New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

fix(deps): update dependency systeminformation to v5 [security] #44

Open

renovate wants to merge 1 commit into master from renovate/npm-systeminformation-vulnerability

renovate bot commented Feb 10, 2022 •

edited

Loading

This PR contains the following updates:

Package	Change	Age	Adoption	Passing	Confidence
systeminformation (source)	`^4.26.10` -> `^5.0.0`

GitHub Vulnerability Alerts

CVE-2021-21315

Impact

command injection vulnerability

Patches

Problem was fixed with a parameter check. Please upgrade to version >= 5.3.1

Workarounds

If you cannot upgrade, be sure to check or sanitize service parameters that are passed to si.inetLatency(), si.inetChecksite(), si.services(), si.processLoad() ... do only allow strings, reject any arrays. String sanitation works as expected.

CVE-2021-21388

Impact

command injection vulnerability

Patches

Problem was fixed with a parameter check. Please upgrade to version >= 5.6.4

Workarounds

If you cannot upgrade, be sure to check or sanitize service parameters that are passed to si.inetLatency(), si.inetChecksite(), si.services(), si.processLoad() ... do only allow strings, reject any arrays. String sanitation works as expected.

Release Notes

sebhildebrandt/systeminformation

`v5.17.12`

`v5.17.11`

`v5.17.10`

`v5.17.9`

`v5.17.8`

`v5.17.7`

`v5.17.6`

`v5.17.5`

`v5.17.4`

`v5.17.3`

`v5.17.2`

`v5.17.1`

`v5.17.0`

`v5.16.9`

`v5.16.8`

`v5.16.7`

`v5.16.6`

`v5.16.5`

`v5.16.4`

`v5.16.3`

`v5.16.2`

`v5.16.1`

`v5.16.0`

`v5.15.1`

`v5.15.0`

`v5.14.4`

`v5.14.3`

`v5.14.2`

`v5.14.1`

`v5.14.0`

`v5.13.5`

`v5.13.4`

`v5.13.3`

`v5.13.2`

`v5.13.1`

`v5.13.0`

`v5.12.15`

`v5.12.14`

`v5.12.13`

`v5.12.12`

`v5.12.11`

`v5.12.10`

`v5.12.9`

`v5.12.8`

`v5.12.7`

`v5.12.6`

`v5.12.5`

`v5.12.4`

`v5.12.3`

`v5.12.2`

`v5.12.1`

`v5.12.0`

`v5.11.26`

`v5.11.25`

`v5.11.24`

`v5.11.23`

`v5.11.22`

`v5.11.21`

`v5.11.20`

`v5.11.19`

`v5.11.18`

`v5.11.17`

`v5.11.16`

`v5.11.15`

`v5.11.14`

`v5.11.13`

`v5.11.12`

`v5.11.11`

`v5.11.10`

`v5.11.9`

`v5.11.8`

`v5.11.7`

`v5.11.6`

`v5.11.5`

`v5.11.4`

`v5.11.3`

`v5.11.2`

`v5.11.1`

`v5.11.0`

`v5.10.7`

`v5.10.6`

`v5.10.5`

`v5.10.4`

`v5.10.3`

`v5.10.2`

`v5.10.1`

`v5.10.0`

`v5.9.18`

`v5.9.17`

`v5.9.16`

`v5.9.15`

`v5.9.14`

`v5.9.13`

`v5.9.12`

`v5.9.11`

`v5.9.10`

`v5.9.9`

`v5.9.8`

`v5.9.7`

`v5.9.6`

`v5.9.5`

`v5.9.4`

`v5.9.3`

`v5.9.2`

`v5.9.1`

`v5.9.0`

`v5.8.9`

`v5.8.8`

`v5.8.7`

`v5.8.6`

`v5.8.5`

`v5.8.4`

`v5.8.3`

`v5.8.2`

`v5.8.1`

`v5.8.0`

`v5.7.14`

`v5.7.13`

`v5.7.12`

`v5.7.11`

`v5.7.10`

`v5.7.9`

`v5.7.8`

`v5.7.7`

`v5.7.6`

`v5.7.5`

`v5.7.4`

`v5.7.3`

`v5.7.2`

`v5.7.1`

`v5.7.0`

`v5.6.22`

`v5.6.21`

`v5.6.20`

`v5.6.19`

`v5.6.18`

`v5.6.17`

`v5.6.16`

`v5.6.15`

`v5.6.14`

`v5.6.13`

`v5.6.12`

`v5.6.11`

`v5.6.10`

`v5.6.9`

`v5.6.8`

`v5.6.7`

`v5.6.6`

`v5.6.5`

`v5.6.4`

`v5.6.3`

`v5.6.2`

`v5.6.1`

`v5.6.0`

`v5.5.0`

`v5.4.0`

`v5.3.5`

`v5.3.4`

`v5.3.3`

`v5.3.2`

`v5.3.1`

`v5.3.0`

`v5.2.7`

`v5.2.6`

`v5.2.5`

`v5.2.4`

`v5.2.3`

`v5.2.2`

`v5.2.1`

`v5.2.0`

`v5.1.2`

`v5.1.1`

`v5.1.0`

`v5.0.11`

`v5.0.10`

`v5.0.9`

`v5.0.8`

`v5.0.7`

`v5.0.6`

`v5.0.5`

`v5.0.4`

`v5.0.3`

`v5.0.2`

`v5.0.1`

`v5.0.0`

Configuration

📅 Schedule: Branch creation - "" in timezone Europe/Warsaw, Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.

If you want to rebase/retry this PR, check this box

This PR has been generated by Mend Renovate. View repository job log here.

vercel bot commented Feb 10, 2022 •

edited

Loading

This pull request is being automatically deployed with Vercel (learn more).
To see the status of your deployment, click below or on the icon next to each commit.

🔍 Inspect: https://vercel.com/tymek/cz/BBRfRqhPkP8ozdJUCuE7Qv3KsjEG
✅ Preview: https://cz-git-renovate-npm-systeminformation-vulnerability-tymek.vercel.app

vercel bot deployed to Preview

February 10, 2022 22:36

View deployment

renovate bot force-pushed the renovate/npm-systeminformation-vulnerability branch from e73182e to d031fc9 Compare

February 10, 2022 23:00

vercel bot deployed to Preview

February 10, 2022 23:01

View deployment

renovate bot force-pushed the renovate/npm-systeminformation-vulnerability branch from d031fc9 to 16433e2 Compare

February 11, 2022 08:06

vercel bot deployed to Preview

February 11, 2022 08:06

View deployment

renovate bot force-pushed the renovate/npm-systeminformation-vulnerability branch from 16433e2 to 14c853d Compare

February 11, 2022 09:51

vercel bot deployed to Preview

February 11, 2022 09:51

View deployment

renovate bot force-pushed the renovate/npm-systeminformation-vulnerability branch from 14c853d to 49aedab Compare

February 13, 2022 09:43

vercel bot deployed to Preview

February 13, 2022 09:44

View deployment

renovate bot force-pushed the renovate/npm-systeminformation-vulnerability branch from 49aedab to 107a822 Compare

February 13, 2022 11:01

vercel bot deployed to Preview

February 13, 2022 11:01

View deployment

renovate bot force-pushed the renovate/npm-systeminformation-vulnerability branch from 107a822 to 7e94162 Compare

February 15, 2022 12:59

vercel bot deployed to Preview

February 15, 2022 12:59

View deployment

renovate bot force-pushed the renovate/npm-systeminformation-vulnerability branch from 7e94162 to 72247ef Compare

February 15, 2022 14:17

vercel bot deployed to Preview

February 15, 2022 14:17

View deployment

renovate bot force-pushed the renovate/npm-systeminformation-vulnerability branch from 72247ef to 03ec440 Compare

February 16, 2022 11:03

vercel bot deployed to Preview

February 16, 2022 11:03

View deployment

renovate bot force-pushed the renovate/npm-systeminformation-vulnerability branch from 03ec440 to bb364f5 Compare

February 16, 2022 13:11

vercel bot deployed to Preview

February 16, 2022 13:11

View deployment

renovate bot force-pushed the renovate/npm-systeminformation-vulnerability branch from bb364f5 to 4228f68 Compare

February 17, 2022 09:36

vercel bot deployed to Preview

February 17, 2022 09:36

View deployment

renovate bot force-pushed the renovate/npm-systeminformation-vulnerability branch from 4228f68 to 548444e Compare

February 17, 2022 11:45

vercel bot deployed to Preview

February 17, 2022 11:45

View deployment

renovate bot force-pushed the renovate/npm-systeminformation-vulnerability branch from 548444e to a66c75b Compare

February 18, 2022 13:45

vercel bot deployed to Preview

February 18, 2022 13:45

View deployment

renovate bot force-pushed the renovate/npm-systeminformation-vulnerability branch from a66c75b to a9e1add Compare

February 18, 2022 15:25

vercel bot deployed to Preview

February 18, 2022 15:25

View deployment

renovate bot force-pushed the renovate/npm-systeminformation-vulnerability branch from a9e1add to 460c7b7 Compare

February 23, 2022 15:14

vercel bot deployed to Preview

February 23, 2022 15:14

View deployment

renovate bot force-pushed the renovate/npm-systeminformation-vulnerability branch from dd7f912 to e07d5ee Compare

February 27, 2022 19:27

vercel bot deployed to Preview

February 27, 2022 19:27

View deployment

renovate bot force-pushed the renovate/npm-systeminformation-vulnerability branch from e07d5ee to 21b1493 Compare

March 2, 2022 12:16

vercel bot deployed to Preview

March 2, 2022 12:16

View deployment

renovate bot force-pushed the renovate/npm-systeminformation-vulnerability branch from 21b1493 to 89b155d Compare

March 2, 2022 14:55

vercel bot deployed to Preview

March 2, 2022 14:55

View deployment

renovate bot force-pushed the renovate/npm-systeminformation-vulnerability branch from 89b155d to a067a13 Compare

March 12, 2022 16:02

vercel bot deployed to Preview

March 12, 2022 16:02

View deployment

renovate bot force-pushed the renovate/npm-systeminformation-vulnerability branch from a067a13 to d09af83 Compare

March 12, 2022 17:51

vercel bot deployed to Preview

March 12, 2022 17:51

View deployment

renovate bot force-pushed the renovate/npm-systeminformation-vulnerability branch from d09af83 to 482f927 Compare

March 18, 2022 14:55

vercel bot deployed to Preview

March 18, 2022 14:55

View deployment

renovate bot force-pushed the renovate/npm-systeminformation-vulnerability branch from 482f927 to 2204745 Compare

March 18, 2022 17:33

vercel bot deployed to Preview

March 18, 2022 17:33

View deployment

renovate bot force-pushed the renovate/npm-systeminformation-vulnerability branch from 2204745 to 8623fb8 Compare

April 4, 2022 13:55

vercel bot deployed to Preview

April 4, 2022 13:55

View deployment

renovate bot force-pushed the renovate/npm-systeminformation-vulnerability branch from 8623fb8 to f2b8ef8 Compare

April 4, 2022 16:32

vercel bot deployed to Preview

April 4, 2022 16:32

View deployment

renovate bot force-pushed the renovate/npm-systeminformation-vulnerability branch from f2b8ef8 to 0eda3f1 Compare

April 8, 2022 10:09

vercel bot deployed to Preview

April 8, 2022 10:09

View deployment

renovate bot force-pushed the renovate/npm-systeminformation-vulnerability branch from 0eda3f1 to 876dac7 Compare

April 8, 2022 12:41

vercel bot deployed to Preview

April 8, 2022 12:41

View deployment

renovate bot force-pushed the renovate/npm-systeminformation-vulnerability branch from 876dac7 to 6053d84 Compare

April 8, 2022 18:00

vercel bot deployed to Preview

April 8, 2022 18:00

View deployment

renovate bot force-pushed the renovate/npm-systeminformation-vulnerability branch from 6053d84 to 18056bc Compare

April 8, 2022 19:51

vercel bot deployed to Preview

April 8, 2022 19:51

View deployment


          fix(deps): update dependency systeminformation to v5 [security]

8c11096

renovate bot force-pushed the renovate/npm-systeminformation-vulnerability branch from 18056bc to 8c11096 Compare

April 24, 2022 22:24

vercel bot deployed to Preview

April 24, 2022 22:24

View deployment

Author

renovate bot commented Mar 24, 2023 •

edited

Loading

Edited/Blocked Notification

Renovate will not automatically rebase this PR, because it does not recognize the last commit author and assumes somebody else may have edited the PR.

You can manually request rebase by checking the rebase/retry box above.

⚠️ Warning: custom changes will be lost.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet