neuro icon indicating copy to clipboard operation
neuro copied to clipboard

Published 20 hours ago • verified publisher icon intelligo-mn

Update dependency async [SECURITY]

Open renovate[bot] opened this issue 2 years ago • 0 comments

Mend Renovate

This PR contains the following updates:

Package Change
async 3.1.1 -> 3.2.2
async 2.6.3 -> 2.6.4

GitHub Vulnerability Alerts

CVE-2021-43138

A vulnerability exists in Async through 3.2.1 for 3.x and through 2.6.3 for 2.x (fixed in 3.2.2 and 2.6.4), which could let a malicious user obtain privileges via the mapValues() method.

Configuration

📅 Schedule: Branch creation - "" (UTC), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

â™» Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

👻 Immortal: This PR will be recreated if closed unmerged. Get config help if that's undesired.

  • [ ] If you want to rebase/retry this PR, click this checkbox.

This PR has been generated by Mend Renovate. View repository job log here.

renovate[bot] avatar May 15 '22 22:05 renovate[bot]