codecov[bot]
commented
2 years ago Codecov Report
Merging #1437 (3737b82) into develop (d01a0b3) will not change coverage. The diff coverage is
n/a.:exclamation: Current head 3737b82 differs from pull request most recent head 1096c0f. Consider uploading reports for the commit 1096c0f to get more accurate results
@@ Coverage Diff @@
## develop #1437 +/- ##
========================================
Coverage 49.53% 49.53%
========================================
Files 249 249
Lines 2158 2158
========================================
Hits 1069 1069
Misses 1089 1089 
renovate[bot]
This PR contains the following updates:
2.11.5->3.1.11GitHub Vulnerability Alerts
CVE-2018-14732
Versions of
webpack-dev-serverbefore 3.1.10 are missing origin validation on the websocket server. This vulnerability allows a remote attacker to steal a developer's source code because the origin of requests to the websocket server that is used for Hot Module Replacement (HMR) are not validated.Recommendation
For
webpack-dev-serverupdate to version 3.1.11 or later.Release Notes
webpack/webpack-dev-server
### [`v3.1.11`](https://togithub.com/webpack/webpack-dev-server/blob/HEAD/CHANGELOG.md#3111-httpsgithubcomwebpackwebpack-dev-servercomparev3110v3111-2018-12-21) [Compare Source](https://togithub.com/webpack/webpack-dev-server/compare/v3.1.10...v3.1.11) ##### Bug Fixes - **bin/options:** correct check for color support (`options.color`) ([#1555](https://togithub.com/webpack/webpack-dev-server/issues/1555)) ([55398b5](https://togithub.com/webpack/webpack-dev-server/commit/55398b5)) - **package:** update `spdy` v3.4.1...4.0.0 (assertion error) ([#1491](https://togithub.com/webpack/webpack-dev-server/issues/1491)) ([#1563](https://togithub.com/webpack/webpack-dev-server/issues/1563)) ([7a3a257](https://togithub.com/webpack/webpack-dev-server/commit/7a3a257)) - **Server:** correct `node` version checks ([#1543](https://togithub.com/webpack/webpack-dev-server/issues/1543)) ([927a2b3](https://togithub.com/webpack/webpack-dev-server/commit/927a2b3)) - **Server:** mime type for wasm in contentBase directory ([#1575](https://togithub.com/webpack/webpack-dev-server/issues/1575)) ([#1580](https://togithub.com/webpack/webpack-dev-server/issues/1580)) ([fadae5d](https://togithub.com/webpack/webpack-dev-server/commit/fadae5d)) - add url for compatibility with webpack@5 ([#1598](https://togithub.com/webpack/webpack-dev-server/issues/1598)) ([#1599](https://togithub.com/webpack/webpack-dev-server/issues/1599)) ([68dd49a](https://togithub.com/webpack/webpack-dev-server/commit/68dd49a)) - check origin header for websocket connection ([#1603](https://togithub.com/webpack/webpack-dev-server/issues/1603)) ([b3217ca](https://togithub.com/webpack/webpack-dev-server/commit/b3217ca)) ### [`v3.1.10`](https://togithub.com/webpack/webpack-dev-server/blob/HEAD/CHANGELOG.md#3110-httpsgithubcomwebpackwebpack-dev-servercomparev319v3110-2018-10-23) [Compare Source](https://togithub.com/webpack/webpack-dev-server/compare/v3.1.9...v3.1.10) ##### Bug Fixes - **options:** add `writeToDisk` option to schema ([#1520](https://togithub.com/webpack/webpack-dev-server/issues/1520)) ([d2f4902](https://togithub.com/webpack/webpack-dev-server/commit/d2f4902)) - **package:** update `sockjs-client` v1.1.5...1.3.0 (`url-parse` vulnerability) ([#1537](https://togithub.com/webpack/webpack-dev-server/issues/1537)) ([e719959](https://togithub.com/webpack/webpack-dev-server/commit/e719959)) - **Server:** set `tls.DEFAULT_ECDH_CURVE` to `'auto'` ([#1531](https://togithub.com/webpack/webpack-dev-server/issues/1531)) ([c12def3](https://togithub.com/webpack/webpack-dev-server/commit/c12def3)) ### [`v3.1.9`](https://togithub.com/webpack/webpack-dev-server/blob/HEAD/CHANGELOG.md#319-httpsgithubcomwebpackwebpack-dev-servercomparev318v319-2018-09-24) [Compare Source](https://togithub.com/webpack/webpack-dev-server/compare/v3.1.8...v3.1.9) #### [3.1.9](https://togithub.com/webpack/webpack-dev-server/compare/v3.1.8...v3.1.9) (2018-09-24) ### [`v3.1.8`](https://togithub.com/webpack/webpack-dev-server/blob/HEAD/CHANGELOG.md#318-httpsgithubcomwebpackwebpack-dev-servercomparev317v318-2018-09-06) [Compare Source](https://togithub.com/webpack/webpack-dev-server/compare/v3.1.7...v3.1.8) ##### Bug Fixes - **package:** `yargs` security vulnerability (`dependencies`) ([#1492](https://togithub.com/webpack/webpack-dev-server/issues/1492)) ([8fb67c9](https://togithub.com/webpack/webpack-dev-server/commit/8fb67c9)) - **utils/createLogger:** ensure `quiet` always takes precedence (`options.quiet`) ([#1486](https://togithub.com/webpack/webpack-dev-server/issues/1486)) ([7a6ca47](https://togithub.com/webpack/webpack-dev-server/commit/7a6ca47)) ### [`v3.1.7`](https://togithub.com/webpack/webpack-dev-server/blob/HEAD/CHANGELOG.md#317-httpsgithubcomwebpackwebpack-dev-servercomparev316v317-2018-08-29) [Compare Source](https://togithub.com/webpack/webpack-dev-server/compare/v3.1.6...v3.1.7) ##### Bug Fixes - **Server:** don't use `spdy` on `node >= v10.0.0` ([#1451](https://togithub.com/webpack/webpack-dev-server/issues/1451)) ([8ab9eb6](https://togithub.com/webpack/webpack-dev-server/commit/8ab9eb6)) ### [`v3.1.6`](https://togithub.com/webpack/webpack-dev-server/blob/HEAD/CHANGELOG.md#316-httpsgithubcomwebpackwebpack-dev-servercomparev315v316-2018-08-26) [Compare Source](https://togithub.com/webpack/webpack-dev-server/compare/v3.1.5...v3.1.6) ##### Bug Fixes - **bin:** handle `process` signals correctly when the server isn't ready yet ([#1432](https://togithub.com/webpack/webpack-dev-server/issues/1432)) ([334c3a5](https://togithub.com/webpack/webpack-dev-server/commit/334c3a5)) - **examples/cli:** correct template path in `open-page` example ([#1401](https://togithub.com/webpack/webpack-dev-server/issues/1401)) ([df30727](https://togithub.com/webpack/webpack-dev-server/commit/df30727)) - **schema:** allow the `output` filename to be a `{Function}` ([#1409](https://togithub.com/webpack/webpack-dev-server/issues/1409)) ([e2220c4](https://togithub.com/webpack/webpack-dev-server/commit/e2220c4)) ### [`v3.1.5`](https://togithub.com/webpack/webpack-dev-server/releases/tag/v3.1.5) [Compare Source](https://togithub.com/webpack/webpack-dev-server/compare/v3.1.4...v3.1.5) - Send the `Progress` event in the client so plugins can use it ([#1427](https://togithub.com/webpack/webpack-dev-server/issues/1427)) - Update `sockjs-client` to fix infinite reconnection loop ([#1434](https://togithub.com/webpack/webpack-dev-server/issues/1434)) ### [`v3.1.4`](https://togithub.com/webpack/webpack-dev-server/releases/tag/v3.1.4) [Compare Source](https://togithub.com/webpack/webpack-dev-server/compare/v3.1.3...v3.1.4) - Update to webpack-dev-middleware 3.1.3, which should fix paths with a space not working on Windows ([#1392](https://togithub.com/webpack/webpack-dev-server/issues/1392)) - Fix `logLevel` option `silent` not being accepted by schema validation ([#1372](https://togithub.com/webpack/webpack-dev-server/issues/1372)) ### [`v3.1.3`](https://togithub.com/webpack/webpack-dev-server/releases/tag/v3.1.3) [Compare Source](https://togithub.com/webpack/webpack-dev-server/compare/v3.1.2...v3.1.3) - Fix HMR causing a crash when trying to reload ### [`v3.1.2`](https://togithub.com/webpack/webpack-dev-server/releases/tag/v3.1.2) [Compare Source](https://togithub.com/webpack/webpack-dev-server/compare/v3.1.1...v3.1.2) - Speed up incremental builds ([#1362](https://togithub.com/webpack/webpack-dev-server/issues/1362)) - Update webpack-dev-middleware to 3.1.2 ### [`v3.1.1`](https://togithub.com/webpack/webpack-dev-server/blob/HEAD/CHANGELOG.md#3114-httpsgithubcomwebpackwebpack-dev-servercomparev3113v3114-2018-12-24) [Compare Source](https://togithub.com/webpack/webpack-dev-server/compare/v3.1.0...v3.1.1) ##### Bug Fixes - add workaround for Origin header in sockjs ([#1608](https://togithub.com/webpack/webpack-dev-server/issues/1608)) ([1dfd4fb](https://togithub.com/webpack/webpack-dev-server/commit/1dfd4fb)) ### [`v3.1.0`](https://togithub.com/webpack/webpack-dev-server/releases/tag/v3.1.0) [Compare Source](https://togithub.com/webpack/webpack-dev-server/compare/v3.0.0...v3.1.0) #### Updates - Fancy logging; `webpack-log` is now used for logging to the terminal (webpack-dev-middleware was already using this). - The `logLevel` option is added for more fine-grained control over the logging. #### Bugfixes - MultiCompiler was broken with webpack 4. - Fix deprecation warnings caused by webpack 4. Note that you will still see some deprecation warnings because webpack-dev-middleware has not been updated yet. ### [`v3.0.0`](https://togithub.com/webpack/webpack-dev-server/releases/tag/v3.0.0) [Compare Source](https://togithub.com/webpack/webpack-dev-server/compare/5807c7462f6dd15cade9c74216f2e829c2653351...v3.0.0) #### Updates - **Breaking change:** webpack v4 is now supported. Older versions of webpack are **not** supported. - **Breaking change:** drops support for Node.js v4, going forward we only support v6+ (same as webpack). - webpack-dev-middleware updated to v2 ([see changes](https://togithub.com/webpack/webpack-dev-middleware/releases)). #### Bugfixes - After starting webpack-dev-server with an error in your code, it would not reload the page after fixing that error ([#1317](https://togithub.com/webpack/webpack-dev-server/issues/1317)). - DynamicEntryPlugin is now supported correctly ([#1319](https://togithub.com/webpack/webpack-dev-server/issues/1319)). Huge thanks to all the contributors! Please note that [webpack-serve](https://togithub.com/webpack-contrib/webpack-serve) will eventually be the successor of webpack-dev-server. The core features already work so if you're brave enough give it a try!Configuration
📅 Schedule: Branch creation - "" (UTC), Automerge - At any time (no schedule defined).
🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.
♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.
🔕 Ignore: Close this PR and you won't be reminded about this update again.
This PR has been generated by Mend Renovate. View repository job log here.