Skip to content
This repository has been archived by the owner on Sep 23, 2022. It is now read-only.

chore(deps): update dependency node-fetch to 2.6.7 [security] #612

Open
wants to merge 1 commit into
base: master
Choose a base branch
from
Open

chore(deps): update dependency node-fetch to 2.6.7 [security] #612

wants to merge 1 commit into from

Conversation

renovate[bot]
Copy link
Contributor

@renovate renovate bot commented Feb 13, 2022
edited

Mend Renovate

This PR contains the following updates:

Package Change
node-fetch 2.6.5 -> 2.6.7
node-fetch 2.6.1 -> 2.6.7
node-fetch 2.6.6 -> 2.6.7

GitHub Vulnerability Alerts

CVE-2022-0235

node-fetch is vulnerable to Exposure of Sensitive Information to an Unauthorized Actor

Configuration

📅 Schedule: Branch creation - "" (UTC), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled due to failing status checks.

Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about these updates again.

  • If you want to rebase/retry this PR, click this checkbox.

This PR has been generated by Mend Renovate. View repository job log here.

@renovate
Copy link
Contributor Author

renovate bot commented Feb 13, 2022

Branch automerge failure

This PR was configured for branch automerge, however this is not possible so it has been raised as a PR instead.

  • Branch has one or more failed status checks

@renovate renovate bot force-pushed the renovate/npm-node-fetch-vulnerability branch from 9ad60fb to 697bf6d Compare March 31, 2022 23:29
@renovate
Copy link
Contributor Author

renovate bot commented Mar 31, 2022
edited

⚠ Artifact update problem

Renovate failed to update an artifact related to this branch. You probably do not want to merge this PR as-is.

♻ Renovate will retry this branch, including artifacts, only when one of the following happens:

  • any of the package files in this branch needs updating, or
  • the branch becomes conflicted, or
  • you click the rebase/retry checkbox if found above, or
  • you rename this PR's title to start with "rebase!" to trigger it manually

The artifact failure details are included below:

File name: server/package-lock.json
lerna notice cli v4.0.0
lerna notice cli v4.0.0
lerna info Bootstrapping 3 packages
lerna info Installing external dependencies
lerna ERR! npm install --ignore-scripts --ignore-scripts --no-audit --package-lock-only exited 1 in 're-radio-server'

@cypress
Copy link

cypress bot commented Mar 31, 2022


Test summary

29 0 0 0

Run details
Project re-radio
Status Passed
Commit 697bf6d
Started Mar 31, 2022 11:34 PM
Ended Mar 31, 2022 11:36 PM
Duration 01:56 💡
OS Linux Ubuntu - 20.04
Browser Electron 91

View run in Cypress Dashboard ➡️

This comment has been generated by cypress-bot as a result of this project's GitHub integration settings. You can manage this integration in this project's settings in the Cypress Dashboard

@cypress
Copy link

cypress bot commented Mar 31, 2022


Test summary

29 0 0 0

Run details
Project re-radio
Status Passed
Commit 5ed9f41 ℹ️
Started Mar 31, 2022 11:35 PM
Ended Mar 31, 2022 11:37 PM
Duration 02:04 💡
OS Linux Ubuntu - 20.04
Browser Electron 91

View run in Cypress Dashboard ➡️

This comment has been generated by cypress-bot as a result of this project's GitHub integration settings. You can manage this integration in this project's settings in the Cypress Dashboard

Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
1 participant
@renovate-bot