codecov[bot]
commented
3 years ago Codecov Report
Merging #48 (e988e4c) into master (56e1707) will not change coverage. The diff coverage is
n/a.
@@ Coverage Diff @@
## master #48 +/- ##
=========================================
Coverage 100.00% 100.00%
=========================================
Files 1 1
Lines 29 29
=========================================
Hits 29 29 Continue to review full report at Codecov.
Legend - Click here to learn more
Ξ = absolute <relative> (impact),ΓΈ = not affected,? = missing dataPowered by Codecov. Last update 56e1707...e988e4c. Read the comment docs.
This PR contains the following updates:
1.17.0->1.18.1GitHub Vulnerability Alerts
GHSA-6x33-pw7p-hmpq
Versions of
http-proxyprior to 1.18.1 are vulnerable to Denial of Service. An HTTP request with a long body triggers anERR_HTTP_HEADERS_SENTunhandled exception that crashes the proxy server. This is only possible when the proxy server sets headers in the proxy request using theproxyReq.setHeaderfunction.For a proxy server running on
http://localhost:3000, the following curl request triggers the unhandled exception:curl -XPOST http://localhost:3000 -d "$(python -c 'print("x"*1025)')"Recommendation
Upgrade to version 1.18.1 or later
Configuration
π Schedule: Branch creation - "" (UTC), Automerge - At any time (no schedule defined).
π¦ Automerge: Disabled by config. Please merge this manually once you are satisfied.
β» Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.
π Ignore: Close this PR and you won't be reminded about this update again.
This PR has been generated by Mend Renovate. View repository job log here.