search

usimd / pi-gen-action

Action to build Raspberry Pi images using official pi-gen tool
MIT License
44 stars 9 forks source link

Update dependency word-wrap to v1.2.4 [SECURITY] #69

Closed renovate[bot] closed 1 year ago

renovate[bot] commented 1 year ago

Mend Renovate

This PR contains the following updates:

Package Change Age Adoption Passing Confidence
word-wrap 1.2.3 -> 1.2.4 age adoption passing confidence

GitHub Vulnerability Alerts

CVE-2023-26115

All versions of the package word-wrap are vulnerable to Regular Expression Denial of Service (ReDoS) due to the usage of an insecure regular expression within the result variable.

Release Notes

jonschlinkert/word-wrap (word-wrap) ### [`v1.2.4`](https://togithub.com/jonschlinkert/word-wrap/releases/tag/1.2.4) [Compare Source](https://togithub.com/jonschlinkert/word-wrap/compare/1.2.3...1.2.4) #### What's Changed - Remove default indent by [@​mohd-akram](https://togithub.com/mohd-akram) in [https://github.com/jonschlinkert/word-wrap/pull/24](https://togithub.com/jonschlinkert/word-wrap/pull/24) - 🔒fix: CVE 2023 26115 (2) by [@​OlafConijn](https://togithub.com/OlafConijn) in [https://github.com/jonschlinkert/word-wrap/pull/41](https://togithub.com/jonschlinkert/word-wrap/pull/41) - :lock: fix: CVE-2023-26115 by [@​aashutoshrathi](https://togithub.com/aashutoshrathi) in [https://github.com/jonschlinkert/word-wrap/pull/33](https://togithub.com/jonschlinkert/word-wrap/pull/33) - chore: publish workflow by [@​OlafConijn](https://togithub.com/OlafConijn) in [https://github.com/jonschlinkert/word-wrap/pull/42](https://togithub.com/jonschlinkert/word-wrap/pull/42) #### New Contributors - [@​mohd-akram](https://togithub.com/mohd-akram) made their first contribution in [https://github.com/jonschlinkert/word-wrap/pull/24](https://togithub.com/jonschlinkert/word-wrap/pull/24) - [@​OlafConijn](https://togithub.com/OlafConijn) made their first contribution in [https://github.com/jonschlinkert/word-wrap/pull/41](https://togithub.com/jonschlinkert/word-wrap/pull/41) - [@​aashutoshrathi](https://togithub.com/aashutoshrathi) made their first contribution in [https://github.com/jonschlinkert/word-wrap/pull/33](https://togithub.com/jonschlinkert/word-wrap/pull/33) **Full Changelog**: https://github.com/jonschlinkert/word-wrap/compare/1.2.3...1.2.4

Configuration

📅 Schedule: Branch creation - "" (UTC), Automerge - At any time (no schedule defined).

🚦 Automerge: Enabled.

â™» Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.

This PR has been generated by Mend Renovate. View repository job log here.

codecov[bot] commented 1 year ago

Codecov Report

Merging #69 (7754271) into master (b8e10e4) will not change coverage. The diff coverage is n/a.

@@           Coverage Diff           @@
##           master      #69   +/-   ##
=======================================
  Coverage   91.73%   91.73%           
=======================================
  Files          12       12           
  Lines         375      375           
  Branches       85       85           
=======================================
  Hits          344      344           
  Misses         10       10           
  Partials       21       21
Flag Coverage Δ
unittests 91.73% <ø> (ø)

Flags with carried forward coverage won't be shown. Click here to find out more.

:mega: We’re building smart automated test selection to slash your CI/CD build times. Learn more