Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

[dist] Update dependency request to ~2.88.0 [SECURITY] #1357

Merged
merged 1 commit into from Aug 22, 2019

Conversation

@renovate
Copy link
Contributor

@renovate renovate bot commented Aug 22, 2019

This PR contains the following updates:

Package Type Update Change
request dependencies minor ~2.27.0 -> ~2.88.0

GitHub Vulnerability Alerts

CVE-2017-16026

Affected versions of request will disclose local system memory to remote systems in certain circumstances. When a multipart request is made, and the type of body is number, then a buffer of that size will be allocated and sent to the remote server as the body.


Release Notes

request/request

v2.88.0

Compare Source

v2.87.0

Compare Source

v2.86.0

Compare Source

v2.85.0

Compare Source

v2.84.0

Compare Source

v2.83.0

Compare Source

v2.82.0

Compare Source

v2.81.0

Compare Source

v2.80.0

Compare Source

v2.79.0

Compare Source

v2.78.0

Compare Source

v2.77.0

Compare Source

v2.76.0

Compare Source

v2.75.0

Compare Source

v2.74.0

Compare Source

v2.73.0

Compare Source

v2.72.0

Compare Source

v2.71.0

Compare Source

v2.70.0

Compare Source

v2.69.0

Compare Source

v2.68.0

Compare Source

v2.67.0

Compare Source

v2.66.0

Compare Source

v2.65.0

Compare Source

v2.64.0

Compare Source

v2.63.0

Compare Source

v2.62.0

Compare Source

v2.61.0

Compare Source

v2.60.0

Compare Source

v2.59.0

Compare Source

v2.58.0

Compare Source

v2.57.0

Compare Source

  • #​1615 Replace '.client' with '.socket' as the former was deprecated in 2.2.0. (@​ChALkeR)

v2.56.0

Compare Source

v2.55.0

Compare Source

v2.54.0

Compare Source

v2.53.0

Compare Source

v2.52.0

Compare Source

v2.51.0

Compare Source

v2.50.0

Compare Source

v2.49.0

Compare Source

v2.48.0

Compare Source


Renovate configuration

📅 Schedule: "" (UTC).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

♻️ Rebasing: Whenever PR becomes conflicted, or if you modify the PR title to begin with "rebase!".

🔕 Ignore: Close this PR and you won't be reminded about this update again.


  • If you want to rebase/retry this PR, check this box

This PR has been generated by Renovate Bot. View repository job log here.

@renovate renovate bot force-pushed the renovate/npm-request-vulnerability branch from 35178ef to ce3b515 Aug 22, 2019
@renovate renovate bot force-pushed the renovate/npm-request-vulnerability branch from ce3b515 to 91ef055 Aug 22, 2019
@codecov-io
Copy link

@codecov-io codecov-io commented Aug 22, 2019

Codecov Report

Merging #1357 into master will not change coverage.
The diff coverage is n/a.

Impacted file tree graph

@@           Coverage Diff           @@
##           master    #1357   +/-   ##
=======================================
  Coverage   92.35%   92.35%           
=======================================
  Files           6        6           
  Lines         314      314           
=======================================
  Hits          290      290           
  Misses         24       24

Continue to review full report at Codecov.

Legend - Click here to learn more
Δ = absolute <relative> (impact), ø = not affected, ? = missing data
Powered by Codecov. Last update e588213...91ef055. Read the comment docs.

@indexzero indexzero merged commit 0d9ed36 into master Aug 22, 2019
2 checks passed
2 checks passed
continuous-integration/travis-ci/pr The Travis CI build passed
Details
continuous-integration/travis-ci/push The Travis CI build passed
Details
@renovate renovate bot deleted the renovate/npm-request-vulnerability branch Aug 22, 2019
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Projects
None yet
Linked issues

Successfully merging this pull request may close these issues.

None yet

3 participants
You can’t perform that action at this time.