renovate[bot]
commented
2 years ago β Artifact update problem
Renovate failed to update an artifact related to this branch. You probably do not want to merge this PR as-is.
β» Renovate will retry this branch, including artifacts, only when one of the following happens:
- any of the package files in this branch needs updating, or
- the branch becomes conflicted, or
- you click the rebase/retry checkbox if found above, or
- you rename this PR's title to start with "rebase!" to trigger it manually
The artifact failure details are included below:
File name: pnpm-lock.yaml
installing v2 tool pnpm v7.3.0
npm WARN config global `--global`, `--local` are deprecated. Use `--location=global` instead.
added 1 package in 3s
linking tool pnpm v7.3.0
7.3.0
Scope: all 11 workspace projects
Progress: resolved 1, reused 0, downloaded 0, added 0
nuclide/nuclide-node-transpiler | βWARNβ deprecated jasmine-node@1.14.5
nuclide/nuclide-node-transpiler | βWARNβ deprecated uuid@3.0.1
Progress: resolved 28, reused 0, downloaded 9, added 0
Progress: resolved 47, reused 0, downloaded 30, added 0
Progress: resolved 56, reused 0, downloaded 38, added 0
Progress: resolved 62, reused 0, downloaded 47, added 0
. | βWARNβ deprecated @types/classnames@2.3.1
Progress: resolved 67, reused 0, downloaded 52, added 0
Progress: resolved 76, reused 0, downloaded 64, added 0
Progress: resolved 83, reused 0, downloaded 72, added 0
Progress: resolved 87, reused 0, downloaded 77, added 0
Progress: resolved 91, reused 0, downloaded 82, added 0
Progress: resolved 96, reused 0, downloaded 85, added 0
Progress: resolved 100, reused 0, downloaded 89, added 0
Progress: resolved 104, reused 0, downloaded 94, added 0
Progress: resolved 112, reused 0, downloaded 104, added 0
Progress: resolved 130, reused 0, downloaded 124, added 0
nuclide/nuclide-node-transpiler | βWARNβ deprecated coffee-script@1.12.7
Progress: resolved 143, reused 0, downloaded 135, added 0
nuclide/nuclide-node-transpiler | βWARNβ deprecated mkdirp@0.3.5
Progress: resolved 158, reused 0, downloaded 148, added 0
Progress: resolved 167, reused 0, downloaded 159, added 0
nuclide/nuclide-node-transpiler | βWARNβ deprecated debug@4.1.1
Progress: resolved 175, reused 0, downloaded 165, added 0
Progress: resolved 182, reused 0, downloaded 171, added 0
Progress: resolved 197, reused 0, downloaded 183, added 0
nuclide/nuclide-node-transpiler | βWARNβ deprecated minimatch@0.2.14
Progress: resolved 220, reused 0, downloaded 206, added 0
Progress: resolved 253, reused 0, downloaded 235, added 0
nuclide/nuclide-node-transpiler | βWARNβ deprecated minimatch@0.3.0
Progress: resolved 281, reused 0, downloaded 269, added 0
Progress: resolved 306, reused 0, downloaded 292, added 0
Progress: resolved 346, reused 0, downloaded 331, added 0
Progress: resolved 367, reused 0, downloaded 362, added 0
Progress: resolved 369, reused 0, downloaded 366, added 0
Progress: resolved 370, reused 0, downloaded 367, added 0
nuclide/nuclide-node-transpiler | βWARNβ deprecated core-js@2.6.11
Progress: resolved 371, reused 0, downloaded 368, added 0
Progress: resolved 376, reused 0, downloaded 369, added 0
Progress: resolved 398, reused 0, downloaded 378, added 0
Progress: resolved 421, reused 0, downloaded 406, added 0
Progress: resolved 448, reused 0, downloaded 431, added 0
Progress: resolved 466, reused 0, downloaded 450, added 0
Progress: resolved 505, reused 0, downloaded 487, added 0
Progress: resolved 536, reused 0, downloaded 520, added 0
Progress: resolved 560, reused 0, downloaded 545, added 0
Progress: resolved 582, reused 0, downloaded 568, added 0
Progress: resolved 599, reused 0, downloaded 584, added 0
Progress: resolved 629, reused 0, downloaded 615, added 0
Progress: resolved 661, reused 0, downloaded 646, added 0
. | βWARNβ deprecated fsevents@2.1.3
Progress: resolved 692, reused 0, downloaded 680, added 0
Progress: resolved 694, reused 0, downloaded 682, added 0
Progress: resolved 702, reused 0, downloaded 691, added 0
Progress: resolved 706, reused 0, downloaded 693, added 0
. | βWARNβ deprecated babel-eslint@7.2.3
Progress: resolved 711, reused 0, downloaded 699, added 0
Progress: resolved 721, reused 0, downloaded 710, added 0
Progress: resolved 730, reused 0, downloaded 721, added 0
Progress: resolved 739, reused 0, downloaded 728, added 0
Progress: resolved 751, reused 0, downloaded 740, added 0
Progress: resolved 768, reused 0, downloaded 758, added 0
Progress: resolved 783, reused 0, downloaded 770, added 0
Progress: resolved 801, reused 0, downloaded 787, added 0
. | βWARNβ deprecated rollup-plugin-node-resolve@3.4.0
Progress: resolved 813, reused 0, downloaded 802, added 0
Progress: resolved 841, reused 0, downloaded 830, added 0
Progress: resolved 874, reused 0, downloaded 862, added 0
Progress: resolved 892, reused 0, downloaded 881, added 0
Progress: resolved 936, reused 0, downloaded 923, added 0
. | βWARNβ deprecated ini@1.3.5
Progress: resolved 982, reused 0, downloaded 970, added 0
Progress: resolved 1017, reused 0, downloaded 1007, added 0
Progress: resolved 1031, reused 0, downloaded 1018, added 0
Progress: resolved 1062, reused 0, downloaded 1050, added 0
Progress: resolved 1096, reused 0, downloaded 1081, added 0
Progress: resolved 1130, reused 0, downloaded 1117, added 0
Progress: resolved 1154, reused 0, downloaded 1139, added 0
Progress: resolved 1171, reused 0, downloaded 1156, added 0
Progress: resolved 1191, reused 0, downloaded 1181, added 0
Progress: resolved 1221, reused 0, downloaded 1204, added 0
Progress: resolved 1255, reused 0, downloaded 1238, added 0
Progress: resolved 1296, reused 0, downloaded 1281, added 0
. | βWARNβ deprecated fsevents@1.2.13
Progress: resolved 1332, reused 0, downloaded 1315, added 0
. | βWARNβ deprecated resolve-url@0.2.1
. | βWARNβ deprecated urix@0.1.0
Progress: resolved 1370, reused 0, downloaded 1356, added 0
. | βWARNβ deprecated request@2.88.2
Progress: resolved 1395, reused 0, downloaded 1382, added 0
. | βWARNβ deprecated har-validator@5.1.5
Progress: resolved 1422, reused 0, downloaded 1403, added 0
Progress: resolved 1472, reused 0, downloaded 1456, added 0
Progress: resolved 1498, reused 0, downloaded 1482, added 0
Progress: resolved 1521, reused 0, downloaded 1509, added 0
Progress: resolved 1535, reused 0, downloaded 1526, added 0
Progress: resolved 1536, reused 0, downloaded 1530, added 0
Progress: resolved 1539, reused 0, downloaded 1533, added 0
Progress: resolved 1539, reused 0, downloaded 1534, added 0
Progress: resolved 1539, reused 0, downloaded 1535, added 0
βERR_PNPM_PEER_DEP_ISSUESβ Unmet peer dependencies
.
βββ¬ @jest-runner/nuclide-e2e
β βββ β missing peer electron@"*"
βββ¬ eslint-config-atomic
β βββ¬ eslint-plugin-coffee
β βββ¬ eslint-config-airbnb
β β βββ β missing peer eslint-plugin-react-hooks@"^4 || ^3 || ^2.3.0 || ^1.7.0"
β βββ¬ eslint-plugin-react-native
β βββ β unmet peer eslint@"^3.17.0 || ^4 || ^5 || ^6": found 7.28.0 in eslint-config-atomic
βββ¬ rollup-plugin-atomic
βββ¬ rollup-plugin-assemblyscript
β βββ β missing peer as-bind@"*"
βββ¬ rollup-plugin-coffee-script
βββ β unmet peer coffeescript@2.x: found 1.12.7
Peer dependencies that should be installed:
as-bind@"*"
electron@"*"
eslint-plugin-react-hooks@"^4 || ^3 || ^2.3.0 || ^1.7.0"
nuclide/nuclide-commons-ui
βββ¬ react-virtualized
βββ β unmet peer react@"^15.3.0 || ^16.0.0-alpha": found 17.0.1
βββ β unmet peer react-dom@"^15.3.0 || ^16.0.0-alpha": found 17.0.1
hint: If you want peer dependencies to be automatically installed, add "auto-install-peers=true" to an .npmrc file at the root of your project.
hint: If you don't want pnpm to fail on peer dependency issues, add "strict-peer-dependencies=false" to an .npmrc file at the root of your project.
Progress: resolved 1539, reused 0, downloaded 1536, added 0, done
This PR contains the following updates:
1.6.1->1.7.3GitHub Vulnerability Alerts
CVE-2021-42740
The shell-quote package before 1.7.3 for Node.js allows command injection. An attacker can inject unescaped shell metacharacters through a regex designed to support Windows drive letters. If the output of this package is passed to a real shell as a quoted argument to a command with
exec(), an attacker can inject arbitrary commands. This is because the Windows drive letter regex character class is{A-z]instead of the correct{A-Za-z]. Several shell metacharacters exist in the space between capital letter Z and lower case letter a, such as the backtick character.Release Notes
ljharb/shell-quote (shell-quote)
### [`v1.7.3`](https://togithub.com/ljharb/shell-quote/blob/HEAD/CHANGELOG.md#v173---2021-10-20) [Compare Source](https://togithub.com/ljharb/shell-quote/compare/v1.7.2...v1.7.3) - Fix a security issue where the regex for windows drive letters allowed some shell meta-characters to escape the quoting rules. (CVE-2021-42740) ### [`v1.7.2`](https://togithub.com/ljharb/shell-quote/blob/HEAD/CHANGELOG.md#v172---2019-08-30) [Compare Source](https://togithub.com/ljharb/shell-quote/compare/v1.7.1...v1.7.2) - Fix a regression introduced in 1.6.3. This reverts the Windows path quoting fix. ([144e1c2](https://togithub.com/ljharb/shell-quote/commit/144e1c20cd57549a414c827fb3032e60b7b8721c)) ### [`v1.7.1`](https://togithub.com/ljharb/shell-quote/blob/HEAD/CHANGELOG.md#v171---2019-08-13) [Compare Source](https://togithub.com/ljharb/shell-quote/compare/v1.7.0...v1.7.1) - Fix `$` being removed when not part of an environment variable name. ([@Adman](https://togithub.com/Admin) in [#32](https://togithub.com/ljharb/shell-quote/pull/32)) ### [`v1.7.0`](https://togithub.com/ljharb/shell-quote/blob/HEAD/CHANGELOG.md#v170---2019-08-13) [Compare Source](https://togithub.com/ljharb/shell-quote/compare/v1.6.3...v1.7.0) - Add support for parsing `>>` and `>&` redirection operators. ([@forivall](https://togithub.com/forivall) in [#16](https://togithub.com/ljharb/shell-quote/pull/16)) - Add support for parsing `<(` process substitution operator. ([@cuonglm](https://togithub.com/cuonglm) in [#15](https://togithub.com/ljharb/shell-quote/pull/15)) ### [`v1.6.3`](https://togithub.com/ljharb/shell-quote/blob/HEAD/CHANGELOG.md#v163---2019-08-13) [Compare Source](https://togithub.com/ljharb/shell-quote/compare/v1.6.2...v1.6.3) - Fix Windows path quoting problems. ([@dy](https://togithub.com/dy) in [#34](https://togithub.com/ljharb/shell-quote/pull/34)) ### [`v1.6.2`](https://togithub.com/ljharb/shell-quote/blob/HEAD/CHANGELOG.md#v162---2019-08-13) [Compare Source](https://togithub.com/ljharb/shell-quote/compare/v1.6.1...v1.6.2) ##### Merged - Use native JSON and Array methods [`#21`](https://togithub.com/ljharb/shell-quote/pull/21) ##### Commits - fix whitespace [`72fb5a8`](https://togithub.com/ljharb/shell-quote/commit/72fb5a8ce29b4f67f28302af33c217b58f92e260) - Disable package-lock.json [`d450577`](https://togithub.com/ljharb/shell-quote/commit/d4505770b2a4251af2da8e177385c5e0456a83b6)Configuration
π Schedule: Branch creation - "" (UTC), Automerge - At any time (no schedule defined).
π¦ Automerge: Disabled by config. Please merge this manually once you are satisfied.
β» Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.
π Ignore: Close this PR and you won't be reminded about this update again.
This PR has been generated by Mend Renovate. View repository job log here.