[Snyk] Upgrade vuepress from 1.0.2 to 1.4.0

[snyk-bot]

Snyk has created this PR to upgrade vuepress from 1.0.2 to 1.4.0.

✨What is Merge Advice?

We check thousands of dependency upgrade pull requests and CI tests every day to see which upgrades were successfully merged. After crunching this data, we give a recommendation on how safe we think the change is for you to merge without causing issues. Learn more, and share your feedback to help improve this feature. 🙏

ℹ️ Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.

---

• The recommended version is 7 versions ahead of your current version.
• The recommended version was released a month ago, on 2020-03-18.

The recommended version fixes:

Severity	Issue	Exploit Maturity
	Cross-site Scripting (XSS) SNYK-JS-SERIALIZEJAVASCRIPT-536840	No Known Exploit
	Regular Expression Denial of Service (ReDoS) SNYK-JS-ACORN-559469	No Known Exploit
	Prototype Pollution SNYK-JS-MINIMIST-559764	Proof of Concept
	Prototype Pollution SNYK-JS-MINIMIST-559764	Proof of Concept
	Timing Attack SNYK-JS-ELLIPTIC-511941	No Known Exploit
	Prototype Pollution SNYK-JS-DOTPROP-543489	Proof of Concept
	Information Exposure SNYK-JS-KINDOF-537849	Proof of Concept

Release notes

Package name: vuepress

• 1.4.0 - 2020-03-18
  

  Bug Fixes

  • fail to test specific package (#2099) (0aadf05)
  • opencollective postinstall failure not being ignored on Windows(#2177) (a9759c0)
  • $plugin-pwa: work with register-service-worker 1.7.0 (close #2222) (#2229) (604052b)
  • $shared-utils: Slugify em/en dash in urls (#2174) (8d9968d)
  • $theme-default: remove error logs for nested sidebar groups (#2191) (c3a943c)

  Features

  • $core: Improve VuePress build time (#2163) (76da780)
  • $plugin-last-updated: add dateOptions to options (#2192) (369c315)
  • $plugin-search: improve the native search algorithm (#1557) (e9fde5c)
• 1.3.1 - 2020-02-20
  

  Bug Fixes

  • $core: resolve jsx files by default (close #2058) (#2059) (f083d8d)
  • $core: transpile vuepress packages and md files (close #1606, #1990) (#2064) (0ca620f)
  • $plugin-pwa: popup component does not work (close #2172) (#2187) (560b3c6)
  • $theme-default: non-ASCII hash causes wrong sidebar highlight (close #2078)(#2166) (ca3679c)

  Features

  • $core: support async enhanceApp (close #2074) (#2075) (2d53fbb)
• 1.3.0 - 2020-01-30
  

  Bug Fixes

  • update known command list (#2146) (2b25740)
  • $cli: inferUserDocsDirectory ignore all node_modules (#2137) (df59909)
  • $core: set NODE_ENV before creating app (#1972) (245be8d)
  • $core: temp option in siteConfig has not effect (fix #2038) (#2040) (0bb85a4)
  • $default-theme: deep sidebar links rendenring (#1973) (0e5519a)
  • $docs: Fixed typo (#1997) (7d6e420)
  • $docs: Uniforming VuePress labels in documentation (fix #1998) (6a84126)
  • $markdown: Fix four spaces codeblocks rendering (Closes #1921) (#1958) (7bc5825)
  • $plugin-google-analytics: duplicate tracking of first page (fix #2017) (#2039) (a69df21)
  • $plugin-pwa: no global-ui-component when updatePopup is disabled (#2041) (6f9e478)
  • $shared-utils: Add curly quotes to rSpecial (#1934) (28a0ed9)
  • $theme-default: close dropdown-links when focusout on the last item (close #1948) (#1952) (cd72acc)
  • $theme-default: slots don't allow customization for Sidebar & Page (close: #1950) (#1951) (890e85d)
  • $theme-default: use alias for nested SidebarLinks (close #2049) (ceccca3)
  • $theme-default: wrong algolia search route with base config (#2007) (b00b277)

  Features

  • $cli: Notify users of a newer release (#2121) (7a09a72)
  • $cli: run debug mode without clearing screen (close #2100) (#2116) (c6a3cb5)
  • $core: Add generator meta tag to ssr index.html template (#2133) (2826cd7)
  • add variable to config HomePage width (close #2055) (#2086) (b72d145)
  • remove unnecessary check in moduleResolver.ts (#2068) (bd71e43)
  • $config: Allow overriding badges colors (close #1940) (#1941) (89a4a8d)
  • $markdown: extractHeaders option (close: #1903) (#1945) (d2fef5d)
  • $markdown: Support for Rust file extension (73089a0)
  • $theme-default: allow optional subtitle (#1981) (a28804c)
  • $theme-default: external links in prev/next (close #1962)(#1984) (9f28814)
  • $theme-default: markdown details custom block (close #768) (#2044) (7f2a997)
  • $theme-default: Support configuring target and rel for nav links (close #1353) (#1734) ([770ba72]
• 1.2.0 - 2019-10-11
  

  Bug Fixes

  • $core: optimize error log (close: #1296) (#1413) (51de6cf)
  • $markdown: notify error when not found snippet (close: #1872) (#1910) (6aaa7d7)
  • $theme-default: regression of arrow spacing consistent (close: #1427) (#1907) (dbda574)
  • $theme-default: make dropdown-title's UI consistent with nav-link (#1890) (757e880)
  • $theme-default: make navbar dropdown links accessible (#1837) (a8ce645)
  • $theme-default: regression of custom container default title (#1875) (e0ef407)

  Features

  • $core: config "pattern" of resolved files (close: #1700)(#1705) (1f3e4e2)
  • $core: support async function exported in vuepress config (close: #1185) (#1925) (cdbfd75)
  • $core: Upgrade vue version to 2.6.10 (#1876) (c17c70e)
  • $theme-default: smooth scroll (close #567) (#1881) (2e3efb4)
  • $theme-default:: enable editLink on specific page via frontmatter (close: #1762) (#1825) (0e8a442)
  • $markdown: Highlight kotlin code on snippets import (close: #1831)(#1874) (f913fea)
  • $shared-utils: resolve regularPath when getting permalink (#1786) (c6ce6cf)
• 1.1.0 - 2019-09-14
  

  1.1.0 (2019-09-14)

  Bug Fixes

  • $js-yaml: fix Security issue by bump js yaml version #1845 (#1846) (696717b)
  • $doc-deployment fix Add npm ci instructions for Travis CI (0434f15), closes #1844
  • $theme-default Search box max suggestions (#1728) (ade328f)
  • $docs: Update link to the 0.x documentation (#1852) (c7999cf)
  • $last-updated: use file author time instead of submodule commit time (#1640) (f964391)
  • $theme-default: add text ellipsis to navbar (#1683) (#1840) (74017c5)
  • $theme-default: Expand nested sidebar groups (#1540) (eb231bf)

  Features

  • $config Improve CI process (#1759) (fe7301b)
  • $theme-default renable algolia docSearch #697 (68861f0)
  • $config: make extendPageData async ready without breaking changes (#1546) (543fd6c)
  • $core: better error log for layouts (#1455) (3b68913)
  • $plugin-search: Add support for search hotkeys (#1848) (1ba06ae)
• 1.0.4 - 2019-09-06
  

  (2019-09-06)

  1.0.4 (2019-09-06)

  Bug Fixes

  • $core: do not transpile core packages' dependencies (b69b107)
  • avatar: fix url (45e31b4)
  • contributors: fix for good contributions (a709a4f)
  • contributors: fix url parameters (db71238)
  • add missing hash in #1706 (#1780) (25777e4)
  • contributors commit link (#1809) (bb61182)

  Features

  • $core: use any custom protocol for outboundRE (#1731) (120d885)
  • Disable next and prev links from global config (#1761) (92a1c02)
• 1.0.3 - 2019-07-29
  

  v1.0.3

• 1.0.2 - 2019-06-22
  

  v1.0.2

from vuepress GitHub release notes

Commit messages

Package name: vuepress

• 58ed07f v1.4.0
• 604052b fix($plugin-pwa): work with register-service-worker 1.7.0 (close #2222) (#2229)
• f7a78b4 docs: update guide for project bootstrap
• 3551e69 docs($theme-default): remove nested sidebar groups warning
• c3a943c fix($theme-default): remove error logs for nested sidebar groups (#2191)
• 27275ee docs($zh): fix sass-loader link (#2219)
• 76da780 feat($core): Improve VuePress build time (#2163)
• 0aadf05 fix: fail to test specific package (#2099)
• e9fde5c feat($plugin-search): improve the native search algorithm (#1557)
• 4c6fbcc docs: refine cli documentation (#2151)
• 3abe265 docs: update CONTRIBUTING and README (#2052)
• 369c315 feat($plugin-last-updated): add dateOptions to options (#2192)
• a9759c0 fix: opencollective postinstall failure not being ignored on Windows(#2177)
• 8d9968d fix($shared-utils): Slugify em/en dash in urls (#2174)
• de64e81 chore: 1.3.1 changelog
• eef0d2f v1.3.1
• c9e59af docs: fix broken link to deploy with ZEIT Now (#2185)
• 0ca620f fix($core): transpile vuepress packages and md files (close #1606, #1990) (#2064)
• 560b3c6 fix($plugin-pwa): popup component does not work (close #2172) (#2187)
• 606ae4a docs: remove filip from core team for now (#2170)
• ca3679c fix($theme-default): non-ASCII hash causes wrong sidebar highlight (close #2078)(#2166)
• 0ae73cb build($core): bump babel and core-js version (close #2046) (#2165)
• ffd45c2 refactor($core): use stylus conditional assignment (close #2127) (#2129)
• 8b43598 build: bump cac from 6.5.5 to 6.5.6 (#2157)

Compare

---

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.

For more information:

🧐 View latest project report

🛠 Adjust upgrade PR settings

🔕 Ignore this dependency or unsubscribe from future upgrade PRs