[Snyk] Upgrade vue-demi from 0.14.5 to 0.14.10

[snyk-io]

Snyk has created this PR to upgrade vue-demi from 0.14.5 to 0.14.10.

ℹ️ Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.

---

• The recommended version is 5 versions ahead of your current version.

• The recommended version was released 2 years ago.

Issues fixed by the recommended upgrade:

	Issue	Score	Exploit Maturity
	Prototype Pollution SNYK-JS-AXIOS-15252993	111	Proof of Concept
	Cross-site Request Forgery (CSRF) SNYK-JS-AXIOS-6032459	111	Proof of Concept
	Prototype Pollution SNYK-JS-AXIOS-6144788	111	No Known Exploit
	Server-side Request Forgery (SSRF) SNYK-JS-AXIOS-7361793	111	Proof of Concept
	Improper Handling of Extra Parameters SNYK-JS-FOLLOWREDIRECTS-6141137	111	Proof of Concept
	Allocation of Resources Without Limits or Throttling SNYK-JS-AXIOS-12613773	111	Proof of Concept
	Regular Expression Denial of Service (ReDoS) SNYK-JS-AXIOS-6124857	111	Proof of Concept
	Server-side Request Forgery (SSRF) SNYK-JS-AXIOS-9292519	111	Proof of Concept
	Server-side Request Forgery (SSRF) SNYK-JS-AXIOS-9403194	111	No Known Exploit
	Information Exposure SNYK-JS-FOLLOWREDIRECTS-6444610	111	Proof of Concept
	Predictable Value Range from Previous Values SNYK-JS-FORMDATA-10841150	111	Proof of Concept
	Improper Input Validation SNYK-JS-NANOID-8492085	111	No Known Exploit
	Improper Input Validation SNYK-JS-POSTCSS-5926692	111	No Known Exploit

Breaking Change Risk

Notice: This assessment is enhanced by AI.

Release notes

Package name: vue-demi

• 0.14.10 - 2024-07-25
  

     🐞 Bug Fixes

  • Change global to this  -  by @ yonecdeng, dengyongchi and @ antfu in #265 (ed994)

      View changes on GitHub

• 0.14.9 - 2024-07-23
  

     🚀 Features

  • GlobalThis is not defined below chrome52  -  by @ yonecdeng and dengyongchi in #263 (9f3f4)

      View changes on GitHub

• 0.14.8 - 2024-05-30
  

     🚀 Features

  • Support <script type="module" src"...">  -  by @ yonecdeng and dengyongchi in #260 (b3089)

      View changes on GitHub

• 0.14.7 - 2024-02-01
  

     🐞 Bug Fixes

  • Replace arrow functions for compatibility  -  by @ cccblade in #251 (253ae)
  • scripts: Fix error in install  -  by @ anotherso1a in #252 (01e79)

      View changes on GitHub

• 0.14.6 - 2023-08-28
  

     🐞 Bug Fixes

  • Missing type exports for hasInjectionContext in Vue 2  -  by @ DamianOsipiuk and Eduardo San Martin Morote in #241 (faca5)

      View changes on GitHub

• 0.14.5 - 2023-05-18
  

     🐞 Bug Fixes

  • <2.7: HasInjectionContext error  -  by @ Teaghy and hguan in #232 (c98a2)

      View changes on GitHub

from vue-demi GitHub release notes

---

Important

• Check the changes in this PR to ensure they won't cause issues with your project.
• This PR was automatically created by Snyk using the credentials of a real user.
• Max score is 1000. Note that the real score may have changed since the PR was raised.

---

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.

For more information:

• 🧐 View latest project report
• 📜 Customise PR templates
• 🛠 Adjust upgrade PR settings
• 🔕 Ignore this dependency or unsubscribe from future upgrade PRs

[snyk-io]

This is a patch version upgrade that includes a series of bug fixes. The changes between versions 0.14.6 and 0.14.10 address compatibility issues, such as replacing arrow functions and correcting global variable references, and fix errors in installation scripts. No breaking changes or new features have been documented in the release notes for this range.

Source: GitHub Releases

Notice 🤖: This content was augmented using artificial intelligence. AI-generated content may contain errors and should be reviewed for accuracy before use.