Skip to content

ci(deps): update dependency http-proxy-middleware to v3.0.5 [security] #1647

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
wants to merge 1 commit into
base: main
Choose a base branch
from
Open

ci(deps): update dependency http-proxy-middleware to v3.0.5 [security] #1647

wants to merge 1 commit into from

Conversation

renovate[bot]
Copy link
Contributor

@renovate renovate bot commented Apr 16, 2025

This PR contains the following updates:

Package Change Age Adoption Passing Confidence
http-proxy-middleware 3.0.3 -> 3.0.5 age adoption passing confidence

GitHub Vulnerability Alerts

CVE-2025-32996

In http-proxy-middleware before 2.0.8 and 3.x before 3.0.4, writeBody can be called twice because "else if" is not used.

CVE-2025-32997

In http-proxy-middleware before 2.0.9 and 3.x before 3.0.5, fixRequestBody proceeds even if bodyParser has failed.

Release Notes

chimurai/http-proxy-middleware (http-proxy-middleware)

v3.0.5

Compare Source

  • fix(fixRequestBody): check readableLength (#​1096)

v3.0.4

Compare Source

  • fix(fixRequestBody): handle invalid request (#​1092)
  • fix(fixRequestBody): prevent multiple .write() calls (#​1089)
  • fix(websocket): handle errors in handleUpgrade (#​823)
  • ci(package): patch http-proxy (#​1084)
  • fix(fixRequestBody): support multipart/form-data (#​896)
  • feat(types): export Plugin type (#​1071)

Configuration

📅 Schedule: Branch creation - "" (UTC), Automerge - At any time (no schedule defined).

🚦 Automerge: Enabled.

Rebasing: Whenever PR is behind base branch, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.

  • If you want to rebase/retry this PR, check this box

This PR was generated by Mend Renovate. View the repository job log.

@vercel Vercel
Copy link

vercel bot commented Apr 16, 2025
edited
Loading

The latest updates on your projects. Learn more about Vercel for Git ↗︎

Name Status Preview Comments Updated (UTC)
appium-device-farm-bre4 ✅ Ready (Inspect) Visit Preview 💬 Add feedback May 19, 2025 5:27am

@renovate renovate bot force-pushed the renovate/npm-http-proxy-middleware-vulnerability branch from fe9834c to 015f275 Compare April 21, 2025 13:34
@renovate renovate bot force-pushed the renovate/npm-http-proxy-middleware-vulnerability branch from 015f275 to 7315bdd Compare April 21, 2025 13:37
@renovate renovate bot force-pushed the renovate/npm-http-proxy-middleware-vulnerability branch from 7315bdd to a08f7a2 Compare April 22, 2025 15:14
@renovate renovate bot force-pushed the renovate/npm-http-proxy-middleware-vulnerability branch from a08f7a2 to c53b3ae Compare April 22, 2025 15:17
@renovate renovate bot force-pushed the renovate/npm-http-proxy-middleware-vulnerability branch from c53b3ae to 4c5f4ec Compare April 29, 2025 06:01
@renovate renovate bot force-pushed the renovate/npm-http-proxy-middleware-vulnerability branch from 4c5f4ec to 2ee8dc8 Compare April 29, 2025 06:06
@renovate renovate bot force-pushed the renovate/npm-http-proxy-middleware-vulnerability branch from 2ee8dc8 to 8bc5eba Compare May 9, 2025 14:26
@renovate renovate bot force-pushed the renovate/npm-http-proxy-middleware-vulnerability branch from 8bc5eba to 690b9ae Compare May 9, 2025 14:33
@renovate renovate bot force-pushed the renovate/npm-http-proxy-middleware-vulnerability branch from 690b9ae to c2402f2 Compare May 9, 2025 15:02
@renovate renovate bot force-pushed the renovate/npm-http-proxy-middleware-vulnerability branch from c2402f2 to f4a3a3c Compare May 9, 2025 16:32
@renovate renovate bot force-pushed the renovate/npm-http-proxy-middleware-vulnerability branch from f4a3a3c to 41677fe Compare May 9, 2025 16:35
@renovate renovate bot force-pushed the renovate/npm-http-proxy-middleware-vulnerability branch from 41677fe to ab2d3f4 Compare May 9, 2025 20:05
@renovate renovate bot force-pushed the renovate/npm-http-proxy-middleware-vulnerability branch from ab2d3f4 to f920daa Compare May 9, 2025 20:08
@renovate renovate bot force-pushed the renovate/npm-http-proxy-middleware-vulnerability branch from f920daa to 9c940e1 Compare May 12, 2025 05:38
@renovate renovate bot force-pushed the renovate/npm-http-proxy-middleware-vulnerability branch from 9c940e1 to 37c258a Compare May 12, 2025 05:41
@renovate renovate bot force-pushed the renovate/npm-http-proxy-middleware-vulnerability branch from 37c258a to a4f0399 Compare May 12, 2025 15:00
@renovate renovate bot force-pushed the renovate/npm-http-proxy-middleware-vulnerability branch from a4f0399 to ed1c529 Compare May 12, 2025 15:03
@renovate renovate bot force-pushed the renovate/npm-http-proxy-middleware-vulnerability branch from ed1c529 to cbaefa8 Compare May 19, 2025 05:14
@renovate renovate bot force-pushed the renovate/npm-http-proxy-middleware-vulnerability branch from cbaefa8 to bcae0c1 Compare May 19, 2025 05:22
@renovate renovate bot force-pushed the renovate/npm-http-proxy-middleware-vulnerability branch from bcae0c1 to 0efff02 Compare May 19, 2025 05:26
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@renovate-approve renovate-approve[bot] renovate-approve[bot] approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
0 participants