search

stencila / dockta

🐳 A Docker image builder for researchers
https://stencila.github.io/dockta/
Apache License 2.0
121 stars 12 forks source link

fix(dependencies): update dependency got to v11.8.5 [security] #252

Closed renovate[bot] closed 1 year ago

renovate[bot] commented 1 year ago

Mend Renovate

This PR contains the following updates:

Package Change Age Adoption Passing Confidence
got 11.8.2 -> 11.8.5 age adoption passing confidence

GitHub Vulnerability Alerts

CVE-2022-33987

The got package before 11.8.5 and 12.1.0 for Node.js allows a redirect to a UNIX socket.

Release Notes

sindresorhus/got ### [`v11.8.5`](https://togithub.com/sindresorhus/got/releases/tag/v11.8.5) [Compare Source](https://togithub.com/sindresorhus/got/compare/v11.8.3...v11.8.5) - Backport security fix https://github.com/sindresorhus/got/commit/861ccd9ac2237df762a9e2beed7edd88c60782dc - [CVE-2022-33987](https://nvd.nist.gov/vuln/detail/CVE-2022-33987) ### [`v11.8.3`](https://togithub.com/sindresorhus/got/releases/tag/v11.8.3) [Compare Source](https://togithub.com/sindresorhus/got/compare/v11.8.2...v11.8.3) - Bump cacheable-request dependency ([#​1921](https://togithub.com/sindresorhus/got/issues/1921)) [`9463bb6`](https://togithub.com/sindresorhus/got/commit/9463bb6) - Fix `HTTPError` missing `.code` property ([#​1739](https://togithub.com/sindresorhus/got/issues/1739)) [`0e167b8`](https://togithub.com/sindresorhus/got/commit/0e167b8)

Configuration

📅 Schedule: Branch creation - "" in timezone UTC, Automerge - At any time (no schedule defined).

🚦 Automerge: Enabled.

Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.

This PR has been generated by Mend Renovate. View repository job log here.

codecov-commenter commented 1 year ago

Codecov Report

Patch and project coverage have no change.

Comparison is base (d6c4991) 78.89% compared to head (15066bb) 78.89%.

Additional details and impacted files ```diff @@ Coverage Diff @@ ## master #252 +/- ## ======================================= Coverage 78.89% 78.89% ======================================= Files 22 22 Lines 1047 1047 Branches 233 231 -2 ======================================= Hits 826 826 Misses 220 220 Partials 1 1 ``` Help us with your feedback. Take ten seconds to tell us [how you rate us](https://about.codecov.io/nps?utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=stencila). Have a feature suggestion? [Share it here.](https://app.codecov.io/gh/feedback/?utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=stencila)

:umbrella: View full report in Codecov by Sentry.
:loudspeaker: Do you have feedback about the report comment? Let us know in this issue.

stencila-ci commented 1 year ago

:tada: This PR is included in version 0.25.4 :tada:

The release is available on GitHub release

Your semantic-release bot :package::rocket: