chore(deps): update dependency eventsource to 1.1.1 [security] - abandoned

renovate[bot] commented 2 years ago

This PR contains the following updates:

Package	Change
eventsource	`1.0.7` -> `1.1.1`

GitHub Vulnerability Alerts

CVE-2022-1650

When fetching an url with a link to an external site (Redirect), the users Cookies & Autorisation headers are leaked to the third party application. According to the same-origin-policy, the header should be "sanitized."

Configuration

📅 Schedule: Branch creation - "" (UTC), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

♻ Rebasing: Whenever PR is behind base branch, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.

[ ] If you want to rebase/retry this PR, check this box

This PR has been generated by Mend Renovate. View repository job log here.

renovate[bot] commented 2 years ago

⚠ Artifact update problem

Renovate failed to update an artifact related to this branch. You probably do not want to merge this PR as-is.

♻ Renovate will retry this branch, including artifacts, only when one of the following happens:

any of the package files in this branch needs updating, or
the branch becomes conflicted, or
you click the rebase/retry checkbox if found above, or
you rename this PR's title to start with "rebase!" to trigger it manually

The artifact failure details are included below:

File name: package-lock.json

npm WARN ERESOLVE overriding peer dependency
npm WARN While resolving: website@1.1.108
npm WARN Found: gatsby@2.32.13
npm WARN node_modules/gatsby
npm WARN   gatsby@"3.0.0" from the root project
npm WARN   15 more (babel-plugin-remove-graphql-queries, ...)
npm WARN 
npm WARN Could not resolve dependency:
npm WARN peer gatsby@"^2.25.0" from gatsby-plugin-manifest@2.12.1
npm WARN node_modules/gatsby-plugin-manifest
npm WARN   gatsby-plugin-manifest@"2.12.1" from the root project
npm WARN ERESOLVE overriding peer dependency
npm WARN While resolving: website@1.1.108
npm WARN Found: gatsby@2.32.13
npm WARN node_modules/gatsby
npm WARN   gatsby@"3.0.0" from the root project
npm WARN   15 more (babel-plugin-remove-graphql-queries, ...)
npm WARN 
npm WARN Could not resolve dependency:
npm WARN peer gatsby@"^2.4.0" from gatsby-plugin-offline@3.10.2
npm WARN node_modules/gatsby-plugin-offline
npm WARN   gatsby-plugin-offline@"3.10.2" from the root project
npm WARN ERESOLVE overriding peer dependency
npm WARN While resolving: website@1.1.108
npm WARN Found: gatsby@2.32.13
npm WARN node_modules/gatsby
npm WARN   gatsby@"3.0.0" from the root project
npm WARN   15 more (babel-plugin-remove-graphql-queries, ...)
npm WARN 
npm WARN Could not resolve dependency:
npm WARN peer gatsby@"^2.0.0" from gatsby-plugin-postcss@3.7.0
npm WARN node_modules/gatsby-plugin-postcss
npm WARN   dev gatsby-plugin-postcss@"3.7.0" from the root project
npm WARN ERESOLVE overriding peer dependency
npm WARN While resolving: website@1.1.108
npm WARN Found: gatsby@2.32.13
npm WARN node_modules/gatsby
npm WARN   gatsby@"3.0.0" from the root project
npm WARN   15 more (babel-plugin-remove-graphql-queries, ...)
npm WARN 
npm WARN Could not resolve dependency:
npm WARN peer gatsby@"^2.2.0" from gatsby-source-filesystem@2.11.1
npm WARN node_modules/gatsby-source-filesystem
npm WARN   dev gatsby-source-filesystem@"2.11.1" from the root project
npm WARN ERESOLVE overriding peer dependency
npm WARN While resolving: website@1.1.108
npm WARN Found: gatsby@2.32.13
npm WARN node_modules/gatsby
npm WARN   gatsby@"3.0.0" from the root project
npm WARN   15 more (babel-plugin-remove-graphql-queries, ...)
npm WARN 
npm WARN Could not resolve dependency:
npm WARN peer gatsby@"^2.0.15" from gatsby-transformer-json@2.11.0
npm WARN node_modules/gatsby-transformer-json
npm WARN   dev gatsby-transformer-json@"2.11.0" from the root project
npm WARN ERESOLVE overriding peer dependency
npm WARN While resolving: website@1.1.108
npm WARN Found: gatsby@2.32.13
npm WARN node_modules/gatsby
npm WARN   gatsby@"3.0.0" from the root project
npm WARN   15 more (babel-plugin-remove-graphql-queries, ...)
npm WARN 
npm WARN Could not resolve dependency:
npm WARN peer gatsby@"^2.12.1" from gatsby-transformer-sharp@2.12.1
npm WARN node_modules/gatsby-transformer-sharp
npm WARN   dev gatsby-transformer-sharp@"2.12.1" from the root project
npm ERR! code ERESOLVE
npm ERR! ERESOLVE could not resolve
npm ERR! 
npm ERR! While resolving: commitlint-circle@1.0.0
npm ERR! Found: @commitlint/cli@11.0.0
npm ERR! node_modules/@commitlint/cli
npm ERR!   dev @commitlint/cli@"11.0.0" from the root project
npm ERR! 
npm ERR! Could not resolve dependency:
npm ERR! peer @commitlint/cli@"^7.0.0" from commitlint-circle@1.0.0
npm ERR! node_modules/commitlint-circle
npm ERR!   dev commitlint-circle@"1.0.0" from the root project
npm ERR! 
npm ERR! Conflicting peer dependency: @commitlint/cli@7.6.1
npm ERR! node_modules/@commitlint/cli
npm ERR!   peer @commitlint/cli@"^7.0.0" from commitlint-circle@1.0.0
npm ERR!   node_modules/commitlint-circle
npm ERR!     dev commitlint-circle@"1.0.0" from the root project
npm ERR! 
npm ERR! Fix the upstream dependency conflict, or retry
npm ERR! this command with --force, or --legacy-peer-deps
npm ERR! to accept an incorrect (and potentially broken) dependency resolution.
npm ERR! 
npm ERR! See /tmp/renovate-cache/others/npm/eresolve-report.txt for a full report.

npm ERR! A complete log of this run can be found in:
npm ERR!     /tmp/renovate-cache/others/npm/_logs/2022-06-12T15_39_31_741Z-debug-0.log

renovate[bot] commented 1 year ago

Autoclosing Skipped

This PR has been flagged for autoclosing. However, it is being skipped due to the branch being already modified. Please close/delete it manually or report a bug if you think this is in error.

MichaelHettmer / website