Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

chore(deps): update node.js to v16.20.2 #57

Open
wants to merge 1 commit into
base: master
Choose a base branch
from

Conversation

renovate[bot]
Copy link
Contributor

@renovate renovate bot commented Feb 16, 2023

This PR contains the following updates:

Package Type Update Change
node (source) volta minor 16.19.0 -> 16.20.2

Release Notes

nodejs/node (node)

v16.20.2: 2023-08-09, Version 16.20.2 'Gallium' (LTS), @​RafaelGSS

Compare Source

This is a security release.

Notable Changes

The following CVEs are fixed in this release:

More detailed information on each of the vulnerabilities can be found in August 2023 Security Releases blog post.

Commits

v16.20.1: 2023-06-20, Version 16.20.1 'Gallium' (LTS), @​RafaelGSS

Compare Source

This is a security release.

Notable Changes

The following CVEs are fixed in this release:

More detailed information on each of the vulnerabilities can be found in June 2023 Security Releases blog post.

Commits

v16.20.0: 2023-03-29, Version 16.20.0 'Gallium' (LTS), @​BethGriggs

Compare Source

Notable Changes
  • deps:
    • update undici to 5.20.0 (Node.js GitHub Bot) #​46711
    • update c-ares to 1.19.0 (Michaël Zasso) #​46415
    • upgrade npm to 8.19.4 (npm team) #​46677
    • update corepack to 0.17.0 (Node.js GitHub Bot) #​46842
  • (SEMVER-MINOR) src: add support for externally shared js builtins (Michael Dawson) #​44376
Commits

v16.19.1: 2023-02-16, Version 16.19.1 'Gallium' (LTS), @​richardlau

Compare Source

This is a security release.

Notable Changes

The following CVEs are fixed in this release:

  • CVE-2023-23918: Node.js Permissions policies can be bypassed via process.mainModule (High)
  • CVE-2023-23919: Node.js OpenSSL error handling issues in nodejs crypto library (Medium)
  • CVE-2023-23920: Node.js insecure loading of ICU data through ICU_DATA environment variable (Low)

Fixed by an update to undici:

More detailed information on each of the vulnerabilities can be found in February 2023 Security Releases blog post.

This security release includes OpenSSL security updates as outlined in the recent
OpenSSL security advisory.

Commits

Configuration

📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.


  • If you want to rebase/retry this PR, check this box

This PR was generated by Mend Renovate. View the repository job log.

@codecov
Copy link

codecov bot commented Feb 16, 2023

Codecov Report

Merging #57 (d224e12) into master (373ab04) will not change coverage.
Report is 8 commits behind head on master.
The diff coverage is n/a.

❗ Current head d224e12 differs from pull request most recent head 4ed59f9. Consider uploading reports for the commit 4ed59f9 to get more accurate results

@@           Coverage Diff           @@
##           master      #57   +/-   ##
=======================================
  Coverage   82.98%   82.98%           
=======================================
  Files           2        2           
  Lines         241      241           
=======================================
  Hits          200      200           
  Misses         41       41           

📣 We’re building smart automated test selection to slash your CI/CD build times. Learn more

@renovate renovate bot changed the title chore(deps): update node.js to v16.19.1 chore(deps): update node.js to v16.20.0 Mar 30, 2023
@renovate renovate bot changed the title chore(deps): update node.js to v16.20.0 chore(deps): update node.js to v16.20.1 Jun 20, 2023
@renovate renovate bot changed the title chore(deps): update node.js to v16.20.1 chore(deps): update node.js to v16.20.2 Aug 9, 2023
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Projects
None yet
Development

Successfully merging this pull request may close these issues.

1 participant