Skip to content
This repository was archived by the owner on Jun 28, 2022. It is now read-only.

chore(deps): update dependency path-parse to 1.0.7 [SECURITY] #107

Open
wants to merge 1 commit into
base: main
Choose a base branch
from
Open

chore(deps): update dependency path-parse to 1.0.7 [SECURITY] #107

wants to merge 1 commit into from

Conversation

@renovate
Copy link

@renovate renovate bot commented Aug 11, 2021
edited
Loading

Mend Renovate

This PR contains the following updates:

Package Change
path-parse 1.0.6 -> 1.0.7

GitHub Vulnerability Alerts

CVE-2021-23343

Affected versions of npm package path-parse are vulnerable to Regular Expression Denial of Service (ReDoS) via splitDeviceRe, splitTailRe, and splitPathRe regular expressions. ReDoS exhibits polynomial worst-case time complexity.

Configuration

📅 Schedule: Branch creation - "" (UTC), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.

  • If you want to rebase/retry this PR, click this checkbox.

This PR has been generated by Mend Renovate. View repository job log here.

@renovate renovate bot added the dependencies Pull requests that update a dependency file label Aug 11, 2021
@renovate renovate bot changed the title chore(deps): update dependency path-parse to 1.0.7 [security] chore(deps): update dependency path-parse to 1.0.7 [SECURITY] Jun 27, 2022
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.

Reviewers

No reviews

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@renovate-bot