Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

NOT MERGED chore: Update dependency @zowe/cli to v7.23.5 [SECURITY] (v3.x.x) #3707

Closed
wants to merge 1 commit into from
Closed

NOT MERGED chore: Update dependency @zowe/cli to v7.23.5 [SECURITY] (v3.x.x) #3707

wants to merge 1 commit into from

Conversation

zowe-robot
Copy link
Contributor

@zowe-robot zowe-robot commented Aug 28, 2024
edited
Loading

This PR contains the following updates:

Package Type Update Change
@zowe/cli (source) devDependencies minor 7.19.0 -> 7.23.5

GitHub Vulnerability Alerts

CVE-2024-6833

A vulnerability in Zowe CLI allows local, privileged actors to store previously entered secure credentials in a plaintext file as part of an auto-init operation.

Release Notes

zowe/zowe-cli (@​zowe/cli)

v7.23.5

Compare Source

Zowe CLI

  • BugFix: Fixed default base profile missing in config generated by zowe config auto-init #​2084

v7.23.4

Compare Source

Zowe CLI

  • BugFix: Updated dependencies of the daemon client for technical currency #​2076

Imperative

  • BugFix: Fixed race condition in config convert-profiles command that may fail to delete secure values for old profiles

v7.23.3

Compare Source

Imperative

  • BugFix: Resolved issue in ProfileInfo where schema comparisons fail, specifically when comparing the cached schema against a command-based schema during registration.

v7.23.2

Compare Source

Zowe CLI

  • BugFix: Resolved technical currency by updating socks transitive dependency

Imperative

  • BugFix: Resolved technical currency by updating socks transitive dependency

v7.23.1

Compare Source

Zowe CLI

  • Enhancement: Adding --binary and --encoding options to zosfiles edit to zowe V2

v7.23.0

Compare Source

Zowe CLI

  • BugFix: Update zos-files copy dsclp system tests to include large mock files.

Imperative

  • BugFix: Updated mustache and jsonschema dependencies for technical currency.
  • Enhancement: Added multiple APIs to the ProfileInfo class to help manage schemas between client applications. #​2012

v7.22.0

Compare Source

Zowe CLI

  • Enhancement: Hid the progress bar if CI environment variable is set, or if FORCE_COLOR environment variable is set to 0. #​1845

Imperative

  • Enhancement: Hid the progress bar if CI environment variable is set, or if FORCE_COLOR environment variable is set to 0. #​1845
  • BugFix: Fixed issue where secure property names could be returned for the wrong profile. zowe-explorer#2633

v7.21.4

Compare Source

Imperative

  • BugFix: Fixed issue when a property is not found in ProfileInfo.updateProperty({forceUpdate: true}). zowe-explorer#2493

v7.21.3

Compare Source

z/OS Files SDK

  • BugFix: Corrects the behavior of Create.dataSetLike so that the new data set is always defined with the correct block size #​2610

v7.21.2

Compare Source

Zowe CLI

  • BugFix: Correct extra character being displayed at the end of lines when issuing zowe files compare on Windows. #​1992
  • BugFix: Correct the online help description for zowe files compare uss. #​1754
  • BugFix: Fixed typo in command help for zowe zos-workflows create commands.

Core SDK

  • BugFix: Add information about password-protected certificate file support. #​2006

Imperative

  • BugFix: Fixed error message shown for null option definition to include details about which command caused the error. #​2002

v7.21.1

Compare Source

z/OS USS SDK

  • BugFix: Updated ssh2 package to resolve technical currency

v7.21.0

Compare Source

imperative

  • Enhancement: Added the ability to forceUpdate a property using the ProfileInfo.updateProperty method. zowe-explorer#2493

v7.20.1

Compare Source

Zowe CLI

  • BugFix: Add missing npm-shrinkwrap

v7.20.0

Compare Source

Zowe CLI

  • Deprecated: getDataSet in the zosfiles command group utility functions, use zosfiles SDK's ZosFilesUtils.getDataSetFromName instead. #​1696

z/OS Files SDK

  • Enhancement: Adds ZosFilesUtils.getDataSetFromName to create an IDataSet from a dataset name #​1696

Configuration

📅 Schedule: Branch creation - "" (UTC), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

Rebasing: Whenever PR is behind base branch, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.

  • If you want to rebase/retry this PR, check this box

This PR has been generated by Renovate Bot.

@zowe-robot zowe-robot added the dependencies Pull requests that update a dependency file label Aug 28, 2024
@zowe-robot zowe-robot force-pushed the renovate/v3.x.x-npm-zowe-cli-vulnerability branch 2 times, most recently from 9ae8764 to c733c8e Compare September 2, 2024 01:02
@zowe-robot zowe-robot force-pushed the renovate/v3.x.x-npm-zowe-cli-vulnerability branch from c733c8e to 4ba3e9a Compare September 3, 2024 00:59
@pablocarle pablocarle closed this Sep 3, 2024
@pablocarle pablocarle deleted the renovate/v3.x.x-npm-zowe-cli-vulnerability branch September 3, 2024 12:55
@zowe-robot
Copy link
Contributor Author

Renovate Ignore Notification

Because you closed this PR without merging, Renovate will ignore this update (7.23.5). You will get a PR once a newer version is released. To ignore this dependency forever, add it to the ignoreDeps array of your Renovate config.

If you accidentally closed this PR, or if you changed your mind: rename this PR to get a fresh replacement PR.

@arxioly arxioly changed the title chore: Update dependency @zowe/cli to v7.23.5 [SECURITY] (v3.x.x) NOT MERGED chore: Update dependency @zowe/cli to v7.23.5 [SECURITY] (v3.x.x) Sep 4, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
dependencies Pull requests that update a dependency file size/XS
Projects
API Mediation Layer Backlog Management
Status: Done
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@zowe-robot @pablocarle @renovate-bot