github-actions[bot]
commented
2 months ago :tada: This PR is included in version 1.12.36 :tada:
The release is available on GitHub release
Your semantic-release bot :package::rocket:
Closed renovate[bot] closed 2 months ago
github-actions[bot]
commented
2 months ago :tada: This PR is included in version 1.12.36 :tada:
The release is available on GitHub release
Your semantic-release bot :package::rocket:
This PR contains the following updates:
20.12.1->20.13.020.12.6->20.12.11Release Notes
nodejs/node (node)
### [`v20.13.0`](https://togithub.com/nodejs/node/compare/v20.12.2...v20.13.0) [Compare Source](https://togithub.com/nodejs/node/compare/v20.12.2...v20.13.0) ### [`v20.12.2`](https://togithub.com/nodejs/node/releases/tag/v20.12.2): 2024-04-10, Version 20.12.2 'Iron' (LTS), @RafaelGSS [Compare Source](https://togithub.com/nodejs/node/compare/v20.12.1...v20.12.2) This is a security release. ##### Notable Changes - CVE-2024-27980 - Command injection via args parameter of `child_process.spawn` without shell option enabled on Windows ##### Commits - \[[`69ffc6d50d`](https://togithub.com/nodejs/node/commit/69ffc6d50d)] - **src**: disallow direct .bat and .cmd file spawning (Ben Noordhuis) [nodejs-private/node-private#563](https://togithub.com/nodejs-private/node-private/pull/563)Configuration
📅 Schedule: Branch creation - "before 4am on the first day of the month" in timezone America/Toronto, Automerge - "before 4am on the first day of the month" in timezone America/Toronto.
🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.
♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.
🔕 Ignore: Close this PR and you won't be reminded about these updates again.
This PR has been generated by Mend Renovate. View repository job log here.