mirror of
https://github.com/Unleash/unleash.git
synced 2024-12-22 19:07:54 +01:00
chore(deps): update dependency semver to v7.5.2 [security] (#4081)
[](https://renovatebot.com) This PR contains the following updates: | Package | Change | Age | Adoption | Passing | Confidence | |---|---|---|---|---|---| | [semver](https://togithub.com/npm/node-semver) | [`7.5.1` -> `7.5.2`](https://renovatebot.com/diffs/npm/semver/7.5.1/7.5.2) | [](https://docs.renovatebot.com/merge-confidence/) | [](https://docs.renovatebot.com/merge-confidence/) | [](https://docs.renovatebot.com/merge-confidence/) | [](https://docs.renovatebot.com/merge-confidence/) | ### GitHub Vulnerability Alerts #### [CVE-2022-25883](https://nvd.nist.gov/vuln/detail/CVE-2022-25883) Versions of the package semver before 7.5.2 are vulnerable to Regular Expression Denial of Service (ReDoS) via the function new Range, when untrusted user data is provided as a range. --- ### Release Notes <details> <summary>npm/node-semver</summary> ### [`v7.5.2`](https://togithub.com/npm/node-semver/blob/HEAD/CHANGELOG.md#​752-httpsgithubcomnpmnode-semvercomparev751v752-2023-06-15) [Compare Source](https://togithub.com/npm/node-semver/compare/v7.5.1...v7.5.2) ##### Bug Fixes - [`58c791f`](58c791f40b) [#​566](https://togithub.com/npm/node-semver/pull/566) diff when detecting major change from prerelease ([#​566](https://togithub.com/npm/node-semver/issues/566)) ([@​lukekarrys](https://togithub.com/lukekarrys)) - [`5c8efbc`](5c8efbcb3c) [#​565](https://togithub.com/npm/node-semver/pull/565) preserve build in raw after inc ([#​565](https://togithub.com/npm/node-semver/issues/565)) ([@​lukekarrys](https://togithub.com/lukekarrys)) - [`717534e`](717534ee35) [#​564](https://togithub.com/npm/node-semver/pull/564) better handling of whitespace ([#​564](https://togithub.com/npm/node-semver/issues/564)) ([@​lukekarrys](https://togithub.com/lukekarrys)) </details> --- ### Configuration 📅 **Schedule**: Branch creation - "" (UTC), Automerge - At any time (no schedule defined). 🚦 **Automerge**: Enabled. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- This PR has been generated by [Mend Renovate](https://www.mend.io/free-developer-tools/renovate/). View repository job log [here](https://developer.mend.io/github/Unleash/unleash). <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiIzNS4xMzEuMCIsInVwZGF0ZWRJblZlciI6IjM1LjEzMS4wIiwidGFyZ2V0QnJhbmNoIjoibWFpbiJ9--> Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
This commit is contained in:
renovate[bot]
GitHub
parent
95a0c7748f
commit
b769272743
@ -105,7 +105,7 @@
|
||||
"react-test-renderer": "17.0.2",
|
||||
"react-timeago": "7.1.0",
|
||||
"sass": "1.62.1",
|
||||
"semver": "7.5.1",
|
||||
"semver": "7.5.2",
|
||||
"swr": "2.1.5",
|
||||
"tss-react": "4.8.6",
|
||||
"typescript": "4.8.4",
|
||||
|
||||
@ -8399,10 +8399,10 @@ scrollparent@^2.0.1:
|
||||
resolved "https://registry.yarnpkg.com/scrollparent/-/scrollparent-2.0.1.tgz#715d5b9cc57760fb22bdccc3befb5bfe06b1a317"
|
||||
integrity sha512-HSdN78VMvFCSGCkh0oYX/tY4R3P1DW61f8+TeZZ4j2VLgfwvw0bpRSOv4PCVKisktIwbzHCfZsx+rLbbDBqIBA==
|
||||
|
||||
semver@7.5.1:
|
||||
version "7.5.1"
|
||||
resolved "https://registry.yarnpkg.com/semver/-/semver-7.5.1.tgz#c90c4d631cf74720e46b21c1d37ea07edfab91ec"
|
||||
integrity sha512-Wvss5ivl8TMRZXXESstBA4uR5iXgEN/VC5/sOcuXdVLzcdkz4HWetIoRfG5gb5X+ij/G9rw9YoGn3QoQ8OCSpw==
|
||||
semver@7.5.2:
|
||||
version "7.5.2"
|
||||
resolved "https://registry.yarnpkg.com/semver/-/semver-7.5.2.tgz#5b851e66d1be07c1cdaf37dfc856f543325a2beb"
|
||||
integrity sha512-SoftuTROv/cRjCze/scjGyiDtcUyxw1rgYQSZY7XTmtR5hX+dm76iDbTH8TkLPHCQmlbQVSSbNZCPM2hb0knnQ==
|
||||
dependencies:
|
||||
lru-cache "^6.0.0"
|
||||
|
||||
|
||||
Loading…
Reference in New Issue
Block a user