[Snyk] Upgrade gatsby-plugin-mdx from 3.18.1 to 5.11.0

[FengShangWuQi]

This PR was automatically created by Snyk using the credentials of a real user.

Snyk has created this PR to upgrade gatsby-plugin-mdx from 3.18.1 to 5.11.0.

ℹ️ Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.

---

Warning: This is a major version upgrade, and may be a breaking change.

• The recommended version is 100 versions ahead of your current version.
• The recommended version was released a month ago, on 2023-06-15.

The recommended version fixes:

Severity	Issue	PriorityScore (*)	Exploit Maturity
	Regular Expression Denial of Service (ReDoS) SNYK-JS-NTHCHECK-1586032	482/1000 Why? Proof of Concept exploit, CVSS 7.5	Proof of Concept
	Information Exposure SNYK-JS-GATSBYPLUGINMDX-5671902	482/1000 Why? Proof of Concept exploit, CVSS 7.5	Proof of Concept

(*) Note that the real score may have changed since the PR was raised.

Release notes

Package name: gatsby-plugin-mdx

• 5.11.0 - 2023-06-15
• 5.11.0-next.1 - 2023-06-05
• 5.11.0-next.0 - 2023-05-16
• 5.10.0 - 2023-05-16
• 5.10.0-next.3 - 2023-05-03
• 5.10.0-next.2 - 2023-04-27
• 5.10.0-next.1 - 2023-04-19
• 5.10.0-next.0 - 2023-04-18
• 5.9.0 - 2023-04-18
• 5.9.0-next.1 - 2023-04-06
• 5.9.0-next.0 - 2023-03-21
• 5.9.0-image-cdn-configurable.4 - 2023-04-11
• 5.8.0 - 2023-03-21
• 5.8.0-next.1 - 2023-03-14
• 5.8.0-next.0 - 2023-02-16
• 5.7.0 - 2023-02-21
• 5.7.0-next.0 - 2023-02-03
• 5.6.0 - 2023-02-07
• 5.6.0-next.1 - 2023-01-26
• 5.6.0-next.0 - 2023-01-19
• 5.5.0 - 2023-01-24
• 5.5.0-next.1 - 2023-01-17
• 5.5.0-next.0 - 2023-01-05
• 5.4.0 - 2023-01-10
• 5.4.0-next.2 - 2023-01-04
• 5.4.0-next.1 - 2022-12-14
• 5.4.0-next.0 - 2022-12-08
• 5.3.1 - 2022-12-14
• 5.3.0 - 2022-12-13
• 5.3.0-next.3 - 2022-12-07
• 5.3.0-next.2 - 2022-12-06
• 5.3.0-next.1 - 2022-12-01
• 5.3.0-next.0 - 2022-11-25
• 5.2.0 - 2022-11-25
• 5.2.0-next.0 - 2022-11-17
• 5.1.0 - 2022-11-22
• 5.1.0-next.0 - 2022-11-08
• 5.0.0 - 2022-11-08
• 5.0.0-next.6 - 2022-11-04
• 5.0.0-next.5 - 2022-10-25
• 5.0.0-next.4 - 2022-10-24
• 5.0.0-next.3 - 2022-10-20
• 5.0.0-next.2 - 2022-10-20
• 5.0.0-next.1 - 2022-10-18
• 5.0.0-next.0 - 2022-10-12
• 5.0.0-alpha-v5.d20221012t101120.57 - 2022-10-12
• 5.0.0-alpha-v5.d20221010t183635.51 - 2022-10-10
• 5.0.0-alpha-v5.d20221007t081809.41 - 2022-10-07
• 5.0.0-alpha-v5.d20221005t111511.35 - 2022-10-05
• 5.0.0-alpha-v5.25 - 2022-08-30
• 5.0.0-alpha-v5.24 - 2022-08-30
• 5.0.0-alpha-v5.16 - 2022-09-28
• 5.0.0-alpha-v5.11 - 2022-09-14
• 5.0.0-alpha-drupal-proxyurl.14 - 2022-11-22
• 4.4.0 - 2022-12-07
• 4.4.0-next.0 - 2022-09-22
• 4.4.0-alpha-image-cdn-pathprefix.48 - 2022-10-07
• 4.4.0-alpha-image-cdn-pathprefix.47 - 2022-10-07
• 4.3.1-alpha-wordpress-image-err.27 - 2022-11-09
• 4.3.1-alpha-wordpress-image-err.26 - 2022-11-09
• 4.3.1-alpha-wordpress-image-err.25 - 2022-11-09
• 4.3.0 - 2022-09-27
• 4.3.0-next.4 - 2022-09-21
• 4.3.0-next.3 - 2022-09-21
• 4.3.0-next.2 - 2022-09-14
• 4.3.0-next.1 - 2022-09-13
• 4.3.0-next.0 - 2022-09-08
• 4.2.1 - 2022-09-22
• 4.2.0 - 2022-09-13
• 4.2.0-next.1 - 2022-08-31
• 4.2.0-next.0 - 2022-08-25
• 4.2.0-alpha-v5.26 - 2022-09-04
• 4.2.0-alpha-preview-gh-api.26 - 2022-09-08
• 4.2.0-alpha-image-cdn-enc.24 - 2022-09-16
• 4.2.0-alpha-image-cdn-enc.7 - 2022-09-13
• 4.2.0-alpha-a5-peer.54 - 2022-09-14
• 4.2.0-alpha-a5-peer.53 - 2022-09-14
• 4.2.0-alpha-9689ff.25 - 2022-08-31
• 4.1.1 - 2022-09-08
• 4.1.0 - 2022-08-30
• 4.1.0-next.1 - 2022-08-15
• 4.1.0-next.0 - 2022-08-11
• 4.0.0 - 2022-08-16
• 4.0.0-rc.3 - 2022-07-27
• 4.0.0-rc.2 - 2022-07-26
• 4.0.0-rc.1 - 2022-07-25
• 4.0.0-rc.0 - 2022-07-07
• 4.0.0-next.1 - 2022-08-10
• 4.0.0-next.0 - 2022-08-10
• 4.0.0-alpha-v4.27 - 2022-06-01
• 4.0.0-alpha-v4.25 - 2022-06-01
• 3.21.0-next.1 - 2022-08-04
• 3.21.0-next.0 - 2022-07-28
• 3.20.0 - 2022-08-02
• 3.20.0-next.2 - 2022-07-27
• 3.20.0-next.1 - 2022-07-25
• 3.20.0-next.0 - 2022-07-14
• 3.19.0 - 2022-07-19
• 3.19.0-next.1 - 2022-07-05
• 3.19.0-next.0 - 2022-06-30
• 3.18.1 - 2022-07-12

from gatsby-plugin-mdx GitHub release notes

Commit messages

Package name: gatsby-plugin-mdx

• 0130d6a chore(release): Publish
• af202af chore(gatsby-source-wordpress): remove warning about multiple plugin instances (#38241) (#38242)
• 5089f0d fix(gatsby): allow touching nodes owned by another plugin (#38235) (#38238)
• 77e4e19 feat(gatsby-source-wordpress): support multiple instances of plugin (#38119)
• 7d30a58 fix(deps): update starters and examples (#38224)
• df12265 chore: Various `yarn bootstrap` fixes (#38223)
• 52a0023 chore(gatsby-plugin-feed): depend on `joi` instead of `@ hapi/joi` (#38205)
• ebe9bc6 chore(release): Publish next
• 15647e7 chore(docs): Add Flightcontrol to "Deploying to Other Services" (#38194)
• 52edecd fix(deps): update starters and examples to v4 (#38197)
• 4b00d65 chore(deps): update starters and examples (#38196)
• 9bfa51f chore(deps): update dependency preact to ^10.15.1 for gatsby-plugin-preact (#38169)
• 7b306cb chore(deps): update [dev] minor and patch dependencies for gatsby-graphiql-explorer (#38138)
• 59cf598 chore(deps): update dependency @ types/babel__core to ^7.20.1 for babel-preset-gatsby-package (#38141)
• e77274e fix(deps): update dependency cypress to ^12.13.0 (#38174)
• 309461a feat(gatsby-transformer-screenshot): Add screenshotEndpoint option (#38136)
• ef8e0c0 chore: lock file
• dc988ef chore(deps): update gatsby monorepo (#38147)
• a847e1c chore(deps): update [dev] minor and patch dependencies for gatsby-source-shopify (#38140)
• 413eb3d chore: lock file
• 9e27a90 fix(deps): update minor and patch dependencies for gatsby (#38161)
• 1699968 fix(deps): update minor and patch dependencies for gatsby-source-contentful (#38162)
• 0060bdf fix(deps): update starters and examples (major) (#38123)
• 3a5ab8d chore: Use updated theme-ui version in mdx e2e

Compare

---

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.

For more information:

🧐 View latest project report

🛠 Adjust upgrade PR settings

🔕 Ignore this dependency or unsubscribe from future upgrade PRs

[vercel]

The latest updates on your projects. Learn more about Vercel for Git ↗︎

Name	Status	Preview	Comments	Updated (UTC)
blog	❌ Failed (Inspect)			Jul 21, 2023 5:44pm
storybook	❌ Failed (Inspect)			Jul 21, 2023 5:44pm

[gatsby-cloud]

❌ blog deploy preview failed

Your build failed. View the build logs.

Errors

Your plugins must export known APIs from their gatsby-node.js.

See https://www.gatsbyjs.com/docs/reference/config-files/gatsby-node/ for the list of Gatsby node APIs.

- The plugin [email protected] is using the API "shouldOnCreateNode" which was introduced in [email protected].

Some of the following may help fix the error(s):

- npm install gatsby@^5.0.0
- Rename "shouldOnCreateNode" -> "unstable_shouldOnCreateNode"

"gatsby-plugin-mdx" threw an error while running the onCreateNode lifecycle:

Could not find function loadNodeContent for plugin internal-data-bridge

  273 |   cache
  274 | }) => {
> 275 |   const rawBody = await loadNodeContent(node);
      |                         ^
  276 |   const {
  277 |     frontmatter,
  278 |     body

[gatsby-cloud]

❌ storybook deploy preview failed

Your build failed. View the build logs.

Errors

Your plugins must export known APIs from their gatsby-node.js.

See https://www.gatsbyjs.com/docs/reference/config-files/gatsby-node/ for the list of Gatsby node APIs.

- The plugin [email protected] is using the API "shouldOnCreateNode" which was introduced in [email protected].

Some of the following may help fix the error(s):

- npm install gatsby@^5.0.0
- Rename "shouldOnCreateNode" -> "unstable_shouldOnCreateNode"

[stale]

Is this still relevant? If so, what is blocking it? Is there anything you can do to help move it forward?

This issue has been automatically marked as stale because it has not had recent activity. It will be closed if no further activity occurs.