Open renovate[bot] opened 2 years ago
This pull request is being automatically deployed with Vercel (learn more).
To see the status of your deployments, click below or on the icon next to each commit.
π Inspect: https://vercel.com/coderscamp/coderscamp-website/FXiDdMdVS5WsTZ4tPEDZS6FEc8KC
β
Preview: https://coderscamp-website-git-chore-update-dependenc-a03bbe-coderscamp.vercel.app
π Inspect: https://vercel.com/coderscamp/coderscamp-storybook/AywX6fPhnpkxk76WyigDtwghgAHc
β
Preview: https://coderscamp-storybook-git-chore-update-depende-90a6dc-coderscamp.vercel.app
π Inspect: https://vercel.com/coderscamp/coderscamp-docs/J5mUMEXeW8PJ7zqKuPDHytUppPgs
β
Preview: https://coderscamp-docs-git-chore-update-dependencies-21108c-coderscamp.vercel.app
Merging #412 (bb33160) into main (421bc83) will not change coverage. The diff coverage is
n/a
.
@@ Coverage Diff @@
## main #412 +/- ##
=======================================
Coverage 90.67% 90.67%
=======================================
Files 161 161
Lines 2006 2006
Branches 271 271
=======================================
Hits 1819 1819
Misses 186 186
Partials 1 1
Flag | Coverage Ξ | |
---|---|---|
api | 89.14% <ΓΈ> (ΓΈ) |
|
ui | 98.48% <ΓΈ> (ΓΈ) |
Flags with carried forward coverage won't be shown. Click here to find out more.
Continue to review full report at Codecov.
Legend - Click here to learn more
Ξ = absolute <relative> (impact)
,ΓΈ = not affected
,? = missing data
Powered by Codecov. Last update 421bc83...bb33160. Read the comment docs.
This PR contains the following updates:
0.8.4
->0.8.5
GitHub Vulnerability Alerts
GHSA-64g7-mvw6-v9qj
Impact
Output from the synchronous version of
shell.exec()
may be visible to other users on the same system. You may be affected if you executeshell.exec()
in multi-user Mac, Linux, or WSL environments, or if you executeshell.exec()
as the root user.Other shelljs functions (including the asynchronous version of
shell.exec()
) are not impacted.Patches
Patched in shelljs 0.8.5
Workarounds
Recommended action is to upgrade to 0.8.5.
References
https://huntr.dev/bounties/50996581-c08e-4eed-a90e-c0bac082679c/
For more information
If you have any questions or comments about this advisory:
CVE-2022-0144
shelljs is vulnerable to Improper Privilege Management
Release Notes
shelljs/shelljs
### [`v0.8.5`](https://togithub.com/shelljs/shelljs/releases/tag/v0.8.5) [Compare Source](https://togithub.com/shelljs/shelljs/compare/v0.8.4...v0.8.5) This was a small security fix for [#1058](https://togithub.com/shelljs/shelljs/issues/1058).Configuration
π Schedule: Branch creation - "" (UTC), Automerge - At any time (no schedule defined).
π¦ Automerge: Disabled by config. Please merge this manually once you are satisfied.
β» Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.
π Ignore: Close this PR and you won't be reminded about this update again.
This PR has been generated by Mend Renovate. View repository job log here.