Skip to content

fix(deps): update dependency helmet to v8 - autoclosed#646

Closed
renovate[bot] wants to merge 1 commit intomainfrom
renovate/helmet-8.x
Closed

fix(deps): update dependency helmet to v8 - autoclosed#646
renovate[bot] wants to merge 1 commit intomainfrom
renovate/helmet-8.x

Conversation

@renovate
Copy link
Copy Markdown
Contributor

@renovate renovate Bot commented Dec 1, 2024
edited
Loading

This PR contains the following updates:

Package Change Age Adoption Passing Confidence
helmet (source) ~7.1.0 -> ~8.0.0 age adoption passing confidence

Release Notes

helmetjs/helmet (helmet)

v8.0.0

Compare Source

Changed
  • Breaking: Strict-Transport-Security now has a max-age of 365 days, up from 180
  • Breaking: Content-Security-Policy middleware now throws an error if a directive should have quotes but does not, such as self instead of 'self'. See #​454
  • Breaking: Content-Security-Policy's getDefaultDirectives now returns a deep copy. This only affects users who were mutating the result
  • Breaking: Strict-Transport-Security now throws an error when "includeSubDomains" option is misspelled. This was previously a warning
Removed
  • Breaking: Drop support for Node 16 and 17. Node 18+ is now required

v7.2.0

Compare Source

Changed
  • Content-Security-Policy middleware now warns if a directive should have quotes but does not, such as self instead of 'self'. This will be an error in future versions. See #​454

Configuration

📅 Schedule: Branch creation - "* 0-3 1 * *" in timezone Europe/Paris, Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.

  • If you want to rebase/retry this PR, check this box

This PR was generated by Mend Renovate. View the repository job log.

@renovate renovate Bot added the dependencies label Dec 1, 2024
@socket-security
Copy link
Copy Markdown

socket-security Bot commented Dec 1, 2024
edited
Loading

👍 Dependency issues cleared. Learn more about Socket for GitHub ↗︎

This PR previously contained dependency changes with security issues that have been resolved, removed, or ignored.

View full report↗︎

@renovate renovate Bot force-pushed the renovate/helmet-8.x branch from f7f6722 to 4c15b0e Compare December 2, 2024 11:02
@renovate renovate Bot force-pushed the renovate/helmet-8.x branch from 4c15b0e to 0451a3f Compare December 5, 2024 08:43
@sonarqubecloud
Copy link
Copy Markdown

sonarqubecloud Bot commented Dec 5, 2024

Quality Gate Passed Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarQube Cloud

@renovate renovate Bot force-pushed the renovate/helmet-8.x branch from 0451a3f to 7d69204 Compare January 20, 2025 09:11
@renovate renovate Bot force-pushed the renovate/helmet-8.x branch from 7d69204 to ab35a34 Compare January 20, 2025 14:12
@iNeoO
Copy link
Copy Markdown
Contributor

iNeoO commented Feb 11, 2025

v8 break cors

@renovate renovate Bot force-pushed the renovate/helmet-8.x branch from ab35a34 to 91a2bb7 Compare February 11, 2025 14:57
@renovate renovate Bot force-pushed the renovate/helmet-8.x branch from 91a2bb7 to b6d395c Compare February 11, 2025 15:35
@renovate renovate Bot force-pushed the renovate/helmet-8.x branch from b6d395c to 35e0770 Compare February 11, 2025 16:10
@renovate renovate Bot force-pushed the renovate/helmet-8.x branch from 35e0770 to 9d33421 Compare February 11, 2025 16:55
@renovate renovate Bot force-pushed the renovate/helmet-8.x branch from 9d33421 to 59f14f6 Compare February 11, 2025 17:03
@socket-security
Copy link
Copy Markdown

socket-security Bot commented Feb 11, 2025
edited
Loading

New, updated, and removed dependencies detected. Learn more about Socket for GitHub ↗︎

Package New capabilities Transitives Size Publisher
npm/@gouvminint/vue-dsfr@8.2.1 🔁 npm/@gouvminint/vue-dsfr@7.1.1 Transitive: environment +3 187 MB gouvminint
npm/@iconify/vue@4.3.0 network +1 210 kB cyberalien
npm/@sentry/node@8.54.0 🔁 npm/@sentry/node@8.47.0 Transitive: filesystem, shell +51 27.2 MB billyvg, evanpurkhiser, haza, ...7 more
npm/@sentry/profiling-node@8.54.0 🔁 npm/@sentry/profiling-node@8.47.0 None +1 3.5 MB sentry-bot
npm/helmet@8.0.0 🔁 npm/helmet@7.1.0 None 0 103 kB evanhahn

View full report↗︎

@renovate renovate Bot force-pushed the renovate/helmet-8.x branch from 59f14f6 to 5dcc87e Compare February 12, 2025 09:15
@renovate renovate Bot force-pushed the renovate/helmet-8.x branch from 5dcc87e to f1da32a Compare February 12, 2025 09:17
@renovate renovate Bot force-pushed the renovate/helmet-8.x branch from f1da32a to 0685e11 Compare February 12, 2025 09:32
@sonarqubecloud
Copy link
Copy Markdown

sonarqubecloud Bot commented Feb 12, 2025

Quality Gate Passed Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarQube Cloud

@iNeoO iNeoO closed this Feb 12, 2025
@renovate renovate Bot changed the title fix(deps): update dependency helmet to v8 fix(deps): update dependency helmet to v8 - autoclosed Feb 12, 2025
@renovate renovate Bot deleted the renovate/helmet-8.x branch February 12, 2025 09:41
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

dependencies

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@iNeoO