Thanks to visit codestin.com
Credit goes to github.com

Skip to content

[Snyk] Upgrade: , core-js, canvg, fflate, html2canvas#3770

Closed
MrRio wants to merge 1 commit into
masterfrom
snyk-upgrade-9c7ccb0e04c37d20c35b3ca730c6009d
Closed

[Snyk] Upgrade: , core-js, canvg, fflate, html2canvas#3770
MrRio wants to merge 1 commit into
masterfrom
snyk-upgrade-9c7ccb0e04c37d20c35b3ca730c6009d

Conversation

@MrRio

@MrRio MrRio commented Sep 18, 2024

Copy link
Copy Markdown
Member

snyk-top-banner

Snyk has created this PR to upgrade multiple dependencies.

👯‍♂ The following dependencies are linked and will therefore be updated together.

ℹ️ Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.

Name Versions Released on

@babel/runtime
from 7.23.2 to 7.25.4 | 15 versions ahead of your current version | a month ago
on 2024-08-22
core-js
from 3.33.0 to 3.38.1 | 12 versions ahead of your current version | a month ago
on 2024-08-20
canvg
from 3.0.6 to 3.0.10 | 4 versions ahead of your current version | 3 years ago
on 2022-01-27
fflate
from 0.8.1 to 0.8.2 | 1 version ahead of your current version | 7 months ago
on 2024-02-07
html2canvas
from 1.0.0-rc.5 to 1.4.1 | 19 versions ahead of your current version | 3 years ago
on 2022-01-22

Release notes
Package name: @babel/runtime
  • 7.25.4 - 2024-08-22

    v7.25.4 (2024-08-22)

    🐛 Bug Fix

    💅 Polish

    • babel-generator, babel-plugin-proposal-decorators, babel-plugin-proposal-destructuring-private, babel-plugin-proposal-pipeline-operator, babel-plugin-transform-class-properties, babel-plugin-transform-destructuring, babel-plugin-transform-optional-chaining, babel-plugin-transform-private-methods, babel-plugin-transform-private-property-in-object, babel-plugin-transform-typescript, babel-runtime-corejs2, babel-runtime, babel-traverse
    • babel-generator, babel-plugin-transform-class-properties
    • babel-generator, babel-plugin-proposal-decorators, babel-plugin-proposal-destructuring-private, babel-plugin-transform-object-rest-spread

    🔬 Output optimization

    Committers: 4

  • 7.25.0 - 2024-07-26

    v7.25.0 (2024-07-26)

    Thanks @ davidtaylorhq and @ slatereax for your first PR!

    You can find the release blog post with some highlights at https://babeljs.io/blog/2024/07/26/7.25.0.

    👓 Spec Compliance

    • babel-helpers, babel-plugin-proposal-explicit-resource-management, babel-runtime-corejs3
    • babel-plugin-transform-typescript
      • #16602 Ensure enum members syntactically determinable to be strings do not get reverse mappings (@ liuxingbaoyu)

    🚀 New Feature

    • babel-helper-create-class-features-plugin, babel-helper-function-name, babel-helper-plugin-utils, babel-helper-wrap-function, babel-plugin-bugfix-safari-class-field-initializer-scope, babel-plugin-bugfix-safari-id-destructuring-collision-in-function-expression, babel-plugin-transform-classes, babel-plugin-transform-function-name, babel-preset-env, babel-traverse, babel-types
    • babel-helper-hoist-variables, babel-helper-plugin-utils, babel-plugin-proposal-async-do-expressions, babel-plugin-transform-modules-systemjs, babel-traverse
    • babel-helper-create-class-features-plugin, babel-helper-module-transforms, babel-helper-plugin-utils, babel-helper-split-export-declaration, babel-plugin-transform-classes, babel-traverse, babel-types
    • babel-helper-create-class-features-plugin, babel-helper-environment-visitor, babel-helper-module-transforms, babel-helper-plugin-utils, babel-helper-remap-async-to-generator, babel-helper-replace-supers, babel-plugin-bugfix-firefox-class-in-computed-class-key, babel-plugin-bugfix-v8-static-class-fields-redefine-readonly, babel-plugin-transform-async-generator-functions, babel-plugin-transform-classes, babel-traverse
    • babel-core, babel-parser
    • babel-compat-data, babel-plugin-bugfix-safari-class-field-initializer-scope, babel-preset-env
    • babel-plugin-transform-block-scoping, babel-traverse, babel-types
    • babel-helper-import-to-platform-api, babel-plugin-proposal-json-modules
    • babel-helper-transform-fixture-test-runner, babel-node
    • babel-compat-data, babel-helper-create-regexp-features-plugin, babel-plugin-proposal-duplicate-named-capturing-groups-regex, babel-plugin-transform-duplicate-named-capturing-groups-regex, babel-preset-env, babel-standalone
      • #16445 Add duplicate-named-capturing-groups-regex to preset-env (@ JLHwung)

    🐛 Bug Fix

    🏠 Internal

    • Other
    • babel-generator
    • babel-helper-function-name, babel-plugin-transform-arrow-functions, babel-plugin-transform-function-name, babel-preset-env, babel-traverse

    🏃‍♀️ Performance

    • babel-parser, babel-plugin-proposal-pipeline-operator

    🔬 Output optimization

    • babel-plugin-transform-classes
    • babel-helper-create-class-features-plugin, babel-helper-replace-supers, babel-helpers, babel-plugin-proposal-decorators, babel-plugin-transform-class-properties, babel-plugin-transform-classes, babel-plugin-transform-exponentiation-operator, babel-plugin-transform-object-super, babel-plugin-transform-private-methods, babel-runtime-corejs2, babel-runtime-corejs3, babel-runtime
    • babel-plugin-transform-class-properties, babel-plugin-transform-classes

    Committers: 6

  • 7.24.8 - 2024-07-11

    v7.24.8 (2024-07-11)

    Thanks @ H0onnn, @ jkup and @ SreeXD for your first pull requests!

    👓 Spec Compliance

    🐛 Bug Fix

    💅 Polish

    Committers: 9

  • 7.24.7 - 2024-06-05
  • 7.24.6 - 2024-05-24
  • 7.24.5 - 2024-04-29
  • 7.24.4 - 2024-04-03
  • 7.24.1 - 2024-03-19
  • 7.24.0 - 2024-02-28
  • 7.23.9 - 2024-01-25
  • 7.23.8 - 2024-01-08
  • 7.23.7 - 2023-12-29
  • 7.23.6 - 2023-12-11
  • 7.23.5 - 2023-11-29
  • 7.23.4 - 2023-11-20
  • 7.23.2 - 2023-10-11
from @babel/runtime GitHub release notes
Package name: core-js from core-js GitHub release notes
Package name: canvg from canvg GitHub release notes
Package name: fflate
  • 0.8.2 - 2024-02-07
    • Fixed broken UMD build
    • Fixed edge-case causing skipped data during streaming compression
    • Fixed bug in GZIP streaming on member boundary
    • Improved streaming performance on inconsistent chunk sizes
    • Improved unzip performance on undercompressed archives
    • Added flushing support into streaming API
    • Added backpressure support into async streaming API
      • Use new ondrain handler and queuedSize
  • 0.8.1 - 2023-09-19
from fflate GitHub release notes
Package name: html2canvas
  • 1.4.1 - 2022-01-22
    No content.
  • 1.4.0 - 2022-01-02
    No content.
  • 1.3.4 - 2021-12-29
    No content.
  • 1.3.3 - 2021-11-23
    No content.
  • 1.3.2 - 2021-08-15
    No content.
  • 1.3.1 - 2021-08-14
    No content.
  • 1.3.0 - 2021-08-13
    No content.
  • 1.2.2 - 2021-08-10
    No content.
  • 1.2.1 - 2021-08-05
    No content.
  • 1.2.0 - 2021-08-04
    No content.
  • 1.1.5 - 2021-08-02
  • 1.1.4 - 2021-07-15
  • 1.1.3 - 2021-07-14
  • 1.1.2 - 2021-07-13
  • 1.1.1 - 2021-07-12
  • 1.1.0 - 2021-07-11
  • 1.0.0 - 2021-07-04
  • 1.0.0-rc.7 - 2020-08-10
  • 1.0.0-rc.6 - 2020-08-08
  • 1.0.0-rc.5 - 2019-09-27
from html2canvas GitHub release notes

Important

  • Check the changes in this PR to ensure they won't cause issues with your project.
  • This PR was automatically created by Snyk using the credentials of a real user.

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.

For more information:

Snyk has created this PR to upgrade:
  - @babel/runtime from 7.23.2 to 7.25.4.
    See this package in npm: https://www.npmjs.com/package/@babel/runtime
  - core-js from 3.33.0 to 3.38.1.
    See this package in npm: https://www.npmjs.com/package/core-js
  - canvg from 3.0.6 to 3.0.10.
    See this package in npm: https://www.npmjs.com/package/canvg
  - fflate from 0.8.1 to 0.8.2.
    See this package in npm: https://www.npmjs.com/package/fflate
  - html2canvas from 1.0.0-rc.5 to 1.4.1.
    See this package in npm: https://www.npmjs.com/package/html2canvas

See this project in Snyk:
https://app.snyk.io/org/mrrio/project/50515eb1-b03b-4f42-9f17-cce1a33d5d1a?utm_source=github&utm_medium=referral&page=upgrade-pr
@congdcit

congdcit commented Dec 5, 2024

Copy link
Copy Markdown

Hello,

Why it's not merge and release for some old dependencies

@pranjalja1n

pranjalja1n commented Feb 7, 2025

Copy link
Copy Markdown

@MrRio we desperately need to upgrade the optional dependency versions. Any reason why canvg hasn't been bumped to v4? As far as I can see, the loadCanvg function can handle the new import implemented by canvg v4.

Also, have heard good things about html-to-image as an alternative for abandoned html2canvas

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

Projects

None yet

Development

Successfully merging this pull request may close these issues.

4 participants