Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

fix(deps): update dependency url-parse to v1.5.9 [security] #20439

Merged
merged 1 commit into from
Mar 7, 2022
Merged

fix(deps): update dependency url-parse to v1.5.9 [security] #20439

merged 1 commit into from
Mar 7, 2022

Conversation

renovate[bot]
Copy link
Contributor

@renovate renovate bot commented Mar 1, 2022
edited
Loading

WhiteSource Renovate

This PR contains the following updates:

Package Change Age Adoption Passing Confidence
url-parse 1.5.8 -> 1.5.9 age adoption passing confidence

GitHub Vulnerability Alerts

CVE-2022-0691

url-parse prior to 1.5.9 is vulnerable to authorization bypass by adding a backspace character to the input.

Release Notes

unshiftio/url-parse

v1.5.9

Compare Source

Configuration

📅 Schedule: "" in timezone America/New_York.

🚦 Automerge: Enabled.

Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about these updates again.

  • If you want to rebase/retry this PR, click this checkbox.

This PR has been generated by WhiteSource Renovate. View repository job log here.

@renovate renovate bot requested a review from a team as a code owner March 1, 2022 22:18
@renovate renovate bot requested review from jennifer-shehane and removed request for a team March 1, 2022 22:18
@renovate renovate bot added renovate Triggered by renovatebot type: dependencies labels Mar 1, 2022
@cypress-bot
Copy link
Contributor

cypress-bot bot commented Mar 1, 2022

See the guidelines for reviewing dependency updates for info on how to review dependency update PRs.

@cypress
Copy link

cypress bot commented Mar 1, 2022
edited
Loading


Test summary

19278 0 218 0Flakiness 0

Run details
Project cypress
Status Passed
Commit 059d884
Started Mar 4, 2022 11:24 PM
Ended Mar 4, 2022 11:36 PM
Duration 11:36 💡
OS Linux Debian - 10.10
Browser Multiple

View run in Cypress Dashboard ➡️

This comment has been generated by cypress-bot as a result of this project's GitHub integration settings. You can manage this integration in this project's settings in the Cypress Dashboard

@renovate renovate bot force-pushed the renovate/npm-url-parse-vulnerability branch 6 times, most recently from 08e9627 to bc8387d Compare March 4, 2022 20:47
@renovate renovate bot force-pushed the renovate/npm-url-parse-vulnerability branch from bc8387d to 059d884 Compare March 4, 2022 23:14
@jennifer-shehane jennifer-shehane merged commit ae3c753 into develop Mar 7, 2022
@jennifer-shehane jennifer-shehane deleted the renovate/npm-url-parse-vulnerability branch March 7, 2022 16:00
@cypress-bot
Copy link
Contributor

cypress-bot bot commented Mar 14, 2022

Released in 9.5.2.

This comment thread has been locked. If you are still experiencing this issue after upgrading to
Cypress v9.5.2, please open a new issue.

@cypress-bot cypress-bot bot locked as resolved and limited conversation to collaborators Mar 14, 2022
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Reviewers

@jennifer-shehane jennifer-shehane jennifer-shehane approved these changes

Assignees
No one assigned
Labels
renovate Triggered by renovatebot type: dependencies
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@jennifer-shehane @renovate-bot