Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Update dependency moment to v2.29.4 #6

Open
wants to merge 1 commit into
base: integration
Choose a base branch
from
Open

Update dependency moment to v2.29.4 #6

wants to merge 1 commit into from

Conversation

ws-on-ws[bot]
Copy link

@ws-on-ws ws-on-ws bot commented Apr 6, 2022
edited
Loading

This PR contains the following updates:

Package Change Age Adoption Passing Confidence
moment (source) 2.26.0 -> 2.29.4 age adoption passing confidence

By merging this PR, the below vulnerabilities will be automatically resolved:

Severity CVSS Score CVE Reachability
High High 8.7 CVE-2022-24785
High High 8.2 CVE-2022-31129

Release Notes

moment/moment (moment)

v2.29.4

Compare Source

  • Release Jul 6, 2022
    • #​6015 [bugfix] Fix ReDoS in preprocessRFC2822 regex

v2.29.3

Compare Source

  • Release Apr 17, 2022

v2.29.2

Compare Source

  • Release Apr 3 2022

Address GHSA-8hfj-j24r-96c4

v2.29.1

Compare Source

  • Release Oct 6, 2020

Updated deprecation message, bugfix in hi locale

v2.29.0

Compare Source

  • Release Sept 22, 2020

New locales (es-mx, bn-bd).
Minor bugfixes and locale improvements.
More tests.
Moment is in maintenance mode. Read more at this link:
https://momentjs.com/docs/#/-project-status/

v2.28.0

Compare Source

  • Release Sept 13, 2020

Fix bug where .format() modifies original instance, and locale updates

v2.27.0

Compare Source

  • Release June 18, 2020

Added Turkmen locale, other locale improvements, slight TypeScript fixes

  • If you want to rebase/retry this PR, check this box

@ws-on-ws ws-on-ws bot added the security fix Security fix generated by WhiteSource label Apr 6, 2022
@ws-on-ws ws-on-ws bot changed the title Update dependency moment to v2.29.2 Update dependency moment to v2.29.4 Jul 9, 2022
@ws-on-ws ws-on-ws bot force-pushed the whitesource-remediate/moment-2.x-lockfile branch from 6a80065 to 965be6b Compare July 9, 2022 18:41
@ws-on-ws ws-on-ws bot changed the title Update dependency moment to v2.29.4 Update dependency moment to v2.29.4 - autoclosed Mar 12, 2023
@ws-on-ws ws-on-ws bot closed this Mar 12, 2023
@ws-on-ws ws-on-ws bot deleted the whitesource-remediate/moment-2.x-lockfile branch March 12, 2023 11:23
@ws-on-ws ws-on-ws bot changed the title Update dependency moment to v2.29.4 - autoclosed Update dependency moment to v2.29.4 Mar 12, 2023
@ws-on-ws ws-on-ws bot reopened this Mar 12, 2023
@ws-on-ws ws-on-ws bot restored the whitesource-remediate/moment-2.x-lockfile branch March 12, 2023 15:27
@ws-on-ws
Copy link
Author

ws-on-ws bot commented May 11, 2023

Edited/Blocked Notification

Renovate will not automatically rebase this PR, because it does not recognize the last commit author and assumes somebody else may have edited the PR.

You can manually request rebase by checking the rebase/retry box above.

Warning: custom changes will be lost.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
security fix Security fix generated by WhiteSource
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
0 participants