renovate[bot]
commented
2 years ago β Artifact update problem
Renovate failed to update an artifact related to this branch. You probably do not want to merge this PR as-is.
β» Renovate will retry this branch, including artifacts, only when one of the following happens:
- any of the package files in this branch needs updating, or
- the branch becomes conflicted, or
- you click the rebase/retry checkbox if found above, or
- you rename this PR's title to start with "rebase!" to trigger it manually
The artifact failure details are included below:
File name: pnpm-lock.yaml
installing v2 tool pnpm v7.5.0
npm WARN config global `--global`, `--local` are deprecated. Use `--location=global` instead.
added 1 package in 3s
linking tool pnpm v7.5.0
7.5.0
Scope: all 11 workspace projects
Progress: resolved 1, reused 0, downloaded 0, added 0
nuclide/nuclide-node-transpiler | βWARNβ deprecated jasmine-node@1.14.5
nuclide/nuclide-node-transpiler | βWARNβ deprecated uuid@3.0.1
nuclide/nuclide-commons | βWARNβ deprecated uuid@3.0.1
nuclide/nuclide-debugger-common | βWARNβ deprecated uuid@3.0.1
Progress: resolved 40, reused 0, downloaded 10, added 0
Progress: resolved 79, reused 0, downloaded 29, added 0
Progress: resolved 86, reused 0, downloaded 41, added 0
Progress: resolved 96, reused 0, downloaded 50, added 0
. | βWARNβ deprecated @types/classnames@2.3.1
Progress: resolved 104, reused 0, downloaded 59, added 0
Progress: resolved 112, reused 0, downloaded 66, added 0
Progress: resolved 116, reused 0, downloaded 71, added 0
Progress: resolved 121, reused 0, downloaded 77, added 0
Progress: resolved 126, reused 0, downloaded 82, added 0
Progress: resolved 130, reused 0, downloaded 87, added 0
Progress: resolved 133, reused 0, downloaded 92, added 0
Progress: resolved 136, reused 0, downloaded 94, added 0
Progress: resolved 149, reused 0, downloaded 97, added 0
Progress: resolved 194, reused 0, downloaded 114, added 0
Progress: resolved 211, reused 0, downloaded 120, added 0
Progress: resolved 234, reused 0, downloaded 133, added 0
nuclide/nuclide-node-transpiler | βWARNβ deprecated coffee-script@1.12.7
nuclide/nuclide-node-transpiler | βWARNβ deprecated mkdirp@0.3.5
Progress: resolved 246, reused 0, downloaded 145, added 0
Progress: resolved 265, reused 0, downloaded 154, added 0
Progress: resolved 276, reused 0, downloaded 162, added 0
Progress: resolved 281, reused 0, downloaded 167, added 0
nuclide/nuclide-node-transpiler | βWARNβ deprecated debug@4.1.1
Progress: resolved 298, reused 0, downloaded 179, added 0
Progress: resolved 332, reused 0, downloaded 199, added 0
Progress: resolved 349, reused 0, downloaded 212, added 0
Progress: resolved 395, reused 0, downloaded 230, added 0
Progress: resolved 438, reused 0, downloaded 256, added 0
nuclide/nuclide-node-transpiler | βWARNβ deprecated minimatch@0.2.14
Progress: resolved 471, reused 0, downloaded 282, added 0
nuclide/nuclide-node-transpiler | βWARNβ deprecated minimatch@0.3.0
Progress: resolved 509, reused 0, downloaded 311, added 0
Progress: resolved 542, reused 0, downloaded 344, added 0
Progress: resolved 570, reused 0, downloaded 366, added 0
nuclide/nuclide-node-transpiler | βWARNβ deprecated core-js@2.6.11
nuclide/nuclide-node-transpiler | βWARNβ deprecated core-js@2.6.11
Progress: resolved 574, reused 0, downloaded 370, added 0
Progress: resolved 574, reused 0, downloaded 372, added 0
Progress: resolved 583, reused 0, downloaded 372, added 0
Progress: resolved 612, reused 0, downloaded 381, added 0
Progress: resolved 640, reused 0, downloaded 404, added 0
Progress: resolved 683, reused 0, downloaded 423, added 0
Progress: resolved 720, reused 0, downloaded 448, added 0
Progress: resolved 751, reused 0, downloaded 473, added 0
Progress: resolved 782, reused 0, downloaded 505, added 0
Progress: resolved 815, reused 0, downloaded 539, added 0
Progress: resolved 844, reused 0, downloaded 557, added 0
Progress: resolved 889, reused 0, downloaded 595, added 0
Progress: resolved 932, reused 0, downloaded 632, added 0
Progress: resolved 963, reused 0, downloaded 657, added 0
. | βWARNβ deprecated fsevents@2.1.3
Progress: resolved 996, reused 0, downloaded 686, added 0
. | βWARNβ deprecated babel-eslint@7.2.3
Progress: resolved 1012, reused 0, downloaded 699, added 0
Progress: resolved 1020, reused 0, downloaded 708, added 0
Progress: resolved 1032, reused 0, downloaded 715, added 0
Progress: resolved 1049, reused 0, downloaded 726, added 0
Progress: resolved 1064, reused 0, downloaded 739, added 0
Progress: resolved 1084, reused 0, downloaded 753, added 0
Progress: resolved 1099, reused 0, downloaded 765, added 0
Progress: resolved 1118, reused 0, downloaded 778, added 0
Progress: resolved 1149, reused 0, downloaded 795, added 0
Progress: resolved 1177, reused 0, downloaded 816, added 0
Progress: resolved 1195, reused 0, downloaded 828, added 0
. | βWARNβ deprecated rollup-plugin-node-resolve@3.4.0
Progress: resolved 1207, reused 0, downloaded 837, added 0
Progress: resolved 1236, reused 0, downloaded 860, added 0
Progress: resolved 1310, reused 0, downloaded 907, added 0
Progress: resolved 1366, reused 0, downloaded 931, added 0
Progress: resolved 1398, reused 0, downloaded 958, added 0
Progress: resolved 1437, reused 0, downloaded 977, added 0
. | βWARNβ deprecated ini@1.3.5
Progress: resolved 1502, reused 0, downloaded 1012, added 0
Progress: resolved 1527, reused 0, downloaded 1038, added 0
Progress: resolved 1560, reused 0, downloaded 1067, added 0
. | βWARNβ deprecated resolve-url@0.2.1
Progress: resolved 1615, reused 0, downloaded 1107, added 0
Progress: resolved 1636, reused 0, downloaded 1129, added 0
Progress: resolved 1655, reused 0, downloaded 1148, added 0
Progress: resolved 1679, reused 0, downloaded 1161, added 0
Progress: resolved 1728, reused 0, downloaded 1177, added 0
Progress: resolved 1778, reused 0, downloaded 1196, added 0
Progress: resolved 1793, reused 0, downloaded 1205, added 0
Progress: resolved 1806, reused 0, downloaded 1213, added 0
Progress: resolved 1831, reused 0, downloaded 1223, added 0
Progress: resolved 1855, reused 0, downloaded 1246, added 0
Progress: resolved 1883, reused 0, downloaded 1272, added 0
. | βWARNβ deprecated urix@0.1.0
Progress: resolved 1912, reused 0, downloaded 1294, added 0
. | βWARNβ deprecated request@2.88.2
Progress: resolved 1937, reused 0, downloaded 1318, added 0
. | βWARNβ deprecated har-validator@5.1.5
Progress: resolved 1962, reused 0, downloaded 1340, added 0
. | βWARNβ deprecated fsevents@1.2.13
Progress: resolved 1993, reused 0, downloaded 1372, added 0
Progress: resolved 2024, reused 0, downloaded 1402, added 0
Progress: resolved 2057, reused 0, downloaded 1432, added 0
Progress: resolved 2064, reused 0, downloaded 1451, added 0
Progress: resolved 2071, reused 0, downloaded 1457, added 0
Progress: resolved 2100, reused 0, downloaded 1475, added 0
Progress: resolved 2132, reused 0, downloaded 1516, added 0
Progress: resolved 2171, reused 0, downloaded 1536, added 0
Progress: resolved 2175, reused 0, downloaded 1536, added 0
Progress: resolved 2175, reused 0, downloaded 1539, added 0
βERR_PNPM_PEER_DEP_ISSUESβ Unmet peer dependencies
.
βββ¬ @jest-runner/nuclide-e2e
β βββ β missing peer electron@"*"
βββ¬ eslint-config-atomic
β βββ¬ eslint-plugin-coffee
β βββ¬ eslint-config-airbnb
β β βββ β missing peer eslint-plugin-react-hooks@"^4 || ^3 || ^2.3.0 || ^1.7.0"
β βββ¬ eslint-plugin-react-native
β βββ β unmet peer eslint@"^3.17.0 || ^4 || ^5 || ^6": found 7.28.0 in eslint-config-atomic
βββ¬ rollup-plugin-atomic
βββ¬ rollup-plugin-assemblyscript
β βββ β missing peer as-bind@"*"
βββ¬ rollup-plugin-coffee-script
βββ β unmet peer coffeescript@2.x: found 1.12.7
Peer dependencies that should be installed:
as-bind@"*"
electron@"*"
eslint-plugin-react-hooks@"^4 || ^3 || ^2.3.0 || ^1.7.0"
nuclide/nuclide-commons-ui
βββ¬ react-virtualized
βββ β unmet peer react@"^15.3.0 || ^16.0.0-alpha": found 17.0.1
βββ β unmet peer react-dom@"^15.3.0 || ^16.0.0-alpha": found 17.0.1
hint: If you want peer dependencies to be automatically installed, add "auto-install-peers=true" to an .npmrc file at the root of your project.
hint: If you don't want pnpm to fail on peer dependency issues, add "strict-peer-dependencies=false" to an .npmrc file at the root of your project.
This PR contains the following updates:
4.17.20->4.17.21GitHub Vulnerability Alerts
CVE-2021-23337
lodashversions prior to 4.17.21 are vulnerable to Command Injection via the template function.CVE-2020-28500
All versions of package lodash prior to 4.17.21 are vulnerable to Regular Expression Denial of Service (ReDoS) via the toNumber, trim and trimEnd functions. Steps to reproduce (provided by reporter Liyuan Chen): var lo = require('lodash'); function build_blank (n) { var ret = "1" for (var i = 0; i < n; i++) { ret += " " } return ret + "1"; } var s = build_blank(50000) var time0 = Date.now(); lo.trim(s) var time_cost0 = Date.now() - time0; console.log("time_cost0: " + time_cost0) var time1 = Date.now(); lo.toNumber(s) var time_cost1 = Date.now() - time1; console.log("time_cost1: " + time_cost1) var time2 = Date.now(); lo.trimEnd(s) var time_cost2 = Date.now() - time2; console.log("time_cost2: " + time_cost2)
Release Notes
lodash/lodash
### [`v4.17.21`](https://togithub.com/lodash/lodash/compare/4.17.20...4.17.21) [Compare Source](https://togithub.com/lodash/lodash/compare/4.17.20...4.17.21)Configuration
π Schedule: Branch creation - "" (UTC), Automerge - At any time (no schedule defined).
π¦ Automerge: Disabled by config. Please merge this manually once you are satisfied.
β» Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.
π Ignore: Close this PR and you won't be reminded about this update again.
This PR has been generated by Mend Renovate. View repository job log here.