Closed renovate[bot] closed 1 year ago
This PR contains the following updates:
17.7.0
17.8.0
7.2.0
7.3.0
4.3.7
4.3.8
18.18.4
18.18.5
17.7.2
v2.22.1
v2.22.3
20.8.0
20.8.1
📅 Schedule: Branch creation - "before 3am on Monday" (UTC), Automerge - At any time (no schedule defined).
🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.
♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.
👻 Immortal: This PR will be recreated if closed unmerged. Get config help if that's undesired.
This PR has been generated by Mend Renovate. View repository job log here.
This PR contains the following updates:
17.7.0->17.8.07.2.0->7.3.07.2.0->7.3.07.2.0->7.3.04.3.7->4.3.818.18.4->18.18.517.7.2->17.8.0v2.22.1->v2.22.320.8.0->20.8.1Release Notes
conventional-changelog/commitlint (@commitlint/config-conventional)
### [`v17.8.0`](https://togithub.com/conventional-changelog/commitlint/blob/HEAD/@commitlint/config-conventional/CHANGELOG.md#1780-2023-10-14) [Compare Source](https://togithub.com/conventional-changelog/commitlint/compare/v17.7.0...v17.8.0) **Note:** Version bump only for package [@commitlint/config-conventional](https://togithub.com/commitlint/config-conventional)stryker-mutator/stryker-js (@stryker-mutator/core)
### [`v7.3.0`](https://togithub.com/stryker-mutator/stryker-js/blob/HEAD/packages/core/CHANGELOG.md#730-2023-10-15) [Compare Source](https://togithub.com/stryker-mutator/stryker-js/compare/v7.2.0...v7.3.0) ##### Bug Fixes - **core:** disableTypeChecks true only forces ts-like file match ([#4485](https://togithub.com/stryker-mutator/stryker-js/issues/4485)) ([31f3411](https://togithub.com/stryker-mutator/stryker-js/commit/31f3411276e1251863fb0bb874353e5a3fab32a6)) - **deps:** update dependency commander to ~11.1.0 ([#4483](https://togithub.com/stryker-mutator/stryker-js/issues/4483)) ([ab03c0d](https://togithub.com/stryker-mutator/stryker-js/commit/ab03c0d32562dac46e7b2eac2a3c6aa7d2f7a8ac)) - **package:** don't publish test and tsbuildinfo. ([#4464](https://togithub.com/stryker-mutator/stryker-js/issues/4464)) ([ae3d2d8](https://togithub.com/stryker-mutator/stryker-js/commit/ae3d2d8f6bd92be73dface5cc7e08589872a4d60)) ##### Features - **Ignorer plugin:** support ignorer plugins ([#4487](https://togithub.com/stryker-mutator/stryker-js/issues/4487)) ([4fe1000](https://togithub.com/stryker-mutator/stryker-js/commit/4fe10004881e8a46ca6ac32d957b069c70910686)) - **plugin:** add support for `declareValuePlugin` ([#4490](https://togithub.com/stryker-mutator/stryker-js/issues/4490)) ([a3c35ca](https://togithub.com/stryker-mutator/stryker-js/commit/a3c35caa3b2dba7036e1ebf081c74fa594f88d03))stryker-mutator/stryker-js (@stryker-mutator/mocha-runner)
### [`v7.3.0`](https://togithub.com/stryker-mutator/stryker-js/blob/HEAD/packages/mocha-runner/CHANGELOG.md#730-2023-10-15) [Compare Source](https://togithub.com/stryker-mutator/stryker-js/compare/v7.2.0...v7.3.0) ##### Bug Fixes - **package:** don't publish test and tsbuildinfo. ([#4464](https://togithub.com/stryker-mutator/stryker-js/issues/4464)) ([ae3d2d8](https://togithub.com/stryker-mutator/stryker-js/commit/ae3d2d8f6bd92be73dface5cc7e08589872a4d60))stryker-mutator/stryker-js (@stryker-mutator/typescript-checker)
### [`v7.3.0`](https://togithub.com/stryker-mutator/stryker-js/blob/HEAD/packages/typescript-checker/CHANGELOG.md#730-2023-10-15) [Compare Source](https://togithub.com/stryker-mutator/stryker-js/compare/v7.2.0...v7.3.0) ##### Bug Fixes - **package:** don't publish test and tsbuildinfo. ([#4464](https://togithub.com/stryker-mutator/stryker-js/issues/4464)) ([ae3d2d8](https://togithub.com/stryker-mutator/stryker-js/commit/ae3d2d8f6bd92be73dface5cc7e08589872a4d60))conventional-changelog/commitlint (commitlint)
### [`v17.8.0`](https://togithub.com/conventional-changelog/commitlint/blob/HEAD/@alias/commitlint/CHANGELOG.md#1780-2023-10-14) [Compare Source](https://togithub.com/conventional-changelog/commitlint/compare/v17.7.2...v17.8.0) **Note:** Version bump only for package commitlint #### [17.7.2](https://togithub.com/conventional-changelog/commitlint/compare/v17.7.1...v17.7.2) (2023-09-28) **Note:** Version bump only for package commitlint #### [17.7.1](https://togithub.com/conventional-changelog/commitlint/compare/v17.7.0...v17.7.1) (2023-08-10) **Note:** Version bump only for package commitlintgithub/codeql-action (github/codeql-action)
### [`v2.22.3`](https://togithub.com/github/codeql-action/compare/v2.22.2...v2.22.3) [Compare Source](https://togithub.com/github/codeql-action/compare/v2.22.2...v2.22.3) ### [`v2.22.2`](https://togithub.com/github/codeql-action/compare/v2.22.1...v2.22.2) [Compare Source](https://togithub.com/github/codeql-action/compare/v2.22.1...v2.22.2)nodejs/node (node)
### [`v20.8.1`](https://togithub.com/nodejs/node/releases/tag/v20.8.1): 2023-10-13, Version 20.8.1 (Current), @RafaelGSS [Compare Source](https://togithub.com/nodejs/node/compare/v20.8.0...v20.8.1) This is a security release. ##### Notable Changes The following CVEs are fixed in this release: - [CVE-2023-44487](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-44487): `nghttp2` Security Release (High) - [CVE-2023-45143](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45143): `undici` Security Release (High) - [CVE-2023-39332](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-39332): Path traversal through path stored in Uint8Array (High) - [CVE-2023-39331](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-39331): Permission model improperly protects against path traversal (High) - [CVE-2023-38552](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-38552): Integrity checks according to policies can be circumvented (Medium) - [CVE-2023-39333](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-39333): Code injection via WebAssembly export names (Low) More detailed information on each of the vulnerabilities can be found in [October 2023 Security Releases](https://nodejs.org/en/blog/vulnerability/october-2023-security-releases/) blog post. ##### Commits - \[[`c86883e844`](https://togithub.com/nodejs/node/commit/c86883e844)] - **deps**: update nghttp2 to 1.57.0 (James M Snell) [#50121](https://togithub.com/nodejs/node/pull/50121) - \[[`2860631359`](https://togithub.com/nodejs/node/commit/2860631359)] - **deps**: update undici to v5.26.3 (Matteo Collina) [#50153](https://togithub.com/nodejs/node/pull/50153) - \[[`cd37838bf8`](https://togithub.com/nodejs/node/commit/cd37838bf8)] - **lib**: let deps require `node` prefixed modules (Matthew Aitken) [#50047](https://togithub.com/nodejs/node/pull/50047) - \[[`f5c90b2951`](https://togithub.com/nodejs/node/commit/f5c90b2951)] - **module**: fix code injection through export names (Tobias Nießen) [nodejs-private/node-private#461](https://togithub.com/nodejs-private/node-private/pull/461) - \[[`fa5dae1944`](https://togithub.com/nodejs/node/commit/fa5dae1944)] - **permission**: fix Uint8Array path traversal (Tobias Nießen) [nodejs-private/node-private#456](https://togithub.com/nodejs-private/node-private/pull/456) - \[[`cd35275111`](https://togithub.com/nodejs/node/commit/cd35275111)] - **permission**: improve path traversal protection (Tobias Nießen) [nodejs-private/node-private#456](https://togithub.com/nodejs-private/node-private/pull/456) - \[[`a4cb7fc7c0`](https://togithub.com/nodejs/node/commit/a4cb7fc7c0)] - **policy**: use tamper-proof integrity check function (Tobias Nießen) [nodejs-private/node-private#462](https://togithub.com/nodejs-private/node-private/pull/462)Configuration
📅 Schedule: Branch creation - "before 3am on Monday" (UTC), Automerge - At any time (no schedule defined).
🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.
♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.
👻 Immortal: This PR will be recreated if closed unmerged. Get config help if that's undesired.
This PR has been generated by Mend Renovate. View repository job log here.