[Snyk] Upgrade canvacord from 5.1.0 to 5.4.10

[TrixCoder]

This PR was automatically created by Snyk using the credentials of a real user.

Snyk has created this PR to upgrade canvacord from 5.1.0 to 5.4.10.

ℹ️ Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.

---

• The recommended version is 18 versions ahead of your current version.
• The recommended version was released 4 months ago, on 2023-06-19.

The recommended version fixes:

Severity	Issue	PriorityScore (*)	Exploit Maturity
	Arbitrary File Overwrite SNYK-JS-TAR-1536528	410/1000 Why? CVSS 8.2	No Known Exploit
	Arbitrary File Overwrite SNYK-JS-TAR-1536531	410/1000 Why? CVSS 8.2	No Known Exploit
	Arbitrary File Write SNYK-JS-TAR-1579147	410/1000 Why? CVSS 8.2	No Known Exploit
	Arbitrary File Write SNYK-JS-TAR-1579152	410/1000 Why? CVSS 8.2	No Known Exploit
	Arbitrary File Write SNYK-JS-TAR-1579155	410/1000 Why? CVSS 8.2	No Known Exploit
	Information Exposure SNYK-JS-SIMPLEGET-2361683	410/1000 Why? CVSS 8.2	Proof of Concept
	Regular Expression Denial of Service (ReDoS) SNYK-JS-ANSIREGEX-1583908	410/1000 Why? CVSS 8.2	Proof of Concept
	Regular Expression Denial of Service (ReDoS) SNYK-JS-SEMVER-3247795	410/1000 Why? CVSS 8.2	Proof of Concept
	Regular Expression Denial of Service (ReDoS) SNYK-JS-MINIMATCH-3050818	410/1000 Why? CVSS 8.2	No Known Exploit
	Regular Expression Denial of Service (ReDoS) SNYK-JS-TAR-1536758	410/1000 Why? CVSS 8.2	No Known Exploit
	Prototype Pollution SNYK-JS-MINIMIST-2429795	410/1000 Why? CVSS 8.2	Proof of Concept

(*) Note that the real score may have changed since the PR was raised.

Release notes

Package name: canvacord

• 5.4.10 - 2023-06-19
  

  What's Changed

  • Discriminator update for RankCard by @ 21Z in #161

  Full Changelog: v5.4.9...v5.4.10

• 5.4.9 - 2023-05-11
  

  What's Changed

  • Add conditional discriminator rendering by @ skdhg
  • Create PULL_REQUEST_TEMPLATE.md by @ slim-codes in #142
  • [FEATURE] show specific progress from one level to the next by @ Mittelblut9 in #151
  • Add invisible type to Rank Card by @ Damien111 in #149
  • Fix: Failed to convert JavaScript value Undefined into rust type String by @ 21Z in #154

  Possible Discriminator Styles

  

  

  

  New Contributors

  • @ slim-codes made their first contribution in #142
  • @ Mittelblut9 made their first contribution in #151
  • @ Damien111 made their first contribution in #149
  • @ 21Z made their first contribution in #154

  Full Changelog: v5.4.8...v5.4.9

• 5.4.8 - 2022-09-21
  

  Fixes

  • fix rank card gradient

  Full Changelog: v5.4.7...v5.4.8

• 5.4.7 - 2022-09-12
  

  Updates

  • Bump @ napi-rs/canvas
  • Use Intl formatter if available (module: abbrev)

  Full Changelog: v5.4.6...v5.4.7

• 5.4.6 - 2022-08-16
  

  Assets

  • bundle NotoColorEmoji font

  Canvacord

  • apply noto color emoji font
  • fix typings

  Full Changelog: v5.4.5...v5.4.6

• 5.4.5 - 2022-08-13
  

  Updates

  • fix typings

  Full Changelog: v5.4.4...v5.4.5

• 5.4.4 - 2022-08-09
  

  What's Changed

  • fix type is not defined (typo) by @ Sansekai in #134

  New Contributors

  • @ Sansekai made their first contribution in #134

  Full Changelog: v5.4.3...v5.4.4

• 5.4.3 - 2022-07-29
  

  Fix

  • make sure width is int

  Full Changelog: v5.4.2...v5.4.3

• 5.4.2 - 2022-07-16
  

  Updates

  • natively implements discord-canvas's Base
    • Both welcomer/leaver should now work without installing discord-canvas
  • assets will always rebuild upon package installation

  If you encounter errors in assets, try running npx canvacord rebuild --force. This will download new assets.

  Full Changelog: v5.4.1...v5.4.2

• 5.4.1 - 2022-07-14
  

  Patch Update

  • bump node-fetch to fix vulnerability

  Full Changelog: v5.4.0...v5.4.1

• 5.4.0 - 2022-07-13
• 5.4.0-dev.1 - 2022-07-13
• 5.4.0-dev.0 - 2022-07-13
• 5.3.0 - 2022-05-21
• 5.2.3 - 2021-07-30
• 5.2.2 - 2021-07-30
• 5.2.1 - 2021-05-30
• 5.2.0 - 2021-04-24
• 5.1.0 - 2021-02-25

from canvacord GitHub release notes

Commit messages

Package name: canvacord

• 0ef6548 5.4.10
• 1aadea9 chore: deps
• 05da1f7 feat(cli): add discord invite command
• da86f17 Update Rank.js (#161)
• 1077a41 Update welcome.md
• df815b4 update
• feb2666 version bump
• 3121bba Fix Undefined Error in certain methods (#154)
• 8dd1c64 Add invisible type to Rank Card (#149)
• e176c38 [FEATURE] show specific progress from one level to the next (#151)
• 8f88667 Unarchive project
• 54b3a1a Update README.md (#147)
• 9dc6401 Create PULL_REQUEST_TEMPLATE.md (#142)
• a7c39ed 5.4.8
• ac7628f fix rank card gradient
• 7e181cb use intl formatter if available
• 62af2c4 5.4.6
• a7e8d87 typings
• 9b6073d replace apple emoji with noto color emoji
• f0a467a emoji font
• c730f1b 5.4.5
• 1de5b50 typings
• e0f0bbd 5.4.4
• ca7a461 Merge branch 'main' of https://github.com/CesiumLabs/canvacord

Compare

---

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.

For more information:

🧐 View latest project report

🛠 Adjust upgrade PR settings

🔕 Ignore this dependency or unsubscribe from future upgrade PRs