renovate[bot]
commented
1 year ago âš Artifact update problem
Renovate failed to update an artifact related to this branch. You probably do not want to merge this PR as-is.
â™» Renovate will retry this branch, including artifacts, only when one of the following happens:
- any of the package files in this branch needs updating, or
- the branch becomes conflicted, or
- you click the rebase/retry checkbox if found above, or
- you rename this PR's title to start with "rebase!" to trigger it manually
The artifact failure details are included below:
File name: package-lock.json
npm ERR! code ERESOLVE
npm ERR! ERESOLVE could not resolve
npm ERR!
npm ERR! While resolving: @ngrx/core@1.2.0
npm ERR! Found: rxjs@6.5.4
npm ERR! node_modules/rxjs
npm ERR! rxjs@"6.5.4" from the root project
npm ERR! rxjs@"6.5.4" from @angular-devkit/schematics@9.1.7
npm ERR! node_modules/@angular-devkit/schematics
npm ERR! @angular-devkit/schematics@"9.1.7" from @angular/cli@9.1.7
npm ERR! node_modules/@angular/cli
npm ERR! dev @angular/cli@"^9.0.4" from the root project
npm ERR! @angular-devkit/schematics@"9.1.7" from @schematics/angular@9.1.7
npm ERR! node_modules/@schematics/angular
npm ERR! @schematics/angular@"9.1.7" from @angular/cli@9.1.7
npm ERR! node_modules/@angular/cli
npm ERR! dev @angular/cli@"^9.0.4" from the root project
npm ERR! 1 more (@schematics/update)
npm ERR! 25 more (@angular-devkit/core, @angular-devkit/architect, ...)
npm ERR!
npm ERR! Could not resolve dependency:
npm ERR! peer rxjs@"^5.0.0-beta.12" from @ngrx/core@1.2.0
npm ERR! node_modules/@ngrx/core
npm ERR! @ngrx/core@"^1.2.0" from the root project
npm ERR!
npm ERR! Conflicting peer dependency: rxjs@5.5.12
npm ERR! node_modules/rxjs
npm ERR! peer rxjs@"^5.0.0-beta.12" from @ngrx/core@1.2.0
npm ERR! node_modules/@ngrx/core
npm ERR! @ngrx/core@"^1.2.0" from the root project
npm ERR!
npm ERR! Fix the upstream dependency conflict, or retry
npm ERR! this command with --force, or --legacy-peer-deps
npm ERR! to accept an incorrect (and potentially broken) dependency resolution.
npm ERR!
npm ERR! See /tmp/renovate-cache/others/npm/eresolve-report.txt for a full report.
npm ERR! A complete log of this run can be found in:
npm ERR! /tmp/renovate-cache/others/npm/_logs/2023-05-08T16_07_49_645Z-debug-0.log
This PR contains the following updates:
5.0.0->5.0.111.1.1->13.1.2GitHub Vulnerability Alerts
CVE-2020-7608
Affected versions of
yargs-parserare vulnerable to prototype pollution. Arguments are not properly sanitized, allowing an attacker to modify the prototype ofObject, causing the addition or modification of an existing property that will exist on all objects.Parsing the argument
--foo.__proto__.bar baz'adds abarproperty with valuebazto all objects. This is only exploitable if attackers have control over the arguments being passed toyargs-parser.Recommendation
Upgrade to versions 13.1.2, 15.0.1, 18.1.1 or later.
Configuration
📅 Schedule: Branch creation - "" (UTC), Automerge - At any time (no schedule defined).
🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.
â™» Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.
👻 Immortal: This PR will be recreated if closed unmerged. Get config help if that's undesired.
This PR has been generated by Mend Renovate. View repository job log here.