greenkeeper[bot]
commented
4 years ago After pinning to 1.1.2 your tests are still failing. The reported issue might not affect your project. These imprecisions are caused by inconsistent test results.
Open greenkeeper[bot] opened 4 years ago
greenkeeper[bot]
commented
4 years ago After pinning to 1.1.2 your tests are still failing. The reported issue might not affect your project. These imprecisions are caused by inconsistent test results.
The dependency dot was updated from
1.1.2to1.1.3.🚨 View failing branch.
This version is covered by your current version range and after updating it in your project the build failed.
dot is a direct dependency of this project, and it is very likely causing it to break. If other packages depend on yours, this update is probably also breaking those in turn.
Status Details
- ❌ **continuous-integration/travis-ci/push:** The Travis CI build failed ([Details](https://travis-ci.org/aethant/merino/builds/622037251?utm_source=github_status&utm_medium=notification)).Release Notes for v1.1.3
Tests for doT.process
Patch code injection via prototype pollution (#291)
Commits
The new version differs by 12 commits.
6adbd81docs: noted00300e1.1.387ccef3test: update travis versions4cc3253chore: update dependencies320e847test: missing test filesef5f353docs: security considerationsc531369test: exclude unused code from coverageb4fd211test: doT.processfa3890dtest: use doT required via the main module2cf2226fix: prevent possibility of execution of the code injected via prototype pollution when undefined is passed to compiled template function, closes #291299b4daMerge pull request #237 from EdwardBetts/spelling2dfe1afcorrect spelling mistakeSee the full diff
FAQ and help
There is a collection of [frequently asked questions](https://greenkeeper.io/faq.html). If those don’t help, you can always [ask the humans behind Greenkeeper](https://github.com/greenkeeperio/greenkeeper/issues/new).Your Greenkeeper Bot :palm_tree: