Open dependabot[bot] opened 5 months ago
Seems you are using me but didn't get OPENAI_API_KEY seted in Variables/Secrets for this repo. you could follow readme for more information
Unable to locate .performanceTestingBot config file
Processing PR updates...
This vulnerability refers to the ability of an attacker to arbitrarily perform a redirection (external) or forward (internal) against the system. It arises due to insufficient validation or sanitisation of inputs used to perform a redirect or forward and may result in privilege escalation (in the case of a forward) or may be used to launch phishing attacks against users (in the case of redirects).
Thanks @dependabot[bot] for opening this PR!
For COLLABORATOR only :
To add labels, comment on the issue
/label add label1,label2,label3
To remove labels, comment on the issue
/label remove label1,label2,label3
[!IMPORTANT]
Auto Review Skipped
Bot user detected.
To trigger a single review, invoke the
@coderabbitai review
command.
Thank you for using CodeRabbit. We offer it for free to the OSS community and would appreciate your support in helping us grow. If you find it useful, would you consider giving us a shout-out on your favorite social media?
PR Details of @dependabot[bot] in beer-garden-beer-garden : | OPEN | CLOSED | TOTAL |
---|---|---|---|
2 | 3 | 5 |
Description has been updated!
Check out the playback for this Pull Request here.
New and removed dependencies detected. Learn more about Socket for GitHub ↗︎
Package | New capabilities | Transitives | Size | Publisher |
---|---|---|---|---|
npm/moment-timezone@0.5.39 | None | 0 |
2.98 MB | ichernev |
🚮 Removed packages: npm/moment-timezone@0.5.38, npm/tv4@1.3.0
Description
Changes in
package-lock.json
:Updated the
version
,resolved
, andintegrity
of thenode_modules/body-parser
package from 1.20.0 to 1.20.2.Updated the dependencies
content-type
,qs
, andraw-body
within thebody-parser
package.Updated the
version
,resolved
, andintegrity
of thenode_modules/call-bind
package from 1.0.2 to 1.0.7.Updated the dependencies within the
call-bind
package.Updated the
version
,resolved
, andintegrity
of thenode_modules/content-type
package from 1.0.4 to 1.0.5.Updated the
version
,resolved
, andintegrity
of thenode_modules/cookie
package from 0.5.0 to 0.6.0.Added a new dependency
define-data-property
to thenode_modules
list.Updated versions of multiple packages including
set-function-length
,es-define-property
,es-errors
,get-intrinsic
, andgopd
.Summary of Changes:
body-parser
,call-bind
,content-type
, andcookie
packages.define-data-property
.