Skip to content
This repository was archived by the owner on Aug 31, 2020. It is now read-only.

chore(deps): update dependency haml to v5 [security] #12

Open
renovate wants to merge 1 commit into
base: master
Choose a base branch
from
Open

chore(deps): update dependency haml to v5 [security] #12

renovate wants to merge 1 commit into from

Conversation

@renovate
Copy link
Contributor

@renovate renovate bot commented Mar 14, 2020
edited
Loading

This PR contains the following updates:

Package Update Change
haml major ~> 4.0 -> ~> 5.0

GitHub Vulnerability Alerts

CVE-2017-1002201

In haml versions prior to version 5.0.0.beta.2, when using user input to perform tasks on the server, characters like < > " ' must be escaped properly. In this case, the ' character was missed. An attacker can manipulate the input to introduce additional attributes, potentially executing code.

Renovate configuration

📅 Schedule: "" (UTC).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

♻️ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.

  • If you want to rebase/retry this PR, check this box

This PR has been generated by WhiteSource Renovate. View repository job log here.

@sonarqubecloud
Copy link

sonarqubecloud bot commented Mar 14, 2020

Kudos, SonarCloud Quality Gate passed!

Bug A 0 Bugs
Vulnerability A 0 Vulnerabilities (and Security Hotspot 0 Security Hotspots to review)
Code Smell A 0 Code Smells

No Coverage information No Coverage information
No Duplication information No Duplication information

Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@renovate-bot