Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We鈥檒l occasionally send you account related emails.

Already on GitHub? Sign in to your account

fix(deps): update dependency url-parse to version 1.5.0 馃専 #16408

Merged
merged 2 commits into from May 10, 2021

Conversation

renovate[bot]
Copy link
Contributor

@renovate renovate bot commented May 8, 2021

WhiteSource Renovate

This PR contains the following updates:

Package Change Age Adoption Passing Confidence
url-parse 1.4.7 -> 1.5.0 age adoption passing confidence

GitHub Vulnerability Alerts

CVE-2021-27515

url-parse before 1.5.0 mishandles certain uses of backslash such as http:/ and interprets the URI as a relative path.


Release Notes

unshiftio/url-parse

v1.5.0

Compare Source


Configuration

馃搮 Schedule: "" in timezone America/New_York.

馃殾 Automerge: Disabled by config. Please merge this manually once you are satisfied.

鈾伙笍 Rebasing: Renovate will not automatically rebase this PR, because other commits have been found.

馃敃 Ignore: Close this PR and you won't be reminded about these updates again.


  • If you want to rebase/retry this PR, check this box.

This PR has been generated by WhiteSource Renovate. View repository job log here.

@renovate renovate bot requested a review from a team as a code owner May 8, 2021 12:53
@renovate renovate bot requested review from flotwig and chrisbreiding and removed request for a team May 8, 2021 12:53
@cypress-bot
Copy link
Contributor

cypress-bot bot commented May 8, 2021

See the guidelines for reviewing dependency updates for info on how to review dependency update PRs.

@renovate renovate bot added renovate Triggered by renovatebot type: dependencies labels May 8, 2021
@cypress
Copy link

cypress bot commented May 8, 2021



Test summary

8555 0 109 3Flakiness 0


Run details

Project cypress
Status Passed
Commit 2cdc6ed
Started May 10, 2021 6:44 PM
Ended May 10, 2021 6:55 PM
Duration 11:01 馃挕
OS Linux Debian - 10.8
Browser Multiple

View run in Cypress Dashboard 鉃★笍


This comment has been generated by cypress-bot as a result of this project's GitHub integration settings. You can manage this integration in this project's settings in the Cypress Dashboard

@renovate renovate bot force-pushed the renovate/npm-url-parse-vulnerability branch 2 times, most recently from 62261b3 to f78aa0a Compare May 10, 2021 14:14
@renovate renovate bot force-pushed the renovate/npm-url-parse-vulnerability branch from f78aa0a to 0e48f60 Compare May 10, 2021 15:36
@jennifer-shehane jennifer-shehane requested review from jennifer-shehane and removed request for flotwig and chrisbreiding May 10, 2021 16:19
Copy link
Member

@jennifer-shehane jennifer-shehane left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Going to bump this to 1.5.1 instead of 1.5.0 since there was a relevant breaking change bug that they've since fixed.

@flotwig flotwig merged commit 52abd80 into develop May 10, 2021
@renovate renovate bot deleted the renovate/npm-url-parse-vulnerability branch May 10, 2021 21:22
@cypress-bot
Copy link
Contributor

cypress-bot bot commented May 10, 2021

Released in 7.3.0.

This comment thread has been locked. If you are still experiencing this issue after upgrading to
Cypress v7.3.0, please open a new issue.

@cypress-bot cypress-bot bot locked as resolved and limited conversation to collaborators May 10, 2021
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Labels
renovate Triggered by renovatebot type: dependencies
Projects
None yet
Development

Successfully merging this pull request may close these issues.

None yet

3 participants