Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We鈥檒l occasionally send you account related emails.

Already on GitHub? Sign in to your account

fix(deps): update dependency systeminformation to version 5.6.4 馃専 #15819

Merged

Conversation

renovate[bot]
Copy link
Contributor

@renovate renovate bot commented Apr 6, 2021

WhiteSource Renovate

This PR contains the following updates:

Package Change Age Adoption Passing Confidence
systeminformation (source) 5.3.1 -> 5.6.4 age adoption passing confidence

GitHub Vulnerability Alerts

CVE-2021-21388

Impact

command injection vulnerability

Patches

Problem was fixed with a parameter check. Please upgrade to version >= 5.6.4

Workarounds

If you cannot upgrade, be sure to check or sanitize service parameters that are passed to si.inetLatency(), si.inetChecksite(), si.services(), si.processLoad() ... do only allow strings, reject any arrays. String sanitation works as expected.


Release Notes

sebhildebrandt/systeminformation

v5.6.4

Compare Source

v5.6.3

Compare Source

v5.6.2

Compare Source

v5.6.1

Compare Source

v5.6.0

Compare Source

v5.5.0

Compare Source

v5.4.0

Compare Source

v5.3.5

Compare Source

v5.3.4

Compare Source

v5.3.3

Compare Source

v5.3.2

Compare Source


Configuration

馃搮 Schedule: "" in timezone America/New_York.

馃殾 Automerge: Disabled by config. Please merge this manually once you are satisfied.

鈾伙笍 Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

馃敃 Ignore: Close this PR and you won't be reminded about this update again.


  • If you want to rebase/retry this PR, check this box.

This PR has been generated by WhiteSource Renovate. View repository job log here.

@renovate renovate bot requested a review from a team as a code owner April 6, 2021 18:03
@renovate renovate bot added renovate Triggered by renovatebot type: dependencies labels Apr 6, 2021
@cypress-bot
Copy link
Contributor

cypress-bot bot commented Apr 6, 2021

See the guidelines for reviewing dependency updates for info on how to review dependency update PRs.

@cypress
Copy link

cypress bot commented Apr 6, 2021



Test summary

4023 0 49 2Flakiness 0


Run details

Project cypress
Status Passed
Commit 6047605
Started Apr 21, 2021 2:53 PM
Ended Apr 21, 2021 3:04 PM
Duration 10:27 馃挕
OS Linux Debian - 10.8
Browser Chrome 89

View run in Cypress Dashboard 鉃★笍


This comment has been generated by cypress-bot as a result of this project's GitHub integration settings. You can manage this integration in this project's settings in the Cypress Dashboard

@renovate renovate bot force-pushed the renovate/npm-systeminformation-vulnerability branch 12 times, most recently from 7469933 to 9ad0478 Compare April 8, 2021 02:43
@github-actions
Copy link
Contributor

github-actions bot commented Apr 8, 2021

Internal Jira issue: TR-748

@renovate renovate bot force-pushed the renovate/npm-systeminformation-vulnerability branch 11 times, most recently from 44eb884 to 1c35d0b Compare April 13, 2021 17:27
@renovate renovate bot force-pushed the renovate/npm-systeminformation-vulnerability branch 18 times, most recently from 8b7da6d to 2eec355 Compare April 20, 2021 18:35
@renovate renovate bot force-pushed the renovate/npm-systeminformation-vulnerability branch 2 times, most recently from 7b55e36 to 68af66c Compare April 21, 2021 03:45
@renovate renovate bot force-pushed the renovate/npm-systeminformation-vulnerability branch from 68af66c to 6047605 Compare April 21, 2021 12:19
@jennifer-shehane jennifer-shehane requested review from jennifer-shehane and removed request for a team April 21, 2021 14:51
Copy link
Member

@jennifer-shehane jennifer-shehane left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Looks good, just fixes and some features.

@jennifer-shehane jennifer-shehane merged commit 33d8568 into develop Apr 21, 2021
@renovate renovate bot deleted the renovate/npm-systeminformation-vulnerability branch April 21, 2021 15:29
tgriesser added a commit that referenced this pull request Apr 21, 2021
鈥ress into tgriesser/chore/improve-ci

* 'tgriesser/chore/improve-ci' of github.com:cypress-io/cypress:
  fix(deps): update dependency systeminformation to version 5.6.4 馃専 (#15819)
  docs: fix a typo of package name [skip ci] (#15783)
  chore: deduplicate yarn.lock (#15988)
  fix(webpack): allow load custom asset on windows (#16099)
  fix: Properly display unmount as a command (#16041)
  fix(component-testing): correct imports for relative paths in cypress.json  (#16056)
  Fixed missing SearchInput and improved SpecList scrolling (#16090)
  docs: update react docs (#16055)
  chore: Design System Cleanup (#16077)
  feat(component-testing): breaking: Add React rerender functionality (#16038)
  fix(component-testing): Increased timeout to allow  useEffect to trigger (#16091)
  chore: release @cypress/webpack-batteries-included-preprocessor-v2.2.1
@cypress-bot
Copy link
Contributor

cypress-bot bot commented Apr 26, 2021

Released in 7.2.0.

This comment thread has been locked. If you are still experiencing this issue after upgrading to
Cypress v7.2.0, please open a new issue.

@cypress-bot cypress-bot bot locked as resolved and limited conversation to collaborators Apr 26, 2021
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Labels
renovate Triggered by renovatebot type: dependencies
Projects
None yet
Development

Successfully merging this pull request may close these issues.

None yet

3 participants