build(deps): bump nginxinc/nginx-unprivileged from 8a9df81 to 74546ba in /docker
#237
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Bumps nginxinc/nginx-unprivileged from `8a9df81` to `74546ba`. --- updated-dependencies: - dependency-name: nginxinc/nginx-unprivileged dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com>
dependabot
bot
deleted the
dependabot/docker/docker/nginxinc/nginx-unprivileged-74546ba
branch
sahibamittal
added a commit
to sahibamittal/dependency-track-frontend-upstream
that referenced
this pull request
Sep 21, 2022
commit 09e4c18 Merge: 1c24842 8377370 Author: Niklas <nscuro@protonmail.com> Date: Tue Sep 20 17:17:17 2022 +0200 Merge pull request DependencyTrack#251 from tmehnert/fix-project-view-details-display-wrong-tags commit 8377370 Author: Torsten Mehnert <torsten.mhn@gmail.com> Date: Mon Sep 19 13:48:19 2022 +0200 Fix Project View Details display wrong tags Previously the DTO was only updated, when it contains no tags and the project has tags. Because of this, the tags in the Modal didn't update, when switching between projects. Signed-off-by: Torsten Mehnert <torsten.mhn@gmail.com> commit 1c24842 Merge: 4713f98 647aaec Author: Niklas <nscuro@protonmail.com> Date: Fri Sep 16 16:38:27 2022 +0200 Merge pull request DependencyTrack#247 from sahibamittal/quick-fix-osv-ecosystem-list Quick-fix : OSV ecosystem toggle handling commit 647aaec Author: Sahiba Mittal <sahibamittal98@gmail.com> Date: Fri Sep 16 15:08:51 2022 +0100 fix osv ecosystem toggle handling Signed-off-by: Sahiba Mittal <sahibamittal98@gmail.com> commit 4713f98 Merge: 50db524 b45328c Author: Niklas <nscuro@protonmail.com> Date: Wed Sep 14 22:39:38 2022 +0200 Merge pull request DependencyTrack#246 from nscuro/update-merge Bump `merge` to 2.1.1 commit b45328c Author: nscuro <nscuro@protonmail.com> Date: Wed Sep 14 22:15:54 2022 +0200 Bump `merge` to 2.1.1 Fixes: * https://security.snyk.io/vuln/SNYK-JS-MERGE-1040469 * https://security.snyk.io/vuln/SNYK-JS-MERGE-1042987 `vue-bootstrap-toggle` only uses a single function of `merge`. That function still exists in v2 of `merge`, so this version bump is not a breaking change. See https://github.com/rhyek/vue-bootstrap-toggle/blob/16cf66e4346119ea5b72ec2abeafe524b55bbaee/src/index.vue#L51 Further, the vulnerabilities (both prototype pollutions) are not exploitable, as neither of the arguments passed to `merge.recursive` are user-controllable. Still performing the update to make scanners happy. Signed-off-by: nscuro <nscuro@protonmail.com> commit 50db524 Merge: a509004 eef9694 Author: Niklas <nscuro@protonmail.com> Date: Wed Sep 14 10:48:00 2022 +0200 Merge pull request DependencyTrack#245 from DependencyTrack/dependabot/docker/docker/nginxinc/nginx-unprivileged-daaa89b build(deps): bump nginxinc/nginx-unprivileged from `74546ba` to `daaa89b` in /docker commit eef9694 Author: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Date: Wed Sep 14 02:29:38 2022 +0000 build(deps): bump nginxinc/nginx-unprivileged in /docker Bumps nginxinc/nginx-unprivileged from `74546ba` to `daaa89b`. --- updated-dependencies: - dependency-name: nginxinc/nginx-unprivileged dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> commit a509004 Merge: 182ec06 6e02dda Author: Niklas <nscuro@protonmail.com> Date: Tue Sep 13 20:26:42 2022 +0200 Merge pull request DependencyTrack#237 from DependencyTrack/dependabot/docker/docker/nginxinc/nginx-unprivileged-74546ba build(deps): bump nginxinc/nginx-unprivileged from `8a9df81` to `74546ba` in /docker commit 6e02dda Author: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon Aug 29 02:00:23 2022 +0000 build(deps): bump nginxinc/nginx-unprivileged in /docker Bumps nginxinc/nginx-unprivileged from `8a9df81` to `74546ba`. --- updated-dependencies: - dependency-name: nginxinc/nginx-unprivileged dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com>
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Bumps nginxinc/nginx-unprivileged from
8a9df81to74546ba.Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting
@dependabot rebase.Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR:
@dependabot rebasewill rebase this PR@dependabot recreatewill recreate this PR, overwriting any edits that have been made to it@dependabot mergewill merge this PR after your CI passes on it@dependabot squash and mergewill squash and merge this PR after your CI passes on it@dependabot cancel mergewill cancel a previously requested merge and block automerging@dependabot reopenwill reopen this PR if it is closed@dependabot closewill close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually@dependabot ignore this major versionwill close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this minor versionwill close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this dependencywill close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)