[Snyk] Upgrade @mui/material from 6.0.1 to 6.1.0

[cx-michael-pogrebisky]

Snyk has created this PR to upgrade @mui/material from 6.0.1 to 6.1.0.

ℹ️ Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.

---

• The recommended version is 2 versions ahead of your current version.

• The recommended version was released on 22 days ago.

Release notes

Package name: @mui/material

• 6.1.0 - 2024-09-11
  

  Sep 11, 2024

  A big thanks to the 21 contributors who made this release possible. Here are the highlights ✨:

  • Minor version changes: To solve longstanding ESM compatibility issues we added package exports to @ mui/icons-material (#43624). This change is backwards compatible with previously recommended setups. Bundlers that don't support the exports field won't be affected. If you discover any issues, please reach out by creating a GitHub issue.
  • This release also includes several fixes and documentation improvements to support the Material UI v6 upgrade.

  @ mui/[email protected]

  • Add exports field to package.json (#43624) @ Janpot

  @ mui/[email protected]

  • [Autocomplete] Add custom props support via slotProps (#43613) @ Michael-Hutchinson
  • [Dialog] Fix broken scrolling in full screen mode (#43626) @ LuseBiswas
  • [Grid] Revert wrap deprecation (#42363) (#43459) @ DiegoAndai
  • Improve color map filter on styles (#43579) @ DiegoAndai
  • Return styles directly if the selector is & when using applyStyles (#43633) @ siriwatknp
  • [types] Make slots partial in CreateSlotsAndSlotProptype (#42077) @ lhilgert9
  • [Radio] Fix disabled state styling regression (#43592) @ mnajdova
  • Fix wrong import to type (#43584) @ mnajdova
  • Simplify version prerelease export (#43699) @ DiegoAndai

  @ mui/[email protected]

  • Use a custom sheet to set prepend for GlobalStyles (#43632) @ siriwatknp
  • Simplify version prerelease export (#43699) @ DiegoAndai

  Docs

  • [material-ui][Autocomplete] Refactor asynchronous loading demo (#43630) @ sai6855
  • [material-ui][Autocomplete] Fix GitHubLabel demo input background color (#43599) @ sai6855
  • [material-ui] Update Next.js font optimization guide (#43196) @ siriwatknp
  • [material-ui] Fix getting started with CSS variables in theme example (#43658) @ Designer023
  • [material-ui][system] Edit "How to use components selector API" section to add about direct import (#43377) @ IAluI
  • [material-ui] Update @ mui/material-nextjs import examples to v14 (#43698) @ ohmsl
  • Fix typo in Divider doc (#43691) @ lokendra-reco
  • Add Anima section to documentation (#43673) @ GoOrit-Anima
  • Add Integrations section to design resources page (#43612) @ zanivan
  • Fix versions URL @ oliviertassinari
  • Keep showing next under the subdomain @ oliviertassinari
  • Add Next.js font optimization section to Pigment CSS migration (#43631) @ siriwatknp
  • Update the Material UI readme post-v6 (#43504) @ samuelsycamore
  • Bring back v5 release changelogs (#43460) @ oliviertassinari
  • Fix use of absolute URLs (#43567) @ oliviertassinari
  • Remove explicit date-fns dependency (#40823) @ renovate[bot]
  • [pigment-css] Add guide for Pigment CSS quickstart (#43395) @ alelthomas
  • [system] Fix link to createCssVarsProvider (#43661) @ oliviertassinari
  • Add scrollbar to color picker demo (#43672) @ sai6855

  Core

  • [blog] Uniformalize version between projects @ oliviertassinari
  • [blog] Fix page layout shift @ oliviertassinari
  • [code-infra] Build size snapshots from installed packages (#43452) @ Janpot
  • [code-infra] Recreate lockfile (#43623) @ Janpot
  • [code-infra] Make the API docs builder more configurable (#43574) @ michaldudak
  • [code-infra] Update runners from node 18 to 20 for GHA (#43593) @ JCQuintas
  • [code-infra] Update runners from node 18 to 20 (#43591) @ JCQuintas
  • [docs-infra] Fix axe issue scroll-to-top without landmark (#43663) @ oliviertassinari
  • [docs-infra] Reduce Algolia index size, no need for lvl6 @ oliviertassinari
  • [docs-infra] Use embed as the default for opening CodeSandbox (#43618) @ siriwatknp
  • [docs-infra] Fix broken anchor button when header has a link (#43598) @ cherniavskii
  • [docs-infra] Open Sign-in and Dashboard template with CodeSandbox/StackBlitz (#43604) @ siriwatknp
  • [examples] Fix CDN live preview demo (#43641) @ oliviertassinari
  • Add Pigment CSS screenshot test (#43280) @ mnajdova
  • [website] Polish gold sponsors @ oliviertassinari
  • [website] Add CopyCopter as gold sponsor (#43595) @ zanivan
  • [website] Add disabled button styles to branding theme (#43577) @ zanivan

  All contributors of this release in alphabetical order: @ alelthomas, @ cherniavskii, @ Designer023, @ DiegoAndai, @ GoOrit-Anima, @ IAluI, @ Janpot, @ JCQuintas, @ lhilgert9, @ lokendra-reco, @ LuseBiswas, @ Michael-Hutchinson, @ michaldudak, @ mnajdova, @ ohmsl, @ oliviertassinari, @ renovate[bot], @ sai6855, @ samuelsycamore, @ siriwatknp, @ zanivan

• 6.0.2 - 2024-09-03
  

  Sep 3, 2024

  A big thanks to the 11 contributors who made this release possible.

  @ mui/[email protected]

  • ​Fix createTheme with just color schemes (#43518) @ siriwatknp
  • ​[Menu,Popover] Fix Backdrop props descriptions (#43503) @ Michael-Hutchinson
  • ​[MenuList] Do not react to an event with modifier key pressed (#43505) @ MateuszGroth

  @ mui/[email protected]

  • ​[InitColorSchemeScript] Use let/const instead of var (#43468) @ ishon19
  • ​Fix composeClasses v6 behavior change (#43537) @ oliviertassinari

  @ mui/[email protected]

  • ​Skip ListItemButton import for unrelated files (#43532) @ siriwatknp

  Docs

  • ​[figma] Clarity state or Figma Plugin component export (#43543) @ oliviertassinari
  • ​[material-ui] Fix template shadow tokens (#43514) @ zanivan
  • ​Update version support range (#43565) @ oliviertassinari
  • ​Polish Material UI Sync plugin code format @ oliviertassinari

  Core

  • ​[blog] Update Material UI v6 blog post link to reflect correct section title (#43535) @ Michael-Hutchinson
  • ​[blog] Makes the v5 name change clearer @ oliviertassinari
  • ​[blog] Fix typo in Material UI v6 blog post (#43502) @ iamandrewluca
  • ​[code-infra] Add missing @ babel/runtime dependency to @ mui/material-pigment-css (#43473) @ Janpot
  • ​[code-infra] Remove permissions in publish-canaries.yml (#43491) @ oliviertassinari
  • ​[core] Fix CodeQL scan (#43547) @ oliviertassinari
  • ​[core] Fix CHANGELOG @ mui/[email protected] version (#43516) @ DiegoAndai
  • ​[docs-infra] Reduce description max-length (#43562) @ oliviertassinari
  • ​[docs-infra] Crash on invalid callout type (#43546) @ oliviertassinari
  • ​[docs-infra] Fix GitHub source link redirection (#43534) @ oliviertassinari
  • ​[infra] Fixed workflow file path (#43528) @ michelengelen
  • ​[typescript] Fix missing Theme generic (#43523) @ siriwatknp
  • ​[website] Match pricing label with page @ oliviertassinari
  • ​[website] Update Premium price and remove any mention to cap (#43466) @ joserodolfofreitas

  All contributors of this release in alphabetical order: @ DiegoAndai, @ iamandrewluca, @ ishon19, @ Janpot, @ joserodolfofreitas, @ MateuszGroth, @ Michael-Hutchinson, @ michelengelen, @ oliviertassinari, @ siriwatknp, @ zanivan

• 6.0.1 - 2024-08-29
  

  Aug 29, 2024

  A big thanks to the 12 contributors who made this release possible. It contains bug fixes and documentation improvements.

  @ mui/[email protected]

  • Attach default light color scheme when enabling CSS theme variables (#43493) @ siriwatknp
  • [Skeleton] Apply the wave animation to the correct element (#43474) @ mnajdova

  Docs

  • [material-ui][Dialog] Update confirmation dialog description (#43488) @ Michael-Hutchinson
  • Add Material UI v6 is out! to the notifications (#43448) @ oliviertassinari
  • [material-ui] Dark scroll bars in templates (#43483) @ aarongarciah
  • [material-ui] Add TemplateFrame to templates (#43406) @ zanivan
  • [table] Make the data grid blend in (#43489) @ oliviertassinari

  Core

  • [blog] Update Toolpad Studio marketing page links in the blogs (#43407) @ prakhargupta1
  • [blog] Add missing social card to the blog post (#43465) @ siriwatknp
  • [code-infra] Fix typing issues with @ mui-internal/api-docs-builder (#43498) @ Janpot
  • [code-infra] Fix nextjs build cache (#43467) @ JCQuintas
  • Remove 'use client' from index files and useAutocomplete reexport (#41956) @ DiegoAndai
  • Replace relative links to absolute ones in JSDocs (#43472) @ alexfauquette
  • Upgrade babel runtime (#43243) @ Janpot
  • [docs-infra] Skip shadow DOM regression test (#43500)

[cx-michael-pogrebisky]

Checkmarx One – Scan Summary & Details – b58766dd-65cb-48c1-84d3-fdd608cf556b

Policy Management Violations - Pull/merge request blocked

Policy Name	Rule(s)	Break Build
No Net New High - Default Policy	New vulnerability of High severity level detected	true

New Issues

Severity	Issue	Source File / Package	Checkmarx Insight
	CVE-2024-45296	Npm-path-to-regexp-0.1.7	Vulnerable Package
	CVE-2024-45296	Npm-path-to-regexp-1.8.0	Vulnerable Package
	CVE-2024-45590	Npm-body-parser-1.20.2	Vulnerable Package
	CVE-2024-43796	Npm-express-4.19.2	Vulnerable Package
	CVE-2024-43799	Npm-send-0.18.0	Vulnerable Package
	CVE-2024-43800	Npm-serve-static-1.15.0	Vulnerable Package
	CVE-2024-47068	Npm-rollup-2.79.1	Vulnerable Package
	Cx14b19a02-387a	Npm-body-parser-1.20.2	Vulnerable Package

Fixed Issues

Severity	Issue	Source File / Package
	SQL_Injection	/backend/controllers/noteController.js: 54
	SQL_Injection	/backend/controllers/noteController.js: 41
	SQL_Injection	/backend/controllers/noteController.js: 40
	SQL_Injection	/backend/controllers/authController.js: 24
	SQL_Injection	/backend/controllers/authController.js: 24
	SQL_Injection	/backend/controllers/authController.js: 6
	SQL_Injection	/backend/controllers/noteController.js: 23
	SQL_Injection	/backend/controllers/noteController.js: 26
	SQL_Injection	/backend/controllers/noteController.js: 8