[Snyk] Security upgrade sanity from 3.12.1 to 3.31.0

[nicholasklem]

This PR was automatically created by Snyk using the credentials of a real user.

Snyk has created this PR to fix one or more vulnerable packages in the `npm` dependencies of this project.

Changes included in this PR

• Changes to the following files to upgrade the vulnerable dependencies to a fixed version:
  • package.json
  • package-lock.json

Vulnerabilities that will be fixed

With an upgrade:

Severity	Priority Score (*)	Issue	Breaking Change	Exploit Maturity
	631/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 6.2	Missing Release of Resource after Effective Lifetime SNYK-JS-INFLIGHT-6095116	No	Proof of Concept

(*) Note that the real score may have changed since the PR was raised.

Commit messages

Package name: sanity

The new version differs by 250 commits.

• 37e207d v3.31.0
• e0f6669 fix(comments): loading state (#5908)
• 49fa240 feat(core): add Text Search API search strategy (#5785)
• 9fc34a2 fix(core): allow `_dataset` for cross-dataset references in templates (#5889)
• c9a1dd6 chore(deps): upgrade archiver, split2 dependencies (#5880)
• 4159bca chore(search): refactor search to export necessary components and providers. (#5900)
• 3670459 feat(core): export useWorkspaceLoader from core (#5898)
• 174a616 feat(cli): --quickstart flag for ejecting server schemas (#5797)
• 75ac3cf feat(ci): cache release dependencies (#5834)
• eb5cd50 fix(comments): allow ranges to be collapsed (#5892)
• 4ae88a0 fix(portable-text-editor): all paths must be checked (#5891)
• ed87e2a fix(sanity): preserve form (as readOnly) when reconnecting (#5884)
• 023e7e6 fix(core): updates to not show "cannot upload" on hover when using extension based accepts settings (#5881)
• 7ed2b0f feat(comments): introduce inline commenting (#5606)
• fa330a0 feat(portable-text-editor): range decorations (#5871)
• 4926b78 fix(structure): provide better error handling if orderings contain invalid field (#5709)
• 9ed5cca fix(core): check if previous state is null for unmounted component (#5724)
• 6d61e94 feat(structure): support closing first collapsed `DocumentPanel` (#5867)
• 84a0c90 feat(core): add `onFullScreenChange ` to Portable Text Input (#5879)
• 2deebb1 fix(portable-text-editor): check that path is lengthy (#5875)
• fc73437 fix(form): prevent drop event propagating outside of EditPortal component (#5813)
• 16a5434 chore(deps): update dependency get-random-values-esm to v1.0.2 (#5856)
• 1d41af7 feat(portable-text-editor): implement `isSelectionOverlapping` method (#5870)
• f83e8e4 feat(portable-text-editor): preserve keys on undo/redo (#5805)

See the full diff

Check the changes in this PR to ensure they won't cause issues with your project.

---

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information:
🧐 View latest project report

🛠 Adjust project settings

📚 Read more about Snyk's upgrade and patch logic

---

Learn how to fix vulnerabilities with free interactive lessons:

🦉 Learn about vulnerability in an interactive lesson of Snyk Learn.

[socket-security]

New and removed dependencies detected. Learn more about Socket for GitHub ↗︎

Package	New capabilities	Transitives	Size	Publisher
npm/@portabletext/[email protected]	None	0	17.4 kB	sanity-io
npm/@sanity/[email protected]	Transitive: environment	+3	1.57 MB	ash, atombender, binoy14, ...41 more

🚮 Removed packages: npm/@portabletext/[email protected], npm/@sanity/[email protected], npm/[email protected], npm/[email protected]

View full report↗︎