[Snyk] Upgrade vuepress from 1.1.0 to 1.3.1

[snyk-bot]

Snyk has created this PR to upgrade vuepress from 1.1.0 to 1.3.1.

ℹ️ Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.

---

• The recommended version is 3 versions ahead of your current version.
• The recommended version was released 2 months ago, on 2020-02-20.

The recommended version fixes:

Severity	Issue	Exploit Maturity
	Regular Expression Denial of Service (ReDoS) SNYK-JS-ACORN-559469	No Known Exploit
	Cross-site Scripting (XSS) SNYK-JS-SERIALIZEJAVASCRIPT-536840	No Known Exploit
	Prototype Pollution SNYK-JS-DOTPROP-543489	Proof of Concept
	Timing Attack SNYK-JS-ELLIPTIC-511941	No Known Exploit
	Prototype Pollution SNYK-JS-MINIMIST-559764	Proof of Concept
	Prototype Pollution SNYK-JS-MINIMIST-559764	Proof of Concept
	Information Exposure SNYK-JS-KINDOF-537849	Proof of Concept

Release notes

Package name: vuepress

• 1.3.1 - 2020-02-20
  

  Bug Fixes

  • $core: resolve jsx files by default (close #2058) (#2059) (f083d8d)
  • $core: transpile vuepress packages and md files (close #1606, #1990) (#2064) (0ca620f)
  • $plugin-pwa: popup component does not work (close #2172) (#2187) (560b3c6)
  • $theme-default: non-ASCII hash causes wrong sidebar highlight (close #2078)(#2166) (ca3679c)

  Features

  • $core: support async enhanceApp (close #2074) (#2075) (2d53fbb)
• 1.3.0 - 2020-01-30
  

  Bug Fixes

  • update known command list (#2146) (2b25740)
  • $cli: inferUserDocsDirectory ignore all node_modules (#2137) (df59909)
  • $core: set NODE_ENV before creating app (#1972) (245be8d)
  • $core: temp option in siteConfig has not effect (fix #2038) (#2040) (0bb85a4)
  • $default-theme: deep sidebar links rendenring (#1973) (0e5519a)
  • $docs: Fixed typo (#1997) (7d6e420)
  • $docs: Uniforming VuePress labels in documentation (fix #1998) (6a84126)
  • $markdown: Fix four spaces codeblocks rendering (Closes #1921) (#1958) (7bc5825)
  • $plugin-google-analytics: duplicate tracking of first page (fix #2017) (#2039) (a69df21)
  • $plugin-pwa: no global-ui-component when updatePopup is disabled (#2041) (6f9e478)
  • $shared-utils: Add curly quotes to rSpecial (#1934) (28a0ed9)
  • $theme-default: close dropdown-links when focusout on the last item (close #1948) (#1952) (cd72acc)
  • $theme-default: slots don't allow customization for Sidebar & Page (close: #1950) (#1951) (890e85d)
  • $theme-default: use alias for nested SidebarLinks (close #2049) (ceccca3)
  • $theme-default: wrong algolia search route with base config (#2007) (b00b277)

  Features

  • $cli: Notify users of a newer release (#2121) (7a09a72)
  • $cli: run debug mode without clearing screen (close #2100) (#2116) (c6a3cb5)
  • $core: Add generator meta tag to ssr index.html template (#2133) (2826cd7)
  • add variable to config HomePage width (close #2055) (#2086) (b72d145)
  • remove unnecessary check in moduleResolver.ts (#2068) (bd71e43)
  • $config: Allow overriding badges colors (close #1940) (#1941) (89a4a8d)
  • $markdown: extractHeaders option (close: #1903) (#1945) (d2fef5d)
  • $markdown: Support for Rust file extension (73089a0)
  • $theme-default: allow optional subtitle (#1981) (a28804c)
  • $theme-default: external links in prev/next (close #1962)(#1984) (9f28814)
  • $theme-default: markdown details custom block (close #768) (#2044) (7f2a997)
  • $theme-default: Support configuring target and rel for nav links (close #1353) (#1734) ([770ba72]
• 1.2.0 - 2019-10-11
  

  Bug Fixes

  • $core: optimize error log (close: #1296) (#1413) (51de6cf)
  • $markdown: notify error when not found snippet (close: #1872) (#1910) (6aaa7d7)
  • $theme-default: regression of arrow spacing consistent (close: #1427) (#1907) (dbda574)
  • $theme-default: make dropdown-title's UI consistent with nav-link (#1890) (757e880)
  • $theme-default: make navbar dropdown links accessible (#1837) (a8ce645)
  • $theme-default: regression of custom container default title (#1875) (e0ef407)

  Features

  • $core: config "pattern" of resolved files (close: #1700)(#1705) (1f3e4e2)
  • $core: support async function exported in vuepress config (close: #1185) (#1925) (cdbfd75)
  • $core: Upgrade vue version to 2.6.10 (#1876) (c17c70e)
  • $theme-default: smooth scroll (close #567) (#1881) (2e3efb4)
  • $theme-default:: enable editLink on specific page via frontmatter (close: #1762) (#1825) (0e8a442)
  • $markdown: Highlight kotlin code on snippets import (close: #1831)(#1874) (f913fea)
  • $shared-utils: resolve regularPath when getting permalink (#1786) (c6ce6cf)
• 1.1.0 - 2019-09-14
  

  1.1.0 (2019-09-14)

  Bug Fixes

  • $js-yaml: fix Security issue by bump js yaml version #1845 (#1846) (696717b)
  • $doc-deployment fix Add npm ci instructions for Travis CI (0434f15), closes #1844
  • $theme-default Search box max suggestions (#1728) (ade328f)
  • $docs: Update link to the 0.x documentation (#1852) (c7999cf)
  • $last-updated: use file author time instead of submodule commit time (#1640) (f964391)
  • $theme-default: add text ellipsis to navbar (#1683) (#1840) (74017c5)
  • $theme-default: Expand nested sidebar groups (#1540) (eb231bf)

  Features

  • $config Improve CI process (#1759) (fe7301b)
  • $theme-default renable algolia docSearch #697 (68861f0)
  • $config: make extendPageData async ready without breaking changes (#1546) (543fd6c)
  • $core: better error log for layouts (#1455) (3b68913)
  • $plugin-search: Add support for search hotkeys (#1848) (1ba06ae)

from vuepress GitHub release notes

Commit messages

Package name: vuepress

• eef0d2f v1.3.1
• c9e59af docs: fix broken link to deploy with ZEIT Now (#2185)
• 0ca620f fix($core): transpile vuepress packages and md files (close #1606, #1990) (#2064)
• 560b3c6 fix($plugin-pwa): popup component does not work (close #2172) (#2187)
• 606ae4a docs: remove filip from core team for now (#2170)
• ca3679c fix($theme-default): non-ASCII hash causes wrong sidebar highlight (close #2078)(#2166)
• 0ae73cb build($core): bump babel and core-js version (close #2046) (#2165)
• ffd45c2 refactor($core): use stylus conditional assignment (close #2127) (#2129)
• 8b43598 build: bump cac from 6.5.5 to 6.5.6 (#2157)
• 2d53fbb feat($core): support async enhanceApp (close #2074) (#2075)
• 7037882 docs: use simplified Chinese
• f083d8d fix($core): resolve jsx files by default (close #2058) (#2059)
• 8df4ed7 Merge pull request #2160 from vuejs/update-readme-to-core-team
• 537bc2c build: update command to be more semantic
• c784730 docs: update meteorlxy in README
• 699bbe1 build: add script to update core team
• aa7ddc4 docs: add meteorlxy to core team
• 53bb476 docs: give documentation a higher priority
• 797dda7 docs: simplify language
• ad49948 docs: update README to focus more on project and core team
• 4bdca1c chore: 1.3.0 changelog
• af092c4 v1.3.0
• aa0dd20 docs: official blog plugin and theme (#2149)
• 2b25740 fix: update known command list (#2146)

Compare

---

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.

For more information:

🧐 View latest project report

🛠 Adjust upgrade PR settings

🔕 Ignore this dependency or unsubscribe from future upgrade PRs

[joe-dz]

Already upgraded as a part of #10