Skip to content
This repository has been archived by the owner on Jul 12, 2022. It is now read-only.

Update dependency async [SECURITY] #1581

Open
wants to merge 1 commit into
base: main
Choose a base branch
from
Open

Update dependency async [SECURITY] #1581

wants to merge 1 commit into from

Conversation

renovate[bot]
Copy link

@renovate renovate bot commented Apr 29, 2022
edited
Loading

Mend Renovate

This PR contains the following updates:

Package Change
async 2.6.3 -> 2.6.4
async 3.2.0 -> 3.2.2

GitHub Vulnerability Alerts

CVE-2021-43138

A vulnerability exists in Async through 3.2.1 for 3.x and through 2.6.3 for 2.x (fixed in 3.2.2 and 2.6.4), which could let a malicious user obtain privileges via the mapValues() method.

Configuration

📅 Schedule: Branch creation - "" (UTC), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

👻 Immortal: This PR will be recreated if closed unmerged. Get config help if that's undesired.

  • If you want to rebase/retry this PR, click this checkbox.

This PR has been generated by Mend Renovate. View repository job log here.

@codecov
Copy link

codecov bot commented Apr 29, 2022
edited
Loading

Codecov Report

Merging #1581 (6429be3) into main (ebc5600) will decrease coverage by 0.01%.
The diff coverage is n/a.

@@             Coverage Diff              @@
##               main    #1581      +/-   ##
============================================
- Coverage     78.37%   78.36%   -0.02%     
  Complexity     2266     2266              
============================================
  Files          1287     1287              
  Lines         17918    17918              
  Branches       1650     1650              
============================================
- Hits          14044    14042       -2     
  Misses         3387     3387              
- Partials        487      489       +2
Flag Coverage Δ
butler 89.11% <ø> (ø)
ui 80.03% <ø> (-0.03%) ⬇️

Flags with carried forward coverage won't be shown. Click here to find out more.

Impacted Files Coverage Δ
ui/src/modules/Circles/Release/Create/Module.tsx 90.00% <0.00%> (-2.50%) ⬇️
ui/src/modules/Circles/Release/hooks.ts 79.06% <0.00%> (-2.33%) ⬇️

Continue to review full report at Codecov.

Legend - Click here to learn more
Δ = absolute <relative> (impact), ø = not affected, ? = missing data
Powered by Codecov. Last update 3d610a9...6429be3. Read the comment docs.

@renovate renovate bot force-pushed the renovate/npm-async-vulnerability branch from 0f2c47a to 1f67acf Compare April 29, 2022 14:08
@renovate renovate bot changed the title Update dependency async to 2.6.4 [SECURITY] Update dependency async [SECURITY] May 16, 2022
@renovate renovate bot force-pushed the renovate/npm-async-vulnerability branch from 1f67acf to 2c648e3 Compare May 16, 2022 22:39
@renovate renovate bot force-pushed the renovate/npm-async-vulnerability branch from 2c648e3 to 6429be3 Compare May 25, 2022 14:41
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
1 participant
@renovate-bot