[Snyk] Upgrade ts-loader from 9.1.2 to 9.4.4

[MaxMood96]

This PR was automatically created by Snyk using the credentials of a real user.

Snyk has created this PR to upgrade ts-loader from 9.1.2 to 9.4.4.

ℹ️ Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.

---

• The recommended version is 17 versions ahead of your current version.
• The recommended version was released 2 months ago, on 2023-06-28.

The recommended version fixes:

Severity	Issue	PriorityScore (*)	Exploit Maturity
	Regular Expression Denial of Service (ReDoS) SNYK-JS-SEMVER-3247795	482/1000 Why? Proof of Concept exploit, CVSS 7.5	Proof of Concept
	Sandbox Bypass SNYK-JS-WEBPACK-3358798	482/1000 Why? Proof of Concept exploit, CVSS 7.5	Proof of Concept
	Regular Expression Denial of Service (ReDoS) SNYK-JS-MINIMATCH-3050818	482/1000 Why? Proof of Concept exploit, CVSS 7.5	No Known Exploit
	Regular Expression Denial of Service (ReDoS) SNYK-JS-TERSER-2806366	482/1000 Why? Proof of Concept exploit, CVSS 7.5	No Known Exploit

(*) Note that the real score may have changed since the PR was raised.

Release notes

Package name: ts-loader

• 9.4.4 - 2023-06-28
  
  • Bug fix: let users override skipLibCheck - thanks @ haakonflatval-cognite
• 9.4.3 - 2023-05-23
  
  • Bug fix: add config file as build dependency - thanks @ alexander-akait
• 9.4.2 - 2022-12-01
  
  • Bug fix: Use custom transformer when building solution references [#1025] - thanks @ feosuna1
• 9.4.1 - 2022-09-20
  
  • Hotfix: Disable enhanced-resolve - thanks @ manuth
• 9.4.0 - 2022-09-19
  
  • Add Support for Resolving .cjs, .mjs, .cts and .mts Files [#1503] - thanks @ manuth
• 9.3.1 - 2022-06-22
  
  • Bug fix: Generate declaration files for js files if allowJs is set to true [#1260] - thanks @ hediet and @ mvilliger
• 9.3.0 - 2022-04-30
  
  • simplify configuration for fork-ts-checker-webpack-plugin - thanks @ piotr-oles
• 9.2.9 - 2022-04-26
  
  • make v9 latest following v8 release - thanks @ johnnyreilly
• 9.2.8 - 2022-03-11
  
  • Bug fix: support webpack 5 in ts-loader [#1438] - thanks @ einatbar
• 9.2.7 - 2022-03-01
• 9.2.6 - 2021-09-20
• 9.2.5 - 2021-08-03
• 9.2.4 - 2021-07-24
• 9.2.3 - 2021-06-06
• 9.2.2 - 2021-05-22
• 9.2.1 - 2021-05-19
• 9.2.0 - 2021-05-18
• 9.1.2 - 2021-05-05

from ts-loader GitHub release notes

Commit messages

Package name: ts-loader

• d13d9c3 Make skipLibCheck overridable (Fix pipeline template to include missing headers in tars microsoft/onnxruntime#1617)
• 6f7380b chore: stub 5.1 test pack (There was an error linking dynamic libraries during cross compilation(without docker) microsoft/onnxruntime#1616)
• cf5326d fix: add config file as build dependency (Remove copy of generator in Multinomial microsoft/onnxruntime#1611)
• 5fbfb5c chore: Update testpack to TS 5.0 (90% CPU Usage when running ONNX GPU release microsoft/onnxruntime#1608)
• 9533b2d chore(deps-dev): bump webpack from 5.46.0 to 5.76.0 in /examples/vanilla (Added license files in the base image microsoft/onnxruntime#1595)
• b01ad84 chore(deps): update dependency eslint to v8 (Update nGraph to v0.22.1 microsoft/onnxruntime#1582)
• 45b0ba0 chore(deps): update dependency jasmine-core to v4 (Include io_win32.h only if builds on windows microsoft/onnxruntime#1587)
• e4e467e chore(deps): update dependency husky to v8 (Use a friendly enum for graph optimization level. microsoft/onnxruntime#1586)
• b49f043 chore(deps): update dependency fs-extra to v11 (pip3 install failed onnxruntime_gpu==0.5.0 microsoft/onnxruntime#1584)
• 58e2f10 chore(deps): update dependency eslint-plugin-prettier to v4 ("Less" op does not support int64 input type microsoft/onnxruntime#1583)
• 62dee56 chore(deps): update actions/setup-node action to v3 (How to use batch predict using v0.5 microsoft/onnxruntime#1579)
• 03c363c chore(deps): update dependency karma-sourcemap-loader to ^0.4.0 (update quatizelinear to process int8 input microsoft/onnxruntime#1576)
• e9d60d2 chore(deps): update actions/checkout action to v3 (General performance testing tooling improvements microsoft/onnxruntime#1577)
• db4dab1 Add renovate.json (Parallel windows CI build microsoft/onnxruntime#1575)
• 5f28651 fix: createLiteral removed in 5.1 https://github.com/TypeScript 5.1: ts.createLiteral is not a function microsoft/TypeScript#53077#issuecomment-1453846217 (ARM32v7 Cross Compile Broken due to protobuf Bug microsoft/onnxruntime#1574)
• 9aa5b52 chore(deps): bump dns-packet in /examples/fork-ts-checker-webpack-plugin (Cleanup csharp API SessionOptions and RunOptions to be consistent with other APIs microsoft/onnxruntime#1570)
• 8816eb8 Update README.md
• dcfa8b6 chore: blog.johnnyreilly.com -> johnnyreilly.com
• 08a5947 docs: update link to DeclarationBundlerPlugin in Declarations (.d.ts) section in the README (Memory Leak with ortcreateenv microsoft/onnxruntime#1549)
• 31c3a5e chore: blog.johnnyreilly.com -> johnnyreilly.com
• a8f29e3 fix: remove "suppressImplicitAnyIndexErrors": true (with reference to #1542  microsoft/onnxruntime#1559)
• 00cf8ef docs: https not http
• 5e7220b Use custom transformer when building solution references (Official c api build dll and lib do not include function of OrtGetDimensions microsoft/onnxruntime#1550)
• 87a9fff add missing comma in README.md (roll back model test update for ngraph provider. microsoft/onnxruntime#1551)

Compare

---

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.

For more information:

🧐 View latest project report

🛠 Adjust upgrade PR settings

🔕 Ignore this dependency or unsubscribe from future upgrade PRs

[stale]

This issue has been automatically marked as stale due to inactivity and will be closed in 7 days if no further activity occurs. If further support is needed, please provide an update and/or more details.

[stale]

This issue has been automatically marked as stale due to inactivity and will be closed in 7 days if no further activity occurs. If further support is needed, please provide an update and/or more details.

[stale]

This issue has been automatically closed due to inactivity. Please reactivate if further support is needed.