coveralls
commented
3 months ago Pull Request Test Coverage Report for Build 10262574063
Details
- 0 of 0 changed or added relevant lines in 0 files are covered.
- No unchanged relevant lines lost coverage.
- Overall coverage remained the same at 96.875%
| Totals | |
|---|---|
| Change from base Build 8471709954: | 0.0% |
| Covered Lines: | 349 |
| Relevant Lines: | 349 |
This PR contains the following updates:
^1.1.5->^2.0.0GitHub Vulnerability Alerts
CVE-2023-42282
The
isPublic()function in the NPM packageipdoesn't correctly identify certain private IP addresses in uncommon formats such as0x7F.1as private. Instead, it reports them as public by returningtrue. This can lead to security issues such as Server-Side Request Forgery (SSRF) ifisPublic()is used to protect sensitive code paths when passed user input. Versions 1.1.9 and 2.0.1 fix the issue.Release Notes
indutny/node-ip (ip)
### [`v2.0.1`](https://redirect.github.com/indutny/node-ip/compare/v2.0.0...v2.0.1) [Compare Source](https://redirect.github.com/indutny/node-ip/compare/v2.0.0...v2.0.1) ### [`v2.0.0`](https://redirect.github.com/indutny/node-ip/compare/v1.1.9...v2.0.0) [Compare Source](https://redirect.github.com/indutny/node-ip/compare/v1.1.9...v2.0.0)Configuration
📅 Schedule: Branch creation - "" (UTC), Automerge - At any time (no schedule defined).
🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.
â™» Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.
🔕 Ignore: Close this PR and you won't be reminded about this update again.
This PR was generated by Mend Renovate. View the repository job log.