search

adobe / helix-embed

Embed service for helix.
Apache License 2.0
5 stars 3 forks source link

chore(deps): update dependency semantic-release to v17.2.3 [security] #339

Closed renovate[bot] closed 3 years ago

renovate[bot] commented 3 years ago

WhiteSource Renovate

This PR contains the following updates:

Package Change Age Adoption Passing Confidence
semantic-release 17.2.2 -> 17.2.3 age adoption passing confidence

GitHub Vulnerability Alerts

CVE-2020-26226

Impact

Secrets that would normally be masked by semantic-release can be accidentally disclosed if they contain characters that become encoded when included in a URL.

Patches

Fixed in v17.2.3

Workarounds

Secrets that do not contain characters that become encoded when included in a URL are already masked properly.

Release Notes

semantic-release/semantic-release ### [`v17.2.3`](https://togithub.com/semantic-release/semantic-release/releases/v17.2.3) [Compare Source](https://togithub.com/semantic-release/semantic-release/compare/v17.2.2...v17.2.3) ##### Bug Fixes - mask secrets when characters get uri encoded ([ca90b34](https://togithub.com/semantic-release/semantic-release/commit/ca90b34c4a9333438cc4d69faeb43362bb991e5a))

Renovate configuration

:date: Schedule: "" in timezone Europe/Zurich.

:vertical_traffic_light: Automerge: Enabled.

:recycle: Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

:no_bell: Ignore: Close this PR and you won't be reminded about this update again.

This PR has been generated by WhiteSource Renovate. View repository job log here.

github-actions[bot] commented 3 years ago

This PR will trigger no release when merged.

codecov[bot] commented 3 years ago

Codecov Report

Merging #339 (d78cc24) into master (b6ad629) will not change coverage. The diff coverage is n/a.

Impacted file tree graph

@@           Coverage Diff           @@
##           master     #339   +/-   ##
=======================================
  Coverage   98.76%   98.76%           
=======================================
  Files           7        7           
  Lines         243      243           
=======================================
  Hits          240      240           
  Misses          3        3

Continue to review full report at Codecov.

Legend - Click here to learn more Δ = absolute <relative> (impact), ø = not affected, ? = missing data Powered by Codecov. Last update cde8a95...d78cc24. Read the comment docs.

adobe-bot commented 3 years ago

:tada: This PR is included in version 1.9.3 :tada:

The release is available on:

Your semantic-release bot :package::rocket: