kpfromer / nestjs-typegoose

Typegoose with NestJS
https://kpfromer.github.io/nestjs-typegoose/
MIT License
291 stars 73 forks source link

chore(deps): update dependency semantic-release to v17.2.3 [security] #502

Open renovate[bot] opened 3 months ago

renovate[bot] commented 3 months ago

This PR contains the following updates:

Package Change Age Adoption Passing Confidence
semantic-release 17.1.1 -> 17.2.3 age adoption passing confidence

GitHub Vulnerability Alerts

CVE-2020-26226

Impact

Secrets that would normally be masked by semantic-release can be accidentally disclosed if they contain characters that become encoded when included in a URL.

Patches

Fixed in v17.2.3

Workarounds

Secrets that do not contain characters that become encoded when included in a URL are already masked properly.


Release Notes

semantic-release/semantic-release (semantic-release) ### [`v17.2.3`](https://togithub.com/semantic-release/semantic-release/releases/tag/v17.2.3) [Compare Source](https://togithub.com/semantic-release/semantic-release/compare/v17.2.2...v17.2.3) ##### Bug Fixes - mask secrets when characters get uri encoded ([ca90b34](https://togithub.com/semantic-release/semantic-release/commit/ca90b34c4a9333438cc4d69faeb43362bb991e5a)) ### [`v17.2.2`](https://togithub.com/semantic-release/semantic-release/releases/tag/v17.2.2) [Compare Source](https://togithub.com/semantic-release/semantic-release/compare/v17.2.1...v17.2.2) ##### Bug Fixes - don't parse port as part of the path in repository URLs ([#​1671](https://togithub.com/semantic-release/semantic-release/issues/1671)) ([77a75f0](https://togithub.com/semantic-release/semantic-release/commit/77a75f072bc257b27904408dbea5ae5ccae2b6ab)) - use valid git credentials when multiple are provided ([#​1669](https://togithub.com/semantic-release/semantic-release/issues/1669)) ([2bf3771](https://togithub.com/semantic-release/semantic-release/commit/2bf377194efc6b4f13b6bc6cd9272b935f64793e)) ### [`v17.2.1`](https://togithub.com/semantic-release/semantic-release/releases/tag/v17.2.1) [Compare Source](https://togithub.com/semantic-release/semantic-release/compare/v17.2.0...v17.2.1) ##### Reverts - Revert "feat: throw an Error if package.json has duplicate "repository" key ([#​1656](https://togithub.com/semantic-release/semantic-release/issues/1656))" ([3abcbaf](https://togithub.com/semantic-release/semantic-release/commit/3abcbaf2561a208180a1f8eddc1d8a5c1006fe48)), closes [#​1656](https://togithub.com/semantic-release/semantic-release/issues/1656) [#​1657](https://togithub.com/semantic-release/semantic-release/issues/1657) ### [`v17.2.0`](https://togithub.com/semantic-release/semantic-release/releases/tag/v17.2.0) [Compare Source](https://togithub.com/semantic-release/semantic-release/compare/v17.1.2...v17.2.0) ##### Features - throw an Error if package.json has duplicate "repository" key ([#​1656](https://togithub.com/semantic-release/semantic-release/issues/1656)) ([b8fb35c](https://togithub.com/semantic-release/semantic-release/commit/b8fb35c7e15d314c15182f779ef30b42b6c4e7ea)) ### [`v17.1.2`](https://togithub.com/semantic-release/semantic-release/releases/tag/v17.1.2) [Compare Source](https://togithub.com/semantic-release/semantic-release/compare/v17.1.1...v17.1.2) ##### Bug Fixes - add logging for when ssh falls back to http ([#​1639](https://togithub.com/semantic-release/semantic-release/issues/1639)) ([b4c5d0a](https://togithub.com/semantic-release/semantic-release/commit/b4c5d0a436fa5a4e98d8326f0512fa8a2f1f4f67))

Configuration

📅 Schedule: Branch creation - "" (UTC), Automerge - At any time (no schedule defined).

🚦 Automerge: Enabled.

Rebasing: Whenever PR is behind base branch, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.



This PR was generated by Mend Renovate. View the repository job log.