From 451d475d21301864a964ecfe04101de322e7a135 Mon Sep 17 00:00:00 2001 From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com> Date: Mon, 8 Apr 2024 19:51:36 +0000 Subject: [PATCH] chore(deps): update node.js to v18.20.1 (#6801) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit [![Mend Renovate](https://app.renovatebot.com/images/banner.svg)](https://renovatebot.com) This PR contains the following updates: | Package | Type | Update | Change | Pending | Age | Adoption | Passing | Confidence | |---|---|---|---|---|---|---|---|---| | [node](https://togithub.com/nodejs/node) | final | patch | `18.20.0-alpine` -> `18.20.1-alpine` | | [![age](https://developer.mend.io/api/mc/badges/age/docker/node/18.20.1?slim=true)](https://docs.renovatebot.com/merge-confidence/) | [![adoption](https://developer.mend.io/api/mc/badges/adoption/docker/node/18.20.1?slim=true)](https://docs.renovatebot.com/merge-confidence/) | [![passing](https://developer.mend.io/api/mc/badges/compatibility/docker/node/18.20.0/18.20.1?slim=true)](https://docs.renovatebot.com/merge-confidence/) | [![confidence](https://developer.mend.io/api/mc/badges/confidence/docker/node/18.20.0/18.20.1?slim=true)](https://docs.renovatebot.com/merge-confidence/) | | [node](https://togithub.com/nodejs/node) | stage | patch | `18.20.0-alpine` -> `18.20.1-alpine` | | [![age](https://developer.mend.io/api/mc/badges/age/docker/node/18.20.1?slim=true)](https://docs.renovatebot.com/merge-confidence/) | [![adoption](https://developer.mend.io/api/mc/badges/adoption/docker/node/18.20.1?slim=true)](https://docs.renovatebot.com/merge-confidence/) | [![passing](https://developer.mend.io/api/mc/badges/compatibility/docker/node/18.20.0/18.20.1?slim=true)](https://docs.renovatebot.com/merge-confidence/) | [![confidence](https://developer.mend.io/api/mc/badges/confidence/docker/node/18.20.0/18.20.1?slim=true)](https://docs.renovatebot.com/merge-confidence/) | | [@types/node](https://togithub.com/DefinitelyTyped/DefinitelyTyped/tree/master/types/node) ([source](https://togithub.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/node)) | devDependencies | patch | [`18.19.26` -> `18.19.28`](https://renovatebot.com/diffs/npm/@types%2fnode/18.19.26/18.19.28) | `18.19.30` (+1) | [![age](https://developer.mend.io/api/mc/badges/age/npm/@types%2fnode/18.19.28?slim=true)](https://docs.renovatebot.com/merge-confidence/) | [![adoption](https://developer.mend.io/api/mc/badges/adoption/npm/@types%2fnode/18.19.28?slim=true)](https://docs.renovatebot.com/merge-confidence/) | [![passing](https://developer.mend.io/api/mc/badges/compatibility/npm/@types%2fnode/18.19.26/18.19.28?slim=true)](https://docs.renovatebot.com/merge-confidence/) | [![confidence](https://developer.mend.io/api/mc/badges/confidence/npm/@types%2fnode/18.19.26/18.19.28?slim=true)](https://docs.renovatebot.com/merge-confidence/) | --- ### Release Notes
nodejs/node (node) ### [`v18.20.1`](https://togithub.com/nodejs/node/releases/tag/v18.20.1): 2024-04-03, Version 18.20.1 'Hydrogen' (LTS), @​RafaelGSS [Compare Source](https://togithub.com/nodejs/node/compare/v18.20.0...v18.20.1) This is a security release. ##### Notable Changes - CVE-2024-27983 - Assertion failed in node::http2::Http2Session::~Http2Session() leads to HTTP/2 server crash- (High) - CVE-2024-27982 - HTTP Request Smuggling via Content Length Obfuscation - (Medium) - llhttp version 9.2.1 - undici version 5.28.4 ##### Commits - \[[`60d24938de`](https://togithub.com/nodejs/node/commit/60d24938de)] - **deps**: update undici to v5.28.4 (Matteo Collina) [nodejs-private/node-private#577](https://togithub.com/nodejs-private/node-private/pull/577) - \[[`5d4d5848cf`](https://togithub.com/nodejs/node/commit/5d4d5848cf)] - **http**: do not allow OBS fold in headers by default (Paolo Insogna) [nodejs-private/node-private#558](https://togithub.com/nodejs-private/node-private/pull/558) - \[[`0fb816dbcc`](https://togithub.com/nodejs/node/commit/0fb816dbcc)] - **src**: ensure to close stream when destroying session (Anna Henningsen) [nodejs-private/node-private#561](https://togithub.com/nodejs-private/node-private/pull/561)
--- ### Configuration 📅 **Schedule**: Branch creation - "after 7pm every weekday,before 5am every weekday" in timezone Europe/Madrid, Automerge - At any time (no schedule defined). 🚦 **Automerge**: Enabled. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about these updates again. --- - [ ] If you want to rebase/retry this PR, check this box --- This PR has been generated by [Mend Renovate](https://www.mend.io/free-developer-tools/renovate/). View repository job log [here](https://developer.mend.io/github/Unleash/unleash). Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> --- Dockerfile | 2 +- frontend/package.json | 2 +- frontend/yarn.lock | 8 ++++---- package.json | 2 +- yarn.lock | 8 ++++---- 5 files changed, 11 insertions(+), 11 deletions(-) diff --git a/Dockerfile b/Dockerfile index 3600c75dae..d45f7cf883 100644 --- a/Dockerfile +++ b/Dockerfile @@ -1,4 +1,4 @@ -ARG NODE_VERSION=18.20.0-alpine +ARG NODE_VERSION=18.20.1-alpine FROM node:$NODE_VERSION as builder diff --git a/frontend/package.json b/frontend/package.json index 1b8fad7648..741ec9ba36 100644 --- a/frontend/package.json +++ b/frontend/package.json @@ -55,7 +55,7 @@ "@types/lodash.isequal": "^4.5.8", "@types/lodash.mapvalues": "^4.6.9", "@types/lodash.omit": "4.5.9", - "@types/node": "18.19.26", + "@types/node": "18.19.28", "@types/react": "17.0.80", "@types/react-dom": "17.0.25", "@types/react-linkify": "1.0.4", diff --git a/frontend/yarn.lock b/frontend/yarn.lock index 5e524d89eb..a6f3b32e7b 100644 --- a/frontend/yarn.lock +++ b/frontend/yarn.lock @@ -2389,10 +2389,10 @@ dependencies: undici-types "~5.26.4" -"@types/node@18.19.26": - version "18.19.26" - resolved "https://registry.yarnpkg.com/@types/node/-/node-18.19.26.tgz#18991279d0a0e53675285e8cf4a0823766349729" - integrity sha512-+wiMJsIwLOYCvUqSdKTrfkS8mpTp+MPINe6+Np4TAGFWWRWiBQ5kSq9nZGCSPkzx9mvT+uEukzpX4MOSCydcvw== +"@types/node@18.19.28": + version "18.19.28" + resolved "https://registry.yarnpkg.com/@types/node/-/node-18.19.28.tgz#c64a2c992c8ebbf61100a4570e4eebc1934ae030" + integrity sha512-J5cOGD9n4x3YGgVuaND6khm5x07MMdAKkRyXnjVR6KFhLMNh2yONGiP7Z+4+tBOt5mK+GvDTiacTOVGGpqiecw== dependencies: undici-types "~5.26.4" diff --git a/package.json b/package.json index 3e883ea124..543def61b0 100644 --- a/package.json +++ b/package.json @@ -167,7 +167,7 @@ "@types/make-fetch-happen": "10.0.4", "@types/memoizee": "0.4.11", "@types/mime": "3.0.4", - "@types/node": "18.19.26", + "@types/node": "18.19.28", "@types/nodemailer": "6.4.14", "@types/owasp-password-strength-test": "1.3.2", "@types/pg": "8.11.4", diff --git a/yarn.lock b/yarn.lock index 2e53db756a..30985c87f2 100644 --- a/yarn.lock +++ b/yarn.lock @@ -1571,10 +1571,10 @@ dependencies: undici-types "~5.26.4" -"@types/node@18.19.26": - version "18.19.26" - resolved "https://registry.yarnpkg.com/@types/node/-/node-18.19.26.tgz#18991279d0a0e53675285e8cf4a0823766349729" - integrity sha512-+wiMJsIwLOYCvUqSdKTrfkS8mpTp+MPINe6+Np4TAGFWWRWiBQ5kSq9nZGCSPkzx9mvT+uEukzpX4MOSCydcvw== +"@types/node@18.19.28": + version "18.19.28" + resolved "https://registry.yarnpkg.com/@types/node/-/node-18.19.28.tgz#c64a2c992c8ebbf61100a4570e4eebc1934ae030" + integrity sha512-J5cOGD9n4x3YGgVuaND6khm5x07MMdAKkRyXnjVR6KFhLMNh2yONGiP7Z+4+tBOt5mK+GvDTiacTOVGGpqiecw== dependencies: undici-types "~5.26.4"