Skip to content

Comments

chore(deploy): Release (next)#9585

Merged
mmaietta merged 1 commit intomasterfrom
changeset-release/master
Feb 16, 2026
Merged

chore(deploy): Release (next)#9585
mmaietta merged 1 commit intomasterfrom
changeset-release/master

Conversation

@electron-builder-release-bot
Copy link
Contributor

@electron-builder-release-bot electron-builder-release-bot bot commented Feb 13, 2026
edited
Loading

This PR was opened by the Changesets release GitHub action. When you're ready to do a release, you can merge this and the packages will be published to npm automatically. If you're not ready to do a release yet, that's fine, whenever you add more changesets to master, this PR will be updated.

Releases

[email protected]

Patch Changes

  • Chore: add logging summary to end of node collector to flag any special cases/alerts #9587 4edd695 @mmaietta
  • Fix(AppImage): fix mime type directory in AppDir #9589 8940ec6 @sabonerune
  • Fix: use package key when reading from dependency list instead of package from to not mislabel package-version strings #9583 dde4309 @mmaietta
Updated 4 dependencies

4edd695

[email protected]

Patch Changes

[email protected]

Patch Changes

Updated 2 dependencies

4edd695 8940ec6 4edd695 dde4309

[email protected]

Patch Changes

Updated 3 dependencies

4edd695 8940ec6 4edd695 dde4309

[email protected]

Patch Changes

Updated 2 dependencies

4edd695 8940ec6 4edd695 dde4309

[email protected]

Patch Changes

Updated 1 dependency

4edd695 8940ec6 dde4309

[email protected]

Patch Changes

Updated 1 dependency

4edd695 8940ec6 dde4309

[email protected]

Patch Changes

Updated 1 dependency

4edd695 8940ec6 dde4309

[email protected]

Patch Changes

Updated 1 dependency

4edd695 8940ec6 dde4309

[email protected]

Patch Changes

Updated 1 dependency

4edd695

@socket-security
Copy link

socket-security bot commented Feb 13, 2026
edited
Loading

Warning

Review the following alerts detected in dependencies.

According to your organization's Security Policy, it is recommended to resolve "Warn" alerts. Learn more about Socket for GitHub.

Action Severity Alert  (click "▶" to expand/collapse)
Warn High
High CVE: npm qs's arrayLimit bypass in its bracket notation allows DoS via memory exhaustion

CVE: GHSA-6rw7-vpxm-498p qs's arrayLimit bypass in its bracket notation allows DoS via memory exhaustion (HIGH)

Affected versions: < 6.14.1

Patched version: 6.14.1

From: ?npm/[email protected]

ℹ Read more on: This package | This alert | What is a CVE?

Next steps: Take a moment to review the security alert above. Review the linked package source code to understand the potential risk. Ensure the package is not malicious before proceeding. If you're unsure how to proceed, reach out to your security team or ask the Socket team for help at [email protected].

Suggestion: Remove or replace dependencies that include known high severity CVEs. Consumers can use dependency overrides or npm audit fix --force to remove vulnerable dependencies.

Mark the package as acceptable risk. To ignore this alert only in this pull request, reply with the comment @SocketSecurity ignore npm/[email protected]. You can also ignore all packages with @SocketSecurity ignore-all. To ignore an alert for all future pull requests, use Socket's Dashboard to change the triage state of this alert.

Warn Medium
Deprecated by its maintainer: npm uuid

Reason: Please upgrade to version 7 or higher. Older versions may use Math.random() in certain circumstances, which is known to be problematic. See https://v8.dev/blog/math-random for details.

From: ?npm/[email protected]

ℹ Read more on: This package | This alert | What is a deprecated package?

Next steps: Take a moment to review the security alert above. Review the linked package source code to understand the potential risk. Ensure the package is not malicious before proceeding. If you're unsure how to proceed, reach out to your security team or ask the Socket team for help at [email protected].

Suggestion: Research the state of the package and determine if there are non-deprecated versions that can be used, or if it should be replaced with a new, supported solution.

Mark the package as acceptable risk. To ignore this alert only in this pull request, reply with the comment @SocketSecurity ignore npm/[email protected]. You can also ignore all packages with @SocketSecurity ignore-all. To ignore an alert for all future pull requests, use Socket's Dashboard to change the triage state of this alert.

View full report

@electron-builder-release-bot electron-builder-release-bot bot force-pushed the changeset-release/master branch 2 times, most recently from e09b75c to 67afea4 Compare February 15, 2026 16:09
@mmaietta mmaietta merged commit 9418d2c into master Feb 16, 2026
34 checks passed
@mmaietta mmaietta deleted the changeset-release/master branch February 16, 2026 15:49
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

app-builder-lib builder-util dmg-builder electron-builder electron-builder-squirrel-windows electron-publish

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@mmaietta