renovate[bot]
commented
2 months ago ⚠️ Artifact update problem
Renovate failed to update an artifact related to this branch. You probably do not want to merge this PR as-is.
♻ Renovate will retry this branch, including artifacts, only when one of the following happens:
- any of the package files in this branch needs updating, or
- the branch becomes conflicted, or
- you click the rebase/retry checkbox if found above, or
- you rename this PR's title to start with "rebase!" to trigger it manually
The artifact failure details are included below:
File name: package-lock.json
npm error code ERESOLVE
npm error ERESOLVE could not resolve
npm error
npm error While resolving: @vue/eslint-config-standard@8.0.1
npm error Found: eslint@7.32.0
npm error node_modules/eslint
npm error peer eslint@"^7.5.0 || ^8.0.0" from @babel/eslint-parser@7.24.1
npm error node_modules/@babel/eslint-parser
npm error dev @babel/eslint-parser@"^7.11.0" from the root project
npm error peer eslint@"^6.0.0 || ^7.0.0 || >=8.0.0" from @eslint-community/eslint-utils@4.4.0
npm error node_modules/@eslint-community/eslint-utils
npm error @eslint-community/eslint-utils@"^4.4.0" from eslint-plugin-vue@9.25.0
npm error node_modules/eslint-plugin-vue
npm error peer eslint-plugin-vue@"^9.2.0" from @vue/eslint-config-standard@8.0.1
npm error node_modules/@vue/eslint-config-standard
npm error dev @vue/eslint-config-standard@"^8.0.0" from the root project
npm error 1 more (the root project)
npm error 12 more (eslint-plugin-n, eslint-utils, eslint-plugin-es, ...)
npm error
npm error Could not resolve dependency:
npm error peer eslint@"^8.0.1" from @vue/eslint-config-standard@8.0.1
npm error node_modules/@vue/eslint-config-standard
npm error dev @vue/eslint-config-standard@"^8.0.0" from the root project
npm error
npm error Conflicting peer dependency: eslint@8.57.0
npm error node_modules/eslint
npm error peer eslint@"^8.0.1" from @vue/eslint-config-standard@8.0.1
npm error node_modules/@vue/eslint-config-standard
npm error dev @vue/eslint-config-standard@"^8.0.0" from the root project
npm error
npm error Fix the upstream dependency conflict, or retry
npm error this command with --force or --legacy-peer-deps
npm error to accept an incorrect (and potentially broken) dependency resolution.
npm error
npm error
npm error For a full report see:
npm error /tmp/renovate/cache/others/npm/_logs/2024-08-15T05_48_56_086Z-eresolve-report.txt
npm error A complete log of this run can be found in: /tmp/renovate/cache/others/npm/_logs/2024-08-15T05_48_56_086Z-debug-0.log
This PR contains the following updates:
1.7.2->1.7.4GitHub Vulnerability Alerts
CVE-2024-39338
axios 1.7.2 allows SSRF via unexpected behavior where requests for path relative URLs get processed as protocol relative URLs.
Release Notes
axios/axios (axios)
### [`v1.7.4`](https://togithub.com/axios/axios/blob/HEAD/CHANGELOG.md#174-2024-08-13) [Compare Source](https://togithub.com/axios/axios/compare/v1.7.3...v1.7.4) ##### Bug Fixes - **sec:** CVE-2024-39338 ([#6539](https://togithub.com/axios/axios/issues/6539)) ([#6543](https://togithub.com/axios/axios/issues/6543)) ([6b6b605](https://togithub.com/axios/axios/commit/6b6b605eaf73852fb2dae033f1e786155959de3a)) - **sec:** disregard protocol-relative URL to remediate SSRF ([#6539](https://togithub.com/axios/axios/issues/6539)) ([07a661a](https://togithub.com/axios/axios/commit/07a661a2a6b9092c4aa640dcc7f724ec5e65bdda)) ##### Contributors to this release -Configuration
📅 Schedule: Branch creation - "" (UTC), Automerge - At any time (no schedule defined).
🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.
♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.
🔕 Ignore: Close this PR and you won't be reminded about this update again.
This PR was generated by Mend Renovate. View the repository job log.