Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We鈥檒l occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[Snyk] Fix for 1 vulnerabilities #33

Open
wants to merge 1 commit into
base: master
Choose a base branch
from
Open

[Snyk] Fix for 1 vulnerabilities #33

wants to merge 1 commit into from

Conversation

0xpixel
Copy link
Owner

@0xpixel 0xpixel commented Mar 15, 2024

This PR was automatically created by Snyk using the credentials of a real user.


Snyk has created this PR to fix one or more vulnerable packages in the `npm` dependencies of this project.

Changes included in this PR

  • Changes to the following files to upgrade the vulnerable dependencies to a fixed version:
    • client/package.json

Vulnerabilities that will be fixed

With an upgrade:
Severity Priority Score (*) Issue Breaking Change Exploit Maturity
medium severity 718/1000
Why? Proof of Concept exploit, Recently disclosed, Has a fix available, CVSS 6.5		 Information Exposure
SNYK-JS-FOLLOWREDIRECTS-6444610		 Yes Proof of Concept

(*) Note that the real score may have changed since the PR was raised.

Commit messages
Package name: aws-amplify The new version differs by 250 commits.
  • 8bb1334 Publish
  • 440f25e Bumping api-rest and api-graphql versions to match npm
  • b4b40aa Merge pull request #5243 from aws-amplify/modularization
  • 9f2800d Revert from-package and use conventional commits for master in first release
  • 6b1ef79 Force lerna to publish major version from the package.json in unstable and latest release
  • 7fef140 Merge branch 'master' into modularization
  • c04349b Revert modularization specific circile CI changes
  • 4f3b285 Fix exporting the right amplify version
  • 815eef4 Publish
  • 4002776 Change new version of api-rest and api-graphql modules to 0.1
  • a105664 chore(release): Publish [ci skip]
  • 30e4c29 Preparing release
  • 21a00b4 Upgrade aws-sdk beta clients (#5234)
  • 31a273e Merge branch 'master' into modularization
  • 71044ae fix builds that were broken by new terser 4.6.8 version (#5233)
  • 2925d5b Fix unit tests following merge from master
  • e201cfd Merge branch 'modularization-Amplifiyer' into modularization
  • 082af2d Merge branch 'master' into modularization-Amplifiyer
  • d630c34 Added clientMetadata to sendMFACode (#5145)
  • 2a7fd81 Upgrade aws-sdk clients from alpha to beta (#5209)
  • 23d8d41 Export UsernameAttributes enum (#5197)
  • fe6aaf6 Fix unit tests as per expiration type change
  • 210410f Merge branch 'modularization' into modularization-Amplifiyer
  • 047b5a7 Update expiration type to Date as per change in aws-sdk

See the full diff

Package name: aws-api-gateway-client The new version differs by 68 commits.
  • 16a1fd7 update
  • b861256 Merge pull request #110 from kndt84/versionup
  • eb99223 update
  • 59656d4 Merge pull request #108 from jozr/pass-entire-axios-retry-config
  • 82dc7fa Merge branch 'master' into pass-entire-axios-retry-config
  • 344e831 Merge pull request #107 from alexneamtu/77-buildCanonicalHeaders-case-insensitive-sorting
  • f8fe3a0 Merge pull request #104 from kndt84/dependabot/npm_and_yarn/ini-1.3.7
  • 84591a2 Merge pull request #106 from kndt84/dependabot/npm_and_yarn/axios-0.21.1
  • 744c374 Add 'shouldResetTimeout' to README.md
  • 8a3c5f9 Update dist/
  • c418f77 Pass entire axios-retry config
  • fd79362 buildCanonicalHeaders should lowercase header names before sorting #77
  • 967c27e Bump axios from 0.19.2 to 0.21.1
  • 3048848 Bump ini from 1.3.5 to 1.3.7
  • 81f85f3 Merge pull request #102 from willvincent/master
  • 055ac16 Include updated dist build. (These really probably don't belong in git..)
  • 1a2f530 Fixes Signing issue when using retries.
  • 84548ab Add retry condition fallback to v4client
  • 9631f5b remove excess whitespace.
  • 35c2549 fix: Retry fails if retry condition not explicitly defined, should fall back to axiosRetry default if undefined or not a function.
  • 3781338 Merge pull request #99 from kndt84/dependabot/npm_and_yarn/lodash-4.17.19
  • e811c60 Bump lodash from 4.17.15 to 4.17.19
  • 61aa7cd Merge pull request #98 from kndt84/package-update
  • 1f4cadc update package-lock

See the full diff

Check the changes in this PR to ensure they won't cause issues with your project.

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information:
馃 View latest project report

馃洜 Adjust project settings

馃摎 Read more about Snyk's upgrade and patch logic

Learn how to fix vulnerabilities with free interactive lessons:

馃 Learn about vulnerability in an interactive lesson of Snyk Learn.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
2 participants
@0xpixel @snyk-bot