Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

deps(deps): update wagoid/commitlint-github-action action to v6.2.0 #61

Merged
merged 1 commit into from
Dec 16, 2024

Conversation

renovate[bot]
Copy link
Contributor

@renovate renovate bot commented Dec 16, 2024

This PR contains the following updates:

Package Type Update Change
wagoid/commitlint-github-action action minor v6.1.2 -> v6.2.0

Release Notes

wagoid/commitlint-github-action (wagoid/commitlint-github-action)

v6.2.0

Compare Source


Configuration

📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).

🚦 Automerge: Enabled.

Rebasing: Whenever PR is behind base branch, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.


  • If you want to rebase/retry this PR, check this box

This PR was generated by Mend Renovate. View the repository job log.

@renovate renovate bot enabled auto-merge (squash) December 16, 2024 12:17
@renovate renovate bot requested a review from lotyp as a code owner December 16, 2024 12:17
@github-actions github-actions bot added the type: maintenance For maintenance, refactor and testing (perf, chore, style, revert, refactor, test, build, ci) label Dec 16, 2024
Copy link
Contributor

github-actions bot commented Dec 16, 2024

Outdated

🔍 Vulnerabilities of node:18-alpine

📦 Image Reference node:18-alpine
digestsha256:e907c843e7bd858cd91fdbef98fb34c879d7ff6338b73ba1c94df7a07c58e586
vulnerabilitiescritical: 0 high: 1 medium: 0 low: 0
platformlinux/amd64
size52 MB
packages216
📦 Base Image alpine:3
also known as
  • 3.21
  • 3.21.0
  • latest
digestsha256:2c43f33bd1502ec7818bce9eea60e062d04eeadc4aa31cad9dabecb1e48b647b
vulnerabilitiescritical: 0 high: 0 medium: 0 low: 0
critical: 0 high: 1 medium: 0 low: 0 cross-spawn 7.0.3 (npm)

pkg:npm/[email protected]

high 7.5: CVE--2024--21538 Inefficient Regular Expression Complexity

Affected range>=7.0.0
<7.0.5
Fixed version7.0.5
CVSS Score7.5
CVSS VectorCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
EPSS Score0.045%
EPSS Percentile18th percentile
Description

Versions of the package cross-spawn before 7.0.5 are vulnerable to Regular Expression Denial of Service (ReDoS) due to improper input sanitization. An attacker can increase the CPU usage and crash the program by crafting a very large and well crafted string.

Copy link
Contributor

🔍 Vulnerabilities of node:18-alpine

📦 Image Reference node:18-alpine
digestsha256:e907c843e7bd858cd91fdbef98fb34c879d7ff6338b73ba1c94df7a07c58e586
vulnerabilitiescritical: 0 high: 1 medium: 0 low: 0
platformlinux/amd64
size52 MB
packages216
📦 Base Image alpine:3
also known as
  • 3.21
  • 3.21.0
  • latest
digestsha256:2c43f33bd1502ec7818bce9eea60e062d04eeadc4aa31cad9dabecb1e48b647b
vulnerabilitiescritical: 0 high: 0 medium: 0 low: 0
critical: 0 high: 1 medium: 0 low: 0 cross-spawn 7.0.3 (npm)

pkg:npm/[email protected]

high 7.5: CVE--2024--21538 Inefficient Regular Expression Complexity

Affected range>=7.0.0
<7.0.5
Fixed version7.0.5
CVSS Score7.5
CVSS VectorCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
EPSS Score0.045%
EPSS Percentile18th percentile
Description

Versions of the package cross-spawn before 7.0.5 are vulnerable to Regular Expression Denial of Service (ReDoS) due to improper input sanitization. An attacker can increase the CPU usage and crash the program by crafting a very large and well crafted string.

Copy link
Contributor

github-actions bot commented Dec 16, 2024

Outdated

Recommended fixes for image node:22-alpine

Base image is alpine:3

Name3.21.0
Digestsha256:2c43f33bd1502ec7818bce9eea60e062d04eeadc4aa31cad9dabecb1e48b647b
Vulnerabilitiescritical: 0 high: 0 medium: 0 low: 0
Pushed1 week ago
Size3.6 MB
Packages19
OS3.21.0
The base image is also available under the supported tag(s): 3.21, 3.21.0, latest

Refresh base image

Rebuild the image using a newer base image version. Updating this may result in breaking changes.

✅ This image version is up to date.

Change base image

✅ There are no tag recommendations at this time.

Copy link
Contributor

Recommended fixes for image node:22-alpine

Base image is alpine:3

Name3.21.0
Digestsha256:2c43f33bd1502ec7818bce9eea60e062d04eeadc4aa31cad9dabecb1e48b647b
Vulnerabilitiescritical: 0 high: 0 medium: 0 low: 0
Pushed1 week ago
Size3.6 MB
Packages19
OS3.21.0
The base image is also available under the supported tag(s): 3.21, 3.21.0, latest

Refresh base image

Rebuild the image using a newer base image version. Updating this may result in breaking changes.

✅ This image version is up to date.

Change base image

✅ There are no tag recommendations at this time.

@way-finder-bot way-finder-bot self-requested a review December 16, 2024 12:19
@way-finder-bot way-finder-bot self-assigned this Dec 16, 2024
@renovate renovate bot merged commit d20b2e9 into master Dec 16, 2024
10 checks passed
@renovate renovate bot deleted the renovate/wagoid-commitlint-github-action-6.x branch December 16, 2024 12:19
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
type: maintenance For maintenance, refactor and testing (perf, chore, style, revert, refactor, test, build, ci)
Projects
None yet
Development

Successfully merging this pull request may close these issues.

1 participant