Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

chore(deps): update dependency happy-dom to v15.10.2 [security] - autoclosed #254

Closed
wants to merge 1 commit into from
Closed

chore(deps): update dependency happy-dom to v15.10.2 [security] - autoclosed #254

wants to merge 1 commit into from

Conversation

renovate[bot]
Copy link

@renovate renovate bot commented Nov 9, 2024

This PR contains the following updates:

Package Change Age Adoption Passing Confidence
happy-dom 15.7.4 -> 15.10.2 age adoption passing confidence

GitHub Vulnerability Alerts

CVE-2024-51757

Impact

Consumers of the NPM package happy-dom

Patches

The security vulnerability has been patched in v15.10.2

Workarounds

No easy workarounds to my knowledge

References

#​1585

Release Notes

capricorn86/happy-dom (happy-dom)

v15.10.2

Compare Source

👷‍♂️ Patch fixes
  • Fixes a security vulnerability that allowed for server side code to be executed by a <script> tag - By @​capricorn86 in task #​1585
    • There was a case that was missed with the first patch

v15.10.1

Compare Source

👷‍♂️ Patch fixes
  • Fixes a security vulnerability that allowed for server side code to be executed by a <script> tag - By @​capricorn86 in task #​1585

v15.10.0

Compare Source

🎨 Features
  • Adds a new setting called disableSameOriginPolicy that makes it possible to bypass the same-origin policy in fetch requests - By @​OlaviSau in task #​1553

v15.9.0

Compare Source

🎨 Features
  • Adds support for "aspect-ratio" to CSSStyleDeclaration - By @​yinm in task #​1147

v15.8.5

Compare Source

👷‍♂️ Patch fixes
  • Fixes bug where Node.getRootNode() returned null when it was within a ShadowRoot that previously been disconnected from the Document - By @​capricorn86 in task #​1581

v15.8.4

Compare Source

👷‍♂️ Patch fixes
  • Fixes bug where child nodes of HTMLSelectElement and HTMLFormElement had the wrong reference to the parent - By @​capricorn86 in task #​1578

v15.8.3

Compare Source

👷‍♂️ Patch fixes
  • Toggle "open" attribute on HTMLDetailsElement when dispatching a click event on a summary element which is a child of the details element - By @​mikedidomizio in task #​1534

v15.8.2

Compare Source

👷‍♂️ Patch fixes
  • Use globalThis instead of global to make Happy DOM work in other runtimes such as Cloudflare workers - By @​mattallty in task #​1546

v15.8.1

Compare Source

👷‍♂️ Patch fixes

v15.8.0

Compare Source

Configuration

📅 Schedule: Branch creation - "" (UTC), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

Rebasing: Whenever PR is behind base branch, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.

  • If you want to rebase/retry this PR, check this box

This PR was generated by Mend Renovate. View the repository job log.

@renovate renovate bot requested a review from a team as a code owner November 9, 2024 07:59
@renovate renovate bot changed the title chore(deps): update dependency happy-dom to v15.10.2 [security] chore(deps): update dependency happy-dom to v15.10.2 [security] - autoclosed Nov 19, 2024
@renovate renovate bot closed this Nov 19, 2024
@renovate renovate bot deleted the renovate/npm-happy-dom-vulnerability branch November 19, 2024 14:34
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
0 participants