[Snyk] Security upgrade gatsby from 2.13.1 to 2.13.9

[terrorizer1980]

This PR was automatically created by Snyk using the credentials of a real user.

Snyk has created this PR to fix one or more vulnerable packages in the `npm` dependencies of this project.

Changes included in this PR

• Changes to the following files to upgrade the vulnerable dependencies to a fixed version:
  • demo/package.json
• demo/package-lock.json

Vulnerabilities that will be fixed

With an upgrade:

Severity	Priority Score (*)	Issue	Breaking Change	Exploit Maturity
	586/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 5.3	Regular Expression Denial of Service (ReDoS) SNYK-JS-HOSTEDGITINFO-1088355	No	Proof of Concept
	479/1000 Why? Has a fix available, CVSS 5.3	Regular Expression Denial of Service (ReDoS) SNYK-JS-MINIMATCH-3050818	No	No Known Exploit
	586/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 5.3	Regular Expression Denial of Service (ReDoS) SNYK-JS-PATHPARSE-1077067	No	Proof of Concept
	696/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 7.5	Regular Expression Denial of Service (ReDoS) SNYK-JS-SEMVER-3247795	No	Proof of Concept

(*) Note that the real score may have changed since the PR was raised.

Commit messages

Package name: gatsby

The new version differs by 110 commits.

• b6f0f22 chore(release): Publish
• 3b5e41b fix(gatsby): support for yarn workspaces in gatsby-dependents (#15517)
• 40b9c52 chore(showcase): Added Cosmotory to showcase (#15492)
• e4afabf chore(release): Publish
• a045a32 feat(gatsby-source-drupal): added preview feature (#14630)
• 530e8da chore(release): Publish
• 0ffa8bc fix(gatsby): speed up and lower memory of createPages (#15503)
• 17c182c chore(release): Publish
• 0c890a6 feat(gatsby-utils): create new package gatsby-core-utils (#15451)
• b4b8097 chore(release): Publish
• 02eaaa4 fix(gatsby): bump `react-hot-loader` version to fix regression… (#15485)
• ba0c3cb fix(gatsby): Exclude node_modules when depth > 1 (#15442)
• bb6dc9d chore(showcase): Add Venus Lover to showcase (#15468)
• 881e9c0 chore(showcase): Removing F1vision site from showcase (#15472)
• 7b9ca35 chore(showcase): Add onramp and write speak code to showcase (#15467)
• 70311ec fix(starters): update gatsby monorepo (#15445)
• 13ffd11 fix(starters): update dependency @ theme-ui/prism to ^0.2.8 (#15458)
• 60c456e feat(showcase): Add HomeAlarmReport.com (#15437)
• 31110b2 feat(docs): Add additional test commands (#15446)
• 0c1943a chore(release): Publish
• 8bf80be fix(gatsby): parse pageData response when contentType is not s… (#15410)
• 1ec6b26 chore(release): Publish
• f657474 fix(PnP): updates the test to account for the property name ch… (#15463)
• b4f951f chore(showcase): Add devahoy site to showcase list (#15461)

See the full diff

Check the changes in this PR to ensure they won't cause issues with your project.

---

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information:
🧐 View latest project report

🛠 Adjust project settings

📚 Read more about Snyk's upgrade and patch logic

---

Note: This is a default PR template raised by Snyk. Find out more about how you can customise Snyk PRs in our documentation.

Learn how to fix vulnerabilities with free interactive lessons:

🦉 Regular Expression Denial of Service (ReDoS)