[Snyk] Upgrade gatsby from 5.12.4 to 5.15.0

[X-oss-byte]

Snyk has created this PR to upgrade gatsby from 5.12.4 to 5.15.0.

ℹ️ Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.

---

• The recommended version is 50 versions ahead of your current version.

• The recommended version was released 21 days ago.

Issues fixed by the recommended upgrade:

	Issue	Score	Exploit Maturity
	Cross-site Request Forgery (CSRF) SNYK-JS-AXIOS-6032459	676	Proof of Concept
	Regular Expression Denial of Service (ReDoS) SNYK-JS-AXIOS-6124857	676	Proof of Concept
	Server-side Request Forgery (SSRF) SNYK-JS-AXIOS-9292519	676	Proof of Concept
	Server-side Request Forgery (SSRF) SNYK-JS-AXIOS-9403194	676	No Known Exploit
	Uncaught Exception SNYK-JS-MULTER-10299078	676	No Known Exploit
	Uncaught Exception SNYK-JS-MULTER-10773732	676	No Known Exploit
	Incomplete List of Disallowed Inputs SNYK-JS-BABELTRAVERSE-5962462	676	Proof of Concept
	Regular Expression Denial of Service (ReDoS) SNYK-JS-CROSSSPAWN-8303230	676	Proof of Concept
	Regular Expression Denial of Service (ReDoS) SNYK-JS-CROSSSPAWN-8303230	676	Proof of Concept
	Improper Handling of Extra Parameters SNYK-JS-FOLLOWREDIRECTS-6141137	676	Proof of Concept
	Path Traversal SNYK-JS-WEBPACKDEVMIDDLEWARE-6476555	676	Proof of Concept
	Denial of Service (DoS) SNYK-JS-WS-7266574	676	Proof of Concept
	Uncaught Exception SNYK-JS-MULTER-10185673	676	Proof of Concept
	Missing Release of Memory after Effective Lifetime SNYK-JS-MULTER-10185675	676	No Known Exploit
	Insufficient Visual Distinction of Homoglyphs Presented to User SNYK-JS-BASEX-10118294	676	No Known Exploit
	Information Exposure SNYK-JS-FOLLOWREDIRECTS-6444610	676	Proof of Concept
	Predictable Value Range from Previous Values SNYK-JS-FORMDATA-10841150	676	Proof of Concept
	Cross-site Scripting (XSS) SNYK-JS-WEBPACK-7840298	676	Proof of Concept

Release notes

Package name: gatsby

• 5.15.0 - 2025-08-27
  

  [email protected]

• 5.15.0-prebuilt-libvips.6 - 2025-06-20
• 5.15.0-next.2 - 2025-04-09
• 5.15.0-next.1 - 2025-01-02
• 5.15.0-next.0 - 2024-11-07
• 5.14.6 - 2025-08-06
• 5.14.5 - 2025-06-20
• 5.14.4 - 2025-06-06
• 5.14.3 - 2025-04-09
• 5.14.2 - 2025-04-07
• 5.14.1 - 2024-12-20
• 5.14.0 - 2024-11-06
• 5.14.0-next.4 - 2024-02-20
• 5.14.0-next.3 - 2024-01-23
• 5.14.0-next.2 - 2024-01-05
• 5.14.0-next.1 - 2024-01-04
• 5.14.0-next.0 - 2023-12-15
• 5.14.0-ctf-next.0 - 2024-03-08
• 5.14.0-canary.7 - 2024-02-16
• 5.14.0-alpha-ssr-writestream.3 - 2024-01-25
• 5.14.0-alpha-monorepo-support.17 - 2024-06-04
• 5.14.0-alpha-headers-perf.16 - 2024-05-24
• 5.14.0-alpha-gatsby.9 - 2024-04-29
• 5.14.0-alpha-gatsby.6 - 2024-04-26
• 5.14.0-alpha-fix-ssr-linkfs.5 - 2023-12-21
• 5.14.0-alpha-fix-parcel-segfault.11 - 2024-01-02
• 5.13.7 - 2024-07-12
• 5.13.6 - 2024-05-29
• 5.13.5 - 2024-05-17
• 5.13.4 - 2024-04-10
• 5.13.3 - 2024-01-25
• 5.13.2 - 2024-01-23
• 5.13.1 - 2023-12-22
• 5.13.0 - 2023-12-18
• 5.13.0-next.3 - 2023-12-04
• 5.13.0-next.2 - 2023-11-16
• 5.13.0-next.1 - 2023-08-22
• 5.13.0-next.0 - 2023-07-25
• 5.13.0-alpha-fix-pnpm.21 - 2023-12-20
• 5.13.0-alpha-fix-pnpm.17 - 2023-12-15
• 5.13.0-alpha-fix-pnpm.16 - 2023-12-14
• 5.13.0-alpha-alt-image-cdn.38 - 2023-11-03
• 5.12.12 - 2023-12-07
• 5.12.11 - 2023-11-22
• 5.12.10 - 2023-11-21
• 5.12.9 - 2023-10-26
• 5.12.8 - 2023-10-20
• 5.12.7 - 2023-10-17
• 5.12.6 - 2023-10-09
• 5.12.5 - 2023-09-27
• 5.12.4 - 2023-09-05

from gatsby GitHub release notes

---

Important

• Check the changes in this PR to ensure they won't cause issues with your project.
• This PR was automatically created by Snyk using the credentials of a real user.
• Max score is 1000. Note that the real score may have changed since the PR was raised.

---

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.

For more information:

• 🧐 View latest project report
• 📜 Customise PR templates
• 🛠 Adjust upgrade PR settings
• 🔕 Ignore this dependency or unsubscribe from future upgrade PRs

[bolt-new-by-stackblitz]

Run & review this pull request in StackBlitz Codeflow.

[changeset-bot]

⚠️ No Changeset found

Latest commit: 2211ef4

Merging this PR will not cause a version bump for any packages. If these changes should not result in a new version, you're good to go. If these changes should result in a version bump, you need to add a changeset.

Click here to learn what changesets are, and how to add one.

Click here if you're a maintainer who wants to add a changeset to this PR