Closed depfu[bot] closed 8 months ago
Hey! Changelogs info seems to be missing or might be in incorrect format. Please use the below template in PR description to ensure Changelogg can detect your changes:
- (tag) changelog_text
or
```
- tag: changelog_text
```
**OR**
You can add tag in PR header or while doing a commit too
```
(tag) PR header
```
or
```
tag: PR header
```
Valid tags: **added** / **feat**, **changed**, **deprecated**, **fixed** / **fix**, **removed**, **security**, **build**, **ci**, **chore**, **docs**, **perf**, **refactor**, **revert**, **style**, **test**
Thanks!
For more info, check out [changelogg docs](https://docs.changelogg.io/)
Unable to locate .performanceTestingBot config file
An XML External Entity attack is a type of attack against an application that parses XML input. This attack occurs when XML input containing a reference to an external entity is processed by a weakly configured XML parser. This attack may lead to the disclosure of confidential data, denial of service, server-side request forgery, port scanning from the perspective of the machine where the parser is located, and other system impacts.
Server-Side Request Forgery (SSRF) vulnerabilities are caused when an attacker can supply or modify a URL that reads or sends data to the server. The attacker can create a malicious request with a manipulated URL, when this request reaches the server, the server-side code executes the exploit URL causing the attacker to be able to read data from services that shouldn't be exposed.
Pull request analysis by VIZIPI
Below you will find who is the most qualified team member to review your code. This analysis includes his/her work on the code included in this Pull request, in addition to their experience in code affected by these changes ( partly found within the list of potential missing files below ) Feedback always welcome
Match % | Person | Commit Count | Common Files |
---|---|---|---|
100.00 % | reedhhw | 2 | 1 |
No commonly committed files found with a 40% threashold
99.13%
[Gemfile.lock] Closing because this update has already been applied
🚨 Your current dependencies have known security vulnerabilities 🚨
This dependency update fixes known security vulnerabilities. Please see the details below and assess their impact carefully. We recommend to merge and deploy this as soon as possible!
Here is everything you need to know about this update. Please take a good look at what changed and the test results before merging this pull request.
What changed?
✳️ github-pages (207 → 213) · Repo
Release Notes
213
212
211
210
209
208
Does any of this look wrong? Please let us know.
Sorry, we couldn't find anything useful about this release.
↗️ activesupport (indirect, 6.0.3.2 → 6.0.3.6) · Repo · Changelog
Release Notes
6.0.3.6 (from changelog)
6.0.3.5 (from changelog)
6.0.3.4 (from changelog)
6.0.3.3 (from changelog)
Does any of this look wrong? Please let us know.
Commits
See the full diff on Github. The new version differs by more commits than we can show here.
↗️ concurrent-ruby (indirect, 1.1.7 → 1.1.8) · Repo · Changelog
Release Notes
1.1.8 (from changelog)
Does any of this look wrong? Please let us know.
Commits
See the full diff on Github. The new version differs by more commits than we can show here.
↗️ dnsruby (indirect, 1.61.4 → 1.61.5) · Repo
Commits
See the full diff on Github. The new version differs by more commits than we can show here.
↗️ em-websocket (indirect, 0.5.1 → 0.5.2) · Repo · Changelog
Commits
See the full diff on Github. The new version differs by more commits than we can show here.
↗️ faraday (indirect, 1.0.1 → 1.3.0) · Repo · Changelog
Release Notes
1.3.0
1.2.0
1.1.0
Does any of this look wrong? Please let us know.
Commits
See the full diff on Github. The new version differs by more commits than we can show here.
↗️ ffi (indirect, 1.13.1 → 1.15.0) · Repo · Changelog
Release Notes
1.15.0 (from changelog)
1.14.2 (from changelog)
1.14.1 (from changelog)
1.14.0 (from changelog)
Does any of this look wrong? Please let us know.
Commits
See the full diff on Github. The new version differs by more commits than we can show here.
↗️ github-pages-health-check (indirect, 1.16.1 → 1.17.0) · Repo
Release Notes
1.17.0
Does any of this look wrong? Please let us know.
Commits
See the full diff on Github. The new version differs by more commits than we can show here.
↗️ jekyll-feed (indirect, 0.13.0 → 0.15.1) · Repo · Changelog
Release Notes
0.15.1
0.15.0
0.14.0
Does any of this look wrong? Please let us know.
Commits
See the full diff on Github. The new version differs by more commits than we can show here.
↗️ jekyll-mentions (indirect, 1.5.1 → 1.6.0) · Repo · Changelog
Release Notes
1.6.0
Does any of this look wrong? Please let us know.
Commits
See the full diff on Github. The new version differs by more commits than we can show here.
↗️ jekyll-redirect-from (indirect, 0.15.0 → 0.16.0) · Repo · Changelog
Release Notes
0.16.0
Does any of this look wrong? Please let us know.
Commits
See the full diff on Github. The new version differs by more commits than we can show here.
↗️ jekyll-remote-theme (indirect, 0.4.1 → 0.4.3) · Repo
Release Notes
0.4.3
0.4.2
Does any of this look wrong? Please let us know.
Commits
See the full diff on Github. The new version differs by more commits than we can show here.
↗️ jekyll-seo-tag (indirect, 2.6.1 → 2.7.1) · Repo · Changelog
Release Notes
2.7.1
2.7.0
Does any of this look wrong? Please let us know.
Commits
See the full diff on Github. The new version differs by more commits than we can show here.
↗️ jekyll-theme-hacker (indirect, 0.1.1 → 0.1.2) · Repo
Release Notes
0.1.2
Does any of this look wrong? Please let us know.
Commits
See the full diff on Github. The new version differs by more commits than we can show here.
↗️ jemoji (indirect, 0.11.1 → 0.12.0) · Repo · Changelog
Release Notes
0.12.0
Does any of this look wrong? Please let us know.
Commits
See the full diff on Github. The new version differs by more commits than we can show here.
↗️ listen (indirect, 3.2.1 → 3.5.0) · Repo · Changelog
Release Notes
3.4.0
3.3.4
3.3.3
3.3.2
3.3.1
3.3.0
Does any of this look wrong? Please let us know.
Commits
See the full diff on Github. The new version differs by more commits than we can show here.
↗️ mini_portile2 (indirect, 2.4.0 → 2.5.0) · Repo · Changelog
Release Notes
2.5.0
Does any of this look wrong? Please let us know.
Commits
See the full diff on Github. The new version differs by more commits than we can show here.
↗️ minitest (indirect, 5.14.2 → 5.14.4) · Repo · Changelog
Release Notes
5.14.4 (from changelog)
5.14.3 (from changelog)
Does any of this look wrong? Please let us know.
Commits
See the full diff on Github. The new version differs by more commits than we can show here.
↗️ nokogiri (indirect, 1.10.10 → 1.11.2) · Repo · Changelog
Security Advisories 🚨
🚨 Nokogiri::XML::Schema trusts input by default, exposing risk of an XXE vulnerability
Release Notes
1.11.2
1.11.1
1.11.0
Does any of this look wrong? Please let us know.
Commits
See the full diff on Github. The new version differs by more commits than we can show here.
↗️ octokit (indirect, 4.18.0 → 4.20.0) · Repo
Release Notes
4.20.0
4.19.0
Does any of this look wrong? Please let us know.
Commits
See the full diff on Github. The new version differs by more commits than we can show here.
↗️ public_suffix (indirect, 3.1.1 → 4.0.6) · Repo · Changelog
Release Notes
4.0.6 (from changelog)
4.0.5 (from changelog)
4.0.4 (from changelog)
4.0.3 (from changelog)
4.0.2 (from changelog)
4.0.1 (from changelog)
4.0.0 (from changelog)
Does any of this look wrong? Please let us know.
Commits
See the full diff on Github. The new version differs by more commits than we can show here.
↗️ rouge (indirect, 3.19.0 → 3.26.0) · Repo · Changelog
Release Notes
3.26.0
3.25.0
3.24.0
3.23.0
3.22.0
3.21.0
3.20.0
Does any of this look wrong? Please let us know.
Commits
See the full diff on Github. The new version differs by more commits than we can show here.
↗️ ruby-enum (indirect, 0.8.0 → 0.9.0) · Repo · Changelog
Release Notes
0.9.0 (from changelog)
Does any of this look wrong? Please let us know.
Commits
See the full diff on Github. The new version differs by more commits than we can show here.
↗️ simpleidn (indirect, 0.1.1 → 0.2.1) · Repo
Commits
See the full diff on Github. The new version differs by more commits than we can show here.
↗️ tzinfo (indirect, 1.2.7 → 1.2.9) · Repo · Changelog
Release Notes
1.2.9
1.2.8
Does any of this look wrong? Please let us know.
Commits
See the full diff on Github. The new version differs by more commits than we can show here.
↗️ zeitwerk (indirect, 2.4.0 → 2.4.2) · Repo · Changelog
Release Notes
2.4.2 (from changelog)
2.4.1 (from changelog)
Does any of this look wrong? Please let us know.
Commits
See the full diff on Github. The new version differs by more commits than we can show here.
🆕 faraday-net_http (added, 1.0.1)
🆕 racc (added, 1.5.2)
🆕 ruby2_keywords (added, 0.0.4)
Depfu will automatically keep this PR conflict-free, as long as you don't add any commits to this branch yourself. You can also trigger a rebase manually by commenting with
@depfu rebase
.All Depfu comment commands