gnosis
/
dex-contracts
/
5300
/
1
100%
master: 100%
master: 100%
|
Ran
|
Files
7
|
Run time
2s
|
Badge
Embed ▾
README BADGES
|
coverage: 100.0%. Remained the same
push
travis-ci-com
web-flow[Security] Bump bl from 1.2.2 to 1.2.3 (#970) Bumps [bl](https://github.com/rvagg/bl) from 1.2.2 to 1.2.3. **This update includes a security fix.** <details> <summary>Vulnerabilities fixed</summary> <p><em>Sourced from <a href="https://github.com/advisories/GHSA-pp7h-53gx-mx7r">The GitHub Security Advisory Database</a>.</em></p> <blockquote> <p><strong>Remote Memory Exposure in bl</strong> A buffer over-read vulnerability exists in bl <4.0.3, <3.0.1, <2.2.1 and <1.2.3 which could allow an attacker to supply user input (even typed) that if it ends up in consume() argument and can become negative, the BufferList state can be corrupted, tricking it into exposing uninitialized memory via regular .slice() calls.</p> <p>Affected versions: < 1.2.3</p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/rvagg/bl/commit/d69edfd66"><code>d69edfd</code></a> 1.2.3</li> <li><a href="https://github.com/rvagg/bl/commit/847473ab5"><code>847473a</code></a> test all branches</li> <li><a href="https://github.com/rvagg/bl/commit/0bd87ec97"><code>0bd87ec</code></a> Fix unintialized memory access</li> <li><a href="https://github.com/rvagg/bl/commit/dc097f3f3"><code>dc097f3</code></a> test newer versions of Node</li> <li>See full diff in <a href="https://github.com/rvagg/bl/compare/v1.2.2...v1.2.3">compare view</a></li> </ul> </details> <br /> [](https://dependabot.com/compatibility-score/?dependency-name=bl&package-manager=npm_and_yarn&previous-version=1.2.2&new-version=1.2.3) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by comme... (continued)
98 of 98 branches covered (100.0%)
Branch coverage included in aggregate %.
264 of 264 relevant lines covered (100.0%)
81.86 hits per line
