Skip to content
This repository has been archived by the owner on Jan 31, 2023. It is now read-only.

chore(deps): update dependency dot-prop to version 4.2.1 🌟 #66

Merged
merged 1 commit into from
Mar 30, 2021
Merged

chore(deps): update dependency dot-prop to version 4.2.1 🌟 #66

merged 1 commit into from
Mar 30, 2021

Conversation

renovate[bot]
Copy link
Contributor

@renovate renovate bot commented Mar 30, 2021

WhiteSource Renovate

This PR contains the following updates:

Package Change
dot-prop 4.2.0 -> 4.2.1

GitHub Vulnerability Alerts

CVE-2020-8116

Prototype pollution vulnerability in dot-prop npm package before versions 4.2.1 and 5.1.1 allows an attacker to add arbitrary properties to JavaScript language constructs such as objects.

Renovate configuration

📅 Schedule: "" in timezone America/New_York.

🚦 Automerge: Enabled.

♻️ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.

  • If you want to rebase/retry this PR, check this box

This PR has been generated by WhiteSource Renovate. View repository job log here.

@jennifer-shehane jennifer-shehane merged commit d9467f2 into master Mar 30, 2021
@renovate renovate bot deleted the renovate/npm-dot-prop-vulnerability branch March 30, 2021 18:26
@chrisbreiding
Copy link
Collaborator

🎉 This PR is included in version 3.0.2 🎉

The release is available on:

Your semantic-release bot 📦🚀

Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Reviewers
No reviews
Assignees
No one assigned
Labels
released renovate type: dependencies
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@chrisbreiding @jennifer-shehane @renovate-bot