[Snyk] Upgrade gatsby from 5.12.4 to 5.14.6

[X-oss-byte]

Snyk has created this PR to upgrade gatsby from 5.12.4 to 5.14.6.

ℹ️ Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.

---

• The recommended version is 45 versions ahead of your current version.

• The recommended version was released a month ago.

Issues fixed by the recommended upgrade:

	Issue	Score	Exploit Maturity
	Uncaught Exception SNYK-JS-MULTER-10299078	674	No Known Exploit
	Uncaught Exception SNYK-JS-MULTER-10773732	674	No Known Exploit
	Cross-site Request Forgery (CSRF) SNYK-JS-AXIOS-6032459	674	Proof of Concept
	Regular Expression Denial of Service (ReDoS) SNYK-JS-SEMVER-3247795	674	Proof of Concept
	Regular Expression Denial of Service (ReDoS) SNYK-JS-SEMVER-3247795	674	Proof of Concept
	Improper Link Resolution Before File Access ('Link Following') SNYK-JS-TARFS-10293725	674	No Known Exploit
	Symlink Attack SNYK-JS-TARFS-9535930	674	Mature
	Improper Link Resolution Before File Access ('Link Following') SNYK-JS-TARFS-10293725	674	No Known Exploit
	Symlink Attack SNYK-JS-TARFS-9535930	674	Mature
	Path Traversal SNYK-JS-WEBPACKDEVMIDDLEWARE-6476555	674	Proof of Concept
	Regular Expression Denial of Service (ReDoS) SNYK-JS-CROSSSPAWN-8303230	674	Proof of Concept
	Regular Expression Denial of Service (ReDoS) SNYK-JS-CROSSSPAWN-8303230	674	Proof of Concept
	Improper Handling of Extra Parameters SNYK-JS-FOLLOWREDIRECTS-6141137	674	Proof of Concept
	Regular Expression Denial of Service (ReDoS) SNYK-JS-AXIOS-6124857	674	Proof of Concept
	Server-side Request Forgery (SSRF) SNYK-JS-AXIOS-9292519	674	Proof of Concept
	Cross-site Scripting (XSS) SNYK-JS-WEBPACK-7840298	674	Proof of Concept
	Server-side Request Forgery (SSRF) SNYK-JS-AXIOS-9403194	674	No Known Exploit
	Incomplete List of Disallowed Inputs SNYK-JS-BABELTRAVERSE-5962462	674	Proof of Concept
	Insufficient Visual Distinction of Homoglyphs Presented to User SNYK-JS-BASEX-10118294	674	No Known Exploit
	Information Exposure SNYK-JS-FOLLOWREDIRECTS-6444610	674	Proof of Concept
	Predictable Value Range from Previous Values SNYK-JS-FORMDATA-10841150	674	Proof of Concept
	Uncaught Exception SNYK-JS-MULTER-10185673	674	Proof of Concept
	Missing Release of Memory after Effective Lifetime SNYK-JS-MULTER-10185675	674	No Known Exploit
	Denial of Service (DoS) SNYK-JS-MSGPACKR-6140431	674	No Known Exploit

Release notes

Package name: gatsby

• 5.14.6 - 2025-08-06
• 5.14.5 - 2025-06-20
• 5.14.4 - 2025-06-06
• 5.14.3 - 2025-04-09
• 5.14.2 - 2025-04-07
• 5.14.1 - 2024-12-20
• 5.14.0 - 2024-11-06
• 5.14.0-next.4 - 2024-02-20
• 5.14.0-next.3 - 2024-01-23
• 5.14.0-next.2 - 2024-01-05
• 5.14.0-next.1 - 2024-01-04
• 5.14.0-next.0 - 2023-12-15
• 5.14.0-ctf-next.0 - 2024-03-08
• 5.14.0-canary.7 - 2024-02-16
• 5.14.0-alpha-ssr-writestream.3 - 2024-01-25
• 5.14.0-alpha-monorepo-support.17 - 2024-06-04
• 5.14.0-alpha-headers-perf.16 - 2024-05-24
• 5.14.0-alpha-gatsby.9 - 2024-04-29
• 5.14.0-alpha-gatsby.6 - 2024-04-26
• 5.14.0-alpha-fix-ssr-linkfs.5 - 2023-12-21
• 5.14.0-alpha-fix-parcel-segfault.11 - 2024-01-02
• 5.13.7 - 2024-07-12
• 5.13.6 - 2024-05-29
• 5.13.5 - 2024-05-17
• 5.13.4 - 2024-04-10
• 5.13.3 - 2024-01-25
• 5.13.2 - 2024-01-23
• 5.13.1 - 2023-12-22
• 5.13.0 - 2023-12-18
• 5.13.0-next.3 - 2023-12-04
• 5.13.0-next.2 - 2023-11-16
• 5.13.0-next.1 - 2023-08-22
• 5.13.0-next.0 - 2023-07-25
• 5.13.0-alpha-fix-pnpm.21 - 2023-12-20
• 5.13.0-alpha-fix-pnpm.17 - 2023-12-15
• 5.13.0-alpha-fix-pnpm.16 - 2023-12-14
• 5.13.0-alpha-alt-image-cdn.38 - 2023-11-03
• 5.12.12 - 2023-12-07
• 5.12.11 - 2023-11-22
• 5.12.10 - 2023-11-21
• 5.12.9 - 2023-10-26
• 5.12.8 - 2023-10-20
• 5.12.7 - 2023-10-17
• 5.12.6 - 2023-10-09
• 5.12.5 - 2023-09-27
• 5.12.4 - 2023-09-05

from gatsby GitHub release notes

---

Important

• Check the changes in this PR to ensure they won't cause issues with your project.
• This PR was automatically created by Snyk using the credentials of a real user.
• Max score is 1000. Note that the real score may have changed since the PR was raised.

---

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.

For more information:

• 🧐 View latest project report
• 📜 Customise PR templates
• 🛠 Adjust upgrade PR settings
• 🔕 Ignore this dependency or unsubscribe from future upgrade PRs

[bolt-new-by-stackblitz]

Run & review this pull request in StackBlitz Codeflow.

[changeset-bot]

⚠️ No Changeset found

Latest commit: 03d7cd2

Merging this PR will not cause a version bump for any packages. If these changes should not result in a new version, you're good to go. If these changes should result in a version bump, you need to add a changeset.

Click here to learn what changesets are, and how to add one.

Click here if you're a maintainer who wants to add a changeset to this PR