New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

fix(packages): update dependency @angular/core to v11 [security] - autoclosed #659

Closed

renovate wants to merge 1 commit into release from renovate/npm-@angular/core-vulnerability

Contributor

renovate bot commented May 28, 2023

This PR contains the following updates:

Package	Change	Age	Adoption	Passing	Confidence
@angular/core	`9.1.6` -> `11.0.5`

GitHub Vulnerability Alerts

CVE-2021-4231

A vulnerability was found in Angular up to 11.0.4/11.1.0-next.2. It has been classified as problematic. Affected is the handling of comments. The manipulation leads to cross site scripting. It is possible to launch the attack remotely but it might require an authentication first. Upgrading to version 11.0.5 and 11.1.0-next.3 is able to address this issue. The name of the patch is ba8da742e3b243e8f43d4c63aa842b44e14f2b09. It is recommended to upgrade the affected component.

Release Notes

angular/angular

`v11.0.5`

`v11.0.4`

`v11.0.3`

`v11.0.2`

`v11.0.1`

`v11.0.0`

`v10.2.5`

`v10.2.4`

`v10.2.3`

`v10.2.2`

`v10.2.1`

`v10.2.0`

`v10.1.6`

`v10.1.5`

`v10.1.4`

`v10.1.3`

`v10.1.2`

`v10.1.1`

`v10.1.0`

`v10.0.14`

`v10.0.13`

`v10.0.12`

`v10.0.11`

`v10.0.10`

`v10.0.9`

`v10.0.8`

`v10.0.7`

`v10.0.6`

`v10.0.5`

`v10.0.4`

`v10.0.3`

`v10.0.2`

`v10.0.1`

`v10.0.0`

`v9.1.13`

`v9.1.12`

`v9.1.11`

`v9.1.10`

`v9.1.9`

`v9.1.8`

`v9.1.7`

Configuration

📅 Schedule: Branch creation - "" (UTC), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

♻ Rebasing: Never, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.

If you want to rebase/retry this PR, check this box

This PR has been generated by Mend Renovate. View repository job log here.


          fix(packages): update dependency @angular/core to v11 [security]

6974f3f

renovate bot requested a review from a team as a code owner

May 28, 2023 11:07

renovate bot added the Focus: security label

github-actions bot added PR: awaiting review Size: S labels

codecov bot commented May 28, 2023 •

edited

Codecov Report

Patch and project coverage have no change.

Comparison is base (ef9b3c3) 91.13% compared to head (6974f3f) 91.13%.

Additional details and impacted files

@@           Coverage Diff            @@
##           release     #659   +/-   ##
========================================
  Coverage    91.13%   91.13%           
========================================
  Files           39       39           
  Lines          485      485           
  Branches        89       89           
========================================
  Hits           442      442           
  Misses          43       43

Flag	Coverage Δ
browser	`100.00% <ø> (ø)`
coercion	`∅ <ø> (∅)`
jwt	`88.16% <ø> (ø)`
keycodes	`∅ <ø> (∅)`
regex	`∅ <ø> (∅)`
testing	`∅ <ø> (∅)`
type-guards	`98.00% <ø> (ø)`
utilities	`?`

Flags with carried forward coverage won't be shown. Click here to find out more.

☔ View full report in Codecov by Sentry.
📢 Do you have feedback about the report comment? Let us know in this issue.

renovate bot changed the title ~~fix(packages): update dependency @angular/core to v11 [security]~~ fix(packages): update dependency @angular/core to v11 [security] - autoclosed

renovate bot closed this

renovate bot deleted the renovate/npm-@angular/core-vulnerability branch

October 10, 2023 21:08

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment