Skip to content

chore(deps): update dependency got to v11.8.5 [security] #85

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
renovate wants to merge 1 commit into
base: staging
Choose a base branch
from
Open

chore(deps): update dependency got to v11.8.5 [security] #85

renovate wants to merge 1 commit into from

Conversation

@renovate
Copy link
Contributor

@renovate renovate bot commented Jun 23, 2022
edited
Loading

This PR contains the following updates:

Package Change Age Confidence
got 11.0.211.8.5 age confidence

GitHub Vulnerability Alerts

CVE-2022-33987

The got package before 11.8.5 and 12.1.0 for Node.js allows a redirect to a UNIX socket.

Release Notes

sindresorhus/got (got)

v11.8.5

Compare Source

v11.8.3

Compare Source

v11.8.2

Compare Source

  • Make the dnsCache option lazy (#​1529) 3bd245f
    This slightly improves Got startup performance and fixes an issue with Jest.

v11.8.1

Compare Source

v11.8.0

Compare Source

v11.7.0

Compare Source

Improvements
Fixes
  • Fix a regression where body was sent after redirect 88b32ea
  • Fix destructure error on promise.json() c97ce7c
  • Do not ignore userinfo on a redirect to the same origin 52de13b

v11.6.2

Compare Source

Bug fixes
  • Inherit the prefixUrl option from parent if it's undefined (#​1448) a3da70a
  • Prepare a fix for hanging promise on Node.js 14.10.x 29d4e32
  • Prepare for Node.js 15.0.0 c126ff1
Docs
Tests

v11.6.1

Compare Source

Fixes
Meta

v11.6.0

Compare Source

Improvements
  • Add retry stream event (#​1384) 7072198
  • Add types for http-cache-semantics options 2e2295f
  • Make CancelError inherit RequestError 1f132e8
  • Add retryAfter to RetryObject 643a305
  • Add documentation comments to exported TypeScript types (#​1278) eaf1e02
  • Move cache options into a cacheOptions property 9c16d90
Bug fixes
  • Got promise shouldn't retry when the body is a stream 6e1aeae
Docs
  • Add an example of nock integration with retrying f7bbc37
  • Fix CancelError docs 28c400f
  • Fix retry delay function in the README (#​1425) 38bbb04

v11.5.2

Compare Source

Docs
Bug fixes
  • Fix duplicated hooks when paginating e02845f
  • Fix dnsCache: true having no effect 043c950

v11.5.1

Compare Source

Enhancements
  • Upgrade http2-wrapper to 1.0.0-beta.5.0 16e7f03
  • Compatibility fix to ignore incorrect Node.js 12 typings f7a1379 61d6f61
Bug fixes
Docs

v11.5.0

Compare Source

Improvements
Fixes
  • Fix TypeScript types for Promise API (#​1344) 676be6d
  • Fix cache not working with HTTP2 ac5f67d
  • Fix response event not being emitted on cache verify request (#​1305) da4769e
  • Work around a bug in Node.js <=12.18.2 f33e8bc
  • Remove request error handler after response is downloaded e1afe82
  • Revert "Remove request error handler after response is downloaded" aeb2e07
Docs
  • Mention advanced usage of a beforeRequest hook 779062a
  • Mention to end the stream if there's no body 044767e

v11.4.0

Compare Source

  • Fix hanging promise on timeout on HTTP error 934211f
  • Use async iterators to get response body (#​1256) 7dcd145
  • Fix promise not returning Buffer on compressed response 5028c11
  • Clarify options.encoding docs 04f3ea4
  • Fix unhandled The server aborted pending request rejection 728aef9
  • Add missing ECONNRESET code to an abort error d325d35
  • Fix prefixUrl not working when the url argument is empty 8d3412a
  • Improve the searchParams option 4dbada9
  • Fix non-enumerable options [such as body] not being used 8f775c7

v11.3.0

Compare Source

v11.2.0

Compare Source

v11.1.4

Compare Source

v11.1.3

Compare Source

v11.1.2

Compare Source

Bug fixes
  • Disable options.dnsCache by default 79507c2

This should stay disabled when making requests to internal hostnames such as localhost, database.local etc.
CacheableLookup uses dns.resolver4(..) and dns.resolver6(...) under the hood and fall backs to dns.lookup(...) when the first two fail, which may lead to additional delay.

Enhancements

v11.1.1

Compare Source

  • Improve Node.js 14 compatibility 50ef99a
  • Fix got.mergeOptions() regression 157e02b
  • Fix hanging promise when using cache 7b19e8f
  • Make options.responseType optional when using a template 9ed0a39

v11.1.0

Compare Source

v11.0.3

Compare Source

Fixes
  • Limit number of requests in pagination to prevent accidental overflows (#​1181) 4344c3a
  • Fix promise rejecting before retry b927e2d
  • Fix options.searchParams duplicates 429db40
  • Prevent calling .abort() on a destroyed request 63c1b72
Docs
  • Fix incorrect usage in the readme examples (#​1203) 16ff82f
  • Note that cache and dnsCache can be false 7c5290d

Configuration

📅 Schedule: Branch creation - "" (UTC), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.

  • If you want to rebase/retry this PR, check this box

This PR was generated by Mend Renovate. View the repository job log.

@codecov
Copy link

codecov bot commented Jun 23, 2022

Codecov Report

Merging #85 (8dba98d) into staging (ccd6135) will not change coverage.
The diff coverage is n/a.

@@            Coverage Diff            @@
##           staging       #85   +/-   ##
=========================================
  Coverage   100.00%   100.00%           
=========================================
  Files            5         5           
  Lines          119       119           
  Branches         7        11    +4     
=========================================
  Hits           119       119
Flag Coverage Δ
unittests 100.00% <ø> (ø)

Flags with carried forward coverage won't be shown. Click here to find out more.

Continue to review full report at Codecov.

Legend - Click here to learn more
Δ = absolute <relative> (impact), ø = not affected, ? = missing data
Powered by Codecov. Last update ccd6135...8dba98d. Read the comment docs.

@renovate renovate bot changed the title fix(deps): update dependency got to v11.8.5 [security] Update dependency got to v11.8.5 [SECURITY] Dec 17, 2022
@renovate renovate bot changed the title Update dependency got to v11.8.5 [SECURITY] fix(deps): update dependency got to v11.8.5 [security] Dec 17, 2022
@renovate renovate bot force-pushed the renovate/npm-got-vulnerability branch from 8dba98d to 0e2cba1 Compare January 23, 2025 18:02
@renovate renovate bot force-pushed the renovate/npm-got-vulnerability branch from 0e2cba1 to 51d8375 Compare January 30, 2025 19:31
@renovate renovate bot force-pushed the renovate/npm-got-vulnerability branch from 51d8375 to 9ad14e2 Compare February 9, 2025 14:36
@renovate renovate bot force-pushed the renovate/npm-got-vulnerability branch from 9ad14e2 to 535eed3 Compare March 3, 2025 11:44
@renovate renovate bot force-pushed the renovate/npm-got-vulnerability branch from 535eed3 to a0b8ac9 Compare March 11, 2025 11:00
@renovate renovate bot force-pushed the renovate/npm-got-vulnerability branch 2 times, most recently from d68143b to 8de3b39 Compare April 8, 2025 10:21
@renovate renovate bot force-pushed the renovate/npm-got-vulnerability branch from 8de3b39 to d9b7fba Compare April 24, 2025 10:54
@renovate renovate bot force-pushed the renovate/npm-got-vulnerability branch from d9b7fba to d532722 Compare May 19, 2025 16:53
@renovate renovate bot force-pushed the renovate/npm-got-vulnerability branch from d532722 to 5a266da Compare May 28, 2025 09:59
@renovate renovate bot force-pushed the renovate/npm-got-vulnerability branch from 5a266da to 9af4593 Compare June 4, 2025 10:58
@renovate renovate bot force-pushed the renovate/npm-got-vulnerability branch from 9af4593 to 8da743f Compare June 22, 2025 15:06
@renovate renovate bot force-pushed the renovate/npm-got-vulnerability branch from 8da743f to 9a6ea93 Compare July 2, 2025 21:56
@renovate renovate bot force-pushed the renovate/npm-got-vulnerability branch from 9a6ea93 to 51fec2a Compare August 10, 2025 14:43
@renovate renovate bot force-pushed the renovate/npm-got-vulnerability branch from 51fec2a to 024c8ff Compare September 19, 2025 15:53
@renovate renovate bot changed the title fix(deps): update dependency got to v11.8.5 [security] chore(deps): update dependency got to v11.8.5 [security] Sep 25, 2025
@renovate renovate bot force-pushed the renovate/npm-got-vulnerability branch from 024c8ff to ea384a7 Compare October 21, 2025 17:34
@renovate renovate bot force-pushed the renovate/npm-got-vulnerability branch from ea384a7 to 0363a49 Compare November 11, 2025 00:44
@renovate renovate bot force-pushed the renovate/npm-got-vulnerability branch from 0363a49 to c166dc6 Compare November 18, 2025 20:12
@renovate renovate bot force-pushed the renovate/npm-got-vulnerability branch from c166dc6 to d29f403 Compare December 31, 2025 13:33
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant