Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
fix(deps): update dependency find-my-way to v8.2.2 [security] (#11585)
This PR contains the following updates: | Package | Change | Age | Adoption | Passing | Confidence | |---|---|---|---|---|---| | [find-my-way](https://redirect.github.com/delvedor/find-my-way) | [`8.2.0` -> `8.2.2`](https://renovatebot.com/diffs/npm/find-my-way/8.2.0/8.2.2) | [](https://docs.renovatebot.com/merge-confidence/) | [](https://docs.renovatebot.com/merge-confidence/) | [](https://docs.renovatebot.com/merge-confidence/) | [](https://docs.renovatebot.com/merge-confidence/) | --- > [!WARNING] > Some dependencies could not be looked up. Check the Dependency Dashboard for more information. ### GitHub Vulnerability Alerts #### [CVE-2024-45813](https://redirect.github.com/delvedor/find-my-way/security/advisories/GHSA-rrr8-f88r-h8q6) ### Impact A bad regular expression is generated any time you have two parameters within a single segment, when adding a `-` at the end, like `/:a-:b-`. ### Patches Update to find-my-way v8.2.2 or v9.0.1. or subsequent versions. ### Workarounds No known workarounds. ### References - [CVE-2024-45296](https://redirect.github.com/advisories/GHSA-9wv6-86v2-598j) - [Detailed blog post about `path-to-regexp` vulnerability](https://blakeembrey.com/posts/2024-09-web-redos/) --- ### Release Notes <details> <summary>delvedor/find-my-way (find-my-way)</summary> ### [`v8.2.2`](https://redirect.github.com/delvedor/find-my-way/releases/tag/v8.2.2) [Compare Source](https://redirect.github.com/delvedor/find-my-way/compare/186c7db33c6c6aaf4e8e68199722e217bdd69337...v8.2.2)⚠️ Security Release⚠️ Fixes: GHSA-rrr8-f88r-h8q6 CVE-2024-45813 **Full Changelog**: delvedor/find-my-way@v8.2.0...v8.2.2 ### [`v8.2.1`](https://redirect.github.com/delvedor/find-my-way/compare/v8.2.0...186c7db33c6c6aaf4e8e68199722e217bdd69337) [Compare Source](https://redirect.github.com/delvedor/find-my-way/compare/v8.2.0...186c7db33c6c6aaf4e8e68199722e217bdd69337) </details> --- ### Configuration 📅 **Schedule**: Branch creation - "" (UTC), Automerge - At any time (no schedule defined). 🚦 **Automerge**: Enabled. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- This PR was generated by [Mend Renovate](https://mend.io/renovate/). View the [repository job log](https://developer.mend.io/github/redwoodjs/redwood). <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiIzOC44MC4wIiwidXBkYXRlZEluVmVyIjoiMzguODAuMCIsInRhcmdldEJyYW5jaCI6Im1haW4iLCJsYWJlbHMiOltdfQ==--> Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
- Loading branch information
1 parent
705ea5b
commit 09c2f06