fix(deps): update all non-major dependencies

This MR contains the following updates:

Package	Type	Update	Change
generate-react-cli	dependencies	minor	~5.1.0 -> ~5.2.0
loglevel	dependencies	minor	~1.7.1 -> ~1.8.0
node		patch	16.20.0 -> 16.20.1
node	image	patch	16.20.0-slim -> 16.20.1-slim
reactstrap	dependencies	minor	~9.1.10 -> ~9.2.0
release-it	devDependencies	minor	~15.10.5 -> ~15.11.0

---

Release Notes

arminbro/generate-react-cli (generate-react-cli)

v5.2.3

Compare Source

v5.2.2

Compare Source

v5.2.1

Compare Source

Features

• allow generation of multiple components at once (18cd5f0)

Bug Fixes

• 🐛 react components must start with a upper case letter. (4c3bddd)

v5.2.0

Compare Source

pimterry/loglevel (loglevel)

v1.8.1

Compare Source

v1.8.0

Compare Source

nodejs/node (node)

v16.20.1: 2023-06-20, Version 16.20.1 'Gallium' (LTS), @​RafaelGSS

Compare Source

This is a security release.

Notable Changes

The following CVEs are fixed in this release:

• CVE-2023-30581: mainModule.__proto__ Bypass Experimental Policy Mechanism (High)
• CVE-2023-30585: Privilege escalation via Malicious Registry Key manipulation during Node.js installer repair process (Medium)
• CVE-2023-30588: Process interuption due to invalid Public Key information in x509 certificates (Medium)
• CVE-2023-30589: HTTP Request Smuggling via Empty headers separated by CR (Medium)
• CVE-2023-30590: DiffieHellman does not generate keys after setting a private key (Medium)
• OpenSSL Security Releases
  • OpenSSL security advisory 28th March.
  • OpenSSL security advisory 20th April.
  • OpenSSL security advisory 30th May
• c-ares vulnerabilities:
  • GHSA-9g78-jv2r-p7vc
  • GHSA-8r8p-23f3-64c2
  • GHSA-54xr-f67r-4pc4
  • GHSA-x6mf-cxr9-8q6v

More detailed information on each of the vulnerabilities can be found in June 2023 Security Releases blog post.

Commits

• [5a92ea7a3b] - crypto: handle cert with invalid SPKI gracefully (Tobias Nießen)
• [5df04e893a] - deps: set CARES_RANDOM_FILE for c-ares (Richard Lau) #​48156
• [c171cbd124] - deps: update c-ares to 1.19.1 (RafaelGSS) #​48115
• [155d3aac02] - deps: update archs files for OpenSSL-1.1.1u+quic (RafaelGSS) #​48369
• [8d4c8f8ebe] - deps: upgrade openssl sources to OpenSSL_1_1_1u (RafaelGSS) #​48369
• [1a5c9284eb] - doc,test: clarify behavior of DH generateKeys (Tobias Nießen) nodejs-private/node-private#426
• [e42ff4b018] - http: disable request smuggling via empty headers (Paolo Insogna) nodejs-private/node-private#429
• [10042683c8] - msi: do not create AppData\Roaming\npm (Tobias Nießen) nodejs-private/node-private#408
• [a6f4e87bc9] - policy: handle mainModule.__proto__ bypass (RafaelGSS) nodejs-private/node-private#416
• [b77000f4d7] - test: allow SIGBUS in signal-handler abort test (Michaël Zasso) #​47851

reactstrap/reactstrap (reactstrap)

v9.2.0

Compare Source

Features

• modal: add 'aria-modal="true"' to modal (2a43591)

Bug Fixes

• #​2662: remove many instances of default props (#​2752) (b7d571c)

release-it/release-it (release-it)

v15.11.0

Compare Source

• Fix regression caused by 46fc8fa (1ea14aa)
• Remove + ignore .DS_Store (0198b89)
• Fix lint issue (6158d7e)
• feat: Adding publicPath option for npm publishConfig (#​1010) (fef8566)

---

Configuration

📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

♻ Rebasing: Whenever MR is behind base branch, or you tick the rebase/retry checkbox.

👻 Immortal: This MR will be recreated if closed unmerged. Get config help if that's undesired.

---

• If you want to rebase/retry this MR, check this box

---

This MR has been generated by Renovate Bot.