search

mateodelnorte / symlink-meta-dependencies

symlink all of a project's dependencies which appear in the project's .meta file
1 stars 4 forks source link

fix(deps): update dependency async to v3.2.2 [security] #50

Open renovate[bot] opened 2 years ago

renovate[bot] commented 2 years ago

This PR contains the following updates:

Package Change Age Adoption Passing Confidence
async (source) 3.2.0 -> 3.2.2 age adoption passing confidence

GitHub Vulnerability Alerts

CVE-2021-43138

A vulnerability exists in Async through 3.2.1 for 3.x and through 2.6.3 for 2.x (fixed in 3.2.2 and 2.6.4), which could let a malicious user obtain privileges via the mapValues() method.

Release Notes

caolan/async (async) ### [`v3.2.2`](https://redirect.github.com/caolan/async/blob/HEAD/CHANGELOG.md#v322) [Compare Source](https://redirect.github.com/caolan/async/compare/v3.2.1...v3.2.2) - Fix potential prototype pollution exploit ### [`v3.2.1`](https://redirect.github.com/caolan/async/blob/HEAD/CHANGELOG.md#v321) [Compare Source](https://redirect.github.com/caolan/async/compare/v3.2.0...v3.2.1) - Use `queueMicrotask` if available to the environment ([#​1761](https://redirect.github.com/caolan/async/issues/1761)) - Minor perf improvement in `priorityQueue` ([#​1727](https://redirect.github.com/caolan/async/issues/1727)) - More examples in documentation ([#​1726](https://redirect.github.com/caolan/async/issues/1726)) - Various doc fixes ([#​1708](https://redirect.github.com/caolan/async/issues/1708), [#​1712](https://redirect.github.com/caolan/async/issues/1712), [#​1717](https://redirect.github.com/caolan/async/issues/1717), [#​1740](https://redirect.github.com/caolan/async/issues/1740), [#​1739](https://redirect.github.com/caolan/async/issues/1739), [#​1749](https://redirect.github.com/caolan/async/issues/1749), [#​1756](https://redirect.github.com/caolan/async/issues/1756)) - Improved test coverage ([#​1754](https://redirect.github.com/caolan/async/issues/1754))

Configuration

📅 Schedule: Branch creation - "" (UTC), Automerge - At any time (no schedule defined).

🚦 Automerge: Enabled.

Rebasing: Whenever PR is behind base branch, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.

This PR was generated by Mend Renovate. View the repository job log.

stale[bot] commented 2 years ago

This issue has been automatically marked as stale because it has not had recent activity. It will be closed if no further activity occurs. Thank you for your contributions.