mirror of
https://github.com/toeverything/AFFiNE.git
synced 2024-12-23 10:21:35 +03:00
chore: bump up http-proxy-middleware version to v3.0.3 [SECURITY] (#8579)
This PR contains the following updates: | Package | Change | Age | Adoption | Passing | Confidence | |---|---|---|---|---|---| | [http-proxy-middleware](https://redirect.github.com/chimurai/http-proxy-middleware) | [`3.0.2` -> `3.0.3`](https://renovatebot.com/diffs/npm/http-proxy-middleware/3.0.2/3.0.3) | [![age](https://developer.mend.io/api/mc/badges/age/npm/http-proxy-middleware/3.0.3?slim=true)](https://docs.renovatebot.com/merge-confidence/) | [![adoption](https://developer.mend.io/api/mc/badges/adoption/npm/http-proxy-middleware/3.0.3?slim=true)](https://docs.renovatebot.com/merge-confidence/) | [![passing](https://developer.mend.io/api/mc/badges/compatibility/npm/http-proxy-middleware/3.0.2/3.0.3?slim=true)](https://docs.renovatebot.com/merge-confidence/) | [![confidence](https://developer.mend.io/api/mc/badges/confidence/npm/http-proxy-middleware/3.0.2/3.0.3?slim=true)](https://docs.renovatebot.com/merge-confidence/) | ### GitHub Vulnerability Alerts #### [CVE-2024-21536](https://nvd.nist.gov/vuln/detail/CVE-2024-21536) Versions of the package http-proxy-middleware before 2.0.7, from 3.0.0 and before 3.0.3 are vulnerable to Denial of Service (DoS) due to an UnhandledPromiseRejection error thrown by micromatch. An attacker could kill the Node.js process and crash the server by making requests to certain paths. --- ### Release Notes <details> <summary>chimurai/http-proxy-middleware (http-proxy-middleware)</summary> ### [`v3.0.3`](https://redirect.github.com/chimurai/http-proxy-middleware/blob/HEAD/CHANGELOG.md#v303) [Compare Source](https://redirect.github.com/chimurai/http-proxy-middleware/compare/v3.0.2...v3.0.3) - fix(pathFilter): handle errors </details> --- ### Configuration 📅 **Schedule**: Branch creation - "" (UTC), Automerge - At any time (no schedule defined). 🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- This PR was generated by [Mend Renovate](https://mend.io/renovate/). View the [repository job log](https://developer.mend.io/github/toeverything/AFFiNE). <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiIzOC4xMjAuMSIsInVwZGF0ZWRJblZlciI6IjM4LjEyMC4xIiwidGFyZ2V0QnJhbmNoIjoiY2FuYXJ5IiwibGFiZWxzIjpbImRlcGVuZGVuY2llcyJdfQ==-->
This commit is contained in:
parent
dc89b583ba
commit
3f0219a002
12
yarn.lock
12
yarn.lock
@ -22379,8 +22379,8 @@ __metadata:
|
||||
linkType: hard
|
||||
|
||||
"http-proxy-middleware@npm:^2.0.3":
|
||||
version: 2.0.6
|
||||
resolution: "http-proxy-middleware@npm:2.0.6"
|
||||
version: 2.0.7
|
||||
resolution: "http-proxy-middleware@npm:2.0.7"
|
||||
dependencies:
|
||||
"@types/http-proxy": "npm:^1.17.8"
|
||||
http-proxy: "npm:^1.18.1"
|
||||
@ -22392,13 +22392,13 @@ __metadata:
|
||||
peerDependenciesMeta:
|
||||
"@types/express":
|
||||
optional: true
|
||||
checksum: 10/768e7ae5a422bbf4b866b64105b4c2d1f468916b7b0e9c96750551c7732383069b411aa7753eb7b34eab113e4f77fb770122cb7fb9c8ec87d138d5ddaafda891
|
||||
checksum: 10/4a51bf612b752ad945701995c1c029e9501c97e7224c0cf3f8bf6d48d172d6a8f2b57c20fec469534fdcac3aa8a6f332224a33c6b0d7f387aa2cfff9b67216fd
|
||||
languageName: node
|
||||
linkType: hard
|
||||
|
||||
"http-proxy-middleware@npm:^3.0.0":
|
||||
version: 3.0.2
|
||||
resolution: "http-proxy-middleware@npm:3.0.2"
|
||||
version: 3.0.3
|
||||
resolution: "http-proxy-middleware@npm:3.0.3"
|
||||
dependencies:
|
||||
"@types/http-proxy": "npm:^1.17.15"
|
||||
debug: "npm:^4.3.6"
|
||||
@ -22406,7 +22406,7 @@ __metadata:
|
||||
is-glob: "npm:^4.0.3"
|
||||
is-plain-object: "npm:^5.0.0"
|
||||
micromatch: "npm:^4.0.8"
|
||||
checksum: 10/59be307aca2e0a8ba016bc8356e8a87cbfd53d65db5386edc65acd867ebd0a4683ff9be2e0eea12388cac13dffe387f0d374d35b01e625c98aee30c8f3023e72
|
||||
checksum: 10/32f58c29288ca63e109909fb998bd0f6f50eb15a98dec9487eac07dfc4f09d8507dbfa00b44442d868bafa904bd633c8bbd55686bb13b4d4af4f5c5b3bbca430
|
||||
languageName: node
|
||||
linkType: hard
|
||||
|
||||
|
Loading…
Reference in New Issue
Block a user