[Snyk] Upgrade three from 0.97.0 to 0.137.5

[snyk-bot]

Snyk has created this PR to upgrade three from 0.97.0 to 0.137.5.

ℹ️ Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.

---

• The recommended version is 72 versions ahead of your current version.
• The recommended version was released 23 days ago, on 2022-01-28.

The recommended version fixes:

Severity	Issue	PriorityScore (*)	Exploit Maturity
	Regular Expression Denial of Service (ReDoS) SNYK-JS-THREE-1064931	696/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 7.5	Proof of Concept

(*) Note that the real score may have changed since the PR was raised.

Release notes

Package name: three

• 0.137.5 - 2022-01-28
• 0.137.4 - 2022-01-27
• 0.137.3 - 2022-01-27
• 0.137.2 - 2022-01-27
• 0.137.1 - 2022-01-27
• 0.137.0 - 2022-01-26
• 0.136.0 - 2021-12-24
• 0.135.0 - 2021-11-26
• 0.134.0 - 2021-10-28
• 0.133.1 - 2021-10-04
• 0.133.0 - 2021-09-30
• 0.132.2 - 2021-08-27
• 0.132.1 - 2021-08-27
• 0.132.0 - 2021-08-26
• 0.131.3 - 2021-08-04
• 0.131.2 - 2021-08-03
• 0.131.1 - 2021-07-30
• 0.131.0 - 2021-07-29
• 0.130.1 - 2021-07-05
• 0.130.0 - 2021-06-30
• 0.129.0 - 2021-05-27
• 0.128.0 - 2021-04-23
• 0.127.0 - 2021-03-31
• 0.126.1 - 2021-03-03
• 0.126.0 - 2021-02-24
• 0.125.2 - 2021-01-29
• 0.125.1 - 2021-01-27
• 0.125.0 - 2021-01-27
• 0.124.0 - 2020-12-24
• 0.123.0 - 2020-11-25
• 0.122.0 - 2020-10-28
• 0.121.1 - 2020-09-30
• 0.121.0 - 2020-09-30
• 0.120.1 - 2020-08-30
• 0.120.0 - 2020-08-26
• 0.119.1 - 2020-07-30
• 0.119.0 - 2020-07-29
• 0.118.3 - 2020-06-27
• 0.118.2 - 2020-06-27
• 0.118.1 - 2020-06-24
• 0.118.0 - 2020-06-24
• 0.117.1 - 2020-05-28
• 0.117.0 - 2020-05-27
• 0.116.1 - 2020-05-01
• 0.116.0 - 2020-04-30
• 0.115.0 - 2020-03-25
• 0.114.0 - 2020-02-29
• 0.113.2 - 2020-01-31
• 0.113.1 - 2020-01-30
• 0.113.0 - 2020-01-30
• 0.112.1 - 2019-12-27
• 0.112.0 - 2019-12-25
• 0.111.0 - 2019-11-27
• 0.110.0 - 2019-10-30
• 0.109.0 - 2019-09-30
• 0.108.0 - 2019-08-28
• 0.107.0 - 2019-07-31
• 0.106.2 - 2019-06-28
• 0.106.1 - 2019-06-27
• 0.106.0 - 2019-06-26
• 0.105.2 - 2019-06-03
• 0.105.1 - 2019-05-30
• 0.105.0 - 2019-05-30
• 0.104.0 - 2019-04-24
• 0.103.0 - 2019-03-27
• 0.102.1 - 2019-03-02
• 0.102.0 - 2019-02-28
• 0.101.1 - 2019-02-01
• 0.101.0 - 2019-02-01
• 0.100.0 - 2018-12-31
• 0.99.0 - 2018-12-01
• 0.98.0 - 2018-10-31
• 0.97.0 - 2018-09-26

from three GitHub release notes

Commit messages

Package name: three

• efbfc67 r137 (bis) (bis) (bis) (bis) (bis)
• e182314 Updated builds.
• 664f158 Manual: Hide export button.
• 95f37a5 Manual: Improve compatibility with import maps.
• b7d3aa2 Examples: Fix webgl_worker_offscreencanvas.
• 1e7bf91 Update WebGLUtils.js
• 1d98f9d WebGLUtils: Add fallback for RGBFormat.
• a7b9d8c r137 (bis) (bis) (bis) (bis)
• 215c40b ShaderLib: Added OPAQUE snippet to meshnormal shader. (#23362)
• f74163a r137 (bis) (bis) (bis)
• dfca2bd Material: Remove alphaWrite.
• 216f045 r137 (bis) (bis)
• 3d0c8df package.json: only export examples/fonts and examples/jsm
• 34bbcc4 Update package.json exports paths (#23354)
• 6ff28b0 r137 (bis)
• 528193f Remove extension from node exports
• 9b1fc44 r137
• fe80a83 s/THREE.Multiply/THREE.MultiplyOperation (#23338)
• add8fad NodeEditor: add Basic and Points Material (#23339)
• e02c19a Examples: Updated webgl_loader_ldraw screenshot.
• 890aea7 Updated examples builds.
• 665390e Updated builds.
• ed5e3de Examples: Always use FloatType in GPGPU examples with WebGL 2. (#23337)
• 3a41724 UVNode: Rename .value to .index (#23335)

Compare

---

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.

For more information:

🧐 View latest project report

🛠 Adjust upgrade PR settings

🔕 Ignore this dependency or unsubscribe from future upgrade PRs