mend-for-github-com[bot]

This PR contains the following updates: | Package | Change | Age | Adoption | Passing | Confidence | |---|---|---|---|---|---| | [certifi](https://togithub.com/certifi/python-certifi) | `==2019.6.16` -> `==2022.12.7` | [](https://docs.renovatebot.com/merge-confidence/) | [](https://docs.renovatebot.com/merge-confidence/)...

This PR contains the following updates: | Package | Change | |---|---| | mocha | [`8.4.0` -> `10.1.0`](https://renovatebot.com/diffs/npm/mocha/8.4.0/10.1.0) | By merging this PR, the below issues will be automatically resolved...

This PR contains the following updates: | Package | Change | |---|---| | minimatch | [`3.0.4` -> `3.0.5`](https://renovatebot.com/diffs/npm/minimatch/3.0.4/3.0.5) | By merging this PR, the below issues will be automatically resolved...

This PR contains the following updates: | Package | Type | Update | Change | |---|---|---|---| | [express](http://expressjs.com/) ([source](https://togithub.com/expressjs/express)) | dependencies | minor | [`4.18.2` -> `4.19.1`](https://renovatebot.com/diffs/npm/express/4.18.2/4.19.1) | #### This...

Vulnerable Library - express-4.18.2.tgz Fast, unopinionated, minimalist web framework Library home page: https://registry.npmjs.org/express/-/express-4.18.2.tgz Path to dependency file: /package.json Path to vulnerable library: /node_modules/express/package.json Found in HEAD commit: 2726610f93ed8db36d67913a11ac7bba328b3102 ## Vulnerabilities...

## push.yml - Ensure top-level permissions are not set to write-all Violation detected in /.github/workflows/push.yml:[0-1] :page_with_curl: File Type: github_actions :no_entry: Details - Ensure top-level permissions are not set to write-all

CVE-2024-21485 (Medium) detected in dash_core_components-2.0.0-py3-none-any.whl, dash_html_components-2.0.0-py3-none-any.whl

1

## CVE-2024-21485 - Medium Severity Vulnerability Vulnerable Libraries - dash_core_components-2.0.0-py3-none-any.whl, dash_html_components-2.0.0-py3-none-any.whl dash_core_components-2.0.0-py3-none-any.whl Core component suite for Dash Library home page: https://files.pythonhosted.org/packages/00/9e/a29f726e84e531a36d56cff187e61d8c96d2cc253c5bcef9a7695acb7e6a/dash_core_components-2.0.0-py3-none-any.whl Path to dependency file: /examples/trace-analytics-sample-app/sample-app/requirements.txt Path to vulnerable library:...

This issue lists Renovate updates and detected dependencies. Read the [Dependency Dashboard](https://docs.renovatebot.com/key-concepts/dashboard/) docs to learn more. ## Awaiting Schedule These updates are awaiting their schedule. Click on a checkbox to...

This PR contains the following updates: | Package | Type | Update | Change | |---|---|---|---| | [typescript](https://www.typescriptlang.org/) ([source](https://togithub.com/Microsoft/TypeScript)) | devDependencies | minor | [`5.3.3` -> `5.4.4`](https://renovatebot.com/diffs/npm/typescript/5.3.3/5.4.4) | --- ###...

This PR contains the following updates: | Package | Type | Update | Change | |---|---|---|---| | [github/codeql-action](https://togithub.com/github/codeql-action) | action | major | `v2` -> `v3` | --- ### Release...