From 11d1b2fae530052629049c6418728fd8361b9f42 Mon Sep 17 00:00:00 2001 From: renovate <29139614+renovate@users.noreply.github.com> Date: Mon, 14 Apr 2025 02:18:12 +0000 Subject: [PATCH] chore: bump up @nestjs/common version to v11.0.16 [SECURITY] (#11645) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit This PR contains the following updates: | Package | Change | Age | Adoption | Passing | Confidence | |---|---|---|---|---|---| | [@nestjs/common](https://nestjs.com) ([source](https://redirect.github.com/nestjs/nest/tree/HEAD/packages/common)) | [`11.0.15` -> `11.0.16`](https://renovatebot.com/diffs/npm/@nestjs%2fcommon/11.0.15/11.0.16) | [![age](https://developer.mend.io/api/mc/badges/age/npm/@nestjs%2fcommon/11.0.16?slim=true)](https://docs.renovatebot.com/merge-confidence/) | [![adoption](https://developer.mend.io/api/mc/badges/adoption/npm/@nestjs%2fcommon/11.0.16?slim=true)](https://docs.renovatebot.com/merge-confidence/) | [![passing](https://developer.mend.io/api/mc/badges/compatibility/npm/@nestjs%2fcommon/11.0.15/11.0.16?slim=true)](https://docs.renovatebot.com/merge-confidence/) | [![confidence](https://developer.mend.io/api/mc/badges/confidence/npm/@nestjs%2fcommon/11.0.15/11.0.16?slim=true)](https://docs.renovatebot.com/merge-confidence/) | ### GitHub Vulnerability Alerts #### [CVE-2024-29409](https://nvd.nist.gov/vuln/detail/CVE-2024-29409) File Upload vulnerability in nestjs nest prior to v.11.0.16 allows a remote attacker to execute arbitrary code via the Content-Type header. --- ### Release Notes
nestjs/nest (@​nestjs/common) ### [`v11.0.16`](https://redirect.github.com/nestjs/nest/compare/v11.0.15...v11.0.16) [Compare Source](https://redirect.github.com/nestjs/nest/compare/v11.0.15...v11.0.16)
--- ### Configuration 📅 **Schedule**: Branch creation - "" (UTC), Automerge - At any time (no schedule defined). 🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] If you want to rebase/retry this PR, check this box --- This PR was generated by [Mend Renovate](https://mend.io/renovate/). View the [repository job log](https://developer.mend.io/github/toeverything/AFFiNE). --- yarn.lock | 7 ++++--- 1 file changed, 4 insertions(+), 3 deletions(-) diff --git a/yarn.lock b/yarn.lock index 3bac735842..d7f1200621 100644 --- a/yarn.lock +++ b/yarn.lock @@ -8648,8 +8648,8 @@ __metadata: linkType: hard "@nestjs/common@npm:^11.0.12": - version: 11.0.15 - resolution: "@nestjs/common@npm:11.0.15" + version: 11.0.16 + resolution: "@nestjs/common@npm:11.0.16" dependencies: iterare: "npm:1.2.1" tslib: "npm:2.8.1" @@ -8657,6 +8657,7 @@ __metadata: peerDependencies: class-transformer: "*" class-validator: "*" + file-type: ^20.4.1 reflect-metadata: ^0.1.12 || ^0.2.0 rxjs: ^7.1.0 peerDependenciesMeta: @@ -8664,7 +8665,7 @@ __metadata: optional: true class-validator: optional: true - checksum: 10/404d9ef375b0b1f504070c3cd32bfbe61cbd7a19673dd47f5038fddd45031a8fb4d10a0670df19d83817d914d60062cefe3f6ca9bcc957476a9b4bd00cdfec24 + checksum: 10/e212da5be940b3cee4ec802263672313c55c55851382facd69d650e1afd6e16fe08829e00e4384fa80e3d724292e5e998fe3da6be04e6710034cd99f1ad791f8 languageName: node linkType: hard