krausefx / whereisfelix.today-backend Goto Github PK

When no upcoming trip data is available, the next destination displays invalid data 😉
Or do you try to build a time machine ⏰🤪 ("Leaving for 49 years ago")

Happy holiday 🏖

This issue provides visibility into Renovate updates and their statuses. Learn more

Rate Limited

These updates are currently rate limited. Click on a checkbox below to force their creation now.

• Update dependency @angular-devkit/build-angular to ~0.1102.0
• Update dependency core-js to ~2.6.0
• Update dependency tsd to ^0.19.0
• Update angular-cli monorepo to v13 (major) (@angular-devkit/build-angular, @angular/cli)
• Update dependency @types/node to v16
• Update dependency jasmine-spec-reporter to v7
• Update dependency karma to v6
• Update dependency ngx-moment to v6
• Update dependency rxjs to v7
• Update dependency ts-node to v10
• Update dependency tslib to v2
• Update dependency typescript to v4

Open

These updates have all been created already. Click a checkbox below to force a retry/rebase of any.

• Update dependency browserslist to 4.16.5 [SECURITY]
• Update dependency engine.io to 4.0.0 [SECURITY]
• Update dependency karma to 6.3.14 [SECURITY]
• Update dependency log4js to 6.4.0 [SECURITY]
• Update dependency socket.io to 2.4.0 [SECURITY]
• Update dependency webpack-subresource-integrity to 1.5.1 [SECURITY]
• Update dependency xmlhttprequest-ssl to 1.6.2 [SECURITY]
• Update dependency codelyzer to ~5.2.0
• Update dependency karma-jasmine to ~3.3.0
• Update dependency ngx-moment to v3.5.0
• Update dependency rxjs to ~6.6.0
• Update dependency typescript to v3.9.10
• Update dependency zone.js to ~0.11.0
• Update angular monorepo to v13 (major) (@angular/animations, @angular/common, @angular/compiler, @angular/compiler-cli, @angular/core, @angular/forms, @angular/language-service, @angular/platform-browser, @angular/platform-browser-dynamic, @angular/router)
• Update dependency codelyzer to v6
• Update dependency jasmine-core to v4
• Update dependency karma-coverage-istanbul-reporter to v3
• Update dependency karma-jasmine to v4
• Update dependency protractor to v7
• Click on this checkbox to rebase all open PRs at once

Ignored or Blocked

These are blocked by an existing closed PR and will not be recreated unless you click a checkbox below.

• Update dependency @types/node to ~8.10.0
• Update dependency @types/jasmine to v3
• Update dependency core-js to v3
• Update dependency karma-jasmine-html-reporter to v1

• Check this box to trigger a request for Renovate to run again on this repository

On registry https://registry.npmjs.org/, the "latest" version (v0.6.5) of dependency tsd has the following deprecation notice:

TSD is deprecated in favor of Typings (https://github.com/typings/typings) - see https://github.com/DefinitelyTyped/tsd/issues/269 for more information

Marking the latest version of an npm package as deprecated results in the entire package being considered deprecated, so contact the package author you think this is a mistake.

Affected package file(s): package.json

If you don't care about this, you can close this issue and not be warned about tsd's deprecation again. If you would like to completely disable all future deprecation warnings then add the following to your config:

"suppressNotifications": ["deprecationWarningIssues"]

did you invent the time machine? :)

检测到 KrauseFx/whereisfelix.today-backend 一共引入了207个开源组件，存在10个漏洞

漏洞标题：lodash 安全漏洞
缺陷组件：[email protected]
漏洞编号：CVE-2019-10744
漏洞描述：lodash是一款开源的JavaScript实用程序库。
lodash 4.17.12之前版本中存在安全漏洞。攻击者可借助defaultsDeep参数利用该漏洞添加或修改Object.prototype的对象。
国家漏洞库信息：https://www.cnvd.org.cn/flaw/show/CNVD-2019-25451
影响范围：(∞, 4.17.12)
最小修复版本：4.17.12
缺陷组件引入路径：[email protected]>mfp@git+https://[email protected]/KrauseFx/mfp.git#33135df144f16664b6288773500a753268521035->[email protected]>[email protected]

另外还有10个漏洞，详细报告：https://mofeisec.com/jr?p=ab27fe