renovate[bot]
commented
4 months ago ⚠ Artifact update problem
Renovate failed to update an artifact related to this branch. You probably do not want to merge this PR as-is.
♻ Renovate will retry this branch, including artifacts, only when one of the following happens:
- any of the package files in this branch needs updating, or
- the branch becomes conflicted, or
- you click the rebase/retry checkbox if found above, or
- you rename this PR's title to start with "rebase!" to trigger it manually
The artifact failure details are included below:
File name: .build/package-lock.json
npm WARN ERESOLVE overriding peer dependency
npm WARN While resolving: @webpack-cli/configtest@1.1.0
npm WARN Found: webpack@5.64.4
npm WARN node_modules/@webpack-cli/configtest/node_modules/webpack
npm WARN
npm WARN Could not resolve dependency:
npm WARN peer webpack@"4.x.x || 5.x.x" from @webpack-cli/configtest@1.1.0
npm WARN node_modules/@webpack-cli/configtest
npm WARN @webpack-cli/configtest@"^1.1.0" from webpack-cli@4.9.1
npm WARN node_modules/webpack-cli
npm WARN ERESOLVE overriding peer dependency
npm WARN While resolving: ajv-keywords@3.5.2
npm WARN Found: ajv@6.12.6
npm WARN node_modules/ajv-keywords/node_modules/ajv
npm WARN
npm WARN Could not resolve dependency:
npm WARN peer ajv@"^6.9.1" from ajv-keywords@3.5.2
npm WARN node_modules/ajv-keywords
npm WARN ajv-keywords@"^3.5.2" from schema-utils@2.7.1
npm WARN node_modules/@redhat-cloud-services/frontend-components-config/node_modules/babel-loader/node_modules/schema-utils
npm WARN 6 more (schema-utils, schema-utils, schema-utils, schema-utils, ...)
npm WARN
npm WARN Conflicting peer dependency: ajv@6.12.6
npm WARN node_modules/ajv
npm WARN peer ajv@"^6.9.1" from ajv-keywords@3.5.2
npm WARN node_modules/ajv-keywords
npm WARN ajv-keywords@"^3.5.2" from schema-utils@2.7.1
npm WARN node_modules/@redhat-cloud-services/frontend-components-config/node_modules/babel-loader/node_modules/schema-utils
npm WARN 6 more (schema-utils, schema-utils, schema-utils, schema-utils, ...)
npm ERR! code ERESOLVE
npm ERR! ERESOLVE could not resolve
npm ERR!
npm ERR! While resolving: optimize-css-assets-webpack-plugin@6.0.1
npm ERR! Found: webpack@5.51.1
npm ERR! node_modules/webpack
npm ERR! dev webpack@"5.51.1" from the root project
npm ERR! peer webpack@">=5.0.0" from assets-webpack-plugin@7.1.1
npm ERR! node_modules/assets-webpack-plugin
npm ERR! dev assets-webpack-plugin@"7.1.1" from the root project
npm ERR! 17 more (copy-webpack-plugin, css-loader, ...)
npm ERR!
npm ERR! Could not resolve dependency:
npm ERR! peer webpack@"^4.0.0" from optimize-css-assets-webpack-plugin@6.0.1
npm ERR! node_modules/optimize-css-assets-webpack-plugin
npm ERR! dev optimize-css-assets-webpack-plugin@"6.0.1" from the root project
npm ERR!
npm ERR! Conflicting peer dependency: webpack@4.47.0
npm ERR! node_modules/webpack
npm ERR! peer webpack@"^4.0.0" from optimize-css-assets-webpack-plugin@6.0.1
npm ERR! node_modules/optimize-css-assets-webpack-plugin
npm ERR! dev optimize-css-assets-webpack-plugin@"6.0.1" from the root project
npm ERR!
npm ERR! Fix the upstream dependency conflict, or retry
npm ERR! this command with --force, or --legacy-peer-deps
npm ERR! to accept an incorrect (and potentially broken) dependency resolution.
npm ERR!
npm ERR! See /tmp/renovate/cache/others/npm/eresolve-report.txt for a full report.
npm ERR! A complete log of this run can be found in:
npm ERR! /tmp/renovate/cache/others/npm/_logs/2024-04-23T01_37_16_651Z-debug-0.log
This PR contains the following updates:
3.2.3->5.0.0GitHub Vulnerability Alerts
CVE-2022-37611
Prototype pollution vulnerability in tschaub gh-pages via the partial variable in util.js.
Release Notes
tschaub/gh-pages (gh-pages)
### [`v5.0.0`](https://togithub.com/tschaub/gh-pages/blob/HEAD/changelog.md#v500) [Compare Source](https://togithub.com/tschaub/gh-pages/compare/v4.0.0...v5.0.0) Potentially breaking change: the `publish` method now always returns a promise. Previously, it did not return a promise in some error cases. This should not impact most users. Updates to the development dependencies required a minimum Node version of 14 for the tests. The library should still work on Node 12, but tests are no longer run in CI for version 12. A future major version of the library may drop support for version 12 altogether. - [#438](https://togithub.com/tschaub/gh-pages/pull/438) - Remove quotation marks ([@Vicropht](https://togithub.com/Vicropht)) - [#459](https://togithub.com/tschaub/gh-pages/pull/459) - Bump async from 2.6.4 to 3.2.4 ([@tschaub](https://togithub.com/tschaub)) - [#454](https://togithub.com/tschaub/gh-pages/pull/454) - Bump email-addresses from 3.0.1 to 5.0.0 ([@tschaub](https://togithub.com/tschaub)) - [#455](https://togithub.com/tschaub/gh-pages/pull/455) - Bump actions/setup-node from 1 to 3 ([@tschaub](https://togithub.com/tschaub)) - [#453](https://togithub.com/tschaub/gh-pages/pull/453) - Bump actions/checkout from 2 to 3 ([@tschaub](https://togithub.com/tschaub)) - [#445](https://togithub.com/tschaub/gh-pages/pull/445) - Update README to clarify project site configuration requirements with tools like CRA, webpack, Vite, etc. ([@Nezteb](https://togithub.com/Nezteb)) - [#452](https://togithub.com/tschaub/gh-pages/pull/452) - Assorted updates ([@tschaub](https://togithub.com/tschaub)) ### [`v4.0.0`](https://togithub.com/tschaub/gh-pages/blob/HEAD/changelog.md#v400) [Compare Source](https://togithub.com/tschaub/gh-pages/compare/v3.2.3...v4.0.0) This release doesn't include any breaking changes, but due to updated development dependencies, tests are no longer run on Node 10. - [#432](https://togithub.com/tschaub/gh-pages/pull/432) - Updated dev dependencies and formatting ([@tschaub](https://togithub.com/tschaub)) - [#430](https://togithub.com/tschaub/gh-pages/pull/430) - Bump ansi-regex from 3.0.0 to 3.0.1 ([@tschaub](https://togithub.com/tschaub)) - [#431](https://togithub.com/tschaub/gh-pages/pull/431) - Bump path-parse from 1.0.6 to 1.0.7 ([@tschaub](https://togithub.com/tschaub)) - [#427](https://togithub.com/tschaub/gh-pages/pull/427) - Bump async from 2.6.1 to 2.6.4 ([@tschaub](https://togithub.com/tschaub)) - [#423](https://togithub.com/tschaub/gh-pages/pull/423) - Bump minimist from 1.2.5 to 1.2.6 ([@tschaub](https://togithub.com/tschaub))Configuration
📅 Schedule: Branch creation - "" (UTC), Automerge - At any time (no schedule defined).
🚦 Automerge: Enabled.
♻ Rebasing: Whenever PR is behind base branch, or you tick the rebase/retry checkbox.
🔕 Ignore: Close this PR and you won't be reminded about this update again.
This PR was generated by Mend Renovate. View the repository job log.