Skip to content

chore(deps): Bump ip from 2.0.0 to 2.0.1#263

Merged
amannn merged 1 commit into
amannn:mainfrom
Brink-Software:dependabot/npm_and_yarn/ip-2.0.1
Apr 24, 2024
Merged

chore(deps): Bump ip from 2.0.0 to 2.0.1#263
amannn merged 1 commit into
amannn:mainfrom
Brink-Software:dependabot/npm_and_yarn/ip-2.0.1

Conversation

@EelcoLos

@EelcoLos EelcoLos commented Apr 24, 2024
edited
Loading

Copy link
Copy Markdown
Contributor

This PR is a request to fix the "NPM IP package incorrectly identifies some private IP addresses as public"

This Dependabot Moderate issue is also visible at GHSA-grv7-fg5c-xmjg

these are displayed in : CWE-1050

PR on forked branch: Brink-Software#30

below is cited from Dependabot:

Bumps ip from 2.0.0 to 2.0.1.

Commits

@dependabot
chore(deps): Bump ip from 2.0.0 to 2.0.1
bd6758f 
Bumps [ip](https://github.com/indutny/node-ip) from 2.0.0 to 2.0.1.
- [Commits](indutny/node-ip@v2.0.0...v2.0.1)

---
updated-dependencies:
- dependency-name: ip
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>
@amannn

amannn commented Apr 24, 2024

Copy link
Copy Markdown
Owner

Thanks!

@amannn amannn merged commit 5e7e9ac into amannn:main Apr 24, 2024
@dependabot dependabot Bot deleted the dependabot/npm_and_yarn/ip-2.0.1 branch April 24, 2024 16:50
FlipEnergy added a commit to gorgias/action-semantic-pull-request that referenced this pull request Aug 29, 2024
@FlipEnergy @bcaurel
@amannn @semantic-release-bot @EelcoLos @dependabot @gustavkj @garysassano
chore(ops): Update fork and Readme about how gorgians should use it (#2)
0e60fe4 
* feat: Add outputs for `type`, `scope` and `subject` (amannn#261 by @bcaurel)

* Update validatePrTitle.js

* Update README.md

* Update README.md

---------

Co-authored-by: Jan Amann <jan@amann.work>

* chore: Release 5.5.0 [skip ci]

* fix: Bump ip from 2.0.0 to 2.0.1 (amannn#263 by @EelcoLos)

Bumps [ip](https://github.com/indutny/node-ip) from 2.0.0 to 2.0.1.
- [Commits](indutny/node-ip@v2.0.0...v2.0.1)

---
updated-dependencies:
- dependency-name: ip
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* chore: Release 5.5.1 [skip ci]

* fix: Bump tar from 6.1.11 to 6.2.1 (amannn#262 by @EelcoLos)

Bumps [tar](https://github.com/isaacs/node-tar) from 6.1.11 to 6.2.1.
- [Release notes](https://github.com/isaacs/node-tar/releases)
- [Changelog](https://github.com/isaacs/node-tar/blob/main/CHANGELOG.md)
- [Commits](isaacs/node-tar@v6.1.11...v6.2.1)

---
updated-dependencies:
- dependency-name: tar
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* chore: Release 5.5.2 [skip ci]

* chore: Update major tag (amannn#268 by @gustavkj)

* chore(deps): Bump braces from 3.0.2 to 3.0.3 (amannn#269 by @EelcoLos)

* fix: Bump `braces` dependency (amannn#269. by @EelcoLos)

* chore: Release 5.5.3 [skip ci]

* docs: Mention `reopened` trigger in README (amannn#272 by @garysassano)

* feat(ops): Update readme to reflect how gorgians should use

---------

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: Brandon Caurel <brandon.caurel@doctolib.com>
Co-authored-by: Jan Amann <jan@amann.work>
Co-authored-by: semantic-release-bot <semantic-release-bot@martynus.net>
Co-authored-by: Eelco Los <5102501+EelcoLos@users.noreply.github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Gustav Utterheim <gustav@utterheim.com>
Co-authored-by: Jan Amann <jan@amann.me>
Co-authored-by: Gary Sassano <10464497+garysassano@users.noreply.github.com>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@EelcoLos @amannn