vue-auth-cognito
vue-auth-cognito copied to clipboard
kopterio
An in-range update of bower is breaking the build π¨
The devDependency bower was updated from 1.8.4 to 1.8.6.
π¨ View failing branch.
This version is covered by your current version range and after updating it in your project the build failed.
bower is a devDependency of this project. It might not break your production code or affect downstream projects, but probably breaks your build or test tools, which may prevent deploying or publishing.
Status Details
- β continuous-integration/travis-ci/push: The Travis CI build could not complete due to an error (Details).
Release Notes for v1.8.6
Fix Zip Slip Vulnerability of decompress-zip package: https://snyk.io/research/zip-slip-vulnerability
Note: v1.8.5 has been unpublished because of missing files
FAQ and help
There is a collection of frequently asked questions. If those donβt help, you can always ask the humans behind Greenkeeper.
Your Greenkeeper Bot :palm_tree:
![greenkeeper[bot] avatar](https://avatars.githubusercontent.com/in/505?v=4 "Published by a pub.dev verified publisher"){kind=small}
After pinning to 1.8.4 your tests are still failing. The reported issue might not affect your project. These imprecisions are caused by inconsistent test results.
- The
devDependencybower was updated from1.8.6to1.8.7.
Your tests are still failing with this version. Compare changes
Release Notes for v1.8.7
Fixes side effect of fix from v1.8.6 that caused improper permissions for extracted folders
- The
devDependencybower was updated from1.8.7to1.8.8.
Your tests are still failing with this version. Compare changes
Release Notes for v1.8.8
Fix vulnerability related to extracting .tar.gz files that has similar effect to Zip Slip
Vulnerability is similar to Zip Slip allows for overriding and creating arbitrary files on filesystem
Needlessly to say, please upgrade this this version of Bower