search

prisma-labs / dripip

Opinionated CLI for continuous delivery of npm packages
100 stars 2 forks source link

deps(deps): update dependency isomorphic-git to v1.8.2 [security] - autoclosed #132

Closed renovate[bot] closed 2 years ago

renovate[bot] commented 2 years ago

WhiteSource Renovate

This PR contains the following updates:

Package Change Age Adoption Passing Confidence
isomorphic-git (source) 1.8.0 -> 1.8.2 age adoption passing confidence

GitHub Vulnerability Alerts

CVE-2021-30483

isomorphic-git before 1.8.2 allows Directory Traversal via a crafted repository.

Release Notes

isomorphic-git/isomorphic-git ### [`v1.8.2`](https://togithub.com/isomorphic-git/isomorphic-git/releases/v1.8.2) [Compare Source](https://togithub.com/isomorphic-git/isomorphic-git/compare/v1.8.1...v1.8.2) ##### Bug Fixes - **checkout:** throw error on malicious filepaths ([#​1339](https://togithub.com/isomorphic-git/isomorphic-git/issues/1339)) ([1316820](https://togithub.com/isomorphic-git/isomorphic-git/commit/1316820b5665346414f9bd1287d4701f9cf77727)) ### [`v1.8.1`](https://togithub.com/isomorphic-git/isomorphic-git/releases/v1.8.1) [Compare Source](https://togithub.com/isomorphic-git/isomorphic-git/compare/v1.8.0...v1.8.1) ##### Bug Fixes - **merge:** "Cannot read property 'Symbol(PackfileCache)' of undefined" error ([#​1289](https://togithub.com/isomorphic-git/isomorphic-git/issues/1289)) ([baf668b](https://togithub.com/isomorphic-git/isomorphic-git/commit/baf668bb4f3198f4d6e5f38a541cc61b6cd21550)) - **merge:** Cannot set property 'oid' of undefined ([#​1312](https://togithub.com/isomorphic-git/isomorphic-git/issues/1312)) ([89c0da7](https://togithub.com/isomorphic-git/isomorphic-git/commit/89c0da78d5ebf3c9f2754b3c8d557155dd70c8d7)) - **react-native:** fix for ".stream is not a function" errors in React Native ([#​1156](https://togithub.com/isomorphic-git/isomorphic-git/issues/1156)) ([03846e1](https://togithub.com/isomorphic-git/isomorphic-git/commit/03846e1bbe306cee93ff4d43cf626eec794cde58)) - **website:** try it out ([#​1290](https://togithub.com/isomorphic-git/isomorphic-git/issues/1290)) ([b102e1d](https://togithub.com/isomorphic-git/isomorphic-git/commit/b102e1d9a8f48ec20042be5ff0feb9961007e904))

Configuration

📅 Schedule: "" (UTC).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

â™» Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.

This PR has been generated by WhiteSource Renovate. View repository job log here.