Closed renovate[bot] closed 1 year ago
Renovate failed to update an artifact related to this branch. You probably do not want to merge this PR as-is.
â™» Renovate will retry this branch, including artifacts, only when one of the following happens:
The artifact failure details are included below:
npm notice
npm notice New major version of npm available! 8.19.4 -> 9.6.1
npm notice Changelog: <https://github.com/npm/cli/releases/tag/v9.6.1>
npm notice Run `npm install -g npm@9.6.1` to update!
npm notice
npm ERR! code ERESOLVE
npm ERR! ERESOLVE could not resolve
npm ERR!
npm ERR! While resolving: @ngrx/core@1.2.0
npm ERR! Found: rxjs@6.5.4
npm ERR! node_modules/rxjs
npm ERR! rxjs@"6.5.4" from the root project
npm ERR! rxjs@"6.5.4" from @angular-devkit/schematics@9.1.7
npm ERR! node_modules/@angular-devkit/schematics
npm ERR! @angular-devkit/schematics@"9.1.7" from @angular/cli@9.1.7
npm ERR! node_modules/@angular/cli
npm ERR! dev @angular/cli@"^9.0.4" from the root project
npm ERR! @angular-devkit/schematics@"9.1.7" from @schematics/angular@9.1.7
npm ERR! node_modules/@schematics/angular
npm ERR! @schematics/angular@"9.1.7" from @angular/cli@9.1.7
npm ERR! node_modules/@angular/cli
npm ERR! dev @angular/cli@"^9.0.4" from the root project
npm ERR! 1 more (@schematics/update)
npm ERR! 20 more (@angular-devkit/core, @angular-devkit/architect, ...)
npm ERR!
npm ERR! Could not resolve dependency:
npm ERR! peer rxjs@"^5.0.0-beta.12" from @ngrx/core@1.2.0
npm ERR! node_modules/@ngrx/core
npm ERR! @ngrx/core@"^1.2.0" from the root project
npm ERR!
npm ERR! Conflicting peer dependency: rxjs@5.5.12
npm ERR! node_modules/rxjs
npm ERR! peer rxjs@"^5.0.0-beta.12" from @ngrx/core@1.2.0
npm ERR! node_modules/@ngrx/core
npm ERR! @ngrx/core@"^1.2.0" from the root project
npm ERR!
npm ERR! Fix the upstream dependency conflict, or retry
npm ERR! this command with --force, or --legacy-peer-deps
npm ERR! to accept an incorrect (and potentially broken) dependency resolution.
npm ERR!
npm ERR! See /tmp/renovate-cache/others/npm/eresolve-report.txt for a full report.
npm ERR! A complete log of this run can be found in:
npm ERR! /tmp/renovate-cache/others/npm/_logs/2023-03-11T03_49_01_344Z-debug-0.log
This PR contains the following updates:
0.4.4
->0.4.11
GitHub Vulnerability Alerts
CVE-2018-1002204
Versions of
adm-zip
before 0.4.9 are vulnerable to arbitrary file write when used to extract a specifically crafted archive that contains path traversal filenames (../../file.txt
for example).Recommendation
Update to version 0.4.9 or later.
Configuration
📅 Schedule: Branch creation - "" (UTC), Automerge - At any time (no schedule defined).
🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.
â™» Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.
🔕 Ignore: Close this PR and you won't be reminded about this update again.
This PR has been generated by Mend Renovate. View repository job log here.