New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Update dependency postcss to 8.2.13 [SECURITY] #889
Conversation
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
The PR diff size of 38357 lines exceeds the maximum allowed for the inline comments feature.
Codecov Report
@@ Coverage Diff @@
## master #889 +/- ##
=======================================
Coverage 47.54% 47.54%
=======================================
Files 3 3
Lines 61 61
Branches 8 8
=======================================
Hits 29 29
Misses 28 28
Partials 4 4 Continue to review full report at Codecov.
|
2f3e3ff
to
98081bf
Compare
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
The PR diff size of 38127 lines exceeds the maximum allowed for the inline comments feature.
98081bf
to
e310818
Compare
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
The PR diff size of 38127 lines exceeds the maximum allowed for the inline comments feature.
e310818
to
72b152c
Compare
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
The PR diff size of 38127 lines exceeds the maximum allowed for the inline comments feature.
72b152c
to
cbc2f67
Compare
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
The PR diff size of 38127 lines exceeds the maximum allowed for the inline comments feature.
cbc2f67
to
a75fdd1
Compare
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
The PR diff size of 38127 lines exceeds the maximum allowed for the inline comments feature.
a75fdd1
to
fa20857
Compare
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
The PR diff size of 38127 lines exceeds the maximum allowed for the inline comments feature.
fa20857
to
98f852b
Compare
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
The PR diff size of 38127 lines exceeds the maximum allowed for the inline comments feature.
98f852b
to
08b3ebd
Compare
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
The PR diff size of 38127 lines exceeds the maximum allowed for the inline comments feature.
08b3ebd
to
cbec46f
Compare
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
The PR diff size of 38127 lines exceeds the maximum allowed for the inline comments feature.
Code Climate has analyzed commit cbec46f and detected 0 issues on this pull request. View more on Code Climate. |
Renovate Ignore NotificationAs this PR has been closed unmerged, Renovate will now ignore this update (8.2.13). You will still receive a PR once a newer version is released, so if you wish to permanently ignore this dependency, please add it to the If this PR was closed by mistake or you changed your mind, you can simply rename this PR and you will soon get a fresh replacement PR opened. |
This PR contains the following updates:
7.0.27
->8.2.13
7.0.17
->8.2.13
7.0.14
->8.2.13
6.0.23
->8.2.13
7.0.32
->8.2.13
GitHub Vulnerability Alerts
CVE-2021-23382
The package postcss before 8.2.13 are vulnerable to Regular Expression Denial of Service (ReDoS) via getAnnotationURL() and loadAnnotation() in lib/previous-map.js. The vulnerable regexes are caused mainly by the sub-pattern /*\s* sourceMappingURL=(.*).
CVE-2021-23368
The npm package
postcss
from 7.0.0 and before versions 7.0.36 and 8.2.10 is vulnerable to Regular Expression Denial of Service (ReDoS) during source map parsing.Configuration
📅 Schedule: "" (UTC).
🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.
♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.
🔕 Ignore: Close this PR and you won't be reminded about these updates again.
This PR has been generated by WhiteSource Renovate. View repository job log here.