dependabot[bot]
commented
8 months ago The following labels could not be found: vulnerabilites.
Open dependabot[bot] opened 8 months ago
dependabot[bot]
commented
8 months ago The following labels could not be found: vulnerabilites.
socket-security[bot]
commented
8 months ago New and removed dependencies detected. Learn more about Socket for GitHub ↗︎
| Package | New capabilities | Transitives | Size | Publisher |
|---|---|---|---|---|
| npm/buffer@5.7.1 | None | +1 |
86.4 kB | feross |
| npm/eventemitter3@4.0.7 | None | 0 |
38 kB | lpinca |
| npm/retry@0.12.0 | None | 0 |
32.2 kB | tim-kos |
🚮 Removed packages: npm/@aws-sdk/types@3.465.0, npm/@openzeppelin/defender-base-client@1.54.0-rc.0, npm/@openzeppelin/defender-relay-client@1.54.0-rc.0, npm/@smithy/types@2.7.0, npm/amazon-cognito-identity-js@6.3.7, npm/follow-redirects@1.15.1
Bumps ip from 2.0.0 to 2.0.1.
Commits
3b0994a2.0.132f468flib: fixed CVE-2023-42282 and added unit testYou can trigger a rebase of this PR by commenting
@dependabot rebase.Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show