renovate[bot]
commented
1 year ago âš Artifact update problem
Renovate failed to update an artifact related to this branch. You probably do not want to merge this PR as-is.
â™» Renovate will retry this branch, including artifacts, only when one of the following happens:
- any of the package files in this branch needs updating, or
- the branch becomes conflicted, or
- you click the rebase/retry checkbox if found above, or
- you rename this PR's title to start with "rebase!" to trigger it manually
The artifact failure details are included below:
File name: package-lock.json
lerna notice cli v5.1.8
npm ERR! code ERESOLVE
npm ERR! ERESOLVE could not resolve
npm ERR!
npm ERR! While resolving: typeorm@0.3.14
npm ERR! Found: sqlite3@5.0.2
npm ERR! node_modules/sqlite3
npm ERR! dev sqlite3@"5.0.2" from the root project
npm ERR!
npm ERR! Could not resolve dependency:
npm ERR! peerOptional sqlite3@"^5.0.3" from typeorm@0.3.14
npm ERR! node_modules/typeorm
npm ERR! dev typeorm@"0.3.14" from the root project
npm ERR!
npm ERR! Conflicting peer dependency: sqlite3@5.1.6
npm ERR! node_modules/sqlite3
npm ERR! peerOptional sqlite3@"^5.0.3" from typeorm@0.3.14
npm ERR! node_modules/typeorm
npm ERR! dev typeorm@"0.3.14" from the root project
npm ERR!
npm ERR! Fix the upstream dependency conflict, or retry
npm ERR! this command with --force, or --legacy-peer-deps
npm ERR! to accept an incorrect (and potentially broken) dependency resolution.
npm ERR!
npm ERR! See /tmp/renovate-cache/others/npm/eresolve-report.txt for a full report.
npm ERR! A complete log of this run can be found in:
npm ERR! /tmp/renovate-cache/others/npm/_logs/2023-04-27T07_35_29_439Z-debug-0.log
This PR contains the following updates:
0.4.23->0.5.0GitHub Vulnerability Alerts
CVE-2023-0842
xml2js versions before 0.5.0 allows an external attacker to edit or add new properties to an object. This is possible because the application does not properly validate incoming JSON keys, thus allowing the
__proto__property to be edited.Configuration
📅 Schedule: Branch creation - "" (UTC), Automerge - At any time (no schedule defined).
🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.
â™» Rebasing: Whenever PR is behind base branch, or you tick the rebase/retry checkbox.
🔕 Ignore: Close this PR and you won't be reminded about this update again.
This PR has been generated by Mend Renovate. View repository job log here.