Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

chore(deps): update dependency semantic-release to version 17.2.3 🌟 #14713

Merged

Conversation

renovate[bot]
Copy link
Contributor

@renovate renovate bot commented Jan 23, 2021

WhiteSource Renovate

This PR contains the following updates:

Package Change Age Adoption Passing Confidence
semantic-release 17.1.1 -> 17.2.3 age adoption passing confidence

GitHub Vulnerability Alerts

CVE-2020-26226

Impact

Secrets that would normally be masked by semantic-release can be accidentally disclosed if they contain characters that become encoded when included in a URL.

Patches

Fixed in v17.2.3

Workarounds

Secrets that do not contain characters that become encoded when included in a URL are already masked properly.


Release Notes

semantic-release/semantic-release

v17.2.3

Compare Source

Bug Fixes
  • mask secrets when characters get uri encoded (ca90b34)

v17.2.2

Compare Source

Bug Fixes

v17.2.1

Compare Source

Reverts

v17.2.0

Compare Source

Features

v17.1.2

Compare Source

Bug Fixes

Renovate configuration

πŸ“… Schedule: "" in timezone America/New_York.

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

♻️ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

πŸ”• Ignore: Close this PR and you won't be reminded about this update again.


  • If you want to rebase/retry this PR, check this box

This PR has been generated by WhiteSource Renovate. View repository job log here.

@renovate renovate bot added renovate Triggered by renovatebot type: dependencies labels Jan 23, 2021
@cypress-bot
Copy link
Contributor

cypress-bot bot commented Jan 23, 2021

See the guidelines for reviewing dependency updates for info on how to review dependency update PRs.

Copy link
Member

@jennifer-shehane jennifer-shehane left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Looks fine

@renovate renovate bot force-pushed the renovate/npm-semantic-release-vulnerability branch from ed3795e to 0c67069 Compare January 25, 2021 09:43
@cypress
Copy link

cypress bot commented Jan 25, 2021



Test summary

9268 β€’ 0 β€’ 118 β€’ 3 β€’ Flakiness 2


Run details

Project cypress
Status Passed
Commit 0c67069
Started Jan 25, 2021 9:56 AM
Ended Jan 25, 2021 10:10 AM
Duration 13:58 πŸ’‘
OS Linux Debian - 10.5
Browser Multiple

View run in Cypress Dashboard ➑️


Flakiness

retries.ui.spec.js 1Β Flakiness
1 runner/cypress retries.ui.spec > opens attempt on each attempt failure for the screenshot, and closes after test passes
commands/net_stubbing_spec.ts 1Β Flakiness
1 network stubbing > intercepting response > can throttle a proxy response using res.throttle

This comment has been generated by cypress-bot as a result of this project's GitHub integration settings. You can manage this integration in this project's settings in the Cypress Dashboard

@jennifer-shehane jennifer-shehane merged commit 2c5a836 into develop Jan 25, 2021
@renovate renovate bot deleted the renovate/npm-semantic-release-vulnerability branch January 25, 2021 15:49
pashidlos pushed a commit to pashidlos/cypress that referenced this pull request Jan 30, 2021
@cypress-bot
Copy link
Contributor

cypress-bot bot commented Feb 1, 2021

Released in 6.4.0.

This comment thread has been locked. If you are still experiencing this issue after upgrading to
Cypress v6.4.0, please open a new issue.

@cypress-bot cypress-bot bot locked as resolved and limited conversation to collaborators Feb 1, 2021
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Labels
renovate Triggered by renovatebot type: dependencies
Projects
None yet
Development

Successfully merging this pull request may close these issues.

None yet

2 participants