Skip to content

chore(deps): update dependency got to v11.8.5 [security]#96

Open
renovate[bot] wants to merge 1 commit into
masterfrom
renovate/npm-got-vulnerability
Open

chore(deps): update dependency got to v11.8.5 [security]#96
renovate[bot] wants to merge 1 commit into
masterfrom
renovate/npm-got-vulnerability

Conversation

@renovate
Copy link
Copy Markdown
Contributor

@renovate renovate Bot commented Jun 23, 2022
edited
Loading

This PR contains the following updates:

Package Change Age Confidence
got 11.8.011.8.5 age confidence

Got allows a redirect to a UNIX socket

CVE-2022-33987 / GHSA-pfrx-2q88-qq97

More information

Details

The got package before 11.8.5 and 12.1.0 for Node.js allows a redirect to a UNIX socket.

Severity

  • CVSS Score: 5.3 / 10 (Medium)
  • Vector String: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N

References

This data is provided by the GitHub Advisory Database (CC-BY 4.0).

Release Notes

sindresorhus/got (got)

v11.8.5

Compare Source

v11.8.3

Compare Source

v11.8.2

Compare Source

  • Make the dnsCache option lazy (#​1529) 3bd245f
    This slightly improves Got startup performance and fixes an issue with Jest.

v11.8.1

Compare Source

Configuration

📅 Schedule: (UTC)

  • Branch creation
    • ""
  • Automerge
    • At any time (no schedule defined)

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.

  • If you want to rebase/retry this PR, check this box

This PR was generated by Mend Renovate. View the repository job log.

@renovate renovate Bot changed the title chore(deps): update dependency got to 11.8.5 [security] chore(deps): update dependency got to 11.8.5 [SECURITY] Jun 27, 2022
@renovate renovate Bot changed the title chore(deps): update dependency got to 11.8.5 [SECURITY] chore(deps): update dependency got to 11.8.5 [security] Jun 28, 2022
@renovate renovate Bot changed the title chore(deps): update dependency got to 11.8.5 [security] fix(deps): update dependency got to v11.8.5 [security] Mar 23, 2023
@renovate renovate Bot force-pushed the renovate/npm-got-vulnerability branch from 2e066cf to f098364 Compare November 14, 2023 20:46
@renovate renovate Bot changed the title fix(deps): update dependency got to v11.8.5 [security] fix(deps): update dependency got to v11.8.5 [security] - autoclosed Feb 24, 2024
@renovate renovate Bot closed this Feb 24, 2024
@renovate renovate Bot deleted the renovate/npm-got-vulnerability branch February 24, 2024 04:35
@renovate renovate Bot changed the title fix(deps): update dependency got to v11.8.5 [security] - autoclosed fix(deps): update dependency got to v11.8.5 [security] Feb 24, 2024
@renovate renovate Bot restored the renovate/npm-got-vulnerability branch February 24, 2024 06:25
@renovate renovate Bot reopened this Feb 24, 2024
@renovate renovate Bot force-pushed the renovate/npm-got-vulnerability branch from f098364 to a041770 Compare February 24, 2024 06:25
@renovate renovate Bot force-pushed the renovate/npm-got-vulnerability branch from a041770 to 9d8d033 Compare June 4, 2024 12:15
@renovate renovate Bot changed the title fix(deps): update dependency got to v11.8.5 [security] chore(deps): update dependency got to v11.8.5 [security] Sep 25, 2025
@renovate renovate Bot force-pushed the renovate/npm-got-vulnerability branch from 9d8d033 to f44010e Compare September 25, 2025 21:15
@renovate renovate Bot force-pushed the renovate/npm-got-vulnerability branch from f44010e to ad2621d Compare November 18, 2025 12:31
@renovate renovate Bot changed the title chore(deps): update dependency got to v11.8.5 [security] chore(deps): update dependency got to v11.8.5 [security] - autoclosed Mar 27, 2026
@renovate renovate Bot closed this Mar 27, 2026
@renovate renovate Bot deleted the renovate/npm-got-vulnerability branch March 27, 2026 01:05
@renovate renovate Bot changed the title chore(deps): update dependency got to v11.8.5 [security] - autoclosed chore(deps): update dependency got to v11.8.5 [security] Mar 30, 2026
@renovate renovate Bot reopened this Mar 30, 2026
@renovate renovate Bot force-pushed the renovate/npm-got-vulnerability branch from ad2621d to a7d9c6f Compare March 30, 2026 21:33
@renovate renovate Bot changed the title chore(deps): update dependency got to v11.8.5 [security] chore(deps): update dependency got to v11.8.5 [security] - autoclosed Apr 27, 2026
@renovate renovate Bot closed this Apr 27, 2026
@renovate renovate Bot changed the title chore(deps): update dependency got to v11.8.5 [security] - autoclosed chore(deps): update dependency got to v11.8.5 [security] Apr 28, 2026
@renovate renovate Bot reopened this Apr 28, 2026
@renovate renovate Bot force-pushed the renovate/npm-got-vulnerability branch 2 times, most recently from a7d9c6f to 1949b09 Compare April 28, 2026 01:01
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

0 participants