[Snyk] Upgrade focus-trap from 6.3.0 to 6.9.4 #427

NOUIY · 2022-11-18T03:03:34Z

This PR was automatically created by Snyk using the credentials of a real user.

Snyk has created this PR to upgrade focus-trap from 6.3.0 to 6.9.4.

ℹ️ Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.

The recommended version is 19 versions ahead of your current version.
The recommended version was released 5 months ago, on 2022-06-09.

The recommended version fixes:

Issue	PriorityScore (*)	Exploit Maturity
Improper Input Validation SNYK-JS-XMLDOM-3092935	669/1000 Why? Proof of Concept exploit, Recently disclosed, CVSS 9.8	Proof of Concept
Information Exposure SNYK-JS-SIMPLEGET-2361683	669/1000 Why? Proof of Concept exploit, Recently disclosed, CVSS 9.8	Proof of Concept
Information Exposure SNYK-JS-SIMPLEGET-2361683	669/1000 Why? Proof of Concept exploit, Recently disclosed, CVSS 9.8	Proof of Concept
Prototype Pollution SNYK-JS-PLIST-2405644	669/1000 Why? Proof of Concept exploit, Recently disclosed, CVSS 9.8	Proof of Concept
Regular Expression Denial of Service (ReDoS) SNYK-JS-NTHCHECK-1586032	669/1000 Why? Proof of Concept exploit, Recently disclosed, CVSS 9.8	Proof of Concept
Prototype Pollution SNYK-JS-JSONSCHEMA-1920922	669/1000 Why? Proof of Concept exploit, Recently disclosed, CVSS 9.8	No Known Exploit
Prototype Pollution SNYK-JS-XMLDOM-3042242	669/1000 Why? Proof of Concept exploit, Recently disclosed, CVSS 9.8	No Known Exploit
Improper Input Validation SNYK-JS-XMLDOM-1534562	669/1000 Why? Proof of Concept exploit, Recently disclosed, CVSS 9.8	No Known Exploit
XML External Entity (XXE) Injection SNYK-JS-XMLDOM-1084960	669/1000 Why? Proof of Concept exploit, Recently disclosed, CVSS 9.8	No Known Exploit
Arbitrary Code Injection SNYK-JS-UNDERSCORE-1080984	669/1000 Why? Proof of Concept exploit, Recently disclosed, CVSS 9.8	Proof of Concept
Prototype Pollution SNYK-JS-MINIMIST-559764	669/1000 Why? Proof of Concept exploit, Recently disclosed, CVSS 9.8	Proof of Concept
Prototype Pollution SNYK-JS-MINIMIST-559764	669/1000 Why? Proof of Concept exploit, Recently disclosed, CVSS 9.8	Proof of Concept
Information Exposure SNYK-JS-LOG4JS-2348757	669/1000 Why? Proof of Concept exploit, Recently disclosed, CVSS 9.8	No Known Exploit
Prototype Pollution SNYK-JS-FLAT-596927	669/1000 Why? Proof of Concept exploit, Recently disclosed, CVSS 9.8	Proof of Concept
Prototype Pollution SNYK-JS-MINIMIST-2429795	669/1000 Why? Proof of Concept exploit, Recently disclosed, CVSS 9.8	Proof of Concept
Prototype Pollution SNYK-JS-MINIMIST-2429795	669/1000 Why? Proof of Concept exploit, Recently disclosed, CVSS 9.8	Proof of Concept
Prototype Pollution SNYK-JS-MINIMIST-2429795	669/1000 Why? Proof of Concept exploit, Recently disclosed, CVSS 9.8	Proof of Concept

(*) Note that the real score may have changed since the PR was raised.

Release notes

Package name: focus-trap

6.9.4 - 2022-06-09
Patch Changes
- f68882e: Fix docs and typings to clarify that initialFocus, fallbackFocus, and setReturnFocus options can be functions that also return selector strings.
6.9.3 - 2022-05-25
Patch Changes
- 8a8b1f1: Bump tabbable to v5.3.3 to pick up a small bug fix to web component (shadow DOM) support.
6.9.2 - 2022-05-10
Patch Changes
- ef0ce48: Handle unexpected param (true) passed as the value for the initialFocus, fallbackFocus, and setReturnFocus options: Ignore and perform default behavior.
6.9.1 - 2022-05-06
Patch Changes
- 83262a7: Bumps tabbable to v5.3.2 to pick-up a fix to displayCheck=full (default) option behavior that caused issues with detached nodes.
6.9.0 - 2022-04-28
Minor Changes
- 2a57e4b: Add new trap.active and trap.paused readonly state properties on the trap so that the trap's active/paused state can be queried.
Patch Changes
- 8fd49df: Fixed bug where clickOutsideDeactivate handler would get called on the 'click' event even if the node clicked was in the trap. As with 'mousedown' and 'touchstart' events where this option is also used, the handler should only get called if the target node is outside the trap.
- c32c60a: Fixed: onDeactivate, onPostDeactivate, and checkCanReturnFocus options originally given to createFocusTrap() were not being used by default when calling trap.deactivate({...}) with an option set even if that option set didn't specify any overrides of these options.
6.8.1 - 2022-04-22
Patch Changes
- 7c86111:
  - Bump tabbable to ^5.3.1 (fixing previous update which was incorrectly set to 5.3.0).
  - Fix tabbableOptions not being used in all internal uses of tabbable APIs.
  - Expose displayCheck option in tabbableOptions typings and pass it through to tabbable APIs.
  - Add info to README about testing traps in JSDom (which is not officially supported).
6.8.0 - 2022-04-20
Minor Changes
- 21458c9: Bumps tabbable to v5.3.0 and includes all changes from the past v6.8.0 beta releases. The big new feature is opt-in Shadow DOM support in tabbable, and a new getShadowRoot tabbable option exposed in a new tabbableOptions focus-trap config option.
6.8.0-beta.2 - 2022-03-12
6.8.0-beta.1 - 2022-02-12
6.8.0-beta.1
6.8.0-beta.0 - 2022-01-28
6.8.0-beta.0
6.7.3 - 2022-02-09
Patch Changes
- ab20d3d: Fix issue with focusing negative tabindex node and then tabbing away when this node is not the last node in the trap's container ((#611)[https://github.com//issues/611])
6.7.2 - 2022-01-12
6.7.1 - 2021-09-27
6.7.0 - 2021-09-24
6.6.1 - 2021-08-14
6.6.0 - 2021-07-01
6.5.1 - 2021-06-18
6.5.0 - 2021-06-07
6.4.0 - 2021-04-20
6.3.0 - 2021-01-16