-
Notifications
You must be signed in to change notification settings - Fork 7
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
chore(frontend): update node.js to v18.16.1 #493
base: master
Are you sure you want to change the base?
Conversation
Visit the preview URL for this PR (updated for commit 187df41): https://pluralsh-console--pr493-renovate-frontend-no-ss9leeiu.web.app (expires Sat, 22 Jun 2024 20:49:45 GMT) 🔥 via Firebase Hosting GitHub Action 🌎 Sign: dd1ffa0705acc6ef7d6db370e6bd6fc390e945ce |
⚠ Artifact update problemRenovate failed to update artifacts related to this branch. You probably do not want to merge this PR as-is. ♻ Renovate will retry this branch, including artifacts, only when one of the following happens:
The artifact failure details are included below: File name: assets/yarn.lock
File name: assets/e2e/yarn.lock
|
40d5211
to
ad6a821
Compare
6d29b89
to
1550e93
Compare
79d445d
to
023da64
Compare
002a7dc
to
269bce1
Compare
bab999d
to
ca4e044
Compare
ca4e044
to
69669e0
Compare
This PR contains the following updates:
18.16.0
->18.16.1
Release Notes
nodejs/node (node)
v18.16.1
: 2023-06-20, Version 18.16.1 'Hydrogen' (LTS), @RafaelGSSCompare Source
This is a security release.
Notable Changes
The following CVEs are fixed in this release:
mainModule.__proto__
Bypass Experimental Policy Mechanism (High)More detailed information on each of the vulnerabilities can be found in June 2023 Security Releases blog post.
Commits
bf3e2c8928
] - crypto: handle cert with invalid SPKI gracefully (Tobias Nießen) nodejs-private/node-private#39370f9449072
] - deps: setCARES_RANDOM_FILE
for c-ares (Richard Lau) #4815635d4efb57b
] - deps: update c-ares to 1.19.1 (RafaelGSS) #48115392dfedc77
] - deps: update archs files for openssl-3.0.9-quic1 (Node.js GitHub Bot) #4840246cd5fe38b
] - deps: upgrade openssl sources to quictls/openssl-3.0.9-quic1 (Node.js GitHub Bot) #484027e3d2d85c2
] - doc,test: clarify behavior of DH generateKeys (Tobias Nießen) nodejs-private/node-private#4264ff6ba050a
] - http: disable request smuggling via rempty headers (Paolo Insogna) nodejs-private/node-private#428ab269129a6
] - msi: do not create AppData\Roaming\npm (Tobias Nießen) nodejs-private/node-private#408925e8f5619
] - policy: handle mainModule.__proto__ bypass (RafaelGSS) nodejs-private/node-private#416d6fae8e47e
] - test: allow SIGBUS in signal-handler abort test (Michaël Zasso) #47851Configuration
📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).
🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.
♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.
🔕 Ignore: Close this PR and you won't be reminded about this update again.
This PR has been generated by Renovate Bot.