[Snyk] Upgrade vue from 3.4.21 to 3.5.13

[nerdy-tech-com-gitub]

Snyk has created this PR to upgrade vue from 3.4.21 to 3.5.13.

ℹ️ Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.

---

• The recommended version is 40 versions ahead of your current version.

• The recommended version was released on 21 days ago.

Issues fixed by the recommended upgrade:

	Issue	Score	Exploit Maturity
	Regular Expression Denial of Service (ReDoS) SNYK-JS-CROSSSPAWN-8303230	169	Proof of Concept
	Prototype Pollution SNYK-JS-INTLIFYSHARED-8442251	169	Proof of Concept
	Prototype Pollution SNYK-JS-VUEI18N-8442254	169	Proof of Concept
	Cross-site Scripting (XSS) SNYK-JS-INTLIFYCOREBASE-8442262	169	Proof of Concept
	Cross-site Scripting (XSS) SNYK-JS-ROLLUP-8073097	169	Proof of Concept
	Cross-site Scripting (XSS) SNYK-JS-VUEI18N-8442260	169	Proof of Concept

Release notes

Package name: vue

• 3.5.13 - 2024-11-15
  

  For stable releases, please refer to CHANGELOG.md for details.
  For pre-releases, please refer to CHANGELOG.md of the minor branch.

• 3.5.12 - 2024-10-11
  

  For stable releases, please refer to CHANGELOG.md for details.
  For pre-releases, please refer to CHANGELOG.md of the minor branch.

• 3.5.11 - 2024-10-03
  

  For stable releases, please refer to CHANGELOG.md for details.
  For pre-releases, please refer to CHANGELOG.md of the minor branch.

• 3.5.10 - 2024-09-27
  

  For stable releases, please refer to CHANGELOG.md for details.
  For pre-releases, please refer to CHANGELOG.md of the minor branch.

• 3.5.9 - 2024-09-26
  

  For stable releases, please refer to CHANGELOG.md for details.
  For pre-releases, please refer to CHANGELOG.md of the minor branch.

• 3.5.8 - 2024-09-22
  

  For stable releases, please refer to CHANGELOG.md for details.
  For pre-releases, please refer to CHANGELOG.md of the minor branch.

• 3.5.7 - 2024-09-20
  

  For stable releases, please refer to CHANGELOG.md for details.
  For pre-releases, please refer to CHANGELOG.md of the minor branch.

• 3.5.6 - 2024-09-16
  

  For stable releases, please refer to CHANGELOG.md for details.
  For pre-releases, please refer to CHANGELOG.md of the minor branch.

• 3.5.5 - 2024-09-13
  

  For stable releases, please refer to CHANGELOG.md for details.
  For pre-releases, please refer to CHANGELOG.md of the minor branch.

• 3.5.4 - 2024-09-10
  

  For stable releases, please refer to CHANGELOG.md for details.
  For pre-releases, please refer to CHANGELOG.md of the minor branch.

• 3.5.3 - 2024-09-06
• 3.5.2 - 2024-09-05
• 3.5.1 - 2024-09-04
• 3.5.0 - 2024-09-03
• 3.5.0-rc.1 - 2024-08-29
• 3.5.0-beta.3 - 2024-08-20
• 3.5.0-beta.2 - 2024-08-15
• 3.5.0-beta.1 - 2024-08-08
• 3.5.0-alpha.5 - 2024-07-31
• 3.5.0-alpha.4 - 2024-07-24
• 3.5.0-alpha.3 - 2024-07-19
• 3.5.0-alpha.2 - 2024-05-04
• 3.5.0-alpha.1 - 2024-04-29
• 3.4.38 - 2024-08-15
• 3.4.37 - 2024-08-08
• 3.4.36 - 2024-08-06
• 3.4.35 - 2024-07-31
• 3.4.34 - 2024-07-24
• 3.4.33 - 2024-07-19
• 3.4.32 - 2024-07-17
• 3.4.31 - 2024-06-28
• 3.4.30 - 2024-06-22
• 3.4.29 - 2024-06-14
• 3.4.28 - 2024-06-14
• 3.4.27 - 2024-05-07
• 3.4.26 - 2024-04-29
• 3.4.25 - 2024-04-24
• 3.4.24 - 2024-04-22
• 3.4.23 - 2024-04-16
• 3.4.22 - 2024-04-15
• 3.4.21 - 2024-02-28

from vue GitHub release notes

---

Important

• Check the changes in this PR to ensure they won't cause issues with your project.
• This PR was automatically created by Snyk using the credentials of a real user.
• Max score is 1000. Note that the real score may have changed since the PR was raised.

---

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.

For more information:

• 🧐 View latest project report
• 📜 Customise PR templates
• 🛠 Adjust upgrade PR settings
• 🔕 Ignore this dependency or unsubscribe from future upgrade PRs

Summary by Sourcery

Bug Fixes:

• Fix vulnerabilities related to Regular Expression Denial of Service (ReDoS), Prototype Pollution, and Cross-site Scripting (XSS) by upgrading Vue.

[sourcery-ai]

Reviewer's Guide by Sourcery

This PR upgrades the Vue.js framework from version 3.4.21 to 3.5.13 to address several security vulnerabilities. The upgrade spans 40 versions and includes fixes for three high-severity and three medium-severity security issues.

No diagrams generated as the changes look simple and do not need a visual representation.

File-Level Changes

Change	Details	Files
Dependency version upgrade to address security vulnerabilities	Fixed high-severity Regular Expression Denial of Service (ReDoS) vulnerability in cross-spawn Fixed high-severity Prototype Pollution vulnerabilities in @intlify/shared and vue-i18n Fixed medium-severity Cross-site Scripting (XSS) vulnerabilities in @intlify/core-base, rollup, and vue-i18n	frontend/package.json

---

Tips and commands

Interacting with Sourcery

• Trigger a new review: Comment @sourcery-ai review on the pull request.
• Continue discussions: Reply directly to Sourcery's review comments.
• Generate a GitHub issue from a review comment: Ask Sourcery to create an
  issue from a review comment by replying to it.
• Generate a pull request title: Write @sourcery-ai anywhere in the pull
  request title to generate a title at any time.
• Generate a pull request summary: Write @sourcery-ai summary anywhere in
  the pull request body to generate a PR summary at any time. You can also use
  this command to specify where the summary should be inserted.

Customizing Your Experience

Access your dashboard to:

• Enable or disable review features such as the Sourcery-generated pull request
  summary, the reviewer's guide, and others.
• Change the review language.
• Add, remove or edit custom review instructions.
• Adjust other review settings.

Getting Help

• Contact our support team for questions or feedback.
• Visit our documentation for detailed guides and information.
• Keep in touch with the Sourcery team by following us on X/Twitter, LinkedIn or GitHub.

[sourcery-ai]

We have skipped reviewing this pull request. Here's why:

• It seems to have been created by a bot ('[Snyk]' found in title). We assume it knows what it's doing!
• We don't review packaging changes - Let us know if you'd like us to change this.

[github-actions]

Hey there and thank you for opening this pull request! 👋🏼

We require pull request titles to follow the Conventional Commits specification and it looks like your proposed title needs to be adjusted.

Details:

No release type found in pull request title "[Snyk] Upgrade vue from 3.4.21 to 3.5.13". Add a prefix to indicate what kind of release this pull request corresponds to. For reference, see https://www.conventionalcommits.org/

Available types:
 - feat: A new feature
 - fix: A bug fix
 - docs: Documentation only changes
 - style: Changes that do not affect the meaning of the code (white-space, formatting, missing semi-colons, etc)
 - refactor: A code change that neither fixes a bug nor adds a feature
 - perf: A code change that improves performance
 - test: Adding missing tests or correcting existing tests
 - build: Changes that affect the build system or external dependencies (example scopes: gulp, broccoli, npm)
 - ci: Changes to our CI configuration files and scripts (example scopes: Travis, Circle, BrowserStack, SauceLabs)
 - chore: Other changes that don't modify src or test files
 - revert: Reverts a previous commit