search

Unibeautify / unibeautify

One Beautifier to rule them all, One Beautifier to clean them, One Beautifier to bring them all and in the darkness sheen them
https://unibeautify.com/
MIT License
545 stars 41 forks source link

Update dependency acorn [SECURITY] - autoclosed #280

Closed renovate[bot] closed 1 year ago

renovate[bot] commented 3 years ago

Mend Renovate

This PR contains the following updates:

Package Change
acorn 6.3.0 -> 6.4.1
acorn 5.7.3 -> 5.7.4

GitHub Vulnerability Alerts

GHSA-6chw-6frg-f759

Affected versions of acorn are vulnerable to Regular Expression Denial of Service. A regex in the form of /[x-\ud800]/u causes the parser to enter an infinite loop. The string is not valid UTF16 which usually results in it being sanitized before reaching the parser. If an application processes untrusted input and passes it directly to acorn, attackers may leverage the vulnerability leading to Denial of Service.

Configuration

πŸ“… Schedule: Branch creation - "" (UTC), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

β™» Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

πŸ‘» Immortal: This PR will be recreated if closed unmerged. Get config help if that's undesired.

This PR has been generated by Mend Renovate. View repository job log here.

renovate[bot] commented 1 year ago

Autoclosing Skipped

This PR has been flagged for autoclosing. However, it is being skipped due to the branch being already modified. Please close/delete it manually or report a bug if you think this is in error.