cli-highlight
cli-highlight copied to clipboard
felixfbecker
chore(deps): update dependency acorn [security]
This PR contains the following updates:
| Package | Change |
|---|---|
| acorn | 5.7.3 -> 5.7.4 |
| acorn | 6.3.0 -> 6.4.1 |
GitHub Vulnerability Alerts
GHSA-6chw-6frg-f759
Affected versions of acorn are vulnerable to Regular Expression Denial of Service. A regex in the form of /[x-\ud800]/u causes the parser to enter an infinite loop. The string is not valid UTF16 which usually results in it being sanitized before reaching the parser. If an application processes untrusted input and passes it directly to acorn, attackers may leverage the vulnerability leading to Denial of Service.
Configuration
π Schedule: Branch creation - "" (UTC), Automerge - At any time (no schedule defined).
π¦ Automerge: Disabled by config. Please merge this manually once you are satisfied.
β» Rebasing: Whenever PR is behind base branch, or you tick the rebase/retry checkbox.
π» Immortal: This PR will be recreated if closed unmerged. Get config help if that's undesired.
- [ ] If you want to rebase/retry this PR, click this checkbox.
This PR has been generated by Mend Renovate. View repository job log here.
![renovate[bot] avatar](https://avatars.githubusercontent.com/in/2740?v=4 "Published by a pub.dev verified publisher"){kind=small}
Codecov Report
Merging #152 (671a60b) into main (01b7e45) will not change coverage. The diff coverage is
n/a.
@@ Coverage Diff @@
## main #152 +/- ##
=======================================
Coverage 69.64% 69.64%
=======================================
Files 2 2
Lines 56 56
Branches 12 12
=======================================
Hits 39 39
Misses 17 17
Continue to review full report at Codecov.
Legend - Click here to learn more
Ξ = absolute <relative> (impact),ΓΈ = not affected,? = missing dataPowered by Codecov. Last update 01b7e45...671a60b. Read the comment docs.
![codecov[bot] avatar](https://avatars.githubusercontent.com/in/254?v=4 "Published by a pub.dev verified publisher"){kind=small}