-
Notifications
You must be signed in to change notification settings - Fork 216
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
renovate/37.431.7 package update #24010
Conversation
octo-sts
bot
commented
Jul 15, 2024
Signed-off-by: wolfi-bot <121097084+wolfi-bot@users.noreply.github.com>
Package renovate: Click to expand/collapsePackage renovate:
Added: /usr/local/lib/node_modules/renovate/node_modules/@smithy/util-stream/dist-cjs/headStream.browser.js bincapz found differences: Click to expand/collapsetime=2024-07-15T20:22:49.706Z level=ERROR source=github.com/chainguard-dev/bincapz/pkg/action/scan.go:199 msg="unable to process /tmp/wolfictl-apk-2586946025/renovate/usr/local/lib/node_modules/renovate/node_modules/tar-fs/test/fixtures/invalid.tar: extract to temp: failed to extract /tmp/wolfictl-apk-2586946025/renovate/usr/local/lib/node_modules/renovate/node_modules/tar-fs/test/fixtures/invalid.tar: failed to create directory for file: mkdir /tmp/invalid.tar725949916/foo: not a directory" Added: renovate/usr/local/lib/node_modules/renovate/node_modules/import-in-the-middle/test/hook/v14-native-modules.mjs [
|
RISK | KEY | DESCRIPTION | EVIDENCE |
---|---|---|---|
+MEDIUM | kernel/platform | get system identification | process.arch process.platform |
Added: renovate/usr/local/lib/node_modules/renovate/node_modules/@smithy/util-stream/dist-es/headStream.browser.js [✅ LOW]
RISK | KEY | DESCRIPTION | EVIDENCE |
---|---|---|---|
+LOW | fd/read | reads from a file handle | reader.read() |
Added: renovate/usr/local/lib/node_modules/renovate/node_modules/import-in-the-middle/test/hook/vue-server-renderer.mjs [✅ LOW]
RISK | KEY | DESCRIPTION | EVIDENCE |
---|---|---|---|
+LOW | ref/site/url | contains embedded HTTPS URLs | nodejs/import-in-the-middle#139 |
Added: renovate/usr/local/lib/node_modules/renovate/node_modules/@smithy/util-stream/dist-cjs/headStream.browser.js [✅ LOW]
RISK | KEY | DESCRIPTION | EVIDENCE |
---|---|---|---|
+LOW | fd/read | reads from a file handle | reader.read() |
Changed: /tmp/wolfictl-apk-4002815301/renovate/usr/local/lib/node_modules/renovate/node_modules/@smithy/util-stream/dist-es/splitStream.js [⚠️ MEDIUM → ✅ ]
2 removed behaviors
RISK | KEY | DESCRIPTION | EVIDENCE |
---|---|---|---|
-MEDIUM | net/download | download files | downloadLocation |
-LOW | ref/site/url | contains embedded HTTPS URLs | https://spdx.org/spdxdocs/chainguard/melange/f03115b0c23319c0d16813521d99 |
Changed: /tmp/wolfictl-apk-4002815301/renovate/usr/local/lib/node_modules/renovate/node_modules/@smithy/util-stream/dist-es/headStream.js [⚠️ MEDIUM → ✅ ]
2 removed behaviors
RISK | KEY | DESCRIPTION | EVIDENCE |
---|---|---|---|
-MEDIUM | net/download | download files | downloadLocation |
-LOW | ref/site/url | contains embedded HTTPS URLs | https://spdx.org/spdxdocs/chainguard/melange/f03115b0c23319c0d16813521d99 |
Moved: renovate/var/lib/db/sbom/renovate-37.431.6-r0.spdx.json -> /tmp/wolfictl-apk-4002815301/renovate/var/lib/db/sbom/renovate-37.431.7-r0.spdx.json (similarity: 0.99)
Changed: /tmp/wolfictl-apk-4002815301/renovate/usr/local/lib/node_modules/renovate/node_modules/@smithy/util-stream/dist-cjs/headStream.js [⚠️ MEDIUM → ✅ ]
2 removed behaviors
RISK | KEY | DESCRIPTION | EVIDENCE |
---|---|---|---|
-MEDIUM | net/download | download files | downloadLocation |
-LOW | ref/site/url | contains embedded HTTPS URLs | https://spdx.org/spdxdocs/chainguard/melange/f03115b0c23319c0d16813521d99 |