[Snyk] Upgrade @mui/material from 5.10.10 to 5.15.18

[q1blue]

This PR was automatically created by Snyk using the credentials of a real user.


Snyk has created this PR to upgrade @mui/material from 5.10.10 to 5.15.18.

ℹ️ Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.

---

• The recommended version is 76 versions ahead of your current version.

• The recommended version was released on 21 days ago.

Release notes

Package name: @mui/material

• 5.15.18 - 2024-05-16
  

  May 14, 2024

  A big thanks to the 5 contributors who made this release possible. Here are some highlights ✨:

  @ mui/material@5.15.18

  • ​[Autocomplete] Improve design when there's a start adornment for small autocomplete (@ TahaRhidouani) (#42176) @ github-actions[bot]
  • ​[ToggleButtonGroup] Add missing selected class in ToggleButtonGroupClasses type (@ tarunrajput) (#42250) @ github-actions[bot]

  Docs

  • ​[docs] Fix 301 to Figma @ oliviertassinari

  Core

  • ​[blog] Introducing Pigment CSS blog post (#42198) (#42255) @ samuelsycamore
  • ​[website] Add redirection for talk @ oliviertassinari
  • ​[website] Adds Arthur Balduini team info (@ arthurbalduini) (#42226) @ github-actions[bot]

  All contributors of this release in alphabetical order: @ arthurbalduini, @ oliviertassinari, @ samuelsycamore, @ TahaRhidouani, @ tarunrajput

• 5.15.17 - 2024-05-08
  

  May 8, 2024

  A big thanks to the 4 contributors who made this release possible.
  This release was mostly about 🐛 bug fixes and 📚 documentation improvements.

  @ mui/material@5.15.17

  • [Slider] Move palette styles to the bottom (#41676) @ siriwatknp

  Docs

  • Fix SEO redirection issues @ oliviertassinari
  • [material-ui] Fix broken link (@ aarongarciah) (#42143) @ github-actions[bot]
  • [material-ui] Fix link on the Sync page (@ danilo-leal) (#42089) @ github-actions[bot]

  Core

  • [blog] Shorten title to fit @ oliviertassinari
  • [blog] Update Sync post OG image (@ danilo-leal) (#42117) @ github-actions[bot]
  • [blog] A few tweaks in introducing-sync-plugin (@ oliviertassinari) (#42094) @ github-actions[bot]
  • [docs-infra] Fix code block layout shift (#41917) @ oliviertassinari
  • [website] Fix home page slider's track position (@ aarongarciah) (#42144) @ github-actions[bot]
  • [website] Closing the survey @ oliviertassinari
  • [website] Remove Survey banner from website and Core docs (#42104) @ joserodolfofreitas

  All contributors of this release in alphabetical order: @ github-actions[bot], @ joserodolfofreitas, @ oliviertassinari, @ siriwatknp

• 5.15.16 - 2024-05-01
  

  A big thanks to the 8 contributors who made this release possible. Here are some highlights ✨:
  This release was mostly about 🐛 bug fixes and 📚 documentation improvements.

  @ mui/material@ 5.15.16

  • [material-ui][Dialog] Prevent onClick on the root element from being overwritten (@ ryanburr) (#41914) @ github-actions[bot]
  • [material-ui][Select] Fix muiName property TypeScript error (@ EyaOuenniche) (#41786) @ github-actions[bot]
  • —>[material-ui][l10n] Fix typo in is-IS locale (@ magnimarels) (#41815) @ github-actions[bot]

  Docs

  • Fix small SEO issues @ oliviertassinari
  • Fix 301 Toolpad links @ oliviertassinari
  • Fix 301 Toolpad links @ oliviertassinari
  • Fix 301 image redirections @ oliviertassinari
  • Fix small SEO issues @ oliviertassinari
  • Fix 301 redirection @ oliviertassinari
  • Fix format git diff regression (#41882) @ oliviertassinari
  • Fix 301 links @ oliviertassinari
  • [material-ui] Fix import statement in migration guide (@ sai6855) (#41864) @ github-actions[bot]
  • [material-ui] Update Figma plugin name (@ danilo-leal) (#42057) @ github-actions[bot]
  • [material-ui] Fix minor spelling error in the "About the lab" page (@ ryanhartwig) (#42075) @ github-actions[bot]
  • [material-ui] Add missing backticks to HTML tag in the installation page (@ Miguelrom) (#42009) @ github-actions[bot]
  • [material-ui] Add Connect-related content (@ danilo-leal) (#41924) @ DiegoAndai
  • [material-ui] Fix Material 3 message typo (@ aarongarciah) (#41822) @ github-actions[bot]
  • [material-ui] Remove Data Grid v7 beta callout (@ cherniavskii) (#41842) @ github-actions[bot]
  • [material-ui][templates] Fix input props attributes in Landing Page template (@5-tom) (#42034) @ github-actions[bot]
  • [system] Update typo on the sx prop page (@ bricker) (#42078) @ github-actions[bot]

  Core

  • [blog] Add post to introduce the Connect plugin (@ danilo-leal) (#41929) @ DiegoAndai
  • [core] Automate cherry-pick of PRs from next -> master (#41742) @ aarongarciah
  • [docs-infra] Improve Twitter OG:image (#41860) @ oliviertassinari
  • [docs-infra] Use edge function for card generation (#41188) @ alexfauquette
  • [docs-infra] Fix drawer performances (#41807) (#41820) @ alexfauquette
  • [docs-infra] Fix analytics about inline ads (#41474) @ alexfauquette
  • [website] Sync career roles (@ oliviertassinari) (#42059) @ github-actions[bot]
  • [website] Add content about the Sync plugin in the Material UI page (@ danilo-leal) (#42074) @ github-actions[bot]
  • [website] Add Nadja on the about page (#42054) @ mnajdova
  • [website] Close the Design Engineer - X role (#42014) @ DanailH
  • [website] Remove customer support agent role from website (@ rluzists1) (#41996) @ github-actions[bot]
  • [website] Add Jose to About Us (#41759) @ JCQuintas

  All contributors of this release in alphabetical order: @ aarongarciah, @ alexfauquette, @ DanailH, @ DiegoAndai, @ github-actions[bot], @ JCQuintas, @ mnajdova, @ oliviertassinari

• 5.15.15 - 2024-04-04
• 5.15.14 - 2024-03-19
• 5.15.13 - 2024-03-13
• 5.15.12 - 2024-03-05
• 5.15.11 - 2024-02-24
• 5.15.10 - 2024-02-12
• 5.15.9 - 2024-02-08
• 5.15.8 - 2024-02-06
• 5.15.7 - 2024-01-31
• 5.15.6 - 2024-01-22
• 5.15.5 - 2024-01-17
• 5.15.4 - 2024-01-10
• 5.15.3 - 2024-01-03
• 5.15.2 - 2023-12-25
• 5.15.1 - 2023-12-19
• 5.15.0 - 2023-12-12
• 5.14.20 - 2023-12-05
• 5.14.19 - 2023-11-29
• 5.14.18 - 2023-11-14
• 5.14.17 - 2023-11-06
• 5.14.16 - 2023-10-31
• 5.14.15 - 2023-10-24
• 5.14.14 - 2023-10-17
• 5.14.13 - 2023-10-10
• 5.14.12 - 2023-10-04
• 5.14.11 - 2023-09-26
• 5.14.10 - 2023-09-18
• 5.14.9 - 2023-09-13
• 5.14.8 - 2023-09-05
• 5.14.7 - 2023-08-29
• 5.14.6 - 2023-08-24
• 5.14.5 - 2023-08-14
• 5.14.4 - 2023-08-08
• 5.14.3 - 2023-08-01
• 5.14.2 - 2023-07-25
• 5.14.1 - 2023-07-19
• 5.14.0 - 2023-07-11
• 5.13.7 - 2023-07-04
• 5.13.6 - 2023-06-23
• 5.13.5 - 2023-06-12
• 5.13.4 - 2023-06-05
• 5.13.3 - 2023-05-29
• 5.13.2 - 2023-05-22
• 5.13.1 - 2023-05-17
• 5.13.0 - 2023-05-10
• 5.12.3 - 2023-05-02
• 5.12.2 - 2023-04-25
• 5.12.1 - 2023-04-17
• 5.12.0 - 2023-04-11
• 5.11.16 - 2023-04-04
• 5.11.15 - 2023-03-28
• 5.11.14 - 2023-03-21
• 5.11.13 - 2023-03-14
• 5.11.12 - 2023-03-06
• 5.11.11 - 2023-02-28
• 5.11.10 - 2023-02-20
• 5.11.9 - 2023-02-14
• 5.11.8 - 2023-02-07
• 5.11.7 - 2023-01-31
• 5.11.6 - 2023-01-23
• 5.11.5 - 2023-01-18
• 5.11.4 - 2023-01-09
• 5.11.3 - 2023-01-02
• 5.11.2 - 2022-12-26
• 5.11.1 - 2022-12-20
• 5.11.0 - 2022-12-13
• 5.10.17 - 2022-12-06
• 5.10.16 - 2022-11-28
• 5.10.15 - 2022-11-22
• 5.10.14 - 2022-11-15
• 5.10.13 - 2022-11-07
• 5.10.12 - 2022-10-31
• 5.10.11 - 2022-10-25
• 5.10.10 - 2022-10-18

from @mui/material GitHub release notes

---

Important

• Check the changes in this PR to ensure they won't cause issues with your project.
• This PR was automatically created by Snyk using the credentials of a real user.

---

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.

For more information:

• 🧐 View latest project report
• 📜 Customise PR templates
• 🛠 Adjust upgrade PR settings
• 🔕 Ignore this dependency or unsubscribe from future upgrade PRs

[changeset-bot]

⚠️ No Changeset found

Latest commit: 5bca7c8

Merging this PR will not cause a version bump for any packages. If these changes should not result in a new version, you're good to go. If these changes should result in a version bump, you need to add a changeset.

Click here to learn what changesets are, and how to add one.

Click here if you're a maintainer who wants to add a changeset to this PR

[socket-security]

New and removed dependencies detected. Learn more about Socket for GitHub ↗︎

Package	New capabilities	Transitives	Size	Publisher
npm/@djagger/echartsx@0.0.22	None	+1	59.7 kB	djagger
npm/@docusaurus/core@2.1.0	Transitive: environment, eval, filesystem, network, shell, unsafe	+332	32.8 MB	slorber
npm/@docusaurus/module-type-aliases@2.1.0	Transitive: filesystem, shell	+16	2.29 MB	slorber
npm/@docusaurus/plugin-client-redirects@2.1.0	filesystem Transitive: environment, eval, shell, unsafe	+216	20.9 MB	slorber
npm/@docusaurus/plugin-google-gtag@2.1.0	environment Transitive: eval, filesystem, shell, unsafe	+214	20.5 MB	slorber
npm/@docusaurus/preset-classic@2.1.0	environment Transitive: eval, filesystem, network, shell, unsafe	+276	25.8 MB	slorber
npm/@docusaurus/theme-search-algolia@2.1.0	filesystem Transitive: environment, eval, network, shell, unsafe	+293	27.4 MB	slorber
npm/@emotion/react@11.10.4	environment Transitive: filesystem, unsafe	+70	13.7 MB	emotion-release-bot
npm/@emotion/server@11.10.0	environment	+8	198 kB	emotion-release-bot
npm/@emotion/styled@11.10.4	environment Transitive: filesystem, unsafe	+66	13.1 MB	emotion-release-bot
npm/@geo-maps/countries-land-10km@0.6.0	None	0	1.06 MB	simonepri
npm/@makotot/ghostui@2.0.0	environment	0	151 kB	makotot
npm/@mdx-js/react@1.6.22	None	0	15.5 kB	johno
npm/@mui/icons-material@5.10.9	None	+6	19.9 MB	hbjorbj
npm/@mui/lab@5.0.0-alpha.104	environment	+21	11.2 MB	michaldudak
npm/@mui/material@5.15.18	environment	+26	21.8 MB	brijeshb42
npm/@mui/x-data-grid@5.17.8	environment	+17	11.1 MB	alexandrefauquette
npm/@primer/octicons-react@16.3.1	None	0	1.22 MB	primer-css
npm/@sentry/react@7.16.0	Transitive: network	+6	2.47 MB	sentry-bot
npm/@sentry/tracing@7.16.0	None	+3	2.8 MB	sentry-bot
npm/@stackql/docusaurus-plugin-hubspot@1.0.1	environment	0	3.73 kB	jeffreyaven
npm/@tidb-community/tracking-script@0.1.0	None	+1	148 kB	hustkiwi
npm/@tsconfig/docusaurus@1.0.6	None	0	2.69 kB	typescript-deploys
npm/@types/d3-hierarchy@3.1.0	None	0	39.7 kB	types
npm/@types/grecaptcha@3.0.4	None	0	8.75 kB	types
npm/@types/is-hotkey@0.1.7	None	0	6.23 kB	types
npm/@types/react-copy-to-clipboard@5.0.4	None	+4	1.44 MB	types
npm/@types/webpack-env@1.18.0	None	0	17.1 kB	types
npm/@typescript-eslint/eslint-plugin@5.42.0	Transitive: environment, filesystem	+29	5.13 MB	jameshenry
npm/ace-builds@1.12.3	None	0	49.1 MB	nightwing
npm/ahooks@3.7.2	None	+6	2.95 MB	taoweng
npm/animate.css@4.1.1	None	0	279 kB	eltonmesquita
npm/axios@0.26.1	environment, network	+1	427 kB	jasonsaayman
npm/babel-plugin-direct-import@1.0.0	filesystem	0	27.2 kB	umidbekk
npm/chart.js@3.9.1	None	0	21.1 MB	chartjs-ci
npm/chartjs-plugin-datalabels@2.1.0	None	0	92.4 kB	chartjs-ci
npm/clsx@1.2.1	None	0	5.67 kB	lukeed
npm/country-code-emoji@2.3.0	None	0	11.3 kB	thekelvinliu
npm/d3-hierarchy@3.1.2	None	0	136 kB	mbostock
npm/date-fns@2.29.3	None	0	6.87 MB	leshakoss
npm/deepmerge@4.2.2	None	0	30.1 kB	tehshrike
npm/echarts-for-react@3.0.2	None	+1	87.6 kB	atool
npm/echarts-gl@2.0.9	Transitive: eval	+1	17.9 MB	lang
npm/echarts@5.4.0	environment, eval, network	+1	41.6 MB	100pah
npm/eslint-plugin-import@2.26.0	filesystem, unsafe Transitive: environment, eval	+33	3.21 MB	ljharb
npm/eslint-plugin-n@15.4.0	filesystem	+10	1.35 MB	weiran.zsd
npm/eslint-plugin-promise@6.1.1	None	0	67.1 kB	eslint-community-bot
npm/eslint-plugin-react@7.31.10	filesystem Transitive: environment, eval	+30	3.09 MB	ljharb
npm/eslint@8.26.0	filesystem Transitive: environment, eval, shell, unsafe	+52	8.84 MB	eslintbot
npm/human-format@1.0.0	None	0	14.4 kB	julien-f
npm/is-hotkey@0.2.0	None	0	20 kB	ianstormtaylor
npm/luxon@2.5.0	None	0	3.87 MB	icambron

🚮 Removed packages: npm/@fastify/autoload@5.8.3, npm/@fastify/env@4.3.0, npm/@fastify/mysql@4.3.0, npm/@fastify/sensible@5.6.0, npm/@mailchimp/mailchimp_transactional@1.0.59, npm/@types/async@3.2.24, npm/@types/cron@2.4.0, npm/@types/html-minifier@4.0.5, npm/@types/luxon@3.4.2, npm/@types/mjml-react@2.0.10, npm/@types/mjml@4.7.4, npm/@types/node@18.19.34, npm/@types/nodemailer@6.4.15, npm/@types/react-dom@17.0.25, npm/@types/react@17.0.80, npm/@types/tap@15.0.11, npm/@typescript-eslint/eslint-plugin@5.62.0, npm/@typescript-eslint/parser@5.62.0, npm/async@3.2.5, npm/axios@0.27.2, npm/bufferutil@4.0.8, npm/canvas@2.11.2, npm/commander@11.0.0, npm/concurrently@7.6.0, npm/cron@2.4.4, npm/dotenv@16.4.5, npm/encoding@0.1.13, npm/eslint-plugin-import@2.29.1, npm/eslint-plugin-n@15.7.0, npm/eslint-plugin-promise@6.2.0, npm/eslint-plugin-react@7.34.2, npm/eslint@8.57.0, npm/fastify-cli@5.9.0, npm/fastify-cron@1.3.1, npm/fastify-plugin@4.5.1, npm/fastify-tsconfig@1.0.1, npm/fastify@4.27.0, npm/html-minifier@4.0.0, npm/husky@8.0.3, npm/lint-staged@13.3.0, npm/luxon@3.4.4, npm/mailing-core@0.8.19, npm/mailing@0.8.19, npm/mjml@4.15.3, npm/yaml@2.3.1

View full report↗︎

[socket-security]

🚨 Potential security issues detected. Learn more about Socket for GitHub ↗︎

To accept the risk, merge this PR and you will not be notified again.

Alert	Package	Note	Source
Install scripts	npm/core-js-pure@3.26.0	Install script: postinstall Source: node -e "try{require('./postinstall')}catch(e){}"	web/package-lock.json web/package.json
Install scripts	npm/core-js@3.26.0	Install script: postinstall Source: node -e "try{require('./postinstall')}catch(e){}"	web/package-lock.json web/package.json
Install scripts	npm/core-js@2.6.12	Install script: postinstall Source: node -e "try{require('./postinstall')}catch(e){}"	Source
Install scripts	npm/esbuild@0.15.18	Install script: postinstall Source: node install.js	Source
Install scripts	npm/canvas@2.11.2	Install script: install Source: node-pre-gyp install --fallback-to-build --update-binary	Source
Install scripts	npm/fast-folder-size@1.6.1	Install script: postinstall Source: node get-sysinternals-du.js	Source
Install scripts	npm/bcrypt@5.1.1	Install script: install Source: node-pre-gyp install --fallback-to-build	Source
Install scripts	npm/@prisma/engines@4.6.1	Install script: postinstall Source: node scripts/postinstall.js	Source
Install scripts	npm/@prisma/client@4.16.2	Install script: postinstall Source: node scripts/postinstall.js	Source
Install scripts	npm/@prisma/engines@4.16.2	Install script: postinstall Source: node scripts/postinstall.js	Source

View full report↗︎

Next steps

What is an install script?

Install scripts are run when the package is installed. The majority of malware in npm is hidden in install scripts.

Packages should not be running non-essential scripts during install and there are often solutions to problems people solve with install scripts that can be run at publish time instead.

Take a deeper look at the dependency

Take a moment to review the security alert above. Review the linked package source code to understand the potential risk. Ensure the package is not malicious before proceeding. If you're unsure how to proceed, reach out to your security team or ask the Socket team for help at support [AT] socket [DOT] dev.

Remove the package

If you happen to install a dependency that Socket reports as Known Malware you should immediately remove it and select a different dependency. For other alert types, you may may wish to investigate alternative packages or consider if there are other ways to mitigate the specific risk posed by the dependency.

Mark a package as acceptable risk

To ignore an alert, reply with a comment starting with @SocketSecurity ignore followed by a space separated list of ecosystem/package-name@version specifiers. e.g. @SocketSecurity ignore npm/foo@1.0.0 or ignore all packages with @SocketSecurity ignore-all

• @SocketSecurity ignore npm/core-js-pure@3.26.0
• @SocketSecurity ignore npm/core-js@3.26.0
• @SocketSecurity ignore npm/core-js@2.6.12
• @SocketSecurity ignore npm/esbuild@0.15.18
• @SocketSecurity ignore npm/canvas@2.11.2
• @SocketSecurity ignore npm/fast-folder-size@1.6.1
• @SocketSecurity ignore npm/bcrypt@5.1.1
• @SocketSecurity ignore npm/@prisma/engines@4.6.1
• @SocketSecurity ignore npm/@prisma/client@4.16.2
• @SocketSecurity ignore npm/@prisma/engines@4.16.2