Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

[Snyk] Upgrade @aws-sdk/rds-signer from 3.577.0 to 3.632.0 #5

Open
wants to merge 1 commit into
base: main
Choose a base branch
from

Conversation

arpitsourcefuse
Copy link

snyk-top-banner

Snyk has created this PR to upgrade @aws-sdk/rds-signer from 3.577.0 to 3.632.0.

ℹ️ Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.


  • The recommended version is 25 versions ahead of your current version.

  • The recommended version was released on 23 days ago.

Issues fixed by the recommended upgrade:

Issue Score Exploit Maturity
medium severity Regular Expression Denial of Service (ReDoS)
SNYK-JS-FASTXMLPARSER-7573289
559 No Known Exploit
Release notes
Package name: @aws-sdk/rds-signer
  • 3.632.0 - 2024-08-15

    3.632.0(2024-08-15)

    New Features
    • clients: update client endpoints as of 2024-08-15 (05ff22bf)
    • client-s3: Amazon Simple Storage Service / Features : Adds support for pagination in the S3 ListBuckets API. (f31c6ea7)
    • client-docdb: This release adds Global Cluster Failover capability which enables you to change your global cluster's primary AWS region, the region that serves writes, during a regional outage. Performing a failover action preserves your Global Cluster setup. (62c6973c)
    • client-iam: Make the LastUsedDate field in the GetAccessKeyLastUsed response optional. This may break customers who only call the API for access keys with a valid LastUsedDate. This fixes a deserialization issue for access keys without a LastUsedDate, because the field was marked as required but could be null. (2e20e957)
    • client-ecs: This release introduces a new ContainerDefinition configuration to support the customer-managed keys for ECS container restart feature. (e56be698)
    Bug Fixes
    • util-endpoints: parseArn when resourcePath contains both delimiters (#6387) (63cb133f)
    • credential-providers: avoid sharing http2 requestHandler with inner STS (#6389) (d7b16106)
    • lib-dynamodb: missing @ smithy/core dependency in @ aws-sdk/lib-dynamodb (#6384) (84fd78ba)

    For list of updated packages, view updated-packages.md in assets-3.632.0.zip

  • 3.631.0 - 2024-08-14

    3.631.0(2024-08-14)

    New Features
    • client-codebuild: AWS CodeBuild now supports using Secrets Manager to store git credentials and using multiple source credentials in a single project. (9e44d9f4)
    Bug Fixes
    • util-endpoints: check for entire resource-path being empty (#6380) (08ad5100)

    For list of updated packages, view updated-packages.md in assets-3.631.0.zip

  • 3.630.0 - 2024-08-13

    3.630.0(2024-08-13)

    Documentation Changes
    • credential-providers: add longer explanation about credential function and chaining (#6382) (26788b98)
    New Features
    • client-glue: Add AttributesToGet parameter support for Glue GetTables (3d999b61)
    • client-appstream: This release includes following new APIs: CreateThemeForStack, DescribeThemeForStack, UpdateThemeForStack, DeleteThemeForStack to support custom branding programmatically. (86d89c66)
    • client-amplify: Add a new field "cacheConfig" that enables users to configure the CDN cache settings for an App (db3560cf)
    • client-neptune-graph: Amazon Neptune Analytics provides a new option for customers to load data into a graph using the RDF (Resource Description Framework) NTRIPLES format. When loading NTRIPLES files, use the value convertToIri for the blankNodeHandling parameter. (223369d6)
    • client-fis: This release adds support for additional error information on experiment failure. It adds the error code, location, and account id on relevant failures to the GetExperiment and ListExperiment API responses. (d69b9277)
    • credential-providers: add custom credential chain helper (#6374) (1a479dc8)
    Bug Fixes
    • client-s3-control: populate memberName as contextParams value (#6376) (7867ee1b)
    Tests

    For list of updated packages, view updated-packages.md in assets-3.630.0.zip

  • 3.629.0 - 2024-08-12

    3.629.0(2024-08-12)

    Chores
    Documentation Changes
    • client-compute-optimizer: Doc only update for Compute Optimizer that fixes several customer-reported issues relating to ECS finding classifications (933816fb)
    • client-groundstation: Updating documentation for OEMEphemeris to link to AWS Ground Station User Guide (aee7efd6)
    New Features
    • client-medialive: AWS Elemental MediaLive now supports now supports editing the PID values for a Multiplex. (4f1db8e5)
    • client-config-service: Documentation update for the OrganizationConfigRuleName regex pattern. (032e287f)
    • client-ec2: This release adds new capabilities to manage On-Demand Capacity Reservations including the ability to split your reservation, move capacity between reservations, and modify the instance eligibility of your reservation. (6e0db432)
    • client-eks: Added support for new AL2023 GPU AMIs to the supported AMITypes. (54703e47)
    • client-sagemaker: Releasing large data support as part of CreateAutoMLJobV2 in SageMaker Autopilot and CreateDomain API for SageMaker Canvas. (014f34c3)
    • core/httpAuthSchemes: set configuration sources for sigv4a signingRegionSet (#6368) (03bb39fe)
    Bug Fixes
    • core/httpAuthSchemes: default sigv4aSigningRegionSet to undefined (#6375) (8cccf59c)

    For list of updated packages, view updated-packages.md in assets-3.629.0.zip

  • 3.624.0 - 2024-08-05
  • 3.623.0 - 2024-08-02
  • 3.622.0 - 2024-08-01
  • 3.621.0 - 2024-07-30
  • 3.620.1 - 2024-07-29
  • 3.620.0 - 2024-07-25
  • 3.617.0 - 2024-07-22
  • 3.616.0 - 2024-07-18
  • 3.614.0 - 2024-07-10
  • 3.613.0 - 2024-07-09
  • 3.609.0 - 2024-07-02
  • 3.606.0 - 2024-06-28
  • 3.600.0 - 2024-06-18
  • 3.598.0 - 2024-06-14
  • 3.596.0 - 2024-06-12
  • 3.592.0 - 2024-06-06
  • 3.590.0 - 2024-06-04
  • 3.588.0 - 2024-05-31
  • 3.587.0 - 2024-05-30
  • 3.583.0 - 2024-05-23
  • 3.582.0 - 2024-05-22
  • 3.577.0 - 2024-05-15
from @aws-sdk/rds-signer GitHub release notes

Important

  • Check the changes in this PR to ensure they won't cause issues with your project.
  • This PR was automatically created by Snyk using the credentials of a real user.
  • Max score is 1000. Note that the real score may have changed since the PR was raised.

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.

For more information:

Snyk has created this PR to upgrade @aws-sdk/rds-signer from 3.577.0 to 3.632.0.

See this package in npm:
@aws-sdk/rds-signer

See this project in Snyk:
https://app.snyk.io/org/arpitsourcefuse/project/48a352df-e1d4-4de0-9529-c11d69a9b423?utm_source=github&utm_medium=referral&page=upgrade-pr
Copy link

sonarcloud bot commented Sep 7, 2024

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

2 participants