renovate/37.407.4 package update #22030
Conversation
![octo-sts[bot]](https://avatars.githubusercontent.com/in/801323?s=60&v=4){kind=small}
octo-sts
bot
commented
Jun 14, 2024
octo-sts
bot
commented
Signed-off-by: wolfi-bot <[email protected]>
octo-sts
bot
added
request-version-update
Package renovate: Click to expand/collapsePackage renovate:
Added: /usr/local/lib/node_modules/renovate/node_modules/@opentelemetry/otlp-transformer/build/esm/common/i-serializer.d.ts bincapz found differences: Click to expand/collapseDeleted: renovate/usr/local/lib/node_modules/renovate/node_modules/import-in-the-middle/test/hook/v18-static-import-assert.mjs [✅ LOW]
Added: renovate/usr/local/lib/node_modules/renovate/node_modules/protobufjs/src/encoder.js [
|
| RISK | KEY | DESCRIPTION | EVIDENCE |
|---|---|---|---|
| +MEDIUM | ref/path/relative | references and possibly executes relative path | ./enum ./types ./util |
| +LOW | evasion/bitwise_math | uses bitwise math | id << 3 |
| +LOW | process/create | create child process | fork |
Added: renovate/usr/local/lib/node_modules/renovate/node_modules/protobufjs/src/oneof.js [⚠️ MEDIUM]
| RISK | KEY | DESCRIPTION | EVIDENCE |
|---|---|---|---|
| +MEDIUM | ref/path/relative | references and possibly executes relative path | ./field ./object ./util |
Added: renovate/usr/local/lib/node_modules/renovate/node_modules/@opentelemetry/otlp-transformer/build/esnext/protobuf/serializers.js [✅ LOW]
| RISK | KEY | DESCRIPTION | EVIDENCE |
|---|---|---|---|
| +LOW | ref/site/url | contains embedded HTTPS URLs | https://www.apache.org/licenses/LICENSE-2.0 |
Added: renovate/usr/local/lib/node_modules/renovate/node_modules/protobufjs/src/types.js [⚠️ MEDIUM]
| RISK | KEY | DESCRIPTION | EVIDENCE |
|---|---|---|---|
| +MEDIUM | ref/path/relative | references and possibly executes relative path | ./util |
Added: renovate/usr/local/lib/node_modules/renovate/node_modules/@opentelemetry/otlp-transformer/build/esm/json/serializers.js [✅ LOW]
| RISK | KEY | DESCRIPTION | EVIDENCE |
|---|---|---|---|
| +LOW | encoding/json/decode | Decodes JSON messages | JSON.parse |
| +LOW | encoding/json/encode | encodes JSON | JSON.stringify |
Added: renovate/usr/local/lib/node_modules/renovate/node_modules/protobufjs/src/util.js [⚠️ MEDIUM]
| RISK | KEY | DESCRIPTION | EVIDENCE |
|---|---|---|---|
| +MEDIUM | ref/path/relative | references and possibly executes relative path | ./enum ./roots ./type ./util |
| +MEDIUM | ref/path/root | path reference within /root | /root |
Added: renovate/usr/local/lib/node_modules/renovate/node_modules/protobufjs/src/roots.js [⚠️ MEDIUM]
| RISK | KEY | DESCRIPTION | EVIDENCE |
|---|---|---|---|
| +MEDIUM | ref/path/relative | references and possibly executes relative path | ./compiled |
Added: renovate/usr/local/lib/node_modules/renovate/node_modules/protobufjs/src/message.js [⚠️ MEDIUM]
| RISK | KEY | DESCRIPTION | EVIDENCE |
|---|---|---|---|
| +MEDIUM | ref/path/relative | references and possibly executes relative path | ./util |
Added: renovate/usr/local/lib/node_modules/renovate/node_modules/protobufjs/scripts/postinstall.js [✅ LOW]
| RISK | KEY | DESCRIPTION | EVIDENCE |
|---|---|---|---|
| +LOW | encoding/json/decode | Decodes JSON messages | JSON.parse |
| +LOW | fs/file/read | reads files | fs.readFile |
Added: renovate/usr/local/lib/node_modules/renovate/node_modules/protobufjs/dist/light/protobuf.min.js [⚠️ MEDIUM]
| RISK | KEY | DESCRIPTION | EVIDENCE |
|---|---|---|---|
| +MEDIUM | kernel/platform | get system identification | process.versions |
| +MEDIUM | techniques/code_eval | evaluate code dynamically using eval() | eval("require")(t) |
| +LOW | encoding/base64 | Supports base64 encoded strings | base64 |
| +LOW | encoding/json/decode | Decodes JSON messages | JSON.parse |
| +LOW | encoding/json/encode | encodes JSON | JSON.stringify |
| +LOW | fs/file/read | reads files | fs.readFile |
| +LOW | ref/site/url | contains embedded HTTPS URLs | https://github.com/dcodeio/protobuf.js |
Added: renovate/usr/local/lib/node_modules/renovate/node_modules/@opentelemetry/otlp-transformer/build/esnext/protobuf/protobuf-export-type.js [✅ LOW]
| RISK | KEY | DESCRIPTION | EVIDENCE |
|---|---|---|---|
| +LOW | ref/site/url | contains embedded HTTPS URLs | https://www.apache.org/licenses/LICENSE-2.0 |
Added: renovate/usr/local/lib/node_modules/renovate/node_modules/protobufjs/src/service.js [⚠️ MEDIUM]
| RISK | KEY | DESCRIPTION | EVIDENCE |
|---|---|---|---|
| +MEDIUM | ref/path/relative | references and possibly executes relative path | ./method ./namespace ./rpc ./util |
Added: renovate/usr/local/lib/node_modules/renovate/node_modules/long/index.js [✅ LOW]
| RISK | KEY | DESCRIPTION | EVIDENCE |
|---|---|---|---|
| +LOW | evasion/bitwise_math | uses bitwise math | 1 << 16 1 << 24 c16 << 16 c48 << 16 |
| +LOW | ref/site/url | contains embedded HTTP URLs | http://www.apache.org/licenses/LICENSE-2.0 |
Added: renovate/usr/local/lib/node_modules/renovate/node_modules/@protobufjs/base64/tests/index.js [✅ LOW]
| RISK | KEY | DESCRIPTION | EVIDENCE |
|---|---|---|---|
| +LOW | encoding/base64 | Supports base64 encoded strings | base64 |
Added: renovate/usr/local/lib/node_modules/renovate/node_modules/protobufjs/src/tokenize.js [⚠️ MEDIUM]
| RISK | KEY | DESCRIPTION | EVIDENCE |
|---|---|---|---|
| +MEDIUM | techniques/code_eval | evaluate code dynamically using exec() | exec(source) |
Added: renovate/usr/local/lib/node_modules/renovate/node_modules/@protobufjs/base64/index.js [⚠️ MEDIUM]
| RISK | KEY | DESCRIPTION | EVIDENCE |
|---|---|---|---|
| +MEDIUM | evasion/bitwise_math | uses bitwise math in both directions | b >> 2 b >> 4 b >> 6 t << 2 |
| +LOW | encoding/base64 | Supports base64 encoded strings | base64 |
Added: renovate/usr/local/lib/node_modules/renovate/node_modules/@protobufjs/utf8/tests/index.js [⚠️ MEDIUM]
| RISK | KEY | DESCRIPTION | EVIDENCE |
|---|---|---|---|
| +MEDIUM | ref/path/relative | references and possibly executes relative path | ./data |
Added: renovate/usr/local/lib/node_modules/renovate/node_modules/protobufjs/src/wrappers.js [⚠️ MEDIUM]
| RISK | KEY | DESCRIPTION | EVIDENCE |
|---|---|---|---|
| +MEDIUM | ref/path/relative | references and possibly executes relative path | ./message |
Added: renovate/usr/local/lib/node_modules/renovate/node_modules/protobufjs/src/type.js [⚠️ MEDIUM]
| RISK | KEY | DESCRIPTION | EVIDENCE |
|---|---|---|---|
| +MEDIUM | ref/path/relative | references and possibly executes relative path | ./converter ./decoder ./encoder ./enum ./field ./mapfield ./message ./namespace ./oneof ./reader ./service ./util ./verifier ./wrappers ./writer |
| +LOW | encoding/base64 | Supports base64 encoded strings | base64 |
Added: renovate/usr/local/lib/node_modules/renovate/node_modules/protobufjs/src/writer_buffer.js [⚠️ MEDIUM]
| RISK | KEY | DESCRIPTION | EVIDENCE |
|---|---|---|---|
| +MEDIUM | ref/path/relative | references and possibly executes relative path | ./util ./writer |
| +LOW | encoding/base64 | Supports base64 encoded strings | base64 |
Added: renovate/usr/local/lib/node_modules/renovate/node_modules/@opentelemetry/otlp-transformer/build/esm/common/i-serializer.js [✅ LOW]
| RISK | KEY | DESCRIPTION | EVIDENCE |
|---|---|---|---|
| +LOW | ref/site/url | contains embedded HTTPS URLs | https://www.apache.org/licenses/LICENSE-2.0 |
Added: renovate/usr/local/lib/node_modules/renovate/node_modules/protobufjs/dist/minimal/protobuf.min.js [⚠️ MEDIUM]
| RISK | KEY | DESCRIPTION | EVIDENCE |
|---|---|---|---|
| +MEDIUM | kernel/platform | get system identification | process.versions |
| +MEDIUM | techniques/code_eval | evaluate code dynamically using eval() | eval("require")(t) |
| +LOW | encoding/base64 | Supports base64 encoded strings | base64 |
| +LOW | ref/site/url | contains embedded HTTPS URLs | https://github.com/dcodeio/protobuf.js |
Added: renovate/usr/local/lib/node_modules/renovate/node_modules/@protobufjs/inquire/tests/index.js [⚠️ MEDIUM]
| RISK | KEY | DESCRIPTION | EVIDENCE |
|---|---|---|---|
| +MEDIUM | ref/path/relative | references and possibly executes relative path | ./tests |
Added: renovate/usr/local/lib/node_modules/renovate/node_modules/@opentelemetry/otlp-transformer/build/src/protobuf/protobuf-export-type.js [✅ LOW]
| RISK | KEY | DESCRIPTION | EVIDENCE |
|---|---|---|---|
| +LOW | ref/site/url | contains embedded HTTPS URLs | https://www.apache.org/licenses/LICENSE-2.0 |
Added: renovate/usr/local/lib/node_modules/renovate/node_modules/protobufjs/index.d.ts [✅ LOW]
| RISK | KEY | DESCRIPTION | EVIDENCE |
|---|---|---|---|
| +LOW | encoding/base64 | Supports base64 encoded strings | base64 |
| +LOW | ref/site/url | contains embedded HTTPS URLs | https://developers.google.com/protocol-buffers/docs/proto3?hl=en |
Added: renovate/usr/local/lib/node_modules/renovate/node_modules/protobufjs/dist/protobuf.js [⚠️ MEDIUM]
| RISK | KEY | DESCRIPTION | EVIDENCE |
|---|---|---|---|
| +MEDIUM | 3P/threat_hunting/rapid7 | references 'rapid7' tool, by mthcht | nexpose |
| +MEDIUM | kernel/platform | get system identification | process.versions |
| +MEDIUM | ref/path/relative | references and possibly executes relative path | ./compiled |
| +MEDIUM | techniques/code_eval | evaluate code dynamically using eval() | eval("quire" |
| +LOW | encoding/base64 | Supports base64 encoded strings | base64 |
| +LOW | encoding/json/decode | Decodes JSON messages | JSON.parse |
| +LOW | encoding/json/encode | encodes JSON | JSON.stringify |
| +LOW | fs/file/read | reads files | fs.readFile |
| +LOW | ref/site/url | contains embedded HTTPS URLs | https://developer.mozilla.org/en-US/docs/Web/API/XMLHttpRequest/Sending_a https://developers.google.com/protocol-buffers/docs/proto3?hl=en protobufjs/protobuf.js#665 https://github.com/dcodeio/protobuf.js |
Added: renovate/usr/local/lib/node_modules/renovate/node_modules/protobufjs/src/enum.js [⚠️ MEDIUM]
| RISK | KEY | DESCRIPTION | EVIDENCE |
|---|---|---|---|
| +MEDIUM | ref/path/relative | references and possibly executes relative path | ./namespace ./object ./util |
Added: renovate/usr/local/lib/node_modules/renovate/node_modules/protobufjs/src/index-minimal.js [⚠️ MEDIUM]
| RISK | KEY | DESCRIPTION | EVIDENCE |
|---|---|---|---|
| +MEDIUM | ref/path/relative | references and possibly executes relative path | ./reader_buffer ./roots ./rpc ./util ./writer_buffer |
Added: renovate/usr/local/lib/node_modules/renovate/node_modules/protobufjs/src/parse.js [⚠️ MEDIUM]
| RISK | KEY | DESCRIPTION | EVIDENCE |
|---|---|---|---|
| +MEDIUM | ref/path/relative | references and possibly executes relative path | ./enum ./field ./mapfield ./method ./oneof ./root ./service ./tokenize ./types ./util |
| +MEDIUM | ref/path/root | path reference within /root | /root |
Added: renovate/usr/local/lib/node_modules/renovate/node_modules/@opentelemetry/otlp-transformer/build/esm/protobuf/serializers.js [✅ LOW]
| RISK | KEY | DESCRIPTION | EVIDENCE |
|---|---|---|---|
| +LOW | ref/site/url | contains embedded HTTPS URLs | https://www.apache.org/licenses/LICENSE-2.0 |
Added: renovate/usr/local/lib/node_modules/renovate/node_modules/@protobufjs/base64/index.d.ts [✅ LOW]
| RISK | KEY | DESCRIPTION | EVIDENCE |
|---|---|---|---|
| +LOW | encoding/base64 | Supports base64 encoded strings | base64 |
Added: renovate/usr/local/lib/node_modules/renovate/node_modules/@opentelemetry/otlp-transformer/build/src/protobuf/serializers.js [✅ LOW]
| RISK | KEY | DESCRIPTION | EVIDENCE |
|---|---|---|---|
| +LOW | ref/site/url | contains embedded HTTPS URLs | https://www.apache.org/licenses/LICENSE-2.0 |
Added: renovate/usr/local/lib/node_modules/renovate/node_modules/@protobufjs/codegen/index.js [✅ LOW]
| RISK | KEY | DESCRIPTION | EVIDENCE |
|---|---|---|---|
| +LOW | encoding/json/encode | encodes JSON | JSON.stringify |
Added: renovate/usr/local/lib/node_modules/renovate/node_modules/import-in-the-middle/test/fixtures/cyclical-self.mjs [⚠️ MEDIUM]
| RISK | KEY | DESCRIPTION | EVIDENCE |
|---|---|---|---|
| +MEDIUM | ref/path/relative | references and possibly executes relative path | ./cyclical-self |
Added: renovate/usr/local/lib/node_modules/renovate/node_modules/@opentelemetry/otlp-transformer/build/src/common/i-serializer.js [✅ LOW]
| RISK | KEY | DESCRIPTION | EVIDENCE |
|---|---|---|---|
| +LOW | ref/site/url | contains embedded HTTPS URLs | https://www.apache.org/licenses/LICENSE-2.0 |
Added: renovate/usr/local/lib/node_modules/renovate/node_modules/protobufjs/src/rpc.js [⚠️ MEDIUM]
| RISK | KEY | DESCRIPTION | EVIDENCE |
|---|---|---|---|
| +MEDIUM | ref/path/relative | references and possibly executes relative path | ./rpc |
Added: renovate/usr/local/lib/node_modules/renovate/node_modules/@opentelemetry/otlp-transformer/build/src/json/serializers.js [✅ LOW]
| RISK | KEY | DESCRIPTION | EVIDENCE |
|---|---|---|---|
| +LOW | encoding/json/decode | Decodes JSON messages | JSON.parse |
| +LOW | encoding/json/encode | encodes JSON | JSON.stringify |
Added: renovate/usr/local/lib/node_modules/renovate/node_modules/@protobufjs/float/bench/index.js [⚠️ MEDIUM]
| RISK | KEY | DESCRIPTION | EVIDENCE |
|---|---|---|---|
| +MEDIUM | ref/path/relative | references and possibly executes relative path | ./suite |
Added: renovate/usr/local/lib/node_modules/renovate/node_modules/@opentelemetry/otlp-transformer/build/esnext/common/i-serializer.js [✅ LOW]
| RISK | KEY | DESCRIPTION | EVIDENCE |
|---|---|---|---|
| +LOW | ref/site/url | contains embedded HTTPS URLs | https://www.apache.org/licenses/LICENSE-2.0 |
Added: renovate/usr/local/lib/node_modules/renovate/node_modules/protobufjs/src/util/minimal.js [⚠️ MEDIUM]
| RISK | KEY | DESCRIPTION | EVIDENCE |
|---|---|---|---|
| +MEDIUM | kernel/platform | get system identification | process.versions |
| +MEDIUM | ref/path/relative | references and possibly executes relative path | ./longbits |
| +LOW | encoding/base64 | Supports base64 encoded strings | base64 |
| +LOW | encoding/json/encode | encodes JSON | JSON.stringify |
| +LOW | ref/site/url | contains embedded HTTPS URLs | https://developers.google.com/protocol-buffers/docs/proto3?hl=en protobufjs/protobuf.js#665 |
Added: renovate/usr/local/lib/node_modules/renovate/node_modules/protobufjs/dist/protobuf.min.js [⚠️ MEDIUM]
| RISK | KEY | DESCRIPTION | EVIDENCE |
|---|---|---|---|
| +MEDIUM | kernel/platform | get system identification | process.versions |
| +MEDIUM | techniques/code_eval | evaluate code dynamically using eval() | eval("require")(t) |
| +LOW | encoding/base64 | Supports base64 encoded strings | base64 |
| +LOW | encoding/json/decode | Decodes JSON messages | JSON.parse |
| +LOW | encoding/json/encode | encodes JSON | JSON.stringify |
| +LOW | fs/file/read | reads files | fs.readFile |
| +LOW | ref/site/url | contains embedded HTTPS URLs | https://github.com/dcodeio/protobuf.js |
Added: renovate/usr/local/lib/node_modules/renovate/node_modules/@opentelemetry/otlp-transformer/build/esnext/generated/root.js [✅ LOW]
| RISK | KEY | DESCRIPTION | EVIDENCE |
|---|---|---|---|
| +LOW | encoding/base64 | Supports base64 encoded strings | base64 |
Added: renovate/usr/local/lib/node_modules/renovate/node_modules/long/umd/index.js [🔥 HIGH]
| RISK | KEY | DESCRIPTION | EVIDENCE |
|---|---|---|---|
| +HIGH | evasion/bitwise_math | excessive use of bitwise math | 1 << 16 1 << 24 c16 << 16 c48 << 16 high << 32 |
| +LOW | ref/site/url | contains embedded HTTP URLs | http://www.apache.org/licenses/LICENSE-2.0 |
Added: renovate/usr/local/lib/node_modules/renovate/node_modules/@protobufjs/fetch/index.js [✅ LOW]
| RISK | KEY | DESCRIPTION | EVIDENCE |
|---|---|---|---|
| +LOW | fs/file/read | reads files | fs.readFile |
| +LOW | ref/site/url | contains embedded HTTPS URLs | https://developer.mozilla.org/en-US/docs/Web/API/XMLHttpRequest/Sending_a |
Added: renovate/usr/local/lib/node_modules/renovate/node_modules/protobufjs/index.js [⚠️ MEDIUM]
| RISK | KEY | DESCRIPTION | EVIDENCE |
|---|---|---|---|
| +MEDIUM | ref/path/relative | references and possibly executes relative path | ./src |
Added: renovate/usr/local/lib/node_modules/renovate/node_modules/@opentelemetry/otlp-transformer/build/esnext/json/serializers.js [✅ LOW]
| RISK | KEY | DESCRIPTION | EVIDENCE |
|---|---|---|---|
| +LOW | encoding/json/decode | Decodes JSON messages | JSON.parse |
| +LOW | encoding/json/encode | encodes JSON | JSON.stringify |
Added: renovate/usr/local/lib/node_modules/renovate/node_modules/@opentelemetry/otlp-transformer/build/esm/protobuf/protobuf-export-type.js [✅ LOW]
| RISK | KEY | DESCRIPTION | EVIDENCE |
|---|---|---|---|
| +LOW | ref/site/url | contains embedded HTTPS URLs | https://www.apache.org/licenses/LICENSE-2.0 |
Added: renovate/usr/local/lib/node_modules/renovate/node_modules/protobufjs/src/reader_buffer.js [⚠️ MEDIUM]
| RISK | KEY | DESCRIPTION | EVIDENCE |
|---|---|---|---|
| +MEDIUM | ref/path/relative | references and possibly executes relative path | ./reader ./util |
Added: renovate/usr/local/lib/node_modules/renovate/node_modules/protobufjs/light.d.ts [⚠️ MEDIUM]
| RISK | KEY | DESCRIPTION | EVIDENCE |
|---|---|---|---|
| +MEDIUM | ref/path/relative | references and possibly executes relative path | ./index |
Added: renovate/usr/local/lib/node_modules/renovate/node_modules/protobufjs/dist/minimal/protobuf.js [🔥 HIGH]
| RISK | KEY | DESCRIPTION | EVIDENCE |
|---|---|---|---|
| +HIGH | evasion/bitwise_math | excessive use of bitwise math | 1023 << 20 127 << 23 hi << 1 hi << 25 hi << 31 hi << 4 lo << 1 sign << 31 t << 2 value << 1 |
| +MEDIUM | kernel/platform | get system identification | process.versions |
| +MEDIUM | ref/path/relative | references and possibly executes relative path | ./compiled |
| +MEDIUM | techniques/code_eval | evaluate code dynamically using eval() | eval("quire" |
| +LOW | encoding/base64 | Supports base64 encoded strings | base64 |
| +LOW | encoding/json/encode | encodes JSON | JSON.stringify |
| +LOW | ref/site/url | contains embedded HTTPS URLs | https://developers.google.com/protocol-buffers/docs/proto3?hl=en protobufjs/protobuf.js#665 https://github.com/dcodeio/protobuf.js |
Added: renovate/usr/local/lib/node_modules/renovate/node_modules/@protobufjs/float/index.js [🔥 HIGH]
| RISK | KEY | DESCRIPTION | EVIDENCE |
|---|---|---|---|
| +HIGH | evasion/bitwise_math | excessive use of bitwise math | 1023 << 20 127 << 23 sign << 31 |
Added: renovate/usr/local/lib/node_modules/renovate/node_modules/protobufjs/src/writer.js [⚠️ MEDIUM]
| RISK | KEY | DESCRIPTION | EVIDENCE |
|---|---|---|---|
| +MEDIUM | evasion/bitwise_math | uses bitwise math in both directions | hi << 25 value << 1 value >> 31 |
| +MEDIUM | ref/path/relative | references and possibly executes relative path | ./util |
| +LOW | encoding/base64 | Supports base64 encoded strings | base64 |
Added: renovate/usr/local/lib/node_modules/renovate/node_modules/protobufjs/src/index.js [⚠️ MEDIUM]
| RISK | KEY | DESCRIPTION | EVIDENCE |
|---|---|---|---|
| +MEDIUM | ref/path/relative | references and possibly executes relative path | ./common ./index-light ./parse ./tokenize |
Added: renovate/usr/local/lib/node_modules/renovate/node_modules/protobufjs/ext/descriptor/test.js [✅ LOW]
| RISK | KEY | DESCRIPTION | EVIDENCE |
|---|---|---|---|
| +LOW | encoding/json/encode | encodes JSON | JSON.stringify |
Added: renovate/usr/local/lib/node_modules/renovate/node_modules/protobufjs/src/namespace.js [⚠️ MEDIUM]
| RISK | KEY | DESCRIPTION | EVIDENCE |
|---|---|---|---|
| +MEDIUM | ref/path/relative | references and possibly executes relative path | ./field ./object ./oneof ./util |
Added: renovate/usr/local/lib/node_modules/renovate/node_modules/protobufjs/minimal.js [⚠️ MEDIUM]
| RISK | KEY | DESCRIPTION | EVIDENCE |
|---|---|---|---|
| +MEDIUM | ref/path/relative | references and possibly executes relative path | ./src |
Added: renovate/usr/local/lib/node_modules/renovate/node_modules/protobufjs/src/verifier.js [⚠️ MEDIUM]
| RISK | KEY | DESCRIPTION | EVIDENCE |
|---|---|---|---|
| +MEDIUM | ref/path/relative | references and possibly executes relative path | ./enum ./util |
Added: renovate/usr/local/lib/node_modules/renovate/node_modules/@protobufjs/utf8/index.js [✅ LOW]
| RISK | KEY | DESCRIPTION | EVIDENCE |
|---|---|---|---|
| +LOW | evasion/bitwise_math | uses bitwise math | c1 >> 12 c1 >> 18 c1 >> 6 t >> 10 |
Added: renovate/usr/local/lib/node_modules/renovate/node_modules/@protobufjs/inquire/index.js [⚠️ MEDIUM]
| RISK | KEY | DESCRIPTION | EVIDENCE |
|---|---|---|---|
| +MEDIUM | techniques/code_eval | evaluate code dynamically using eval() | eval("quire" |
Added: renovate/usr/local/lib/node_modules/renovate/node_modules/protobufjs/src/method.js [⚠️ MEDIUM]
| RISK | KEY | DESCRIPTION | EVIDENCE |
|---|---|---|---|
| +MEDIUM | ref/path/relative | references and possibly executes relative path | ./object ./util |
Added: renovate/usr/local/lib/node_modules/renovate/node_modules/protobufjs/src/field.js [⚠️ MEDIUM]
| RISK | KEY | DESCRIPTION | EVIDENCE |
|---|---|---|---|
| +MEDIUM | ref/path/relative | references and possibly executes relative path | ./enum ./object ./types ./util |
| +LOW | encoding/base64 | Supports base64 encoded strings | base64 |
Added: renovate/usr/local/lib/node_modules/renovate/node_modules/@opentelemetry/otlp-transformer/build/esm/generated/root.js [✅ LOW]
| RISK | KEY | DESCRIPTION | EVIDENCE |
|---|---|---|---|
| +LOW | encoding/base64 | Supports base64 encoded strings | base64 |
Added: renovate/usr/local/lib/node_modules/renovate/node_modules/import-in-the-middle/test/hook/v18-v21-static-import-assert.mjs [✅ LOW]
| RISK | KEY | DESCRIPTION | EVIDENCE |
|---|---|---|---|
| +LOW | ref/site/url | contains embedded HTTPS URLs | https://www.datadoghq.com/ |
Added: renovate/usr/local/lib/node_modules/renovate/node_modules/protobufjs/dist/light/protobuf.js [⚠️ MEDIUM]
| RISK | KEY | DESCRIPTION | EVIDENCE |
|---|---|---|---|
| +MEDIUM | 3P/threat_hunting/rapid7 | references 'rapid7' tool, by mthcht | nexpose |
| +MEDIUM | kernel/platform | get system identification | process.versions |
| +MEDIUM | ref/path/relative | references and possibly executes relative path | ./compiled |
| +MEDIUM | techniques/code_eval | evaluate code dynamically using eval() | eval("quire" |
| +LOW | encoding/base64 | Supports base64 encoded strings | base64 |
| +LOW | encoding/json/decode | Decodes JSON messages | JSON.parse |
| +LOW | encoding/json/encode | encodes JSON | JSON.stringify |
| +LOW | fs/file/read | reads files | fs.readFile |
| +LOW | ref/site/url | contains embedded HTTPS URLs | https://developer.mozilla.org/en-US/docs/Web/API/XMLHttpRequest/Sending_a https://developers.google.com/protocol-buffers/docs/proto3?hl=en protobufjs/protobuf.js#665 https://github.com/dcodeio/protobuf.js |
Added: renovate/usr/local/lib/node_modules/renovate/node_modules/protobufjs/src/decoder.js [⚠️ MEDIUM]
| RISK | KEY | DESCRIPTION | EVIDENCE |
|---|---|---|---|
| +MEDIUM | ref/path/relative | references and possibly executes relative path | ./enum ./types ./util |
Added: renovate/usr/local/lib/node_modules/renovate/node_modules/protobufjs/minimal.d.ts [⚠️ MEDIUM]
| RISK | KEY | DESCRIPTION | EVIDENCE |
|---|---|---|---|
| +MEDIUM | ref/path/relative | references and possibly executes relative path | ./index |
Added: renovate/usr/local/lib/node_modules/renovate/node_modules/protobufjs/src/reader.js [⚠️ MEDIUM]
| RISK | KEY | DESCRIPTION | EVIDENCE |
|---|---|---|---|
| +MEDIUM | ref/path/relative | references and possibly executes relative path | ./util |
Added: renovate/usr/local/lib/node_modules/renovate/node_modules/protobufjs/src/root.js [⚠️ MEDIUM]
| RISK | KEY | DESCRIPTION | EVIDENCE |
|---|---|---|---|
| +MEDIUM | 3P/threat_hunting/rapid7 | references 'rapid7' tool, by mthcht | nexpose |
| +MEDIUM | ref/path/relative | references and possibly executes relative path | ./enum ./field ./namespace ./oneof ./util |
| +LOW | encoding/json/decode | Decodes JSON messages | JSON.parse |
| +LOW | fs/file/read | reads files | fs.readFile |
Added: renovate/usr/local/lib/node_modules/renovate/node_modules/protobufjs/src/object.js [⚠️ MEDIUM]
| RISK | KEY | DESCRIPTION | EVIDENCE |
|---|---|---|---|
| +MEDIUM | ref/path/relative | references and possibly executes relative path | ./util |
Added: renovate/usr/local/lib/node_modules/renovate/node_modules/protobufjs/src/converter.js [⚠️ MEDIUM]
| RISK | KEY | DESCRIPTION | EVIDENCE |
|---|---|---|---|
| +MEDIUM | ref/path/relative | references and possibly executes relative path | ./enum ./util |
| +LOW | encoding/base64 | Supports base64 encoded strings | base64 |
Added: renovate/usr/local/lib/node_modules/renovate/node_modules/protobufjs/src/index-light.js [⚠️ MEDIUM]
| RISK | KEY | DESCRIPTION | EVIDENCE |
|---|---|---|---|
| +MEDIUM | ref/path/relative | references and possibly executes relative path | ./converter ./decoder ./encoder ./enum ./field ./index-minimal ./mapfield ./message ./method ./namespace ./object ./oneof ./root ./service ./types ./util ./verifier ./wrappers |
| +MEDIUM | ref/path/root | path reference within /root | /root |
Added: renovate/usr/local/lib/node_modules/renovate/node_modules/protobufjs/src/util/longbits.js [⚠️ MEDIUM]
| RISK | KEY | DESCRIPTION | EVIDENCE |
|---|---|---|---|
| +MEDIUM | evasion/bitwise_math | uses bitwise math in both directions | hi << 1 hi << 31 hi << 4 hi >> 31 lo << 1 |
Added: renovate/usr/local/lib/node_modules/renovate/node_modules/protobufjs/light.js [⚠️ MEDIUM]
| RISK | KEY | DESCRIPTION | EVIDENCE |
|---|---|---|---|
| +MEDIUM | ref/path/relative | references and possibly executes relative path | ./src |
Added: renovate/usr/local/lib/node_modules/renovate/node_modules/@opentelemetry/otlp-transformer/build/src/generated/root.js [✅ LOW]
| RISK | KEY | DESCRIPTION | EVIDENCE |
|---|---|---|---|
| +LOW | encoding/base64 | Supports base64 encoded strings | base64 |
Added: renovate/usr/local/lib/node_modules/renovate/node_modules/protobufjs/src/mapfield.js [⚠️ MEDIUM]
| RISK | KEY | DESCRIPTION | EVIDENCE |
|---|---|---|---|
| +MEDIUM | ref/path/relative | references and possibly executes relative path | ./field ./types ./util |
Changed: renovate/usr/local/lib/node_modules/renovate/node_modules/handlebars/dist/amd/handlebars/compiler/parser.js
Changed: renovate/usr/local/lib/node_modules/renovate/node_modules/triplesec/lib/sha512.js
Changed: renovate/usr/local/lib/node_modules/renovate/node_modules/@types/node/https.d.ts
Changed: renovate/usr/local/lib/node_modules/renovate/node_modules/@aws-sdk/client-sts/dist-types/commands/AssumeRoleWithSAMLCommand.d.ts
Changed: renovate/usr/local/lib/node_modules/renovate/node_modules/@breejs/later/dist/later.js
Changed: renovate/usr/local/lib/node_modules/renovate/node_modules/diff/lib/convert/dmp.js
Changed: renovate/usr/local/lib/node_modules/renovate/node_modules/diff/lib/patch/parse.js
Changed: renovate/usr/local/lib/node_modules/renovate/node_modules/pgp-utils/lib/armor.js
Changed: renovate/usr/local/lib/node_modules/renovate/node_modules/cron-parser/lib/expression.js
Changed: renovate/usr/local/lib/node_modules/renovate/node_modules/triplesec/browser/triplesec.js
Changed: renovate/usr/local/lib/node_modules/renovate/node_modules/@opentelemetry/otlp-exporter-base/build/esnext/platform/node/util.js
Changed: renovate/usr/local/lib/node_modules/renovate/node_modules/source-map/dist/source-map.debug.js
Changed: renovate/usr/local/lib/node_modules/renovate/node_modules/vuln-vects/dist/cvss3-enums.js
Changed: renovate/usr/local/lib/node_modules/renovate/node_modules/handlebars/dist/cjs/handlebars/compiler/parser.js
Changed: renovate/usr/local/lib/node_modules/renovate/node_modules/@renovatebot/kbpgp/lib/keybase/hilev.js
Changed: renovate/usr/local/lib/node_modules/renovate/node_modules/re2/vendor/abseil-cpp/absl/time/internal/cctz/include/cctz/civil_time_detail.h
Changed: renovate/usr/local/lib/node_modules/renovate/node_modules/diff/lib/diff/word.js
Changed: renovate/usr/local/lib/node_modules/renovate/node_modules/got/dist/source/core/index.js
Changed: renovate/usr/local/lib/node_modules/renovate/node_modules/moment/src/locale/ru.js
Changed: renovate/usr/local/lib/node_modules/renovate/dist/modules/datasource/endoflife-date/common.d.ts
Changed: renovate/usr/local/lib/node_modules/renovate/node_modules/moment/min/locales.js
Changed: renovate/usr/local/lib/node_modules/renovate/node_modules/moment/dist/locale/ru.js
Changed: renovate/usr/local/lib/node_modules/renovate/node_modules/triplesec/lib/keccak.js
Changed: renovate/usr/local/lib/node_modules/renovate/node_modules/vuln-vects/src/cvss2-enums.ts
Changed: renovate/usr/local/lib/node_modules/renovate/node_modules/diff/lib/index.js
Changed: renovate/usr/local/lib/node_modules/renovate/node_modules/import-in-the-middle/hook.js [🔥 HIGH → ⚠️ MEDIUM]
2 removed behaviors
| RISK | KEY | DESCRIPTION | EVIDENCE |
|---|---|---|---|
| -HIGH | evasion/hex | converts hex data to ASCII | Buffer.from(modFile, 'hex') |
| -MEDIUM | techniques/code_eval | evaluate code dynamically using exec() | exec(n) exec(s) |
Changed: renovate/usr/local/lib/node_modules/renovate/node_modules/tweetnacl/nacl-fast.js
Changed: renovate/usr/local/lib/node_modules/renovate/node_modules/handlebars/dist/amd/handlebars/internal/wrapHelper.js
Changed: renovate/usr/local/lib/node_modules/renovate/node_modules/@types/node/process.d.ts
Changed: renovate/usr/local/lib/node_modules/renovate/node_modules/handlebars/dist/amd/handlebars/no-conflict.js
Changed: renovate/usr/local/lib/node_modules/renovate/node_modules/@breejs/later/lib/index.js
Changed: renovate/usr/local/lib/node_modules/renovate/node_modules/handlebars/dist/handlebars.runtime.amd.js
Changed: renovate/usr/local/lib/node_modules/renovate/node_modules/handlebars/dist/cjs/handlebars/utils.js
Changed: renovate/usr/local/lib/node_modules/renovate/node_modules/handlebars/dist/amd/handlebars/utils.js
Changed: renovate/usr/local/lib/node_modules/renovate/node_modules/re2/vendor/abseil-cpp/absl/types/internal/variant.h
Changed: renovate/usr/local/lib/node_modules/renovate/node_modules/ssri/lib/index.js
Changed: renovate/usr/local/lib/node_modules/renovate/node_modules/vuln-vects/src/cvss3-enums.ts
Changed: renovate/usr/local/lib/node_modules/renovate/node_modules/js-yaml/dist/js-yaml.js
Changed: renovate/usr/local/lib/node_modules/renovate/node_modules/@aws-crypto/sha256-js/src/RawSha256.ts
Changed: renovate/usr/local/lib/node_modules/renovate/node_modules/vuln-vects/dist/cvss2-enums.d.ts
Changed: renovate/usr/local/lib/node_modules/renovate/node_modules/triplesec/ext/twofish.js
Changed: renovate/usr/local/lib/node_modules/renovate/node_modules/handlebars/dist/amd/handlebars/internal/proto-access.js
Changed: renovate/usr/local/lib/node_modules/renovate/node_modules/handlebars/dist/cjs/handlebars/internal/proto-access.js
Changed: renovate/usr/local/lib/node_modules/renovate/dist/modules/datasource/endoflife-date/common.js
Changed: renovate/usr/local/lib/node_modules/renovate/node_modules/@aws-sdk/client-sso-oidc/dist-types/commands/CreateTokenWithIAMCommand.d.ts
Changed: renovate/usr/local/lib/node_modules/renovate/node_modules/tar/lib/create.js
Changed: renovate/usr/local/lib/node_modules/renovate/node_modules/triplesec/lib/salsa20.js
Changed: renovate/usr/local/lib/node_modules/renovate/node_modules/@yarnpkg/parsers/node_modules/js-yaml/dist/js-yaml.js
Changed: renovate/usr/local/lib/node_modules/renovate/node_modules/vuln-vects/dist/cvss2-enums.js
Changed: renovate/usr/local/lib/node_modules/renovate/node_modules/handlebars/dist/cjs/handlebars/internal/wrapHelper.js
Changed: renovate/usr/local/lib/node_modules/renovate/node_modules/moment/min/moment-with-locales.js
Changed: renovate/usr/local/lib/node_modules/renovate/node_modules/triplesec/lib/scrypt.js
Changed: renovate/usr/local/lib/node_modules/renovate/node_modules/moment/locale/ru.js
Changed: renovate/usr/local/lib/node_modules/renovate/node_modules/diff/lib/patch/create.js
Changed: renovate/usr/local/lib/node_modules/renovate/node_modules/@cdktf/hcl2json/lib/bridge.js
Changed: renovate/usr/local/lib/node_modules/renovate/node_modules/handlebars/dist/handlebars.amd.js
Changed: renovate/usr/local/lib/node_modules/renovate/node_modules/vuln-vects/dist/cvss3-enums.d.ts
Changed: renovate/usr/local/lib/node_modules/renovate/node_modules/@opentelemetry/otlp-exporter-base/build/src/platform/node/util.js
Changed: renovate/usr/local/lib/node_modules/renovate/node_modules/@aws-crypto/sha256-js/build/RawSha256.js
Changed: renovate/usr/local/lib/node_modules/renovate/node_modules/handlebars/dist/cjs/handlebars/no-conflict.js
Changed: renovate/usr/local/lib/node_modules/renovate/node_modules/triplesec/lib/wordarray.js
Changed: renovate/usr/local/lib/node_modules/renovate/node_modules/triplesec/lib/twofish.js
Changed: renovate/usr/local/lib/node_modules/renovate/node_modules/@opentelemetry/otlp-exporter-base/build/esm/platform/node/util.js
Changed: renovate/usr/local/lib/node_modules/renovate/node_modules/triplesec/lib/sha256.js
Changed: renovate/usr/local/lib/node_modules/renovate/node_modules/keybase-nacl/node_modules/tweetnacl/nacl-fast.js
|
superseded by #22032 |
