Skip to content

Update dependency @nestjs/common to v10 [SECURITY]#298

Open
renovate[bot] wants to merge 1 commit intomainfrom
renovate/npm-nestjs-common-vulnerability
Open

Update dependency @nestjs/common to v10 [SECURITY]#298
renovate[bot] wants to merge 1 commit intomainfrom
renovate/npm-nestjs-common-vulnerability

Conversation

@renovate
Copy link
Contributor

@renovate renovate bot commented Apr 14, 2025
edited
Loading

ℹ️ Note

This PR body was truncated due to platform limits.

This PR contains the following updates:

Package Change Age Confidence
@nestjs/common (source) ^9.4.3^10.0.0 age confidence

GitHub Vulnerability Alerts

CVE-2024-29409

File Upload vulnerability in nestjs nest prior to v.11.0.16 allows a remote attacker to execute arbitrary code via the Content-Type header.

Release Notes

nestjs/nest (@​nestjs/common)

v10.4.16

Compare Source

What's Changed

Full Changelog: nestjs/nest@v10.4.15...v10.4.16

v10.4.15

Compare Source

v10.4.15 (2024-12-09)

Dependencies

v10.4.14

Compare Source

v10.4.13

Compare Source

v10.4.13 (2024-12-03)

Bug fixes
Dependencies
Committers: 3

v10.4.12

Compare Source

v10.4.12 (2024-11-29)

Bug fixes
Dependencies
Committers: 1

v10.4.11

Compare Source

v10.4.10

Compare Source

v10.4.10 (2024-11-27)

Bug fixes
  • platform-socket.io, websockets
Dependencies
Committers: 1

v10.4.9

Compare Source

v10.4.9 (2024-11-25)

Bug fixes
Enhancements
Dependencies
Committers: 7

v10.4.8

Compare Source

v10.4.8 (2024-11-15)

Bug fixes
Enhancements
Committers: 3

v10.4.7

Compare Source

v10.4.6

Compare Source

v10.4.5

Compare Source

v10.4.5 (2024-10-16)

Dependencies
Committers: 5

v10.4.4

Compare Source

v10.4.3

Compare Source

v10.4.2

Compare Source

v10.4.2 (2024-09-16)

Dependencies
Committers: 3

v10.4.1

Compare Source

v10.4.0

Compare Source

v10.3.10

Compare Source

v10.3.10 (2024-07-01)

Bug fixes
Enhancements
  • platform-fastify
Dependencies
Committers: 4

v10.3.9

Compare Source

v10.3.9 (2024-06-03)

Bug fixes
Enhancements
Docs
Dependencies

Configuration

📅 Schedule: Branch creation - "" (UTC), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about these updates again.

  • If you want to rebase/retry this PR, check this box

This PR was generated by Mend Renovate. View the repository job log.

@renovate
Copy link
Contributor Author

renovate bot commented Apr 14, 2025
edited
Loading

⚠️ Artifact update problem

Renovate failed to update an artifact related to this branch. You probably do not want to merge this PR as-is.

♻ Renovate will retry this branch, including artifacts, only when one of the following happens:

  • any of the package files in this branch needs updating, or
  • the branch becomes conflicted, or
  • you click the rebase/retry checkbox if found above, or
  • you rename this PR's title to start with "rebase!" to trigger it manually

The artifact failure details are included below:

File name: pnpm-lock.yaml
Scope: all 8 workspace projects
Progress: resolved 0, reused 1, downloaded 0, added 0
demo/admin                               |  WARN  deprecated @gitbeaker/node@35.8.1
demo/admin                               |  WARN  deprecated eslint@8.56.0
demo/admin                               |  WARN  deprecated rimraf@3.0.2
Progress: resolved 49, reused 48, downloaded 0, added 0
Progress: resolved 63, reused 62, downloaded 0, added 0
Progress: resolved 63, reused 63, downloaded 0, added 0
demo/api                                 |  WARN  deprecated apollo-server-core@3.13.0
demo/api                                 |  WARN  deprecated apollo-server-express@3.13.0
Progress: resolved 145, reused 144, downloaded 0, added 0
Progress: resolved 192, reused 189, downloaded 0, added 0
Progress: resolved 295, reused 265, downloaded 0, added 0
Progress: resolved 589, reused 547, downloaded 0, added 0
Progress: resolved 846, reused 803, downloaded 0, added 0
Progress: resolved 1049, reused 1011, downloaded 1, added 0
Progress: resolved 1342, reused 1305, downloaded 1, added 0
Progress: resolved 1637, reused 1602, downloaded 1, added 0
Progress: resolved 2082, reused 2051, downloaded 9, added 0
 WARN  33 deprecated subdependencies found: @babel/plugin-proposal-class-properties@7.18.6, @babel/plugin-proposal-nullish-coalescing-operator@7.18.6, @babel/plugin-proposal-numeric-separator@7.18.6, @babel/plugin-proposal-object-rest-spread@7.20.7, @babel/plugin-proposal-optional-chaining@7.21.0, @babel/plugin-proposal-private-methods@7.18.6, @babel/plugin-proposal-private-property-in-object@7.21.11, @humanwhocodes/config-array@0.11.14, @humanwhocodes/object-schema@2.0.3, @types/loud-rejection@2.0.0, abab@2.0.6, acorn-import-assertions@1.9.0, apollo-datasource@3.3.2, apollo-reporting-protobuf@3.4.0, apollo-server-env@4.2.1, apollo-server-errors@3.3.1, apollo-server-plugin-base@3.7.2, apollo-server-types@3.8.0, domexception@2.0.1, fstream@1.0.12, glob@7.2.3, glob@8.1.0, har-validator@5.1.5, inflight@1.0.6, intl-messageformat-parser@6.4.3, lodash.get@4.4.2, multer@1.4.4, node-domexception@1.0.0, request@2.88.2, rimraf@2.7.1, subscriptions-transport-ws@0.11.0, uuid@3.4.0, w3c-hr-time@1.0.2
Progress: resolved 2504, reused 2476, downloaded 9, added 0
Progress: resolved 2504, reused 2476, downloaded 9, added 0, done
 ERR_PNPM_PEER_DEP_ISSUES  Unmet peer dependencies

demo/api
├─┬ @nestjs/testing 9.4.3
│ └── ✕ unmet peer @nestjs/common@^9.0.0: found 10.4.22
├─┬ @comet/blocks-api 7.21.1
│ └── ✕ unmet peer @nestjs/common@^9.0.0: found 10.4.22
├─┬ @comet/cms-api 7.21.1
│ ├── ✕ unmet peer @nestjs/common@^9.0.0: found 10.4.22
│ ├─┬ @golevelup/nestjs-discovery 3.0.1
│ │ └── ✕ unmet peer @nestjs/common@^9.x: found 10.4.22
│ ├─┬ @nestjs/jwt 9.0.0
│ │ └── ✕ unmet peer @nestjs/common@"^8.0.0 || ^9.0.0": found 10.4.22
│ ├─┬ @nestjs/mapped-types 1.2.2
│ │ └── ✕ unmet peer @nestjs/common@"^7.0.8 || ^8.0.0 || ^9.0.0": found 10.4.22
│ └─┬ @nestjs/passport 9.0.3
│   └── ✕ unmet peer @nestjs/common@"^8.0.0 || ^9.0.0": found 10.4.22
├─┬ @nestjs/apollo 10.2.1
│ └── ✕ unmet peer @nestjs/common@"^8.2.3 || ^9.0.0": found 10.4.22
├─┬ @nestjs/config 2.3.4
│ └── ✕ unmet peer @nestjs/common@"^7.0.0 || ^8.0.0 || ^9.0.0": found 10.4.22
├─┬ @nestjs/core 9.4.3
│ └── ✕ unmet peer @nestjs/common@^9.0.0: found 10.4.22
├─┬ @nestjs/graphql 10.2.1
│ └── ✕ unmet peer @nestjs/common@"^8.2.3 || ^9.0.0": found 10.4.22
├─┬ @nestjs/platform-express 9.4.3
│ └── ✕ unmet peer @nestjs/common@^9.0.0: found 10.4.22
└─┬ nestjs-console 8.0.0
  └── ✕ unmet peer @nestjs/common@^9: found 10.4.22

packages/api
├─┬ @comet/blocks-api 7.21.1
│ └── ✕ unmet peer @nestjs/common@^9.0.0: found 10.4.22
├─┬ @comet/cms-api 7.21.1
│ ├── ✕ unmet peer @nestjs/common@^9.0.0: found 10.4.22
│ ├─┬ @golevelup/nestjs-discovery 3.0.1
│ │ └── ✕ unmet peer @nestjs/common@^9.x: found 10.4.22
│ ├─┬ @nestjs/jwt 9.0.0
│ │ └── ✕ unmet peer @nestjs/common@"^8.0.0 || ^9.0.0": found 10.4.22
│ ├─┬ @nestjs/mapped-types 1.2.2
│ │ └── ✕ unmet peer @nestjs/common@"^7.0.8 || ^8.0.0 || ^9.0.0": found 10.4.22
│ └─┬ @nestjs/passport 9.0.3
│   └── ✕ unmet peer @nestjs/common@"^8.0.0 || ^9.0.0": found 10.4.22
├─┬ @nestjs/core 9.4.3
│ └── ✕ unmet peer @nestjs/common@^9.0.0: found 10.4.22
├─┬ @nestjs/graphql 10.2.1
│ └── ✕ unmet peer @nestjs/common@"^8.2.3 || ^9.0.0": found 10.4.22
├─┬ @nestjs/platform-express 9.4.3
│ └── ✕ unmet peer @nestjs/common@^9.0.0: found 10.4.22
├─┬ nestjs-console 8.0.0
│ └── ✕ unmet peer @nestjs/common@^9: found 10.4.22
└─┬ @nestjs/axios 1.0.1
  └── ✕ unmet peer @nestjs/common@"^7.0.0 || ^8.0.0 || ^9.0.0": found 10.4.22

hint: If you don't want pnpm to fail on peer dependency issues, add "strict-peer-dependencies=false" to an .npmrc file at the root of your project.

@auto-assign auto-assign bot requested a review from raphaelblum April 14, 2025 23:15
@renovate renovate bot force-pushed the renovate/npm-nestjs-common-vulnerability branch from cc35d76 to 3ab1ee3 Compare May 28, 2025 10:06
@renovate renovate bot force-pushed the renovate/npm-nestjs-common-vulnerability branch from 3ab1ee3 to 0b47d34 Compare August 10, 2025 14:25
@renovate renovate bot force-pushed the renovate/npm-nestjs-common-vulnerability branch from 0b47d34 to 1483ef5 Compare August 31, 2025 11:09
@renovate renovate bot force-pushed the renovate/npm-nestjs-common-vulnerability branch from 1483ef5 to e8c4570 Compare September 28, 2025 10:47
@renovate renovate bot force-pushed the renovate/npm-nestjs-common-vulnerability branch from e8c4570 to fd5f447 Compare February 15, 2026 11:12
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@raphaelblum raphaelblum Awaiting requested review from raphaelblum

At least 1 approving review is required to merge this pull request.

Assignees

No one assigned

Labels

dependencies major

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

0 participants