fix(Code Node): Update vm2 to address CVE-2023-29017 #5947
Merged
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
GH advisory: GHSA-7jxr-cg7f-gpgv
|
Great PR! Please pay attention to the following items before merging: Files matching
Make sure to check off this list before asking for review. |
krynble
approved these changes
Apr 11, 2023
Codecov ReportPatch and project coverage have no change.
Additional details and impacted files@@ Coverage Diff @@
## master #5947 +/- ##
=======================================
Coverage 17.53% 17.53%
=======================================
Files 2500 2500
Lines 114336 114336
Branches 17850 17850
=======================================
Hits 20050 20050
Misses 93694 93694
Partials 592 592 Help us with your feedback. Take ten seconds to tell us how you rate us. Have a feature suggestion? Share it here. ☔ View full report in Codecov by Sentry. |
|
✅ All Cypress E2E specs passed |
netroy
added a commit
that referenced
this pull request
Apr 11, 2023
Update vm2 to fix CVE-2023-29017 GH advisory: GHSA-7jxr-cg7f-gpgv Co-authored-by: Loganaden Velvindron <logan@cyberstorm.mu>
netroy
added a commit
that referenced
this pull request
Apr 11, 2023
Update vm2 to fix CVE-2023-29017 GH advisory: GHSA-7jxr-cg7f-gpgv Co-authored-by: Loganaden Velvindron <logan@cyberstorm.mu>
MiloradFilipovic
added a commit
that referenced
this pull request
Apr 13, 2023
* master: (62 commits) fix(editor): Redirect to home page after saving data on SAML onboarding page (no-changelog) (#5961) feat: Replace Vue.extend with defineComponent in design system (no-changelog) (#5918) feat(MySQL Node): Overhaul fix(OpenAI Node): Update models to only show those supported (#5805) ci: Add test for wait node (no-changelog) (#5414) fix(Github Trigger Node): Remove content_reference event (#5830) ci: Validate load options methods in nodes-base (no-changelog) (#5862) ci: Use `--chown=node:node` in COPY commands in the custom docker image (no-changelog) (#5913) 🚀 Release 0.224.0 (#5957) fix(NocoDB Node): Fix for updating or deleting rows with not default primary keys fix(HTTP Request Node): Show detailed error message in the UI again (#5959) ci: Prevent skipping of E2E fail job (no-changelog) (#5958) ci: Fix E2E tests on master (no-changelog) (#5960) refactor(core): Use injectable classes for db repositories (part-1) (no-changelog) (#5953) fix(core): Validate customData keys and values (#5920) (no-changelog) feat(editor): Add user activation survey (#5677) fix(editor): Update vite legacy-plugin browser target (no-changelog) (#5952) docs: Fix typo in AWS S3 and S3 nodes for parent folder key (#5933) fix(core): Update xml2js to address CVE-2023-0842 (#5948) fix(Code Node): Update vm2 to address CVE-2023-29017 (#5947) ... # Conflicts: # packages/workflow/src/Interfaces.ts
MiloradFilipovic
added a commit
that referenced
this pull request
Apr 13, 2023
…rce-mapper-ui * feature/resource-mapping-component: (62 commits) fix(editor): Redirect to home page after saving data on SAML onboarding page (no-changelog) (#5961) feat: Replace Vue.extend with defineComponent in design system (no-changelog) (#5918) feat(MySQL Node): Overhaul fix(OpenAI Node): Update models to only show those supported (#5805) ci: Add test for wait node (no-changelog) (#5414) fix(Github Trigger Node): Remove content_reference event (#5830) ci: Validate load options methods in nodes-base (no-changelog) (#5862) ci: Use `--chown=node:node` in COPY commands in the custom docker image (no-changelog) (#5913) 🚀 Release 0.224.0 (#5957) fix(NocoDB Node): Fix for updating or deleting rows with not default primary keys fix(HTTP Request Node): Show detailed error message in the UI again (#5959) ci: Prevent skipping of E2E fail job (no-changelog) (#5958) ci: Fix E2E tests on master (no-changelog) (#5960) refactor(core): Use injectable classes for db repositories (part-1) (no-changelog) (#5953) fix(core): Validate customData keys and values (#5920) (no-changelog) feat(editor): Add user activation survey (#5677) fix(editor): Update vite legacy-plugin browser target (no-changelog) (#5952) docs: Fix typo in AWS S3 and S3 nodes for parent folder key (#5933) fix(core): Update xml2js to address CVE-2023-0842 (#5948) fix(Code Node): Update vm2 to address CVE-2023-29017 (#5947) ... # Conflicts: # packages/workflow/src/Interfaces.ts
|
Got released with |
sunilrr
pushed a commit
to fl-g6/qp-n8n
that referenced
this pull request
Apr 24, 2023
Update vm2 to fix CVE-2023-29017 GH advisory: GHSA-7jxr-cg7f-gpgv Co-authored-by: Loganaden Velvindron <logan@cyberstorm.mu>
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
GH advisory: GHSA-7jxr-cg7f-gpgv