fix(deps): update dependency dexie to v3.2.5 [security] - abandoned

[renovate]

This PR contains the following updates:

Package	Change	Age	Adoption	Passing	Confidence
dexie (source)	3.2.4 -> 3.2.5

GitHub Vulnerability Alerts

CVE-2022-21189

Dexie is a minimalistic wrapper for IndexedDB. The package dexie before 3.2.2, from 4.0.0-alpha.1 and before 4.0.0-alpha.3 are vulnerable to Prototype Pollution in the Dexie.setByKeyPath(obj, keyPath, value) function which does not properly check the keys being set (like proto or constructor). This can allow an attacker to add/modify properties of the Object.prototype leading to prototype pollution vulnerability. Note: This vulnerability can occur in multiple ways, for example when modifying a collection with untrusted user input.

---

Release Notes

dexie/Dexie.js (dexie)

v3.2.5: Dexie v3.2.5

Compare Source

Bugfix

• Fix issue with BigInt64Array (#​1890) (and BigUint64Array) - cherry picked from 4.0.1-beta.8

---

Configuration

📅 Schedule: Branch creation - "" (UTC), Automerge - At any time (no schedule defined).

🚦 Automerge: Enabled.

♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.

---

• If you want to rebase/retry this PR, check this box

---

This PR was generated by Mend Renovate. View the repository job log.

[renovate]

⚠️ Artifact update problem

Renovate failed to update an artifact related to this branch. You probably do not want to merge this PR as-is.

♻ Renovate will retry this branch, including artifacts, only when one of the following happens:

• any of the package files in this branch needs updating, or
• the branch becomes conflicted, or
• you click the rebase/retry checkbox if found above, or
• you rename this PR's title to start with "rebase!" to trigger it manually

The artifact failure details are included below:

File name: package-lock.json

npm error code ERESOLVE
npm error ERESOLVE could not resolve
npm error
npm error While resolving: @angular/flex-layout@9.0.0-beta.31
npm error Found: @angular/cdk@16.1.5
npm error node_modules/@angular/cdk
npm error   @angular/cdk@"16.1.5" from the root project
npm error   peer @angular/cdk@"16.1.5" from @angular/material@16.1.5
npm error   node_modules/@angular/material
npm error     @angular/material@"16.1.5" from the root project
npm error     peer @angular/material@"16.1.5" from @angular/material-moment-adapter@16.1.5
npm error     node_modules/@angular/material-moment-adapter
npm error       @angular/material-moment-adapter@"16.1.5" from the root project
npm error
npm error Could not resolve dependency:
npm error peer @angular/cdk@"^9.0.0-rc.8" from @angular/flex-layout@9.0.0-beta.31
npm error node_modules/@angular/flex-layout
npm error   @angular/flex-layout@"9.0.0-beta.31" from the root project
npm error
npm error Conflicting peer dependency: @angular/cdk@9.2.4
npm error node_modules/@angular/cdk
npm error   peer @angular/cdk@"^9.0.0-rc.8" from @angular/flex-layout@9.0.0-beta.31
npm error   node_modules/@angular/flex-layout
npm error     @angular/flex-layout@"9.0.0-beta.31" from the root project
npm error
npm error Fix the upstream dependency conflict, or retry
npm error this command with --force or --legacy-peer-deps
npm error to accept an incorrect (and potentially broken) dependency resolution.
npm error
npm error
npm error For a full report see:
npm error /tmp/renovate/cache/others/npm/_logs/2024-09-25T14_33_54_245Z-eresolve-report.txt
npm error A complete log of this run can be found in: /tmp/renovate/cache/others/npm/_logs/2024-09-25T14_33_54_245Z-debug-0.log

[renovate]

Autoclosing Skipped

This PR has been flagged for autoclosing. However, it is being skipped due to the branch being already modified. Please close/delete it manually or report a bug if you think this is in error.