Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

chore(deps): update dependency minimatch to 3.0.5 [security] #137

Merged
merged 1 commit into from
Feb 27, 2023
Merged

chore(deps): update dependency minimatch to 3.0.5 [security] #137

merged 1 commit into from
Feb 27, 2023

Conversation

renovate[bot]
Copy link
Contributor

@renovate renovate bot commented Oct 31, 2022
edited

Mend Renovate

This PR contains the following updates:

Package Change
minimatch 3.0.4 -> 3.0.5

GitHub Vulnerability Alerts

CVE-2022-3517

A vulnerability was found in the minimatch package. This flaw allows a Regular Expression Denial of Service (ReDoS) when calling the braceExpand function with specific arguments, resulting in a Denial of Service.

Configuration

📅 Schedule: Branch creation - "" in timezone Europe/Oslo, Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

Rebasing: Whenever PR is behind base branch, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.

  • If you want to rebase/retry this PR, check this box

This PR has been generated by Mend Renovate. View repository job log here.

@renovate renovate bot added the dependencies Pull requests that update a dependency file label Oct 31, 2022
@renovate renovate bot force-pushed the renovate/npm-minimatch-vulnerability branch 3 times, most recently from ae8edd4 to dedbd3c Compare November 6, 2022 10:28
@renovate renovate bot force-pushed the renovate/npm-minimatch-vulnerability branch from dedbd3c to 8552eb5 Compare November 8, 2022 09:06
@renovate renovate bot force-pushed the renovate/npm-minimatch-vulnerability branch 4 times, most recently from 2e8f397 to 0c84aad Compare November 25, 2022 11:12
@renovate renovate bot force-pushed the renovate/npm-minimatch-vulnerability branch 4 times, most recently from be355b1 to 94c5399 Compare December 4, 2022 19:29
@renovate renovate bot force-pushed the renovate/npm-minimatch-vulnerability branch from 94c5399 to b842d6d Compare December 8, 2022 04:38
@renovate renovate bot force-pushed the renovate/npm-minimatch-vulnerability branch from b842d6d to 29e1259 Compare December 17, 2022 05:19
@renovate renovate bot changed the title chore(deps): update dependency minimatch to 3.0.5 [security] Update dependency minimatch to 3.0.5 [SECURITY] Dec 17, 2022
@renovate renovate bot changed the title Update dependency minimatch to 3.0.5 [SECURITY] chore(deps): update dependency minimatch to 3.0.5 [security] Dec 17, 2022
@renovate renovate bot force-pushed the renovate/npm-minimatch-vulnerability branch 2 times, most recently from 3078d00 to 32820f9 Compare December 28, 2022 01:57
@renovate renovate bot force-pushed the renovate/npm-minimatch-vulnerability branch 5 times, most recently from 4f7755f to b66f1b3 Compare January 4, 2023 22:04
@renovate renovate bot force-pushed the renovate/npm-minimatch-vulnerability branch 2 times, most recently from e35bf9b to 468ff77 Compare January 9, 2023 18:13
@renovate renovate bot changed the title chore(deps): update dependency minimatch to 3.0.5 [security] chore(deps): update dependency minimatch to 3.0.5 [security] - autoclosed Jan 10, 2023
@renovate renovate bot closed this Jan 10, 2023
@renovate renovate bot deleted the renovate/npm-minimatch-vulnerability branch January 10, 2023 02:36
@renovate renovate bot changed the title chore(deps): update dependency minimatch to 3.0.5 [security] - autoclosed chore(deps): update dependency minimatch to 3.0.5 [security] Jan 10, 2023
@renovate renovate bot reopened this Jan 10, 2023
@renovate renovate bot restored the renovate/npm-minimatch-vulnerability branch January 10, 2023 06:42
@renovate renovate bot force-pushed the renovate/npm-minimatch-vulnerability branch 5 times, most recently from 49fab71 to f17b61c Compare January 17, 2023 01:05
@renovate renovate bot force-pushed the renovate/npm-minimatch-vulnerability branch from f17b61c to af911d2 Compare January 29, 2023 03:00
@renovate renovate bot force-pushed the renovate/npm-minimatch-vulnerability branch 5 times, most recently from edfe192 to f2771b2 Compare February 14, 2023 00:34
@renovate renovate bot force-pushed the renovate/npm-minimatch-vulnerability branch 2 times, most recently from df10f1e to a246c1f Compare February 20, 2023 20:07
@renovate renovate bot force-pushed the renovate/npm-minimatch-vulnerability branch from a246c1f to 3f0facd Compare February 26, 2023 13:47
@Kayuaga Kayuaga merged commit d43b079 into main Feb 27, 2023
@Kayuaga Kayuaga deleted the renovate/npm-minimatch-vulnerability branch February 27, 2023 09:40
Kayuaga pushed a commit that referenced this pull request Feb 27, 2023
chore: release 0.4.2
fa77cab 
## [0.4.2](v0.4.1...v0.4.2) (2023-02-27)

### Miscellaneous Chores

* **deps:** update babel monorepo to v7.19.1 ([#126](#126)) ([29d9586](29d9586))
* **deps:** update dependency @babel/core to v7.19.0 ([#124](#124)) ([13d993a](13d993a))
* **deps:** update dependency @babel/core to v7.19.3 ([#129](#129)) ([e855fd8](e855fd8))
* **deps:** update dependency @babel/core to v7.19.6 ([#134](#134)) ([58692b7](58692b7))
* **deps:** update dependency @babel/core to v7.20.12 ([#160](#160)) ([0391276](0391276))
* **deps:** update dependency @babel/core to v7.20.2 ([#138](#138)) ([fc86f80](fc86f80))
* **deps:** update dependency @babel/core to v7.20.5 ([#145](#145)) ([4f48848](4f48848))
* **deps:** update dependency @babel/core to v7.20.7 ([#152](#152)) ([099306f](099306f))
* **deps:** update dependency @babel/core to v7.21.0 ([#179](#179)) ([5f7ae75](5f7ae75))
* **deps:** update dependency @commitlint/cli to v17.4.1 ([#162](#162)) ([63659fc](63659fc))
* **deps:** update dependency @release-it/conventional-changelog to v5.1.1 ([#133](#133)) ([1ac494d](1ac494d))
* **deps:** update dependency eslint to v8.23.1 ([#125](#125)) ([8cee2a4](8cee2a4))
* **deps:** update dependency eslint to v8.24.0 ([#128](#128)) ([9e5d29c](9e5d29c))
* **deps:** update dependency eslint to v8.25.0 ([#132](#132)) ([6be1b69](6be1b69))
* **deps:** update dependency eslint to v8.26.0 ([#135](#135)) ([7292208](7292208))
* **deps:** update dependency eslint to v8.27.0 ([#139](#139)) ([8cf723b](8cf723b))
* **deps:** update dependency eslint to v8.28.0 ([#141](#141)) ([e61fe75](e61fe75))
* **deps:** update dependency eslint to v8.29.0 ([#148](#148)) ([6a7681e](6a7681e))
* **deps:** update dependency eslint to v8.30.0 ([#151](#151)) ([1284f8c](1284f8c))
* **deps:** update dependency eslint to v8.31.0 ([#154](#154)) ([94a2ce2](94a2ce2))
* **deps:** update dependency eslint to v8.32.0 ([#166](#166)) ([4c55726](4c55726))
* **deps:** update dependency eslint to v8.33.0 ([#168](#168)) ([e7cb2ad](e7cb2ad))
* **deps:** update dependency eslint to v8.34.0 ([#173](#173)) ([d82f763](d82f763))
* **deps:** update dependency eslint to v8.35.0 ([#180](#180)) ([5444b8f](5444b8f))
* **deps:** update dependency eslint-config-prettier to v8.6.0 ([#155](#155)) ([c9b1488](c9b1488))
* **deps:** update dependency eslint-plugin-import to v2.27.4 ([#163](#163)) ([752a51d](752a51d))
* **deps:** update dependency eslint-plugin-import to v2.27.5 ([#167](#167)) ([2d07416](2d07416))
* **deps:** update dependency http-cache-semantics to 4.1.1 [security] ([#170](#170)) ([21f5bff](21f5bff))
* **deps:** update dependency husky to v8.0.2 ([#140](#140)) ([2e1bae0](2e1bae0))
* **deps:** update dependency husky to v8.0.3 ([#156](#156)) ([48f82cd](48f82cd))
* **deps:** update dependency lint-staged to v13.0.4 ([#144](#144)) ([0a6e76f](0a6e76f))
* **deps:** update dependency lint-staged to v13.1.0 ([#149](#149)) ([c6de5e7](c6de5e7))
* **deps:** update dependency lint-staged to v13.1.1 ([#171](#171)) ([915ffca](915ffca))
* **deps:** update dependency lint-staged to v13.1.2 ([#177](#177)) ([14a1399](14a1399))
* **deps:** update dependency minimatch to 3.0.5 [security] ([#137](#137)) ([d43b079](d43b079))
* **deps:** update dependency prettier to v2.8.0 ([#143](#143)) ([07bcde0](07bcde0))
* **deps:** update dependency prettier to v2.8.1 ([#150](#150)) ([104474a](104474a))
* **deps:** update dependency prettier to v2.8.2 ([#161](#161)) ([004f481](004f481))
* **deps:** update dependency prettier to v2.8.3 ([#165](#165)) ([491cf49](491cf49))
* **deps:** update dependency prettier to v2.8.4 ([#172](#172)) ([4dceef0](4dceef0))
* **deps:** update dependency release-it to v15.4.1 ([#123](#123)) ([ee2bc3f](ee2bc3f))
* **deps:** update dependency release-it to v15.4.2 ([#127](#127)) ([f551392](f551392))
* **deps:** update dependency release-it to v15.4.3 ([#130](#130)) ([4797172](4797172))
* **deps:** update dependency release-it to v15.5.0 ([#131](#131)) ([9479cfd](9479cfd))
* **deps:** update dependency release-it to v15.5.1 ([#146](#146)) ([4668167](4668167))
* **deps:** update dependency release-it to v15.6.0 ([#153](#153)) ([f2f5008](f2f5008))
* **deps:** update release-related tools to v17.2.0 ([#136](#136)) ([3914e64](3914e64))
* **deps:** update release-related tools to v17.3.0 ([#142](#142)) ([b90c5da](b90c5da))
* **deps:** update release-related tools to v17.4.0 ([#157](#157)) ([e442a91](e442a91))
* **deps:** update release-related tools to v17.4.2 ([#164](#164)) ([9deec23](9deec23))
* **deps:** update release-related tools to v17.4.3 ([#176](#176)) ([20353e3](20353e3))
* **deps:** update release-related tools to v17.4.4 ([#178](#178)) ([bcc1e9c](bcc1e9c))
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@Kayuaga Kayuaga Kayuaga approved these changes

Assignees
No one assigned
Labels
dependencies Pull requests that update a dependency file
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
1 participant
@Kayuaga