search

alarmdisplay / display

Component for displaying alerts and general info
GNU Affero General Public License v3.0
11 stars 2 forks source link

fix(deps): update dependency mysql2 to v3.9.8 [security] #167

Closed abrain-bot closed 2 months ago

abrain-bot commented 4 months ago

This PR contains the following updates:

Package Type Update Change
mysql2 (source) dependencies patch 3.9.7 -> 3.9.8

GitHub Vulnerability Alerts

CVE-2024-21512

Versions of the package mysql2 before 3.9.8 are vulnerable to Prototype Pollution due to improper user input sanitization passed to fields and tables when using nestTables.

Release Notes

sidorares/node-mysql2 (mysql2) ### [`v3.9.8`](https://togithub.com/sidorares/node-mysql2/blob/HEAD/Changelog.md#398-2024-05-26) [Compare Source](https://togithub.com/sidorares/node-mysql2/compare/v3.9.7...v3.9.8) ##### Bug Fixes - **security:** sanitize fields and tables when using nestTables ([#​2702](https://togithub.com/sidorares/node-mysql2/issues/2702)) ([efe3db5](https://togithub.com/sidorares/node-mysql2/commit/efe3db527a2c94a63c2d14045baba8dfefe922bc)) - support deno + caching_sha2\_password FULL_AUTHENTICATION_PACKET flow ([#​2704](https://togithub.com/sidorares/node-mysql2/issues/2704)) ([2e03694](https://togithub.com/sidorares/node-mysql2/commit/2e0369445ba1581b427f78689a935ac3debfbf07)) - **typings:** typo from `jonServerPublicKey` to `onServerPublicKey` ([#​2699](https://togithub.com/sidorares/node-mysql2/issues/2699)) ([8b5f691](https://togithub.com/sidorares/node-mysql2/commit/8b5f6911b69b766a3732fa160049d263460da74b))

Configuration

📅 Schedule: Branch creation - "" (UTC), Automerge - "after 10pm every weekday,before 5am every weekday,every weekend" (UTC).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.

This PR has been generated by Renovate Bot.

codecov[bot] commented 4 months ago

Codecov Report

All modified and coverable lines are covered by tests :white_check_mark:

Project coverage is 59.93%. Comparing base (93c8df0) to head (37abe11).

Additional details and impacted files ```diff @@ Coverage Diff @@ ## develop #167 +/- ## ======================================== Coverage 59.93% 59.93% ======================================== Files 81 81 Lines 986 986 Branches 83 83 ======================================== Hits 591 591 Misses 383 383 Partials 12 12 ``` | [Flag](https://app.codecov.io/gh/alarmdisplay/display/pull/167/flags?src=pr&el=flags&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=alarmdisplay) | Coverage Δ | | |---|---|---| | [server](https://app.codecov.io/gh/alarmdisplay/display/pull/167/flags?src=pr&el=flag&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=alarmdisplay) | `59.93% <ø> (ø)` | | Flags with carried forward coverage won't be shown. [Click here](https://docs.codecov.io/docs/carryforward-flags?utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=alarmdisplay#carryforward-flags-in-the-pull-request-comment) to find out more.

:umbrella: View full report in Codecov by Sentry.
:loudspeaker: Have feedback on the report? Share it here.