joao.dubas/clean-architecture
1
0
Fork 0
Code Issues1 Pull Requests Packages Projects Releases Wiki Activity

chore(deps): update node.js to v20.9.0 #10

Merged
joao.dubas merged 1 commits from renovate/node-20.x into main 2023-11-01 17:40:50 +00:00
Conversation 0 Commits 1 Files Changed 3 +3 -3
renovate-bot commented 2023-10-16 17:52:34 +00:00
Collaborator

This PR contains the following updates:

Package Type Update Change
node docker minor 20.8.0-slim -> 20.9.0-slim
node final minor 20.8.0-slim -> 20.9.0-slim
node (source) minor 20.6.0 -> 20.9.0

Release Notes

nodejs/node

v20.9.0: 2023-10-24, Version 20.9.0 'Iron' (LTS), @​richardlau

Compare Source

Notable Changes

This release marks the transition of Node.js 20.x into Long Term Support (LTS)
with the codename 'Iron'. The 20.x release line now moves into "Active LTS"
and will remain so until October 2024. After that time, it will move into
"Maintenance" until end of life in April 2026.

Known issue

Collecting code coverage via the NODE_V8_COVERAGE environment variable may
lead to a hang. This is not thought to be a regression in Node.js 20 (some
reports are on Node.js 18). For more information, including some potential
workarounds, see issue #​49344.

v20.8.1: 2023-10-13, Version 20.8.1 (Current), @​RafaelGSS

Compare Source

This is a security release.

Notable Changes

The following CVEs are fixed in this release:

More detailed information on each of the vulnerabilities can be found in October 2023 Security Releases blog post.

Commits

Configuration

📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about these updates again.

  • If you want to rebase/retry this PR, check this box

This PR has been generated by Renovate Bot.

This PR contains the following updates: | Package | Type | Update | Change | |---|---|---|---| | [node](https://github.com/nodejs/node) | docker | minor | `20.8.0-slim` -> `20.9.0-slim` | | [node](https://github.com/nodejs/node) | final | minor | `20.8.0-slim` -> `20.9.0-slim` | | [node](https://nodejs.org) ([source](https://github.com/nodejs/node)) | | minor | `20.6.0` -> `20.9.0` | --- ### Release Notes <details> <summary>nodejs/node</summary> ### [`v20.9.0`](https://github.com/nodejs/node/releases/tag/v20.9.0): 2023-10-24, Version 20.9.0 &#x27;Iron&#x27; (LTS), @&#8203;richardlau [Compare Source](https://github.com/nodejs/node/compare/v20.8.1...v20.9.0) ##### Notable Changes This release marks the transition of Node.js 20.x into Long Term Support (LTS) with the codename 'Iron'. The 20.x release line now moves into "Active LTS" and will remain so until October 2024. After that time, it will move into "Maintenance" until end of life in April 2026. ##### Known issue Collecting code coverage via the `NODE_V8_COVERAGE` environment variable may lead to a hang. This is not thought to be a regression in Node.js 20 (some reports are on Node.js 18). For more information, including some potential workarounds, see issue [#&#8203;49344](https://github.com/nodejs/node/issues/49344). ### [`v20.8.1`](https://github.com/nodejs/node/releases/tag/v20.8.1): 2023-10-13, Version 20.8.1 (Current), @&#8203;RafaelGSS [Compare Source](https://github.com/nodejs/node/compare/v20.8.0...v20.8.1) This is a security release. ##### Notable Changes The following CVEs are fixed in this release: - [CVE-2023-44487](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-44487): `nghttp2` Security Release (High) - [CVE-2023-45143](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45143): `undici` Security Release (High) - [CVE-2023-39332](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-39332): Path traversal through path stored in Uint8Array (High) - [CVE-2023-39331](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-39331): Permission model improperly protects against path traversal (High) - [CVE-2023-38552](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-38552): Integrity checks according to policies can be circumvented (Medium) - [CVE-2023-39333](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-39333): Code injection via WebAssembly export names (Low) More detailed information on each of the vulnerabilities can be found in [October 2023 Security Releases](https://nodejs.org/en/blog/vulnerability/october-2023-security-releases/) blog post. ##### Commits - \[[`c86883e844`](https://github.com/nodejs/node/commit/c86883e844)] - **deps**: update nghttp2 to 1.57.0 (James M Snell) [#&#8203;50121](https://github.com/nodejs/node/pull/50121) - \[[`2860631359`](https://github.com/nodejs/node/commit/2860631359)] - **deps**: update undici to v5.26.3 (Matteo Collina) [#&#8203;50153](https://github.com/nodejs/node/pull/50153) - \[[`cd37838bf8`](https://github.com/nodejs/node/commit/cd37838bf8)] - **lib**: let deps require `node` prefixed modules (Matthew Aitken) [#&#8203;50047](https://github.com/nodejs/node/pull/50047) - \[[`f5c90b2951`](https://github.com/nodejs/node/commit/f5c90b2951)] - **module**: fix code injection through export names (Tobias Nießen) [nodejs-private/node-private#&#8203;461](https://github.com/nodejs-private/node-private/pull/461) - \[[`fa5dae1944`](https://github.com/nodejs/node/commit/fa5dae1944)] - **permission**: fix Uint8Array path traversal (Tobias Nießen) [nodejs-private/node-private#&#8203;456](https://github.com/nodejs-private/node-private/pull/456) - \[[`cd35275111`](https://github.com/nodejs/node/commit/cd35275111)] - **permission**: improve path traversal protection (Tobias Nießen) [nodejs-private/node-private#&#8203;456](https://github.com/nodejs-private/node-private/pull/456) - \[[`a4cb7fc7c0`](https://github.com/nodejs/node/commit/a4cb7fc7c0)] - **policy**: use tamper-proof integrity check function (Tobias Nießen) [nodejs-private/node-private#&#8203;462](https://github.com/nodejs-private/node-private/pull/462) </details> --- ### Configuration 📅 **Schedule**: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined). 🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about these updates again. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- This PR has been generated by [Renovate Bot](https://github.com/renovatebot/renovate). <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiIzNS4xMTcuMyIsInVwZGF0ZWRJblZlciI6IjM1LjExNy4zIiwidGFyZ2V0QnJhbmNoIjoibWFpbiJ9-->
renovate-bot added 1 commit 2023-10-16 17:52:35 +00:00
renovate-bot force-pushed renovate/node-20.x from 68dfc83cd2 to 31829c6ad7 2023-10-24 14:52:26 +00:00 Compare
renovate-bot changed title from chore(deps): update node.js to v20.8.1 to chore(deps): update node.js 2023-10-24 14:52:37 +00:00
renovate-bot force-pushed renovate/node-20.x from 31829c6ad7 to a232e95957 2023-10-25 18:44:06 +00:00 Compare
renovate-bot changed title from chore(deps): update node.js to chore(deps): update node.js to v20.9.0 2023-10-25 18:44:17 +00:00
joao.dubas merged commit 3070781481 into main 2023-11-01 17:40:50 +00:00
joao.dubas deleted branch renovate/node-20.x 2023-11-01 17:40:50 +00:00
Sign in to join this conversation.
No Reviewers
No Label
No Milestone
No project
No Assignees
1 Participants
Notifications
Due Date
No due date set.
Dependencies

No dependencies set.

Reference: joao.dubas/clean-architecture#10
No description provided.
Delete Branch "renovate/node-20.x"

Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?