[Snyk] Upgrade gatsby-plugin-sharp from 5.0.0 to 5.13.1

[X-oss-byte]

Snyk has created this PR to upgrade gatsby-plugin-sharp from 5.0.0 to 5.13.1.

ℹ️ Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.

---

• The recommended version is 49 versions ahead of your current version.
• The recommended version was released 9 months ago, on 2024-01-23.

The recommended version fixes:

Severity	Issue	PriorityScore (*)	Exploit Maturity
	Information Exposure SNYK-JS-GATSBYPLUGINSHARP-5425803	429/1000 Why? Has a fix available, CVSS 4.3	No Known Exploit
	Information Exposure SNYK-JS-GATSBYPLUGINSHARP-5671648	429/1000 Why? Has a fix available, CVSS 4.3	Proof of Concept
	Regular Expression Denial of Service (ReDoS) SNYK-JS-SIDEWAYFORMULA-3317169	429/1000 Why? Has a fix available, CVSS 4.3	No Known Exploit

(*) Note that the real score may have changed since the PR was raised.

Release notes

Package name: gatsby-plugin-sharp

• 5.13.1 - 2024-01-23
• 5.13.0 - 2023-12-18
• 5.13.0-next.1 - 2023-11-16
• 5.13.0-next.0 - 2023-07-25
• 5.13.0-alpha-alt-image-cdn.44 - 2023-11-03
• 5.12.3 - 2023-10-26
• 5.12.2 - 2023-10-20
• 5.12.1 - 2023-10-09
• 5.12.0 - 2023-08-24
• 5.12.0-next.1 - 2023-07-03
• 5.12.0-next.0 - 2023-06-15
• 5.11.0 - 2023-06-15
• 5.11.0-next.1 - 2023-06-05
• 5.11.0-next.0 - 2023-05-16
• 5.10.0 - 2023-05-16
• 5.10.0-next.2 - 2023-05-03
• 5.10.0-next.1 - 2023-04-27
• 5.10.0-next.0 - 2023-04-18
• 5.9.0 - 2023-04-18
• 5.9.0-next.2 - 2023-04-06
• 5.9.0-next.1 - 2023-03-30
• 5.9.0-next.0 - 2023-03-21
• 5.9.0-image-cdn-configurable.4 - 2023-04-11
• 5.8.1 - 2023-03-29
• 5.8.0 - 2023-03-21
• 5.8.0-next.0 - 2023-02-16
• 5.7.0 - 2023-02-21
• 5.7.0-next.0 - 2023-02-03
• 5.6.0 - 2023-02-07
• 5.6.0-next.1 - 2023-01-26
• 5.6.0-next.0 - 2023-01-19
• 5.5.0 - 2023-01-24
• 5.5.0-next.1 - 2023-01-17
• 5.5.0-next.0 - 2023-01-05
• 5.4.0 - 2023-01-10
• 5.4.0-next.2 - 2023-01-04
• 5.4.0-next.1 - 2022-12-14
• 5.4.0-next.0 - 2022-12-08
• 5.3.2 - 2022-12-14
• 5.3.1 - 2022-12-14
• 5.3.0 - 2022-12-13
• 5.3.0-next.3 - 2022-12-07
• 5.3.0-next.2 - 2022-12-06
• 5.3.0-next.1 - 2022-12-01
• 5.3.0-next.0 - 2022-11-25
• 5.2.0 - 2022-11-25
• 5.2.0-next.0 - 2022-11-17
• 5.1.0 - 2022-11-22
• 5.1.0-next.0 - 2022-11-08
• 5.0.0 - 2022-11-08

from gatsby-plugin-sharp GitHub release notes

Commit messages

Package name: gatsby-plugin-sharp

• b24134d chore(release): Publish
• c74745c fix(gatsby): support builtin modules prefixed with `node:` on `build-html` (fix(gatsby): support builtin modules prefixed with node: on build-html gatsbyjs/gatsby#38516) (fix(gatsby): support builtin modules prefixed with node: on build-html (#38516) gatsbyjs/gatsby#38818)
• c9f8c24 chore: swap babel-plugin-lodash with updated version that doesn't use deprecated APIs (chore: swap babel-plugin-lodash with updated version that doesn't use deprecated APIs gatsbyjs/gatsby#38797) (chore: swap babel-plugin-lodash with updated version that doesn't use deprecated APIs (#38797) gatsbyjs/gatsby#38803)
• fc0eea1 fix(gatsby): fix webpack compilation when pnpm is used (fix(gatsby): fix webpack compilation when pnpm is used gatsbyjs/gatsby#38757) (fix(gatsby): fix webpack compilation when pnpm is used (#38757) gatsbyjs/gatsby#38804)
• f6ed443 fix(gatsby): try to automatically recover when parcel segfaults (fix(gatsby): try to automatically recover when parcel segfaults gatsbyjs/gatsby#38773) (fix(gatsby): try to automatically recover when parcel segfaults (#38773) gatsbyjs/gatsby#38799)
• 68b0821 fix(gatsby): more robust adapter zero-conf handling (fix(gatsby): more robust adapter zero-conf handling gatsbyjs/gatsby#38778) (fix(gatsby): more robust adapter zero-conf handling (#38778) gatsbyjs/gatsby#38800)
• 366b54c chore(release): Publish
• 4b892c5 chore(gatsby-cli,gatsby-source-wordpress): bump clipboardy (chore(gatsby-cli,gatsby-source-wordpress): bump clipboardy gatsbyjs/gatsby#38775) (chore(gatsby-cli,gatsby-source-wordpress): bump clipboardy (#38775) gatsbyjs/gatsby#38776)
• 2c0622c chore(release): Publish
• 5d6bb65 fix(docs): update remote url docs (fix(docs): update remote url docs gatsbyjs/gatsby#38768) (fix(docs): update remote url docs (#38768) gatsbyjs/gatsby#38770)
• 18ffcfa chore(release): Publish
• 1953e5c fix(gatsby): allow gatsby-adapter-netlify@">=1.0.0 <=1.0.3" for gatsby@<5.12.10 (fix(gatsby): allow gatsby-adapter-netlify@">=1.0.0 <=1.0.3" for gatsby@<5.12.10 gatsbyjs/gatsby#38758)
• 4a780fb feat: image and file cdn url generator adapter implementation (feat: image and file cdn url generator adapter implementation gatsbyjs/gatsby#38685)
• f8c207b chore: move gatsby-plugin-netlify-cms to deprecated-packages (chore: move gatsby-plugin-netlify-cms to deprecated-packages gatsbyjs/gatsby#38755)
• 6d1d97e chore(gatsby-plugin-netlify-cms): add deprecation notice (chore(gatsby-plugin-netlify-cms): add deprecation notice  gatsbyjs/gatsby#38753)
• 7a7fa5f chore(deps): update dependency @ types/jscodeshift to ^0.11.11 for gatsby-codemods (chore(deps): update dependency @types/jscodeshift to ^0.11.11 for gatsby-codemods gatsbyjs/gatsby#38595)
• 8919982 fix(deps): update dependency gatsby-plugin-webpack-bundle-analyser-v2 to ^1.1.32 (fix(deps): update dependency gatsby-plugin-webpack-bundle-analyser-v2 to ^1.1.32 gatsbyjs/gatsby#38722)
• d148295 chore(deps): update [dev] minor and patch dependencies for gatsby-cli (chore(deps): update [dev] minor and patch dependencies for gatsby-cli gatsbyjs/gatsby#38592)
• 37f2288 chore(deps): update dependency rimraf to ^5.0.5 (chore(deps): update dependency rimraf to ^5.0.5 gatsbyjs/gatsby#38596)
• 0faf0fe chore(deps): update dependency rimraf to ^5.0.5 for gatsby-telemetry (chore(deps): update dependency rimraf to ^5.0.5 for gatsby-telemetry gatsbyjs/gatsby#38597)
• 31272e9 chore(deps): update dependency rimraf to ^5.0.5 for gatsby-worker (chore(deps): update dependency rimraf to ^5.0.5 for gatsby-worker gatsbyjs/gatsby#38598)
• edcb035 chore(deps): update dependency start-server-and-test to ^2.0.3 (chore(deps): update dependency start-server-and-test to ^2.0.3 gatsbyjs/gatsby#38599)
• 956e30c chore(deps): update dependency wait-on to ^7.2.0 (chore(deps): update dependency wait-on to ^7.2.0 gatsbyjs/gatsby#38724)
• c1138ad chore(deps): update dependency fs-extra to ^11.2.0 (chore(deps): update dependency fs-extra to ^11.2.0 gatsbyjs/gatsby#38723)

Compare

---

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.

For more information:

🧐 View latest project report

🛠 Adjust upgrade PR settings

🔕 Ignore this dependency or unsubscribe from future upgrade PRs

[bolt-new-by-stackblitz]

Run & review this pull request in StackBlitz Codeflow.

[changeset-bot]

⚠️ No Changeset found

Latest commit: 718d37e

Merging this PR will not cause a version bump for any packages. If these changes should not result in a new version, you're good to go. If these changes should result in a version bump, you need to add a changeset.

Click here to learn what changesets are, and how to add one.

Click here if you're a maintainer who wants to add a changeset to this PR

[sourcery-ai]

We have skipped reviewing this pull request. Here's why:

• It seems to have been created by a bot ('[Snyk]' found in title). We assume it knows what it's doing!
• We don't review packaging changes - Let us know if you'd like us to change this.