chore(deps): update dependency karma to v6.3.16 [security] #339
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
This PR contains the following updates:
6.3.12
->6.3.16
GitHub Vulnerability Alerts
CVE-2022-0437
karma prior to version 6.3.14 contains a cross-site scripting vulnerability.
CVE-2021-23495
Karma before 6.3.16 is vulnerable to Open Redirect due to missing validation of the return_url query parameter.
Release Notes
karma-runner/karma
v6.3.16
Compare Source
Bug Fixes
v6.3.15
Compare Source
Bug Fixes
v6.3.14
Compare Source
Bug Fixes
singleRun
andautoWatch
arefalse
(69cfc76)returnUrl
query param (839578c)v6.3.13
Compare Source
Bug Fixes
Configuration
π Schedule: "" in timezone Europe/Bucharest.
π¦ Automerge: Disabled by config. Please merge this manually once you are satisfied.
β» Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.
π Ignore: Close this PR and you won't be reminded about this update again.
This PR has been generated by WhiteSource Renovate. View repository job log here.