Skip to content
This repository was archived by the owner on Jun 15, 2021. It is now read-only.

chore(deps): update dependency semantic-release to 17.2.3 [security]#325

Open
renovate[bot] wants to merge 1 commit into
masterfrom
renovate/npm-semantic-release-vulnerability
Open

chore(deps): update dependency semantic-release to 17.2.3 [security]#325
renovate[bot] wants to merge 1 commit into
masterfrom
renovate/npm-semantic-release-vulnerability

Conversation

@renovate

@renovate renovate Bot commented May 9, 2021

Copy link
Copy Markdown

WhiteSource Renovate

This PR contains the following updates:

Package Change
semantic-release 15.13.18 -> 17.2.3

GitHub Vulnerability Alerts

CVE-2020-26226

Impact

Secrets that would normally be masked by semantic-release can be accidentally disclosed if they contain characters that become encoded when included in a URL.

Patches

Fixed in v17.2.3

Workarounds

Secrets that do not contain characters that become encoded when included in a URL are already masked properly.


Configuration

📅 Schedule: "" (UTC).

🚦 Automerge: Disabled due to failing status checks.

♻️ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.


  • If you want to rebase/retry this PR, check this box.

This PR has been generated by WhiteSource Renovate. View repository job log here.

@renovate

renovate Bot commented May 9, 2021

Copy link
Copy Markdown
Author

Branch automerge failure

This PR was configured for branch automerge, however this is not possible so it has been raised as a PR instead.


  • Branch has one or more failed status checks

Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant