[Snyk] Upgrade: vue, , , axios, p5, pinia, vue-router, vue3-otp-input

[m0hs1ne]

Snyk has created this PR to upgrade multiple dependencies.

👯 The following dependencies are linked and will therefore be updated together.

ℹ️ Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.

Name	Versions	Released on

vue
from 3.3.6 to 3.4.38 | 57 versions ahead of your current version | a month ago
on 2024-08-15
@types/p5
from 1.7.1 to 1.7.6 | 5 versions ahead of your current version | 9 months ago
on 2023-12-17
@vueuse/core
from 10.5.0 to 10.11.1 | 11 versions ahead of your current version | a month ago
on 2024-08-08
axios
from 1.6.0 to 1.7.7 | 19 versions ahead of your current version | 21 days ago
on 2024-08-31
p5
from 1.7.0 to 1.10.0 | 7 versions ahead of your current version | 2 months ago
on 2024-07-31
pinia
from 2.1.7 to 2.2.2 | 4 versions ahead of your current version | a month ago
on 2024-08-15
vue-router
from 4.2.5 to 4.4.3 | 14 versions ahead of your current version | 2 months ago
on 2024-08-06
vue3-otp-input
from 0.4.1 to 0.5.21 | 7 versions ahead of your current version | 4 months ago
on 2024-06-05

Issues fixed by the recommended upgrade:

	Issue	Score	Exploit Maturity
	Prototype Pollution SNYK-JS-AXIOS-6144788	586	No Known Exploit
	Server-side Request Forgery (SSRF) SNYK-JS-AXIOS-7361793	586	Proof of Concept
	Improper Handling of Extra Parameters SNYK-JS-FOLLOWREDIRECTS-6141137	586	Proof of Concept
	Regular Expression Denial of Service (ReDoS) SNYK-JS-AXIOS-6124857	586	Proof of Concept
	Information Exposure SNYK-JS-FOLLOWREDIRECTS-6444610	586	Proof of Concept

Release notes

Package name: vue

• 3.4.38 - 2024-08-15
  

  For stable releases, please refer to CHANGELOG.md for details.
  For pre-releases, please refer to CHANGELOG.md of the minor branch.

• 3.4.37 - 2024-08-08
  

  For stable releases, please refer to CHANGELOG.md for details.
  For pre-releases, please refer to CHANGELOG.md of the minor branch.

• 3.4.36 - 2024-08-06
  

  For stable releases, please refer to CHANGELOG.md for details.
  For pre-releases, please refer to CHANGELOG.md of the minor branch.

• 3.4.35 - 2024-07-31
  

  For stable releases, please refer to CHANGELOG.md for details.
  For pre-releases, please refer to CHANGELOG.md of the minor branch.

• 3.4.34 - 2024-07-24
  

  For stable releases, please refer to CHANGELOG.md for details.
  For pre-releases, please refer to CHANGELOG.md of the minor branch.

• 3.4.33 - 2024-07-19
• 3.4.32 - 2024-07-17
• 3.4.31 - 2024-06-28
• 3.4.30 - 2024-06-22
• 3.4.29 - 2024-06-14
• 3.4.28 - 2024-06-14
• 3.4.27 - 2024-05-07
• 3.4.26 - 2024-04-29
• 3.4.25 - 2024-04-24
• 3.4.24 - 2024-04-22
• 3.4.23 - 2024-04-16
• 3.4.22 - 2024-04-15
• 3.4.21 - 2024-02-28
• 3.4.20 - 2024-02-26
• 3.4.19 - 2024-02-13
• 3.4.18 - 2024-02-09
• 3.4.17 - 2024-02-09
• 3.4.16 - 2024-02-08
• 3.4.15 - 2024-01-18
• 3.4.14 - 2024-01-15
• 3.4.13 - 2024-01-13
• 3.4.12 - 2024-01-13
• 3.4.11 - 2024-01-12
• 3.4.10 - 2024-01-11
• 3.4.9 - 2024-01-11
• 3.4.8 - 2024-01-10
• 3.4.7 - 2024-01-09
• 3.4.6 - 2024-01-08
• 3.4.5 - 2024-01-04
• 3.4.4 - 2024-01-03
• 3.4.3 - 2023-12-30
• 3.4.2 - 2023-12-30
• 3.4.1 - 2023-12-30
• 3.4.0 - 2023-12-29
• 3.4.0-rc.3 - 2023-12-27
• 3.4.0-rc.2 - 2023-12-26
• 3.4.0-rc.1 - 2023-12-25
• 3.4.0-beta.4 - 2023-12-19
• 3.4.0-beta.3 - 2023-12-16
• 3.4.0-beta.2 - 2023-12-14
• 3.4.0-beta.1 - 2023-12-13
• 3.4.0-alpha.4 - 2023-12-04
• 3.4.0-alpha.3 - 2023-11-28
• 3.4.0-alpha.2 - 2023-11-27
• 3.4.0-alpha.1 - 2023-10-28
• 3.3.13 - 2023-12-19
• 3.3.12 - 2023-12-16
• 3.3.11 - 2023-12-08
• 3.3.10 - 2023-12-04
• 3.3.9 - 2023-11-25
• 3.3.8 - 2023-11-06
• 3.3.7 - 2023-10-24
• 3.3.6 - 2023-10-20

from vue GitHub release notes

Package name: @types/p5

• 1.7.6 - 2023-12-17
• 1.7.5 - 2023-12-16
• 1.7.4 - 2023-11-21
• 1.7.3 - 2023-11-07
• 1.7.2 - 2023-11-04
• 1.7.1 - 2023-10-18

from @types/p5 GitHub release notes

Package name: @vueuse/core

• 10.11.1 - 2024-08-08
  

  No significant changes

      View changes on GitHub

• 10.11.0 - 2024-06-12
  

     🐞 Bug Fixes

  • integrations: Specify major version of peerDeps  -  by @ antfu (2f67a)

      View changes on GitHub

• 10.10.1 - 2024-06-11
  

     🚀 Features

  • useFocus: Support preventScroll option  -  by @ pkc918 in #3994 (4d868)

     🐞 Bug Fixes

  • makeDestructurable: Fix Typescript < 5.0.0 support  -  by @ brenoepics in #4028 (842d7)
  • useSpeechRecognition: Send correct transcript result  -  by @ noook in #3891 (7c36f)

      View changes on GitHub

• 10.10.0 - 2024-05-27
  

     🚀 Features

  • createInjectionState: Add defaultValue option  -  by @ melishev in #3902 (fb468)
  • makeDestructurable: Support parameters without as const  -  by @ enpitsuLin in #3971 (4ea13)
  • nuxt: Add router addon to nuxt module  -  by @ Coiggahou2002 and rorycai in #3975 (2a77f)
  • onLongPress: options.onMouseUp callback  -  by @ noook and Anthony Fu in #3791 (7346a)
  • useActiveElement: Add triggerOnRemoval option  -  by @ alexzhang1030 and @ antfu in #3958 (f3515)
  • useEventSource: Return lastEventId  -  by @ pkc918 in #3984 (29bc6)
  • useTimeout: Target support reactivity  -  by @ huiliangShen and banruo in #3923 (4eede)
  • useWebWorkerFn: Support local function dependencies  -  by @ thefeymesaleng in #3899 (f4028)

     🐞 Bug Fixes

  • nuxt: Opt in to import.meta.* properties  -  by @ danielroe in #3888 (1558c)
  • useAnimate: commitStyles when finish  -  by @ a1mersnow in #3990 (fba4e)
  • useDisplayMedia: Stop stream when screen is not shared anymore  -  by @ robertrosman in #3976 (a3c6f)
  • useDraggable: Should ignore right clicks  -  by @ Justineo in #3850 (9f10a)
  • useElementSize: Use getBoundingClientRect get element size on SVG  -  by @ siaikin in #3940 (d8015)
  • useFileDialog: Check if input value exists before trigger onChange  -  by @ jinkaiqin in #3972 (424a2)
  • useGamepad: Avoid spread to fix gamepad state  -  by @ yue4u in #3913 (2ccbd)
  • useMediaControls: Target params may not be ref  -  by @ huiliangShen in #3921 (1fe2f)
  • useMounted: The second argument in vue2.7 should be undefined  -  by @ yanbowe, @ antfu and Glandos in #3830 (7966b)
  • useRouteParams: Support optional params  -  by @ huiliangShen in #3934 (4a882)
  • useScroll: Sync scroll val to internal state, fix #3809  -  by @ kongmoumou in #3817 and #3809 (317ca)
  • useScrollLock: Function unlock does not work  -  by @ loongzhu in #3847 (d9ee4)
  • useTextareaAutosize: OnResize callback fires not only on resize  -  by @ huiliangShen and banruo in #3887 (a6ede)
  • useVirtualList: Add containerRef to watch list  -  by @ eliamartani in #3855 (4636f)
  • useWebNotification: Detect isSupported with try-catch  -  by @ 9romise in #3980 (b291c)
  • useWebSocket: UrlRef changes were not being tracked  -  by @ ferferga in #3870 (c2f92)

      View changes on GitHub

• 10.9.0 - 2024-02-27
  

     🚀 Features

  • whenever: Override once option  -  by @ chizukicn in #3800 (bd946)

     🐞 Bug Fixes

  • useActiveElement/useFocusWithin: Replace computedWithControl with locally tracked ref  -  by @ jaketig in #3815 (b1426)
  • useClipboard: Fix issue when permission is not defined  -  by @ Mister-Hope in #3812 (a9f02)
  • useIDBKeyval: Use toRaw instead of overriding the original object  -  by @ ferferga in #3805 (1b67d)
  • useMounted: Compatible with vue2.7  -  by @ yanbowe in #3802 (ee297)
  • useScrollLock: InitialOverflow is not working  -  by @ BJ0815 in #3798 (74e86)

      View changes on GitHub

• 10.8.0 - 2024-02-20
  

     🚀 Features

  • createInjectionState: InjectionKey use composable name  -  by @ zhangxuyang950313 in #3788 (c2cfd)
  • nuxt: Move to ESM-first and fix types  -  by @ userquin in #3606 (b3d74)
  • throttleFilter: Support object as argument  -  by @ 17359898647 and Anthony Fu in #3722 (66d09)
  • useAxios: Support abortPrevious option  -  by @ jahnli and @ antfu in #3735 (b94de)
  • useBreakpoints: Enable passing ref or getter to get breakpoints  -  by @ Doctor-wu in #3621 (d3317)
  • useBreakpoints: Add strategy option to allow desktop-first convention  -  by @ jack-allocate and @ antfu in #3783 (15fc0)
  • useBreakpoints: Add active getter, add breakpoints for Vuetify v3  -  by @ altrusl, @ Doctor-wu and @ antfu in #3687 (3ae45)
  • useCurrentElement: Allow get current element from a specific component  -  by @ linspw and @ antfu in #3750 (0a9aa)
  • useCycleList: Add go function  -  by @ Jokerzhzh and @ antfu in #3615 (2ae36)
  • useDraggable: Add disabled parameter  -  by @ huiliangShen and banruo in #3613 (dee9a)
  • useEventSource: Add autoReconnect and immediate to options, update typings  -  by @ schelmo in #3793 (b33ab)
  • useMutationObserver: Allow multiple targets  -  by @ chirokas in #3741 (98fac)
  • useParallax: Can work with different screen orientation  -  by @ huiliangShen and banruo in #3675 (3fd94)
  • useTextareaAutosize: Allow configuring styleProp to support native rows attribute  -  by @ yakudik, alexander.kudinov, Anthony Fu and @ antfu in #3552 (5025e)

     🐞 Bug Fixes

  • Stricter types  -  by @ antfu (a086e)
  • createReusableTemplate: Improve types  -  by @ louiss0, louiss0, Anthony Fu and @ antfu in #3641 (75168)
  • useAnimate: Immediate option set false not working  -  by @ huiliangShen, banruo and Anthony Fu in #3763 (12c09)
  • useCloned: Correct return type  -  by @ 17359898647 in #3711 (e262f)
  • useCounter: Allow delta to be negative  -  by @ leewakin, @ Doctor-wu and @ antfu in #3650 (cf29c)
  • useDraggable: Avoid moving out of container  -  by @ wangliangxin and wangliangxin3 in #3768 (55b94)
  • useElementVisiblity: Can configurable threshold  -  by @ huiliangShen and @ Doctor-wu in #3715 (ce9bb)
  • useFetch: Mark isFinished, isFetching readonly  -  by @ baboon-king and @ antfu in #3616 (31d4a)
  • useFetch: Remove unnecessary spread operator in iterable conversion  -  by @ BlackCrowxyz in #3660 (f5587)
  • useFileSystemAccess: UpdateData on modified file  -  by @ PhE in #3780 (668ca)
  • useGamepad: Explicitly ensure gamepad index is available  -  by @ AntoninRousset and AntoninRousset in #3653 (8c735)
  • useGamepad: Improve data updating logic  -  by @ okydk in #3775 (9b8ed)
  • useMounted: Hold the instance, close #3785, close #3795  -  by @ antfu in #3785 and #3795 (2f66e)
  • useRafFn: Fix fpsLimit option, fix #3481, close #3482  -  by @ antfu in #3481 and #3482 (69990)
  • useResizeObserver: Do not watch deep to avoid cicular calls  -  by @ birdxiao, birdxiao and @ antfu in #3753 (48421)
  • useRouteParams,useRouteQuery: Set route param/query to undefined when null or defaultValue  -  by @ mtdvlpr and @ antfu in #3583 (c44fe)
  • useScroll: Add onError hook and avoid throws by default, fix