Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Update dependency karma to v6.3.16 [SECURITY] #251

Open
wants to merge 1 commit into
base: master
Choose a base branch
from

Conversation

renovate[bot]
Copy link

@renovate renovate bot commented Mar 7, 2022

This PR contains the following updates:

Package Change Age Adoption Passing Confidence
karma (source) 6.1.1 -> 6.3.16 age adoption passing confidence

GitHub Vulnerability Alerts

CVE-2022-0437

karma prior to version 6.3.14 contains a cross-site scripting vulnerability.

CVE-2021-23495

Karma before 6.3.16 is vulnerable to Open Redirect due to missing validation of the return_url query parameter.


Release Notes

karma-runner/karma (karma)

v6.3.16

Compare Source

Bug Fixes
  • security: mitigate the "Open Redirect Vulnerability" (ff7edbb)

v6.3.15

Compare Source

Bug Fixes

v6.3.14

Compare Source

Bug Fixes
  • remove string template from client code (91d5acd)
  • warn when singleRun and autoWatch are false (69cfc76)
  • security: remove XSS vulnerability in returnUrl query param (839578c)

v6.3.13

Compare Source

Bug Fixes

v6.3.12

Compare Source

Bug Fixes
  • remove depreciation warning from log4js (41bed33)

v6.3.11

Compare Source

Bug Fixes
  • deps: pin colors package to 1.4.0 due to security vulnerability (a5219c5)

v6.3.10

Compare Source

Bug Fixes
  • logger: create parent folders if they are missing (0d24bd9), closes #​3734

v6.3.9

Compare Source

Bug Fixes

v6.3.8

Compare Source

Bug Fixes
  • reporter: warning if stack trace contains generated code invocation (4f23b14)

v6.3.7

Compare Source

Bug Fixes
  • middleware: replace %X_UA_COMPATIBLE% marker anywhere in the file (f1aeaec), closes #​3711

v6.3.6

Compare Source

Bug Fixes

v6.3.5

Compare Source

Bug Fixes
  • client: prevent socket.io from hanging due to mocked clocks (#​3695) (105da90)

v6.3.4

Compare Source

Bug Fixes

v6.3.3

Compare Source

Bug Fixes

v6.3.2

Compare Source

Bug Fixes

v6.3.1

Compare Source

Bug Fixes
  • client: error out when opening a new tab fails (099b85e)

v6.3.0

Compare Source

Features
  • support asynchronous config.set() call in karma.conf.js (#​3660) (4c9097a)

v6.2.0

Compare Source

Features
  • plugins: add support wildcard config for scoped package plugin (#​3659) (39831b1)

6.1.2 (2021-03-09)

Bug Fixes

6.1.1 (2021-02-12)

Bug Fixes

v6.1.2

Compare Source

Bug Fixes

Configuration

📅 Schedule: Branch creation - "" in timezone Asia/Tokyo, Automerge - At any time (no schedule defined).

🚦 Automerge: Enabled.

Rebasing: Whenever PR is behind base branch, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.


  • If you want to rebase/retry this PR, check this box

This PR was generated by Mend Renovate. View the repository job log.

@renovate renovate bot added the renovate label Mar 7, 2022
@renovate renovate bot force-pushed the renovate/npm-karma-vulnerability branch from 8d1ceae to a7827f2 Compare March 26, 2022 12:46
@renovate renovate bot force-pushed the renovate/npm-karma-vulnerability branch from a7827f2 to 8bd6499 Compare April 24, 2022 22:31
@renovate renovate bot force-pushed the renovate/npm-karma-vulnerability branch from 8bd6499 to d42261f Compare May 15, 2022 21:20
@renovate renovate bot force-pushed the renovate/npm-karma-vulnerability branch from d42261f to cf4b551 Compare June 18, 2022 14:35
@renovate renovate bot force-pushed the renovate/npm-karma-vulnerability branch from cf4b551 to 687fe2e Compare September 25, 2022 12:54
@renovate renovate bot force-pushed the renovate/npm-karma-vulnerability branch from 687fe2e to 4f8d05c Compare November 20, 2022 21:07
@renovate renovate bot force-pushed the renovate/npm-karma-vulnerability branch 2 times, most recently from 2e9f026 to fab2b36 Compare March 24, 2023 22:00
@renovate renovate bot changed the title Update dependency karma to v6.3.16 [SECURITY] Update dependency karma to v6.3.16 [SECURITY] - autoclosed Feb 24, 2024
@renovate renovate bot closed this Feb 24, 2024
@renovate renovate bot deleted the renovate/npm-karma-vulnerability branch February 24, 2024 04:54
@renovate renovate bot changed the title Update dependency karma to v6.3.16 [SECURITY] - autoclosed Update dependency karma to v6.3.16 [SECURITY] Feb 24, 2024
@renovate renovate bot reopened this Feb 24, 2024
@renovate renovate bot restored the renovate/npm-karma-vulnerability branch February 24, 2024 07:25
@renovate renovate bot force-pushed the renovate/npm-karma-vulnerability branch 2 times, most recently from 15e9d46 to 23449bf Compare February 25, 2024 10:27
@renovate renovate bot force-pushed the renovate/npm-karma-vulnerability branch from 23449bf to 3dac81b Compare March 12, 2024 11:19
@renovate renovate bot force-pushed the renovate/npm-karma-vulnerability branch from 3dac81b to fa2c838 Compare March 20, 2024 13:32
@renovate renovate bot force-pushed the renovate/npm-karma-vulnerability branch from fa2c838 to a3e9b50 Compare April 14, 2024 09:10
@renovate renovate bot force-pushed the renovate/npm-karma-vulnerability branch from a3e9b50 to f5856a1 Compare April 21, 2024 10:42
@renovate renovate bot force-pushed the renovate/npm-karma-vulnerability branch from f5856a1 to 207e902 Compare June 4, 2024 11:02
@renovate renovate bot force-pushed the renovate/npm-karma-vulnerability branch from 207e902 to 85d11ca Compare July 21, 2024 15:18
@renovate renovate bot force-pushed the renovate/npm-karma-vulnerability branch from 85d11ca to e5d564e Compare August 6, 2024 06:47
@renovate renovate bot force-pushed the renovate/npm-karma-vulnerability branch from e5d564e to 103fc38 Compare August 18, 2024 16:13
@renovate renovate bot force-pushed the renovate/npm-karma-vulnerability branch from 103fc38 to 1584f47 Compare August 28, 2024 08:30
@renovate renovate bot force-pushed the renovate/npm-karma-vulnerability branch from 1584f47 to b761073 Compare October 9, 2024 10:36
@renovate renovate bot force-pushed the renovate/npm-karma-vulnerability branch from b761073 to 7fe1289 Compare December 2, 2024 11:09
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
Projects
None yet
Development

Successfully merging this pull request may close these issues.

1 participant