search

ScaleLeap / amazon-mws-api-sdk

A fully typed TypeScript and Node.js Amazon MWS API Unofficial SDK
https://npm.im/@scaleleap/amazon-mws-api-sdk
MIT License
20 stars 12 forks source link

chore(deps): update dependency url-parse to 1.5.2 [security] - autoclosed #432

Closed renovate[bot] closed 2 years ago

renovate[bot] commented 2 years ago

WhiteSource Renovate

This PR contains the following updates:

Package Change
url-parse 1.5.1 -> 1.5.2

GitHub Vulnerability Alerts

CVE-2021-3664

Overview

Affected versions of npm url-parse are vulnerable to URL Redirection to Untrusted Site.

Impact

Depending on library usage and attacker intent, impacts may include allow/block list bypasses, SSRF attacks, open redirects, or other undesired behavior.

Configuration

πŸ“… Schedule: "" in timezone Etc/UTC.

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

β™» Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

πŸ”• Ignore: Close this PR and you won't be reminded about this update again.

This PR has been generated by WhiteSource Renovate. View repository job log here.

codecov-commenter commented 2 years ago

Codecov Report

Merging #432 (25507ba) into master (cf612e1) will not change coverage. The diff coverage is n/a.

Impacted file tree graph

@@           Coverage Diff           @@
##           master     #432   +/-   ##
=======================================
  Coverage   99.42%   99.42%           
=======================================
  Files          36       36           
  Lines        2245     2245           
  Branches      192      192           
=======================================
  Hits         2232     2232           
  Misses         11       11           
  Partials        2        2

Continue to review full report at Codecov.

Legend - Click here to learn more Ξ” = absolute <relative> (impact), ΓΈ = not affected, ? = missing data Powered by Codecov. Last update cf612e1...25507ba. Read the comment docs.