[Snyk] Fix for 2 vulnerabilities

[bdelanghe]

This PR was automatically created by Snyk using the credentials of a real user.

Snyk has created this PR to fix one or more vulnerable packages in the `npm` dependencies of this project.

Changes included in this PR

• Changes to the following files to upgrade the vulnerable dependencies to a fixed version:
  • package.json

Vulnerabilities that will be fixed

With an upgrade:

Severity	Priority Score (*)	Issue	Breaking Change	Exploit Maturity
	104/1000 Why? Confidentiality impact: Low, Integrity impact: None, Availability impact: Low, Scope: Unchanged, Exploit Maturity: Proof of Concept, User Interaction (UI): None, Privileges Required (PR): Low, Attack Complexity: Low, Attack Vector: Network, EPSS: 0.00087, Social Trends: No, Days since published: 107, Transitive dependency: Yes, Is Malicious: No, Provider Urgency: Medium, Package Popularity Score: 94, Impact: 4.19, Likelihood: 2.46, Score Version: V4	Prototype Pollution SNYK-JS-ANTFUUTILS-5660605	No	Proof of Concept
	118/1000 Why? Confidentiality impact: Low, Integrity impact: Low, Availability impact: None, Scope: Unchanged, Exploit Maturity: Proof of Concept, User Interaction (UI): None, Privileges Required (PR): None, Attack Complexity: Low, Attack Vector: Network, EPSS: 0.00063, Social Trends: No, Days since published: 181, Transitive dependency: Yes, Is Malicious: No, Provider Urgency: Medium, Package Popularity Score: 98, Impact: 4.19, Likelihood: 2.81, Score Version: V4	Server-side Request Forgery (SSRF) SNYK-JS-CYPRESSREQUEST-5871337	Yes	Proof of Concept

(*) Note that the real score may have changed since the PR was raised.

Commit messages

Package name: unplugin-vue-components

The new version differs by 77 commits.

• 90b549d chore: release v0.22.11
• 2284cec chore: update deps
• 028d6f9 chore: release v0.22.10
• a50886b chore: update deps
• c1ffcd6 fix(varlet-ui): fix the problem that ImagePreview cannot be imported automatically (#544)
• 288644b fix(vueuse): remove "use" prefix in directive (#539)
• 0c9131c chore: typo (#535)
• 0f86787 fix: remove dts spaces (#533)
• 1609186 chore: release v0.22.9
• 6b5787f chore: update deps
• b58ed85 feat: bootstrap-vue-3 resolver (#520)
• 2a120ee feat: support vue 2.7 (#529)
• 1de372f fix(prime-vue): add missing row component (#530)
• bbe3e7f fix: kebab namespace cannot invert to camel correctly (#521)
• 99100e7 chore: release v0.22.8
• ff90a1d chore: update deps
• aefa2ae feat: add ionic framework resolver (#519)
• 6b25075 feat(arco): add iconPrefix option for arco resolver (#516)
• 5aafb35 feat: remove special char in namespace (#513)
• 6c6f655 docs: add note on default import path (#514)
• abfe3b4 fix: get render start in vue 2 directive (#518)
• 6fa8415 feat(varlet-ui): support unplugin-auto-import (#512)
• ab90643 chore: release v0.22.7
• c09e0c1 fix: vite 3.1 transform target

See the full diff

Check the changes in this PR to ensure they won't cause issues with your project.

---

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information:
🧐 View latest project report

🛠 Adjust project settings

📚 Read more about Snyk's upgrade and patch logic

---

Learn how to fix vulnerabilities with free interactive lessons:

🦉 Prototype Pollution
🦉 Server-side Request Forgery (SSRF)