Skip to content
This repository has been archived by the owner on Apr 17, 2020. It is now read-only.

fix(deps): update dependency axios to v0.18.1 [security] #16

Open
wants to merge 1 commit into
base: dev
Choose a base branch
from

Conversation

renovate[bot]
Copy link

@renovate renovate bot commented Jun 19, 2019

This PR contains the following updates:

Package Type Update Change
axios dependencies patch 0.18.0 -> 0.18.1

GitHub Vulnerability Alerts

CVE-2019-10742

Axios up to and including 0.18.0 allows attackers to cause a denial of service (application crash) by continuing to accepting content after maxContentLength is exceeded.


Release Notes

axios/axios

v0.18.1

Compare Source

Security Fix:

  • Destroy stream on exceeding maxContentLength (fixes #​1098) (#​1485) - Gadzhi Gadzhiev

Renovate configuration

📅 Schedule: "" (UTC).

🚦 Automerge: Enabled.

♻️ Rebasing: Whenever PR is behind base branch, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.


  • If you want to rebase/retry this PR, check this box

This PR has been generated by WhiteSource Renovate. View repository job log here.

@renovate renovate bot added Bot: Renovate dependencies upgrade from renovate Priority: Low Low priority Status: In Review Need to review a issue/pull-request Type: Dependency For make any change with dependency labels Jun 19, 2019
@renovate
Copy link
Author

renovate bot commented Jul 13, 2019

Automerge by [bot]

Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Labels
Bot: Renovate dependencies upgrade from renovate Priority: Low Low priority Status: In Review Need to review a issue/pull-request Type: Dependency For make any change with dependency
Projects
None yet
Development

Successfully merging this pull request may close these issues.

1 participant