fix(deps): update all non-major dependencies
This MR contains the following updates:
Package | Type | Update | Change |
---|---|---|---|
generate-react-cli | dependencies | minor | ~5.1.0 -> ~5.2.0 |
loglevel | dependencies | minor | ~1.7.1 -> ~1.8.0 |
node | patch |
16.20.0 -> 16.20.1
|
|
node | image | patch |
16.20.0-slim -> 16.20.1-slim
|
reactstrap | dependencies | minor | ~9.1.10 -> ~9.2.0 |
release-it | devDependencies | minor | ~15.10.5 -> ~15.11.0 |
Release Notes
arminbro/generate-react-cli (generate-react-cli)
v5.2.3
v5.2.2
v5.2.1
Features
- allow generation of multiple components at once (18cd5f0)
Bug Fixes
-
🐛 react components must start with a upper case letter. (4c3bddd)
v5.2.0
nodejs/node (node)
v16.20.1
: 2023-06-20, Version 16.20.1 'Gallium' (LTS), @RafaelGSS
This is a security release.
Notable Changes
The following CVEs are fixed in this release:
-
CVE-2023-30581:
mainModule.__proto__
Bypass Experimental Policy Mechanism (High) - CVE-2023-30585: Privilege escalation via Malicious Registry Key manipulation during Node.js installer repair process (Medium)
- CVE-2023-30588: Process interuption due to invalid Public Key information in x509 certificates (Medium)
- CVE-2023-30589: HTTP Request Smuggling via Empty headers separated by CR (Medium)
- CVE-2023-30590: DiffieHellman does not generate keys after setting a private key (Medium)
- OpenSSL Security Releases
- c-ares vulnerabilities:
More detailed information on each of the vulnerabilities can be found in June 2023 Security Releases blog post.
Commits
- [
5a92ea7a3b
] - crypto: handle cert with invalid SPKI gracefully (Tobias Nießen) - [
5df04e893a
] - deps: setCARES_RANDOM_FILE
for c-ares (Richard Lau) #48156 - [
c171cbd124
] - deps: update c-ares to 1.19.1 (RafaelGSS) #48115 - [
155d3aac02
] - deps: update archs files for OpenSSL-1.1.1u+quic (RafaelGSS) #48369 - [
8d4c8f8ebe
] - deps: upgrade openssl sources to OpenSSL_1_1_1u (RafaelGSS) #48369 - [
1a5c9284eb
] - doc,test: clarify behavior of DH generateKeys (Tobias Nießen) nodejs-private/node-private#426 - [
e42ff4b018
] - http: disable request smuggling via empty headers (Paolo Insogna) nodejs-private/node-private#429 - [
10042683c8
] - msi: do not create AppData\Roaming\npm (Tobias Nießen) nodejs-private/node-private#408 - [
a6f4e87bc9
] - policy: handle mainModule.__proto__ bypass (RafaelGSS) nodejs-private/node-private#416 - [
b77000f4d7
] - test: allow SIGBUS in signal-handler abort test (Michaël Zasso) #47851
reactstrap/reactstrap (reactstrap)
v9.2.0
Features
- modal: add 'aria-modal="true"' to modal (2a43591)
Bug Fixes
release-it/release-it (release-it)
v15.11.0
Configuration
-
If you want to rebase/retry this MR, check this box
This MR has been generated by Renovate Bot.