This repository has been archived by the owner on Oct 3, 2023. It is now read-only.
chore(deps): update dependency parse-url to 8.1.0 [security] - autoclosed #998
Closed
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
renovate
bot
requested review from
mayurkale22,
draffensperger and
aabmass
as code owners
September 25, 2022 20:30
renovate
bot
changed the title
chore(deps): update dependency parse-url to 8.1.0 [security]
chore(deps): update dependency parse-url to 8.1.0 [security] - autoclosed
Mar 24, 2023
renovate
bot
changed the title
chore(deps): update dependency parse-url to 8.1.0 [security] - autoclosed
chore(deps): update dependency parse-url to 8.1.0 [security]
Mar 29, 2023
renovate
bot
changed the title
chore(deps): update dependency parse-url to 8.1.0 [security]
chore(deps): update dependency parse-url to 8.1.0 [security] - autoclosed
Mar 29, 2023
renovate
bot
changed the title
chore(deps): update dependency parse-url to 8.1.0 [security] - autoclosed
chore(deps): update dependency parse-url to 8.1.0 [security]
Mar 29, 2023
renovate
bot
force-pushed
the
renovate/npm-parse-url-vulnerability
branch
from
March 29, 2023 19:52
dcf3b8e
to
0a49f58
Compare
renovate
bot
changed the title
chore(deps): update dependency parse-url to 8.1.0 [security]
chore(deps): update dependency parse-url to 8.1.0 [security] - autoclosed
Mar 29, 2023
renovate
bot
changed the title
chore(deps): update dependency parse-url to 8.1.0 [security] - autoclosed
chore(deps): update dependency parse-url to 8.1.0 [security]
Mar 30, 2023
Codecov Report
@@ Coverage Diff @@
## master #998 +/- ##
==========================================
+ Coverage 95.04% 95.21% +0.16%
==========================================
Files 72 106 +34
Lines 5796 6754 +958
Branches 700 577 -123
==========================================
+ Hits 5509 6431 +922
- Misses 287 323 +36 see 129 files with indirect coverage changes Help us with your feedback. Take ten seconds to tell us how you rate us. Have a feature suggestion? Share it here. |
This only affects dev dependencies. This does not affect production uses of these modules. |
renovate
bot
changed the title
chore(deps): update dependency parse-url to 8.1.0 [security]
chore(deps): update dependency parse-url to 8.1.0 [security] - autoclosed
Mar 30, 2023
renovate
bot
changed the title
chore(deps): update dependency parse-url to 8.1.0 [security] - autoclosed
chore(deps): update dependency parse-url to 8.1.0 [security]
Mar 30, 2023
renovate
bot
changed the title
chore(deps): update dependency parse-url to 8.1.0 [security] - autoclosed
chore(deps): update dependency parse-url to 8.1.0 [security]
Apr 1, 2023
renovate
bot
changed the title
chore(deps): update dependency parse-url to 8.1.0 [security]
chore(deps): update dependency parse-url to 8.1.0 [security] - autoclosed
Apr 3, 2023
renovate
bot
changed the title
chore(deps): update dependency parse-url to 8.1.0 [security] - autoclosed
chore(deps): update dependency parse-url to 8.1.0 [security]
Apr 3, 2023
renovate
bot
changed the title
chore(deps): update dependency parse-url to 8.1.0 [security]
chore(deps): update dependency parse-url to 8.1.0 [security] - autoclosed
Apr 3, 2023
renovate
bot
changed the title
chore(deps): update dependency parse-url to 8.1.0 [security] - autoclosed
chore(deps): update dependency parse-url to 8.1.0 [security]
Apr 3, 2023
renovate
bot
changed the title
chore(deps): update dependency parse-url to 8.1.0 [security]
chore(deps): update dependency parse-url to 8.1.0 [security] - autoclosed
Apr 5, 2023
renovate
bot
changed the title
chore(deps): update dependency parse-url to 8.1.0 [security] - autoclosed
chore(deps): update dependency parse-url to 8.1.0 [security]
Apr 5, 2023
renovate
bot
changed the title
chore(deps): update dependency parse-url to 8.1.0 [security]
chore(deps): update dependency parse-url to 8.1.0 [security] - autoclosed
Apr 17, 2023
renovate
bot
changed the title
chore(deps): update dependency parse-url to 8.1.0 [security] - autoclosed
chore(deps): update dependency parse-url to 8.1.0 [security]
Apr 18, 2023
renovate
bot
changed the title
chore(deps): update dependency parse-url to 8.1.0 [security]
chore(deps): update dependency parse-url to 8.1.0 [security] - autoclosed
May 28, 2023
Sign up for free
to subscribe to this conversation on GitHub.
Already have an account?
Sign in.
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
This PR contains the following updates:
6.0.5
->8.1.0
GitHub Vulnerability Alerts
CVE-2022-2900
Server-Side Request Forgery (SSRF) in GitHub repository ionicabizau/parse-url prior to 8.1.0.
CVE-2022-3224
parse-url prior to 8.1.0 is vulnerable to Misinterpretation of Input. parse-url parses certain http or https URLs incorrectly, identifying the URL's protocol as ssh. It may also parse the host name incorrectly.
Configuration
📅 Schedule: Branch creation - "" (UTC), Automerge - At any time (no schedule defined).
🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.
♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.
🔕 Ignore: Close this PR and you won't be reminded about this update again.
This PR has been generated by Mend Renovate. View repository job log here.