renovate[bot]
commented
3 years ago :warning: Artifact update problem
Renovate failed to update an artifact related to this branch. You probably do not want to merge this PR as-is.
:recycle: Renovate will retry this branch, including artifacts, only when one of the following happens:
- any of the package files in this branch needs updating, or
- the branch becomes conflicted, or
- you check the rebase/retry checkbox if found above, or
- you rename this PR's title to start with "rebase!" to trigger it manually
The artifact failure details are included below:
File name: package-lock.json
npm notice
npm notice New minor version of npm available! 7.7.6 -> 7.11.1
npm notice Changelog: <https://github.com/npm/cli/releases/tag/v7.11.1>
npm notice Run `npm install -g npm@7.11.1` to update!
npm notice
npm ERR! code ERESOLVE
npm ERR! ERESOLVE unable to resolve dependency tree
npm ERR!
npm ERR! Found: react@17.0.1
npm ERR! node_modules/react
npm ERR! react@"17.0.1" from the root project
npm ERR! peer react@">=16.3.0" from @emotion/core@10.0.35
npm ERR! node_modules/@emotion/core
npm ERR! peer @emotion/core@"^10.0.27" from @emotion/styled@10.0.27
npm ERR! node_modules/@emotion/styled
npm ERR! peer @emotion/styled@"^10.0.14" from gatsby-interface@0.0.193
npm ERR! node_modules/gatsby-interface
npm ERR! gatsby-interface@"^0.0.193" from gatsby-recipes@0.2.33
npm ERR! node_modules/gatsby-recipes
npm ERR! 1 more (gatsby-recipes)
npm ERR! peer @emotion/core@"^10.0.28" from @emotion/styled-base@10.0.31
npm ERR! node_modules/@emotion/styled-base
npm ERR! @emotion/styled-base@"^10.0.27" from @emotion/styled@10.0.27
npm ERR! node_modules/@emotion/styled
npm ERR! peer @emotion/styled@"^10.0.14" from gatsby-interface@0.0.193
npm ERR! node_modules/gatsby-interface
npm ERR! 1 more (gatsby-recipes)
npm ERR! 3 more (gatsby-interface, gatsby-recipes, theme-ui)
npm ERR! 14 more (@emotion/styled, @emotion/styled-base, ...)
npm ERR!
npm ERR! Could not resolve dependency:
npm ERR! peer react@"^16.4.2" from gatsby@2.24.85
npm ERR! node_modules/gatsby
npm ERR! gatsby@"2.24.85" from the root project
npm ERR! peer gatsby@"^2.0.0" from babel-plugin-remove-graphql-queries@2.9.20
npm ERR! node_modules/babel-plugin-remove-graphql-queries
npm ERR! babel-plugin-remove-graphql-queries@"^2.9.20" from gatsby@2.24.85
npm ERR! 1 more (gatsby-plugin-typescript)
npm ERR! 12 more (gatsby-interface, gatsby-plugin-canonical-urls, ...)
npm ERR!
npm ERR! Fix the upstream dependency conflict, or retry
npm ERR! this command with --force, or --legacy-peer-deps
npm ERR! to accept an incorrect (and potentially broken) dependency resolution.
npm ERR!
npm ERR! See /tmp/renovate-cache/others/npm/eresolve-report.txt for a full report.
npm ERR! A complete log of this run can be found in:
npm ERR! /tmp/renovate-cache/others/npm/_logs/2021-04-26T12_43_25_676Z-debug.log
netlify[bot]
This PR contains the following updates:
0.21.0->0.21.1GitHub Vulnerability Alerts
CVE-2020-28168
Axios NPM package 0.21.0 contains a Server-Side Request Forgery (SSRF) vulnerability where an attacker is able to bypass a proxy by providing a URL that responds with a redirect to a restricted host or IP address.
Release Notes
axios/axios
### [`v0.21.1`](https://togithub.com/axios/axios/blob/master/CHANGELOG.md#0211-December-21-2020) [Compare Source](https://togithub.com/axios/axios/compare/v0.21.0...v0.21.1) Fixes and Functionality: - Hotfix: Prevent SSRF ([#3410](https://togithub.com/axios/axios/issues/3410)) - Protocol not parsed when setting proxy config from env vars ([#3070](https://togithub.com/axios/axios/issues/3070)) - Updating axios in types to be lower case ([#2797](https://togithub.com/axios/axios/issues/2797)) - Adding a type guard for `AxiosError` ([#2949](https://togithub.com/axios/axios/issues/2949)) Internal and Tests: - Remove the skipping of the `socket` http test ([#3364](https://togithub.com/axios/axios/issues/3364)) - Use different socket for Win32 test ([#3375](https://togithub.com/axios/axios/issues/3375)) Huge thanks to everyone who contributed to this release via code (authors listed below) or via reviews and triaging on GitHub: - Daniel LoprettoConfiguration
📅 Schedule: "" (UTC).
🚦 Automerge: Disabled due to failing status checks.
♻️ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.
🔕 Ignore: Close this PR and you won't be reminded about this update again.
This PR has been generated by WhiteSource Renovate. View repository job log here.