New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
chore(deps): update dependency aws-sdk to v2.814.0 [security] #18948
Merged
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
See the guidelines for reviewing dependency updates for info on how to review dependency update PRs. |
Test summaryRun details
View run in Cypress Dashboard ➡️ Flakiness
This comment has been generated by cypress-bot as a result of this project's GitHub integration settings. You can manage this integration in this project's settings in the Cypress Dashboard |
renovate
bot
force-pushed
the
renovate/npm-aws-sdk-vulnerability
branch
4 times, most recently
from
November 19, 2021 15:31
ae0456e
to
24c3cc2
Compare
flotwig
previously approved these changes
Nov 19, 2021
renovate
bot
force-pushed
the
renovate/npm-aws-sdk-vulnerability
branch
3 times, most recently
from
November 22, 2021 03:02
bf4b590
to
2217a0e
Compare
flotwig
previously approved these changes
Nov 22, 2021
renovate
bot
force-pushed
the
renovate/npm-aws-sdk-vulnerability
branch
from
November 22, 2021 15:34
2217a0e
to
31e43e4
Compare
emilyrohrbough
approved these changes
Nov 22, 2021
tgriesser
added a commit
that referenced
this pull request
Nov 28, 2021
* develop: test: node_modules installs for system-tests, other improvements (#18574) chore(deps): update dependency semantic-release to v17.2.3 [security] (#19022) chore: remove flaky ci jobs for main builds (#19071) chore(contributing): clarify PULL_REQUEST_TEMPLATE (#19068) fix: the shadow root container element is ignored when clicking an element in it. (#18908) 'Fix' flaky redirect test (#19042) release 9.1.0 [skip ci] fix: Allow 'this' to be used in overridden commands (#18899) fix(react): link to rerender example (#19020) chore(deps): update dependency aws-sdk to v2.814.0 [security] (#18948) fix: test config overrides leak for .only execution (#18961) feat: Set CYPRESS=true as env var in child processes where Cypress runs user code in Node (#18981) fix: Restore broken gif (#18987) chore: release @cypress/vite-dev-server-v2.2.1
lmiller1990
pushed a commit
that referenced
this pull request
Nov 29, 2021
Co-authored-by: Renovate Bot <bot@renovateapp.com>
tgriesser
added a commit
that referenced
this pull request
Nov 29, 2021
* 10.0-release: feat(graphql): ability to update/query for appData (#19082) fix system test fix failing tests due to merge resolve conflicts test: node_modules installs for system-tests, other improvements (#18574) update yarn.lock chore(deps): update dependency semantic-release to v17.2.3 [security] (#19022) chore: remove flaky ci jobs for main builds (#19071) chore(contributing): clarify PULL_REQUEST_TEMPLATE (#19068) fix: the shadow root container element is ignored when clicking an element in it. (#18908) 'Fix' flaky redirect test (#19042) release 9.1.0 [skip ci] fix: Allow 'this' to be used in overridden commands (#18899) fix(react): link to rerender example (#19020) chore(deps): update dependency aws-sdk to v2.814.0 [security] (#18948) fix: test config overrides leak for .only execution (#18961) feat: Set CYPRESS=true as env var in child processes where Cypress runs user code in Node (#18981) fix: Restore broken gif (#18987) chore: release @cypress/vite-dev-server-v2.2.1
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
This PR contains the following updates:
2.447.0
->2.814.0
GitHub Vulnerability Alerts
CVE-2020-28472
This affects the package @aws-sdk/shared-ini-file-loader before 1.0.0-rc.9; the package aws-sdk before 2.814.0. If an attacker submits a malicious INI file to an application that parses it with loadSharedConfigFiles , they will pollute the prototype on the application. This can be exploited further depending on the context.
Release Notes
aws/aws-sdk-js
v2.814.0
Compare Source
v2.813.0
Compare Source
v2.812.0
Compare Source
v2.811.0
Compare Source
v2.810.0
Compare Source
v2.809.0
Compare Source
v2.808.0
Compare Source
v2.807.0
Compare Source
v2.806.0
Compare Source
v2.805.0
Compare Source
v2.804.0
Compare Source
v2.803.0
Compare Source
v2.802.0
Compare Source
Profile
that was included in release, v2.801.0v2.801.0
Compare Source
v2.800.0
Compare Source
v2.799.0
Compare Source
v2.798.0
Compare Source
v2.797.0
Compare Source
v2.796.0
Compare Source
v2.795.0
Compare Source
v2.794.0
Compare Source
v2.793.0
Compare Source
v2.792.0
Compare Source
v2.791.0
Compare Source
v2.790.0
Compare Source
v2.789.0
Compare Source
v2.788.0
Compare Source
v2.787.0
Compare Source
v2.786.0
Compare Source
v2.785.0
Compare Source
v2.784.0
Compare Source
v2.783.0
Compare Source
v2.782.0
Compare Source
v2.781.0
Compare Source
v2.780.0
Compare Source
v2.779.0
Compare Source
v2.778.0
Compare Source
v2.777.0
Compare Source
v2.776.0
Compare Source
v2.775.0
Compare Source
v2.774.0
Compare Source
v2.773.0
Compare Source
v2.772.0
Compare Source
v2.771.0
Compare Source
v2.770.0
Compare Source
v2.769.0
Compare Source
v2.768.0
Compare Source
v2.767.0
Compare Source
v2.766.0
Compare Source
v2.765.0
Compare Source
v2.764.0
Compare Source
v2.763.0
Compare Source
[`v
Configuration
📅 Schedule: "" in timezone America/New_York.
🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.
♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.
🔕 Ignore: Close this PR and you won't be reminded about this update again.
This PR has been generated by WhiteSource Renovate. View repository job log here.