From 7da9ec71f7d2ef0193624844dcc274a13dc14d60 Mon Sep 17 00:00:00 2001 From: Bad3r Date: Thu, 16 Jan 2025 07:27:41 +0300 Subject: [PATCH 1/3] [Snyk] Upgrade posthog-js from 1.10.2 to 1.203.1 (#925) Snyk has created this PR to upgrade posthog-js from 1.10.2 to 1.203.1. See this package in yarn: posthog-js See this project in Snyk: https://app.snyk.io/org/logseq-shared/project/5a3d2338-cdfe-4786-a6d7-222f2c01c29e?utm_source=github&utm_medium=referral&page=upgrade-pr Co-authored-by: snyk-bot --- package.json | 2 +- yarn.lock | 30 ++++++++++++++++++++++++------ 2 files changed, 25 insertions(+), 7 deletions(-) diff --git a/package.json b/package.json index cf71a244719..b8ddaee52fe 100644 --- a/package.json +++ b/package.json @@ -134,7 +134,7 @@ "photoswipe": "^5.3.7", "pixi-graph-fork": "0.2.0", "pixi.js": "6.2.0", - "posthog-js": "1.10.2", + "posthog-js": "1.203.1", "react": "17.0.2", "react-dom": "17.0.2", "react-grid-layout": "0.16.6", diff --git a/yarn.lock b/yarn.lock index 084b05901db..bacb8029224 100644 --- a/yarn.lock +++ b/yarn.lock @@ -2112,6 +2112,11 @@ copy-props@^2.0.1: each-props "^1.3.2" is-plain-object "^5.0.0" +core-js@^3.38.1: + version "3.40.0" + resolved "https://registry.yarnpkg.com/core-js/-/core-js-3.40.0.tgz#2773f6b06877d8eda102fc42f828176437062476" + integrity sha512-7vsMc/Lty6AGnn7uFpYT56QesI5D2Y/UkgKounk87OP9Z2H9Z8kj6jzcSGAxFmUtDOS0ntK6lbQz+Nsa0Jj6mQ== + core-util-is@~1.0.0: version "1.0.3" resolved "https://registry.yarnpkg.com/core-util-is/-/core-util-is-1.0.3.tgz#a6042d3634c2b27e9328f837b965fac83808db85" @@ -3056,7 +3061,7 @@ fd-slicer@~1.1.0: dependencies: pend "~1.2.0" -fflate@^0.4.1: +fflate@^0.4.8: version "0.4.8" resolved "https://registry.yarnpkg.com/fflate/-/fflate-0.4.8.tgz#f90b82aefbd8ac174213abb338bd7ef848f0f5ae" integrity sha512-FJqqoDBR00Mdj9ppamLa/Y7vxm+PRmNWA67N846RvsoYVMKB4q3y/de5PA7gUmRMYK/8CMz2GDZQmCRN1wBcWA== @@ -6226,12 +6231,20 @@ postcss@^8.4.23: picocolors "^1.0.0" source-map-js "^1.0.2" -posthog-js@1.10.2: - version "1.10.2" - resolved "https://registry.yarnpkg.com/posthog-js/-/posthog-js-1.10.2.tgz#74d6c84f9675b65dfd4ff6f4051ed8d3cb974076" - integrity sha512-JNjWstHEexhj5CEKldSeYNyPJbtOvZQ3ZPL55fxU7+f+gTBL8RlOb8eFohCPYIk0VhMf2UM1rXxwVBOeMQQQFw== +posthog-js@1.203.1: + version "1.203.1" + resolved "https://registry.yarnpkg.com/posthog-js/-/posthog-js-1.203.1.tgz#e1ce0ac65227d18b615f727ea4ec593694c6a33f" + integrity sha512-r/WiSyz6VNbIKEV/30+aD5gdrYkFtmZwvqNa6h9frl8hG638v098FrXaq3EYzMcCdkQf3phaZTDIAFKegpiTjw== dependencies: - fflate "^0.4.1" + core-js "^3.38.1" + fflate "^0.4.8" + preact "^10.19.3" + web-vitals "^4.2.0" + +preact@^10.19.3: + version "10.25.4" + resolved "https://registry.yarnpkg.com/preact/-/preact-10.25.4.tgz#c1d00bee9d7b9dcd06a2311d9951973b506ae8ac" + integrity sha512-jLdZDb+Q+odkHJ+MpW/9U5cODzqnB+fy2EiHSZES7ldV5LK7yjlVzTp7R8Xy6W6y75kfK8iWYtFVH7lvjwrCMA== pretty-hrtime@^1.0.0, pretty-hrtime@^1.0.3: version "1.0.3" @@ -8211,6 +8224,11 @@ vm-browserify@^1.0.1: resolved "https://registry.yarnpkg.com/vm-browserify/-/vm-browserify-1.1.2.tgz#78641c488b8e6ca91a75f511e7a3b32a86e5dda0" integrity sha512-2ham8XPWTONajOR0ohOKOHXkm3+gaBmGut3SRuu75xLd/RRaY6vqgh8NBYYk7+RW3u5AtzPQZG8F10LHkl0lAQ== +web-vitals@^4.2.0: + version "4.2.4" + resolved "https://registry.yarnpkg.com/web-vitals/-/web-vitals-4.2.4.tgz#1d20bc8590a37769bd0902b289550936069184b7" + integrity sha512-r4DIlprAGwJ7YM11VZp4R884m0Vmgr6EAKe3P+kO0PPj3Unqyvv59rczf6UiGcb9Z8QxZVcqKNwv/g0WNdWwsw== + webidl-conversions@^3.0.0: version "3.0.1" resolved "https://registry.yarnpkg.com/webidl-conversions/-/webidl-conversions-3.0.1.tgz#24534275e2a7bc6be7bc86611cc16ae0a5654871" From b85fc7cce5a127d22ecedd1c9b108b7f8ff36613 Mon Sep 17 00:00:00 2001 From: Bad3r Date: Thu, 16 Jan 2025 07:28:02 +0300 Subject: [PATCH 2/3] [Snyk] Upgrade debug from 4.3.4 to 4.4.0 (#907) Snyk has created this PR to upgrade debug from 4.3.4 to 4.4.0. See this package in yarn: debug See this project in Snyk: https://app.snyk.io/org/logseq-shared/project/22da396d-3b74-4f9c-9b7a-b6eb7013a5b4?utm_source=github&utm_medium=referral&page=upgrade-pr Co-authored-by: snyk-bot --- libs/package.json | 2 +- libs/yarn.lock | 14 +++++++++++++- 2 files changed, 14 insertions(+), 2 deletions(-) diff --git a/libs/package.json b/libs/package.json index 2ebfc7e7921..ee1cf54a22f 100644 --- a/libs/package.json +++ b/libs/package.json @@ -17,7 +17,7 @@ }, "dependencies": { "csstype": "3.1.0", - "debug": "4.3.4", + "debug": "4.4.0", "deepmerge": "4.3.1", "dompurify": "2.3.8", "eventemitter3": "4.0.7", diff --git a/libs/yarn.lock b/libs/yarn.lock index 082339d2295..8b9991e305c 100644 --- a/libs/yarn.lock +++ b/libs/yarn.lock @@ -1581,7 +1581,14 @@ csstype@^3.0.2: resolved "https://registry.yarnpkg.com/csstype/-/csstype-3.1.1.tgz#841b532c45c758ee546a11d5bd7b7b473c8c30b9" integrity sha512-DJR/VvkAvSZW9bTouZue2sSxDwdTN92uHjqeKVm+0dAqdfNykRzQ95tay8aXMBAAPpUiq4Qcug2L7neoRh2Egw== -debug@4.3.4, debug@^4.1.0, debug@^4.1.1: +debug@4.4.0: + version "4.4.0" + resolved "https://registry.yarnpkg.com/debug/-/debug-4.4.0.tgz#2b3f2aea2ffeb776477460267377dc8710faba8a" + integrity sha512-6WTZ/IxCY/T6BALoZHaE4ctp9xm+Z5kY/pzYaCHRFeyVhojxlrm+46y68HA6hr0TcwEssoxNiDEUJQjfPZ/RYA== + dependencies: + ms "^2.1.3" + +debug@^4.1.0, debug@^4.1.1: version "4.3.4" resolved "https://registry.yarnpkg.com/debug/-/debug-4.3.4.tgz#1319f6579357f2338d3337d2cdd4914bb5dcc865" integrity sha512-PRWFHuSU3eDtQJPvnNY7Jcket1j0t5OuOsFzPPzsekD52Zl8qUfFIPEiswXqIvHWGVHOgX+7G/vCNNhehwxfkQ== @@ -2070,6 +2077,11 @@ ms@2.1.2: resolved "https://registry.yarnpkg.com/ms/-/ms-2.1.2.tgz#d09d1f357b443f493382a8eb3ccd183872ae6009" integrity sha512-sGkPx+VjMtmA6MX27oA4FBFELFCZZ4S4XqeGOXCv68tT+jb3vk/RyaKWP0PTKyWtmLSM0b+adUTEvbs1PEaH2w== +ms@^2.1.3: + version "2.1.3" + resolved "https://registry.yarnpkg.com/ms/-/ms-2.1.3.tgz#574c8138ce1d2b5861f0b44579dbadd60c6615b2" + integrity sha512-6FlzubTLZG3J2a/NVCAleEhjzq5oxgHyaCU9yYXvcLsvoVaHJq/s5xXI6/XXP6tz7R9xAOtHnSO/tXtF3WRTlA== + neo-async@^2.6.2: version "2.6.2" resolved "https://registry.yarnpkg.com/neo-async/-/neo-async-2.6.2.tgz#b4aafb93e3aeb2d8174ca53cf163ab7d7308305f" From 640d86696a29da4f2b6aef1285cfcf24e160c986 Mon Sep 17 00:00:00 2001 From: snyk-bot Date: Fri, 6 Jun 2025 07:59:31 +0000 Subject: [PATCH 3/3] fix: upgrade posthog-js from 1.203.1 to 1.242.2 Snyk has created this PR to upgrade posthog-js from 1.203.1 to 1.242.2. See this package in yarn: posthog-js See this project in Snyk: https://app.snyk.io/org/logseq-shared/project/5a3d2338-cdfe-4786-a6d7-222f2c01c29e?utm_source=github&utm_medium=referral&page=upgrade-pr --- package.json | 2 +- yarn.lock | 12 ++++++------ 2 files changed, 7 insertions(+), 7 deletions(-) diff --git a/package.json b/package.json index 200f404bde3..5c7eb55507d 100644 --- a/package.json +++ b/package.json @@ -134,7 +134,7 @@ "photoswipe": "^5.3.7", "pixi-graph-fork": "0.2.0", "pixi.js": "6.2.0", - "posthog-js": "1.203.1", + "posthog-js": "1.242.2", "react": "17.0.2", "react-dom": "17.0.2", "react-grid-layout": "0.16.6", diff --git a/yarn.lock b/yarn.lock index 915668f2d87..e80866d070c 100644 --- a/yarn.lock +++ b/yarn.lock @@ -6455,15 +6455,15 @@ postcss@^8.2.1, postcss@^8.4.23: picocolors "^1.1.1" source-map-js "^1.2.1" -posthog-js@1.203.1: - version "1.203.1" - resolved "https://registry.yarnpkg.com/posthog-js/-/posthog-js-1.203.1.tgz#e1ce0ac65227d18b615f727ea4ec593694c6a33f" - integrity sha512-r/WiSyz6VNbIKEV/30+aD5gdrYkFtmZwvqNa6h9frl8hG638v098FrXaq3EYzMcCdkQf3phaZTDIAFKegpiTjw== +posthog-js@1.242.2: + version "1.242.2" + resolved "https://registry.yarnpkg.com/posthog-js/-/posthog-js-1.242.2.tgz#1b34aec310ce87fed0cf29c6653c4cc19ae0646d" + integrity sha512-bj5Bq9Z/TE24k0fbt/VoD13xsqCybuoLp7KkWmfknEiO63+1Ln/PnX/1CjppikE9yM7toQIWY3vY7hT/RTT57Q== dependencies: core-js "^3.38.1" fflate "^0.4.8" preact "^10.19.3" - web-vitals "^4.2.0" + web-vitals "^4.2.4" preact@^10.19.3: version "10.25.4" @@ -8542,7 +8542,7 @@ vm-browserify@^1.0.1: resolved "https://registry.yarnpkg.com/vm-browserify/-/vm-browserify-1.1.2.tgz#78641c488b8e6ca91a75f511e7a3b32a86e5dda0" integrity sha512-2ham8XPWTONajOR0ohOKOHXkm3+gaBmGut3SRuu75xLd/RRaY6vqgh8NBYYk7+RW3u5AtzPQZG8F10LHkl0lAQ== -web-vitals@^4.2.0: +web-vitals@^4.2.4: version "4.2.4" resolved "https://registry.yarnpkg.com/web-vitals/-/web-vitals-4.2.4.tgz#1d20bc8590a37769bd0902b289550936069184b7" integrity sha512-r4DIlprAGwJ7YM11VZp4R884m0Vmgr6EAKe3P+kO0PPj3Unqyvv59rczf6UiGcb9Z8QxZVcqKNwv/g0WNdWwsw==