-20
• 3.12.1 - 2023-10-09
• 3.12.0 - 2023-08-24
• 3.12.0-next.1 - 2023-07-03
• 3.12.0-next.0 - 2023-06-15
• 3.11.0 - 2023-06-15
• 3.11.0-next.1 - 2023-06-05
• 3.11.0-next.0 - 2023-05-16
• 3.10.0 - 2023-05-16
• 3.10.0-next.2 - 2023-05-03
• 3.10.0-next.1 - 2023-04-27
• 3.10.0-next.0 - 2023-04-18
• 3.9.0 - 2023-04-18
• 3.9.0-next.1 - 2023-04-06
• 3.9.0-next.0 - 2023-03-21
• 3.9.0-image-cdn-configurable.4 - 2023-04-11
• 3.8.0 - 2023-03-21
• 3.8.0-next.0 - 2023-02-16
• 3.7.0 - 2023-02-21
• 3.7.0-next.0 - 2023-02-03
• 3.6.0 - 2023-02-07
• 3.6.0-next.1 - 2023-01-26
• 3.6.0-next.0 - 2023-01-19
• 3.5.0 - 2023-01-24
• 3.5.0-next.1 - 2023-01-17
• 3.5.0-next.0 - 2023-01-05
• 3.4.0 - 2023-01-10
• 3.4.0-next.2 - 2023-01-04
• 3.4.0-next.1 - 2022-12-14
• 3.4.0-next.0 - 2022-12-08
• 3.3.2 - 2022-12-14
• 3.3.1 - 2022-12-14
• 3.3.0 - 2022-12-13
• 3.3.0-next.3 - 2022-12-07
• 3.3.0-next.2 - 2022-12-06
• 3.3.0-next.1 - 2022-12-01
• 3.3.0-next.0 - 2022-11-25
• 3.2.0 - 2022-11-25
• 3.2.0-next.0 - 2022-11-17
• 3.1.0 - 2022-11-22
• 3.1.0-next.0 - 2022-11-08
• 3.0.0 - 2022-11-08

from gatsby-plugin-image GitHub release notes

Commit messages

Package name: gatsby-plugin-image

• 470d182 chore(release): Publish
• 02e925a fix(gatsby): support multiple instances of same variable in gatsbyImage placeholderUrl (fix(gatsby): support multiple instances of same variable in gatsbyImage placeholderUrl gatsbyjs/gatsby#38626) (fix(gatsby): support multiple instances of same variable in gatsbyImage placeholderUrl (#38626) gatsbyjs/gatsby#38647)
• 8302bc8 fix(gatsby): don't force leading slash for external paths in routes manifest (fix(gatsby): don't force leading slash for external paths in routes manifest gatsbyjs/gatsby#38639) (fix(gatsby): don't force leading slash for external paths in routes manifest (#38639) gatsbyjs/gatsby#38646)
• 39d2fd8 chore(release): Publish
• acb8799 fix(gatsby): open lmdb instances in writeable locations in generated ssr/dsg function (fix(gatsby): open lmdb instances in writeable locations in generated ssr/dsg function gatsbyjs/gatsby#38631) (fix(gatsby): open lmdb instances in writeable locations in generated ssr/dsg function (#38631) gatsbyjs/gatsby#38638)
• 1e8748c chore(release): Publish
• f1a4107 chore(deps): upgrade sharp to latest v0.32.6 (chore(deps): upgrade sharp to latest v0.32.6 gatsbyjs/gatsby#38374) (chore(deps): upgrade sharp to latest v0.32.6 (#38374) gatsbyjs/gatsby#38617)
• 4dc464b chore(source-npm-package-search): bespoke treatment for `plugin-gatsby-cloud` and `source-contentful` (chore(source-npm-package-search): bespoke treatment for plugin-gatsby-cloud and source-contentful gatsbyjs/gatsby#38619) (chore(source-npm-package-search): bespoke treatment for plugin-gatsby-cloud and source-contentful (#38619) gatsbyjs/gatsby#38622)
• aff105b chore(release): Publish
• 8061500 Update gatsby-contentful-plugin README (Update gatsby-contentful-plugin README gatsbyjs/gatsby#38480) (Update gatsby-contentful-plugin README (#38480) gatsbyjs/gatsby#38607)
• aefefa9 chore(release): Publish
• 9ffed29 feat(gatsby-graphiql-explorer): lower minimum node version (feat(gatsby-graphiql-explorer): lower minimum node version gatsbyjs/gatsby#38577) (feat(gatsby-graphiql-explorer): lower minimum node version (#38577) gatsbyjs/gatsby#38579)
• d055a99 chore(release): Publish
• 56ddcce fix(gatsby-adapter-netlify): handle cases with large cached _redirects and/or _headers files (fix(gatsby-adapter-netlify): handle cases with large cached _redirects and/or _headers files gatsbyjs/gatsby#38559) (fix(gatsby-adapter-netlify): handle cases with large cached _redirects and/or _headers files (#38559) gatsbyjs/gatsby#38564)
• 68be864 chore(release): Publish
• dfcc546 Update gatsby-cloud-plugin README (Update gatsby-cloud-plugin README gatsbyjs/gatsby#38479) (Update gatsby-cloud-plugin README (#38479) gatsbyjs/gatsby#38550)
• 0642eb7 chore(release): Publish
• 232ec13 fix(gatsby): don't break builds when using features unsupported by adapter (fix(gatsby): don't break builds when using features unsupported by adapter gatsbyjs/gatsby#38520) (fix(gatsby): don't break builds when using features unsupported by adapter (#38520) gatsbyjs/gatsby#38521)
• 4b082d3 chore(release): Publish
• da050e5 fix(gatsby): fix api function compilation on Windows (fix(gatsby): fix api function compilation on Windows gatsbyjs/gatsby#38489) (fix(gatsby): fix api function compilation on Windows (#38489) gatsbyjs/gatsby#38491)
• b6f1a10 chore(release): Publish
• 6a73ee1 fix: fix fetching adapters manifest from latest gatsby version (fix: fix fetching adapters manifest from latest gatsby version gatsbyjs/gatsby#38475) (fix: fix fetching adapters manifest from latest gatsby version (#38475) gatsbyjs/gatsby#38482)
• 1fe0cf1 chore(release): Publish
• 1f9e806 fix: fix fetching adapters manifest from latest gatsby version

Compare

---

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.

For more information:

🧐 View latest project report

🛠 Adjust upgrade PR settings

🔕 Ignore this dependency or unsubscribe from future upgrade PRs

[stackblitz]

Run & review this pull request in StackBlitz Codeflow.

[changeset-bot]

⚠️ No Changeset found

Latest commit: b026c42

Merging this PR will not cause a version bump for any packages. If these changes should not result in a new version, you're good to go. If these changes should result in a version bump, you need to add a changeset.

Click here to learn what changesets are, and how to add one.

Click here if you're a maintainer who wants to add a changeset to this PR