From ad81d53c84cb0c4e9f010dd29f342e585df44cce Mon Sep 17 00:00:00 2001 From: Aozixuan Priscilla Guan Date: Wed, 1 Feb 2023 13:50:43 -0600 Subject: [PATCH 01/14] Create 1.3.8 release notes Signed-off-by: Aozixuan Priscilla Guan --- ...ensearch-dashboards.release-notes-1.3.8.md | 90 ++++++++++++++++--- 1 file changed, 80 insertions(+), 10 deletions(-) diff --git a/release-notes/opensearch-dashboards.release-notes-1.3.8.md b/release-notes/opensearch-dashboards.release-notes-1.3.8.md index b14e84018da..cd442dc9fe7 100644 --- a/release-notes/opensearch-dashboards.release-notes-1.3.8.md +++ b/release-notes/opensearch-dashboards.release-notes-1.3.8.md @@ -1,29 +1,99 @@ # Version 1.3.8 Release Notes +### Deprecations + ### 🛡 Security -- [CVE-2022-25901] Bump supertest from 2.0.5 to 2.0.12 ([#3326](https://github.com/opensearch-project/OpenSearch-Dashboards/pull/3326)) -- [CVE-2022-25860] Bump simple-git from 3.15.1 to 3.16.0 ([#3345](https://github.com/opensearch-project/OpenSearch-Dashboards/pull/3345)) -- [CVE-2022-46175] Bump json5 version from 1.0.1 and 2.2.1 to 1.0.2 and 2.2.3 ([#3201](https://github.com/opensearch-project/OpenSearch-Dashboards/pull/3201)) -- [CVE-2022-25912] Bump simple-git from 3.4.0 to 3.15.0 ([#3036](https://github.com/opensearch-project/OpenSearch-Dashboards/pull/3036)) -- Bump decode-uri-component from 0.2.0 to 0.2.2 ([#3009](https://github.com/opensearch-project/OpenSearch-Dashboards/pull/3009)) +- [CVE-2022-3517] Bumps minimatch from 3.0.4 to 3.0.5 and [IBM X-Force ID: 220063] unset-value from 1.0.1 to 2.0.1 ([#2640](https://github.com/opensearch-project/OpenSearch-Dashboards/pull/2640)) +- [CVE-2022-0144] Bump shelljs from 0.8.4 to 0.8.5 ([#2511](https://github.com/opensearch-project/OpenSearch-Dashboards/pull/2511)) +- [Legacy Maps Plugin] Prevent reverse-tabnabbing ([#2540](https://github.com/opensearch-project/OpenSearch-Dashboards/pull/2540)) +- [CVE-2022-0155] Bump follow-redirects to 1.15.2 ([#2653](https://github.com/opensearch-project/OpenSearch-Dashboards/pull/2653)) +- [CVE-2022-0536] Bump follow-redirects to 1.15.2 ([#2653](https://github.com/opensearch-project/OpenSearch-Dashboards/pull/2653)) +- [CVE-2022-23647] Bump prismjs to 1.29.0 ([#2668](https://github.com/opensearch-project/OpenSearch-Dashboards/pull/2668)) +- [CVE-2021-24033] Remove storybook package to fix CVE-2021-42740 and CVE-2021-24033 ([#2660](https://github.com/opensearch-project/OpenSearch-Dashboards/pull/2660)) +- [CVE-2021-42740] Remove storybook package to fix CVE-2021-42740 and CVE-2021-24033 ([#2660](https://github.com/opensearch-project/OpenSearch-Dashboards/pull/2660)) +- [CVE-2022-37601] Bump loader-utils to 2.0.3 ([#2707](https://github.com/opensearch-project/OpenSearch-Dashboards/pull/2707)) +- [CVE-2022-37599] Bump loader-utils to 2.0.4 ([#2995](https://github.com/opensearch-project/OpenSearch-Dashboards/pull/2995)) +- [CVE-2022-37603] Bump loader-utils to 2.0.4 ([#2995](https://github.com/opensearch-project/OpenSearch-Dashboards/pull/2995)) +- [CVE-2022-25901] Bump supertest ([#3222](https://github.com/opensearch-project/OpenSearch-Dashboards/pull/3322)) +- [CVE-2022-46175] Bumps json5 version from 1.0.1 and 2.2.1 to 1.0.2 and 2.2.3 ([#3201](https://github.com/opensearch-project/OpenSearch-Dashboards/pull/3201)) +- [CVE-2022-25912] Bumps simple-git from 3.4.0 to 3.15.0 ([#3036](https://github.com/opensearch-project/OpenSearch-Dashboards/pull/3036)) +- [CVE-2022-25860] Bumps simple-git from 3.15.1 to 3.16.0 ([#3345](https://github.com/opensearch-project/OpenSearch-Dashboards/pull/3345)) + +### 📈 Features/Enhancements + +- [Windows] Facilitate building and running OSD and plugins on Windows platforms ([#2601](https://github.com/opensearch-project/OpenSearch-Dashboards/pull/2601)) +- [Windows] Add helper functions to work around the differences of platforms ([#2681](https://github.com/opensearch-project/OpenSearch-Dashboards/pull/2681)) +- [Windows] Add `@osd/cross-platform` package to standardize path handling across platforms ([#2703](https://github.com/opensearch-project/OpenSearch-Dashboards/pull/2703)) +- [Optimizer] Increase timeout waiting for the exiting of an optimizer worker ([#3193](https://github.com/opensearch-project/OpenSearch-Dashboards/pull/3193)) +- [Optimizer] Fixes misleading embeddable plugin error message ([#3043](https://github.com/opensearch-project/OpenSearch-Dashboards/pull/3043)) +- [Optimizer] Trim trailing slashes before checking no-restricted-path rule ([#3020](https://github.com/opensearch-project/OpenSearch-Dashboards/pull/3020)) + ### 🐛 Bug Fixes -- [BUG] Fixes misleading embeddable plugin error message ([#3043](https://github.com/opensearch-project/OpenSearch-Dashboards/pull/3043)) -- [BUG] Trim trailing slashes before checking no-restricted-path rule ([#3020](https://github.com/opensearch-project/OpenSearch-Dashboards/pull/3020)) +- [BUG] Fix suggestion list cutoff issue ([#2607](https://github.com/opensearch-project/OpenSearch-Dashboards/pull/2607)) +- Removed Leftover X Pack references ([#2638](https://github.com/opensearch-project/OpenSearch-Dashboards/pull/2638)) +- Bumped `del` version to fix MacOS race condition ([#2847](https://github.com/opensearch-project/OpenSearch-Dashboards/pull/2873)) ### 🚞 Infrastructure +- Run the unit tests of the CI workflow in band ([#1306](https://github.com/opensearch-project/OpenSearch-Dashboards/pull/1306)) +- Capture and report code coverage metrics in workflows ([#1478](https://github.com/opensearch-project/OpenSearch-Dashboards/pull/1478)) +- Add verification workflow for release builds ([#1502](https://github.com/opensearch-project/OpenSearch-Dashboards/pull/1502)) +- Add CHANGELOG.md and related workflows ([#2414](https://github.com/opensearch-project/OpenSearch-Dashboards/pull/2414)) +- Update backport custom branch name to utilize head template ([#2766](https://github.com/opensearch-project/OpenSearch-Dashboards/pull/2766)) +- Add automatic selection of the appropriate version of chrome driver to run functional tests ([#2990](https://github.com/opensearch-project/OpenSearch-Dashboards/pull/2990)) +- Add Windows CI workflows ([#2966](https://github.com/opensearch-project/OpenSearch-Dashboards/pull/2966)) +- Record functional test artifacts in case of failure ([#3190](https://github.com/opensearch-project/OpenSearch-Dashboards/pull/3190)) +- Improve yarn's performance in workflows by caching yarn's cache folder ([#3194](https://github.com/opensearch-project/OpenSearch-Dashboards/pull/3194)) - Lock workflow tests to Chrome and ChromeDriver 107 as the last combination that run on Node.js v10 ([#3299](https://github.com/opensearch-project/OpenSearch-Dashboards/pull/3299)) +- Remove github-checks-reporter ([#3126](https://github.com/opensearch-project/OpenSearch-Dashboards/pull/3126)) - Update yarn timeout for GitHub workflow on Windows ([#3118](https://github.com/opensearch-project/OpenSearch-Dashboards/pull/3118)) -- Add Windows CI to the GitHub workflow ([#2966](https://github.com/opensearch-project/OpenSearch-Dashboards/pull/2966)) ### 📝 Documentation +- Corrected README and help command of osd-plugin-helpers ([#2810](https://github.com/opensearch-project/OpenSearch-Dashboards/pull/2810)) +- Add the release runbook to RELEASING.md ([#2533](https://github.com/opensearch-project/OpenSearch-Dashboards/pull/2533)) - Fix documentation link for date math ([#3207](https://github.com/opensearch-project/OpenSearch-Dashboards/pull/3207)) +### 🛠 Maintenance + +- Add `target` folders of `test_utils` and `core` to the `osd clean` patterns ([#1442](https://github.com/opensearch-project/OpenSearch-Dashboards/pull/1442)) +- Remove storybook package and related code ([#2660](https://github.com/opensearch-project/OpenSearch-Dashboards/pull/2660)) +- + +### 🪛 Refactoring + +### 🔩 Tests + +- Fix test failures due to them ending before their duration is captured ([#1338](https://github.com/opensearch-project/OpenSearch-Dashboards/pull/1338)) +- Add retrying flaky jest tests ([#2967](https://github.com/opensearch-project/OpenSearch-Dashboards/pull/2967)) +- Prevent `AbortError` from breaking unit tests for ExecutionContract ([#3299](https://github.com/opensearch-project/OpenSearch-Dashboards/pull/3299)) + +## [1.x] +### 💥 Breaking Changes + +### Deprecations + +### 🛡 Security + +### 📈 Features/Enhancements + +### 🐛 Bug Fixes + +- Plugin helpers fix related to fs promises module ([#2486](https://github.com/opensearch-project/OpenSearch-Dashboards/pull/2486)) + +### 🚞 Infrastructure + +### 📝 Documentation + +### 🛠 Maintenance + +- [Version] Increment to 1.4 ([#1341](https://github.com/opensearch-project/OpenSearch-Dashboards/pull/1341)) + +### 🪛 Refactoring + ### 🔩 Tests -- [BWC] Updates to BWC tests ([#1190](https://github.com/opensearch-project/OpenSearch-Dashboards/pull/1190)) -- Automates chromedriver version selection for tests ([#2990](https://github.com/opensearch-project/OpenSearch-Dashboards/pull/2990)) \ No newline at end of file +[1.x]: https://github.com/opensearch-project/OpenSearch-Dashboards/compare/1.3.5...1.x \ No newline at end of file From 5f2c985b9bd79d7d16d8bdefcbf08047a692d3bc Mon Sep 17 00:00:00 2001 From: Aozixuan Priscilla Guan Date: Wed, 1 Feb 2023 15:36:09 -0600 Subject: [PATCH 02/14] Remove unused tags Signed-off-by: Aozixuan Priscilla Guan --- ...ensearch-dashboards.release-notes-1.3.8.md | 30 ------------------- 1 file changed, 30 deletions(-) diff --git a/release-notes/opensearch-dashboards.release-notes-1.3.8.md b/release-notes/opensearch-dashboards.release-notes-1.3.8.md index cd442dc9fe7..85222178d15 100644 --- a/release-notes/opensearch-dashboards.release-notes-1.3.8.md +++ b/release-notes/opensearch-dashboards.release-notes-1.3.8.md @@ -1,6 +1,5 @@ # Version 1.3.8 Release Notes -### Deprecations ### 🛡 Security @@ -61,39 +60,10 @@ - Add `target` folders of `test_utils` and `core` to the `osd clean` patterns ([#1442](https://github.com/opensearch-project/OpenSearch-Dashboards/pull/1442)) - Remove storybook package and related code ([#2660](https://github.com/opensearch-project/OpenSearch-Dashboards/pull/2660)) -- -### 🪛 Refactoring ### 🔩 Tests - Fix test failures due to them ending before their duration is captured ([#1338](https://github.com/opensearch-project/OpenSearch-Dashboards/pull/1338)) - Add retrying flaky jest tests ([#2967](https://github.com/opensearch-project/OpenSearch-Dashboards/pull/2967)) - Prevent `AbortError` from breaking unit tests for ExecutionContract ([#3299](https://github.com/opensearch-project/OpenSearch-Dashboards/pull/3299)) - -## [1.x] -### 💥 Breaking Changes - -### Deprecations - -### 🛡 Security - -### 📈 Features/Enhancements - -### 🐛 Bug Fixes - -- Plugin helpers fix related to fs promises module ([#2486](https://github.com/opensearch-project/OpenSearch-Dashboards/pull/2486)) - -### 🚞 Infrastructure - -### 📝 Documentation - -### 🛠 Maintenance - -- [Version] Increment to 1.4 ([#1341](https://github.com/opensearch-project/OpenSearch-Dashboards/pull/1341)) - -### 🪛 Refactoring - -### 🔩 Tests - -[1.x]: https://github.com/opensearch-project/OpenSearch-Dashboards/compare/1.3.5...1.x \ No newline at end of file From 22160fe71418933bcc5fb9fe61829ebe66cf60a0 Mon Sep 17 00:00:00 2001 From: Aozixuan Priscilla Guan Date: Wed, 1 Feb 2023 16:06:31 -0600 Subject: [PATCH 03/14] Remove old changelog Signed-off-by: Aozixuan Priscilla Guan --- ...ensearch-dashboards.release-notes-1.3.8.md | 44 ++----------------- 1 file changed, 3 insertions(+), 41 deletions(-) diff --git a/release-notes/opensearch-dashboards.release-notes-1.3.8.md b/release-notes/opensearch-dashboards.release-notes-1.3.8.md index 85222178d15..6644f20a72d 100644 --- a/release-notes/opensearch-dashboards.release-notes-1.3.8.md +++ b/release-notes/opensearch-dashboards.release-notes-1.3.8.md @@ -3,67 +3,29 @@ ### 🛡 Security -- [CVE-2022-3517] Bumps minimatch from 3.0.4 to 3.0.5 and [IBM X-Force ID: 220063] unset-value from 1.0.1 to 2.0.1 ([#2640](https://github.com/opensearch-project/OpenSearch-Dashboards/pull/2640)) -- [CVE-2022-0144] Bump shelljs from 0.8.4 to 0.8.5 ([#2511](https://github.com/opensearch-project/OpenSearch-Dashboards/pull/2511)) -- [Legacy Maps Plugin] Prevent reverse-tabnabbing ([#2540](https://github.com/opensearch-project/OpenSearch-Dashboards/pull/2540)) -- [CVE-2022-0155] Bump follow-redirects to 1.15.2 ([#2653](https://github.com/opensearch-project/OpenSearch-Dashboards/pull/2653)) -- [CVE-2022-0536] Bump follow-redirects to 1.15.2 ([#2653](https://github.com/opensearch-project/OpenSearch-Dashboards/pull/2653)) -- [CVE-2022-23647] Bump prismjs to 1.29.0 ([#2668](https://github.com/opensearch-project/OpenSearch-Dashboards/pull/2668)) -- [CVE-2021-24033] Remove storybook package to fix CVE-2021-42740 and CVE-2021-24033 ([#2660](https://github.com/opensearch-project/OpenSearch-Dashboards/pull/2660)) -- [CVE-2021-42740] Remove storybook package to fix CVE-2021-42740 and CVE-2021-24033 ([#2660](https://github.com/opensearch-project/OpenSearch-Dashboards/pull/2660)) -- [CVE-2022-37601] Bump loader-utils to 2.0.3 ([#2707](https://github.com/opensearch-project/OpenSearch-Dashboards/pull/2707)) -- [CVE-2022-37599] Bump loader-utils to 2.0.4 ([#2995](https://github.com/opensearch-project/OpenSearch-Dashboards/pull/2995)) -- [CVE-2022-37603] Bump loader-utils to 2.0.4 ([#2995](https://github.com/opensearch-project/OpenSearch-Dashboards/pull/2995)) -- [CVE-2022-25901] Bump supertest ([#3222](https://github.com/opensearch-project/OpenSearch-Dashboards/pull/3322)) +- [CVE-2022-25901] Bump supertest ([#3226](https://github.com/opensearch-project/OpenSearch-Dashboards/pull/3326)) +- [CVE-2022-25860] Bumps simple-git from 3.15.1 to 3.16.0 ([#3345](https://github.com/opensearch-project/OpenSearch-Dashboards/pull/3345)) - [CVE-2022-46175] Bumps json5 version from 1.0.1 and 2.2.1 to 1.0.2 and 2.2.3 ([#3201](https://github.com/opensearch-project/OpenSearch-Dashboards/pull/3201)) - [CVE-2022-25912] Bumps simple-git from 3.4.0 to 3.15.0 ([#3036](https://github.com/opensearch-project/OpenSearch-Dashboards/pull/3036)) -- [CVE-2022-25860] Bumps simple-git from 3.15.1 to 3.16.0 ([#3345](https://github.com/opensearch-project/OpenSearch-Dashboards/pull/3345)) +- [CVE-2022-25901] Bump supertest ([#3222](https://github.com/opensearch-project/OpenSearch-Dashboards/pull/3322)) ### 📈 Features/Enhancements -- [Windows] Facilitate building and running OSD and plugins on Windows platforms ([#2601](https://github.com/opensearch-project/OpenSearch-Dashboards/pull/2601)) -- [Windows] Add helper functions to work around the differences of platforms ([#2681](https://github.com/opensearch-project/OpenSearch-Dashboards/pull/2681)) -- [Windows] Add `@osd/cross-platform` package to standardize path handling across platforms ([#2703](https://github.com/opensearch-project/OpenSearch-Dashboards/pull/2703)) -- [Optimizer] Increase timeout waiting for the exiting of an optimizer worker ([#3193](https://github.com/opensearch-project/OpenSearch-Dashboards/pull/3193)) - [Optimizer] Fixes misleading embeddable plugin error message ([#3043](https://github.com/opensearch-project/OpenSearch-Dashboards/pull/3043)) - [Optimizer] Trim trailing slashes before checking no-restricted-path rule ([#3020](https://github.com/opensearch-project/OpenSearch-Dashboards/pull/3020)) -### 🐛 Bug Fixes - -- [BUG] Fix suggestion list cutoff issue ([#2607](https://github.com/opensearch-project/OpenSearch-Dashboards/pull/2607)) -- Removed Leftover X Pack references ([#2638](https://github.com/opensearch-project/OpenSearch-Dashboards/pull/2638)) -- Bumped `del` version to fix MacOS race condition ([#2847](https://github.com/opensearch-project/OpenSearch-Dashboards/pull/2873)) - ### 🚞 Infrastructure -- Run the unit tests of the CI workflow in band ([#1306](https://github.com/opensearch-project/OpenSearch-Dashboards/pull/1306)) -- Capture and report code coverage metrics in workflows ([#1478](https://github.com/opensearch-project/OpenSearch-Dashboards/pull/1478)) -- Add verification workflow for release builds ([#1502](https://github.com/opensearch-project/OpenSearch-Dashboards/pull/1502)) -- Add CHANGELOG.md and related workflows ([#2414](https://github.com/opensearch-project/OpenSearch-Dashboards/pull/2414)) -- Update backport custom branch name to utilize head template ([#2766](https://github.com/opensearch-project/OpenSearch-Dashboards/pull/2766)) -- Add automatic selection of the appropriate version of chrome driver to run functional tests ([#2990](https://github.com/opensearch-project/OpenSearch-Dashboards/pull/2990)) -- Add Windows CI workflows ([#2966](https://github.com/opensearch-project/OpenSearch-Dashboards/pull/2966)) -- Record functional test artifacts in case of failure ([#3190](https://github.com/opensearch-project/OpenSearch-Dashboards/pull/3190)) -- Improve yarn's performance in workflows by caching yarn's cache folder ([#3194](https://github.com/opensearch-project/OpenSearch-Dashboards/pull/3194)) - Lock workflow tests to Chrome and ChromeDriver 107 as the last combination that run on Node.js v10 ([#3299](https://github.com/opensearch-project/OpenSearch-Dashboards/pull/3299)) - Remove github-checks-reporter ([#3126](https://github.com/opensearch-project/OpenSearch-Dashboards/pull/3126)) - Update yarn timeout for GitHub workflow on Windows ([#3118](https://github.com/opensearch-project/OpenSearch-Dashboards/pull/3118)) ### 📝 Documentation -- Corrected README and help command of osd-plugin-helpers ([#2810](https://github.com/opensearch-project/OpenSearch-Dashboards/pull/2810)) -- Add the release runbook to RELEASING.md ([#2533](https://github.com/opensearch-project/OpenSearch-Dashboards/pull/2533)) - Fix documentation link for date math ([#3207](https://github.com/opensearch-project/OpenSearch-Dashboards/pull/3207)) -### 🛠 Maintenance - -- Add `target` folders of `test_utils` and `core` to the `osd clean` patterns ([#1442](https://github.com/opensearch-project/OpenSearch-Dashboards/pull/1442)) -- Remove storybook package and related code ([#2660](https://github.com/opensearch-project/OpenSearch-Dashboards/pull/2660)) - ### 🔩 Tests -- Fix test failures due to them ending before their duration is captured ([#1338](https://github.com/opensearch-project/OpenSearch-Dashboards/pull/1338)) -- Add retrying flaky jest tests ([#2967](https://github.com/opensearch-project/OpenSearch-Dashboards/pull/2967)) - Prevent `AbortError` from breaking unit tests for ExecutionContract ([#3299](https://github.com/opensearch-project/OpenSearch-Dashboards/pull/3299)) From 918a4ace43d6f69b30d92bcdb9678c1ce8d0e2cd Mon Sep 17 00:00:00 2001 From: Aozixuan Priscilla Guan Date: Wed, 1 Feb 2023 16:09:07 -0600 Subject: [PATCH 04/14] Fix typo Signed-off-by: Aozixuan Priscilla Guan --- release-notes/opensearch-dashboards.release-notes-1.3.8.md | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/release-notes/opensearch-dashboards.release-notes-1.3.8.md b/release-notes/opensearch-dashboards.release-notes-1.3.8.md index 6644f20a72d..2c999e0e320 100644 --- a/release-notes/opensearch-dashboards.release-notes-1.3.8.md +++ b/release-notes/opensearch-dashboards.release-notes-1.3.8.md @@ -3,11 +3,11 @@ ### 🛡 Security -- [CVE-2022-25901] Bump supertest ([#3226](https://github.com/opensearch-project/OpenSearch-Dashboards/pull/3326)) +- [CVE-2022-25901] Bump supertest ([#3326](https://github.com/opensearch-project/OpenSearch-Dashboards/pull/3326)) - [CVE-2022-25860] Bumps simple-git from 3.15.1 to 3.16.0 ([#3345](https://github.com/opensearch-project/OpenSearch-Dashboards/pull/3345)) - [CVE-2022-46175] Bumps json5 version from 1.0.1 and 2.2.1 to 1.0.2 and 2.2.3 ([#3201](https://github.com/opensearch-project/OpenSearch-Dashboards/pull/3201)) - [CVE-2022-25912] Bumps simple-git from 3.4.0 to 3.15.0 ([#3036](https://github.com/opensearch-project/OpenSearch-Dashboards/pull/3036)) -- [CVE-2022-25901] Bump supertest ([#3222](https://github.com/opensearch-project/OpenSearch-Dashboards/pull/3322)) + ### 📈 Features/Enhancements @@ -21,6 +21,7 @@ - Remove github-checks-reporter ([#3126](https://github.com/opensearch-project/OpenSearch-Dashboards/pull/3126)) - Update yarn timeout for GitHub workflow on Windows ([#3118](https://github.com/opensearch-project/OpenSearch-Dashboards/pull/3118)) + ### 📝 Documentation - Fix documentation link for date math ([#3207](https://github.com/opensearch-project/OpenSearch-Dashboards/pull/3207)) From 5f5f442d0b577af8bae1f01722851cbc8962b080 Mon Sep 17 00:00:00 2001 From: Aozixuan Priscilla Guan Date: Wed, 1 Feb 2023 18:30:59 -0600 Subject: [PATCH 05/14] Address comments Signed-off-by: Aozixuan Priscilla Guan --- ...ensearch-dashboards.release-notes-1.3.8.md | 25 ++++++++----------- 1 file changed, 11 insertions(+), 14 deletions(-) diff --git a/release-notes/opensearch-dashboards.release-notes-1.3.8.md b/release-notes/opensearch-dashboards.release-notes-1.3.8.md index 2c999e0e320..b14e84018da 100644 --- a/release-notes/opensearch-dashboards.release-notes-1.3.8.md +++ b/release-notes/opensearch-dashboards.release-notes-1.3.8.md @@ -1,32 +1,29 @@ # Version 1.3.8 Release Notes - ### 🛡 Security -- [CVE-2022-25901] Bump supertest ([#3326](https://github.com/opensearch-project/OpenSearch-Dashboards/pull/3326)) -- [CVE-2022-25860] Bumps simple-git from 3.15.1 to 3.16.0 ([#3345](https://github.com/opensearch-project/OpenSearch-Dashboards/pull/3345)) -- [CVE-2022-46175] Bumps json5 version from 1.0.1 and 2.2.1 to 1.0.2 and 2.2.3 ([#3201](https://github.com/opensearch-project/OpenSearch-Dashboards/pull/3201)) -- [CVE-2022-25912] Bumps simple-git from 3.4.0 to 3.15.0 ([#3036](https://github.com/opensearch-project/OpenSearch-Dashboards/pull/3036)) - - -### 📈 Features/Enhancements +- [CVE-2022-25901] Bump supertest from 2.0.5 to 2.0.12 ([#3326](https://github.com/opensearch-project/OpenSearch-Dashboards/pull/3326)) +- [CVE-2022-25860] Bump simple-git from 3.15.1 to 3.16.0 ([#3345](https://github.com/opensearch-project/OpenSearch-Dashboards/pull/3345)) +- [CVE-2022-46175] Bump json5 version from 1.0.1 and 2.2.1 to 1.0.2 and 2.2.3 ([#3201](https://github.com/opensearch-project/OpenSearch-Dashboards/pull/3201)) +- [CVE-2022-25912] Bump simple-git from 3.4.0 to 3.15.0 ([#3036](https://github.com/opensearch-project/OpenSearch-Dashboards/pull/3036)) +- Bump decode-uri-component from 0.2.0 to 0.2.2 ([#3009](https://github.com/opensearch-project/OpenSearch-Dashboards/pull/3009)) -- [Optimizer] Fixes misleading embeddable plugin error message ([#3043](https://github.com/opensearch-project/OpenSearch-Dashboards/pull/3043)) -- [Optimizer] Trim trailing slashes before checking no-restricted-path rule ([#3020](https://github.com/opensearch-project/OpenSearch-Dashboards/pull/3020)) +### 🐛 Bug Fixes +- [BUG] Fixes misleading embeddable plugin error message ([#3043](https://github.com/opensearch-project/OpenSearch-Dashboards/pull/3043)) +- [BUG] Trim trailing slashes before checking no-restricted-path rule ([#3020](https://github.com/opensearch-project/OpenSearch-Dashboards/pull/3020)) ### 🚞 Infrastructure - Lock workflow tests to Chrome and ChromeDriver 107 as the last combination that run on Node.js v10 ([#3299](https://github.com/opensearch-project/OpenSearch-Dashboards/pull/3299)) -- Remove github-checks-reporter ([#3126](https://github.com/opensearch-project/OpenSearch-Dashboards/pull/3126)) - Update yarn timeout for GitHub workflow on Windows ([#3118](https://github.com/opensearch-project/OpenSearch-Dashboards/pull/3118)) - +- Add Windows CI to the GitHub workflow ([#2966](https://github.com/opensearch-project/OpenSearch-Dashboards/pull/2966)) ### 📝 Documentation - Fix documentation link for date math ([#3207](https://github.com/opensearch-project/OpenSearch-Dashboards/pull/3207)) - ### 🔩 Tests -- Prevent `AbortError` from breaking unit tests for ExecutionContract ([#3299](https://github.com/opensearch-project/OpenSearch-Dashboards/pull/3299)) +- [BWC] Updates to BWC tests ([#1190](https://github.com/opensearch-project/OpenSearch-Dashboards/pull/1190)) +- Automates chromedriver version selection for tests ([#2990](https://github.com/opensearch-project/OpenSearch-Dashboards/pull/2990)) \ No newline at end of file From bb853ecebe095c7eb2862bdcdb48b2ae5166fddd Mon Sep 17 00:00:00 2001 From: Aozixuan Priscilla Guan Date: Wed, 1 Feb 2023 18:40:11 -0600 Subject: [PATCH 06/14] Add PRs Signed-off-by: Aozixuan Priscilla Guan --- release-notes/opensearch-dashboards.release-notes-1.3.8.md | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/release-notes/opensearch-dashboards.release-notes-1.3.8.md b/release-notes/opensearch-dashboards.release-notes-1.3.8.md index b14e84018da..171418ee386 100644 --- a/release-notes/opensearch-dashboards.release-notes-1.3.8.md +++ b/release-notes/opensearch-dashboards.release-notes-1.3.8.md @@ -12,6 +12,7 @@ - [BUG] Fixes misleading embeddable plugin error message ([#3043](https://github.com/opensearch-project/OpenSearch-Dashboards/pull/3043)) - [BUG] Trim trailing slashes before checking no-restricted-path rule ([#3020](https://github.com/opensearch-project/OpenSearch-Dashboards/pull/3020)) +- [BUG] i18n: Register ru, ru-RU locale ([#2817](https://github.com/opensearch-project/OpenSearch-Dashboards/pull/2817)) ### 🚞 Infrastructure @@ -26,4 +27,5 @@ ### 🔩 Tests - [BWC] Updates to BWC tests ([#1190](https://github.com/opensearch-project/OpenSearch-Dashboards/pull/1190)) -- Automates chromedriver version selection for tests ([#2990](https://github.com/opensearch-project/OpenSearch-Dashboards/pull/2990)) \ No newline at end of file +- Automates chromedriver version selection for tests ([#2990](https://github.com/opensearch-project/OpenSearch-Dashboards/pull/2990)) +- Adds retrying flaky jest tests ([#2967](https://github.com/opensearch-project/OpenSearch-Dashboards/pull/2967)) \ No newline at end of file From f9301b666dd7b35cd7da23bf0c1b5a770e0b1002 Mon Sep 17 00:00:00 2001 From: Aozixuan Priscilla Guan Date: Wed, 1 Feb 2023 18:48:10 -0600 Subject: [PATCH 07/14] Remove unreleased PR Signed-off-by: Aozixuan Priscilla Guan --- release-notes/opensearch-dashboards.release-notes-1.3.8.md | 1 - 1 file changed, 1 deletion(-) diff --git a/release-notes/opensearch-dashboards.release-notes-1.3.8.md b/release-notes/opensearch-dashboards.release-notes-1.3.8.md index 171418ee386..0f63b6872fe 100644 --- a/release-notes/opensearch-dashboards.release-notes-1.3.8.md +++ b/release-notes/opensearch-dashboards.release-notes-1.3.8.md @@ -12,7 +12,6 @@ - [BUG] Fixes misleading embeddable plugin error message ([#3043](https://github.com/opensearch-project/OpenSearch-Dashboards/pull/3043)) - [BUG] Trim trailing slashes before checking no-restricted-path rule ([#3020](https://github.com/opensearch-project/OpenSearch-Dashboards/pull/3020)) -- [BUG] i18n: Register ru, ru-RU locale ([#2817](https://github.com/opensearch-project/OpenSearch-Dashboards/pull/2817)) ### 🚞 Infrastructure From ea9ee0c5e9a57e861076b6d9c1f552107f92fc47 Mon Sep 17 00:00:00 2001 From: Aozixuan Priscilla Guan Date: Wed, 1 Feb 2023 18:51:55 -0600 Subject: [PATCH 08/14] Remove unreleased PR Signed-off-by: Aozixuan Priscilla Guan --- release-notes/opensearch-dashboards.release-notes-1.3.8.md | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/release-notes/opensearch-dashboards.release-notes-1.3.8.md b/release-notes/opensearch-dashboards.release-notes-1.3.8.md index 0f63b6872fe..b14e84018da 100644 --- a/release-notes/opensearch-dashboards.release-notes-1.3.8.md +++ b/release-notes/opensearch-dashboards.release-notes-1.3.8.md @@ -26,5 +26,4 @@ ### 🔩 Tests - [BWC] Updates to BWC tests ([#1190](https://github.com/opensearch-project/OpenSearch-Dashboards/pull/1190)) -- Automates chromedriver version selection for tests ([#2990](https://github.com/opensearch-project/OpenSearch-Dashboards/pull/2990)) -- Adds retrying flaky jest tests ([#2967](https://github.com/opensearch-project/OpenSearch-Dashboards/pull/2967)) \ No newline at end of file +- Automates chromedriver version selection for tests ([#2990](https://github.com/opensearch-project/OpenSearch-Dashboards/pull/2990)) \ No newline at end of file From 9556c185218d2a4dd456d165137ea9bffef1e2a8 Mon Sep 17 00:00:00 2001 From: Aozixuan Priscilla Guan Date: Thu, 13 Apr 2023 09:47:05 -0500 Subject: [PATCH 09/14] Bump xml2js from 0.4.22 to 0.5.0 Signed-off-by: Aozixuan Priscilla Guan --- package.json | 2 +- yarn.lock | 8 ++++++++ 2 files changed, 9 insertions(+), 1 deletion(-) diff --git a/package.json b/package.json index 1e96cc9bdda..926f6e79cc5 100644 --- a/package.json +++ b/package.json @@ -462,7 +462,7 @@ "vega-schema-url-parser": "^2.1.0", "vega-tooltip": "^0.30.0", "vinyl-fs": "^3.0.3", - "xml2js": "^0.4.22", + "xml2js": "^0.5.0", "xmlbuilder": "13.0.2", "zlib": "^1.0.5" }, diff --git a/yarn.lock b/yarn.lock index 2728b79ee99..dc6f3b834a1 100644 --- a/yarn.lock +++ b/yarn.lock @@ -18441,6 +18441,14 @@ xml2js@^0.4.22, xml2js@^0.4.5: sax ">=0.6.0" xmlbuilder "~11.0.0" +xml2js@^0.5.0: + version "0.5.0" + resolved "https://registry.yarnpkg.com/xml2js/-/xml2js-0.5.0.tgz#d9440631fbb2ed800203fad106f2724f62c493b7" + integrity sha512-drPFnkQJik/O+uPKpqSgr22mpuFHqKdbS835iAQrUC73L2F5WkboIRd63ai/2Yg6I1jzifPFKH2NTK+cfglkIA== + dependencies: + sax ">=0.6.0" + xmlbuilder "~11.0.0" + xmlbuilder@13.0.2: version "13.0.2" resolved "https://registry.yarnpkg.com/xmlbuilder/-/xmlbuilder-13.0.2.tgz#02ae33614b6a047d1c32b5389c1fdacb2bce47a7" From caf3a5098bcadbec90edff5b3d9e6ccf6b1d7ea7 Mon Sep 17 00:00:00 2001 From: Aozixuan Priscilla Guan Date: Thu, 13 Apr 2023 11:45:43 -0500 Subject: [PATCH 10/14] Add change log for CVE Signed-off-by: Aozixuan Priscilla Guan --- CHANGELOG.md | 1 + yarn.lock | 2 +- 2 files changed, 2 insertions(+), 1 deletion(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index 5ebc3bdc053..71454759c72 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -21,6 +21,7 @@ Inspired from [Keep a Changelog](https://keepachangelog.com/en/1.0.0/) - [CVE-2023-25166] Bump formula to 3.0.1 ([#3416](https://github.com/opensearch-project/OpenSearch-Dashboards/pull/3416)) - [CVE-2023-25653] Bump node-jose to 2.2.0 ([#3445](https://github.com/opensearch-project/OpenSearch-Dashboards/pull/3445)) - [CVE-2023-26486][cve-2023-26487] Bump vega from 5.22.1 to 5.23.0 ([#3533](https://github.com/opensearch-project/OpenSearch-Dashboards/pull/3533)) +- [CVE-2023-0842]Bump xml2js from 0.4.23 to 0.5.0 ([#3819](https://github.com/opensearch-project/OpenSearch-Dashboards/pull/3819)) ### 📈 Features/Enhancements diff --git a/yarn.lock b/yarn.lock index dc6f3b834a1..3c8172b093d 100644 --- a/yarn.lock +++ b/yarn.lock @@ -18433,7 +18433,7 @@ xml2js@0.4.19: sax ">=0.6.0" xmlbuilder "~9.0.1" -xml2js@^0.4.22, xml2js@^0.4.5: +xml2js@^0.4.5: version "0.4.23" resolved "https://registry.yarnpkg.com/xml2js/-/xml2js-0.4.23.tgz#a0c69516752421eb2ac758ee4d4ccf58843eac66" integrity sha512-ySPiMjM0+pLDftHgXY4By0uswI3SPKLDw/i3UXbnO8M/p28zqexCUoPmQFrYD+/1BzhGJSs2i1ERWKJAtiLrug== From 6b008fd81d5d63a25482216a45515b728690826e Mon Sep 17 00:00:00 2001 From: Aozixuan Priscilla Guan Date: Thu, 13 Apr 2023 12:16:20 -0500 Subject: [PATCH 11/14] Bump version for osd-test package Signed-off-by: Aozixuan Priscilla Guan --- packages/osd-test/package.json | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/packages/osd-test/package.json b/packages/osd-test/package.json index 7776afc1de5..69fa50828fc 100644 --- a/packages/osd-test/package.json +++ b/packages/osd-test/package.json @@ -37,7 +37,7 @@ "rxjs": "^6.5.5", "strip-ansi": "^6.0.0", "tar-fs": "^2.1.0", - "xml2js": "^0.4.22", + "xml2js": "^0.5.0", "zlib": "^1.0.5" } } From 4dad49e9e15311af6ce3403087cedd23d41deaa0 Mon Sep 17 00:00:00 2001 From: Aozixuan Priscilla Guan Date: Thu, 13 Apr 2023 12:43:35 -0500 Subject: [PATCH 12/14] Modify PR link for changelog Signed-off-by: Aozixuan Priscilla Guan --- CHANGELOG.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index 71454759c72..1f5e90a442a 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -21,7 +21,7 @@ Inspired from [Keep a Changelog](https://keepachangelog.com/en/1.0.0/) - [CVE-2023-25166] Bump formula to 3.0.1 ([#3416](https://github.com/opensearch-project/OpenSearch-Dashboards/pull/3416)) - [CVE-2023-25653] Bump node-jose to 2.2.0 ([#3445](https://github.com/opensearch-project/OpenSearch-Dashboards/pull/3445)) - [CVE-2023-26486][cve-2023-26487] Bump vega from 5.22.1 to 5.23.0 ([#3533](https://github.com/opensearch-project/OpenSearch-Dashboards/pull/3533)) -- [CVE-2023-0842]Bump xml2js from 0.4.23 to 0.5.0 ([#3819](https://github.com/opensearch-project/OpenSearch-Dashboards/pull/3819)) +- [CVE-2023-0842]Bump xml2js from 0.4.23 to 0.5.0 ([#3842](https://github.com/opensearch-project/OpenSearch-Dashboards/pull/3842)) ### 📈 Features/Enhancements From 87e4d8fdd076875dbfb50f2cef25b9a10f0c6b58 Mon Sep 17 00:00:00 2001 From: Aozixuan Priscilla Guan Date: Fri, 14 Apr 2023 13:19:29 -0500 Subject: [PATCH 13/14] Fix changelog and dependency package version Signed-off-by: Aozixuan Priscilla Guan --- CHANGELOG.md | 2 +- package.json | 3 ++- yarn.lock | 55 +++++++++------------------------------------------- 3 files changed, 12 insertions(+), 48 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index 1f5e90a442a..0d759c7c334 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -21,7 +21,7 @@ Inspired from [Keep a Changelog](https://keepachangelog.com/en/1.0.0/) - [CVE-2023-25166] Bump formula to 3.0.1 ([#3416](https://github.com/opensearch-project/OpenSearch-Dashboards/pull/3416)) - [CVE-2023-25653] Bump node-jose to 2.2.0 ([#3445](https://github.com/opensearch-project/OpenSearch-Dashboards/pull/3445)) - [CVE-2023-26486][cve-2023-26487] Bump vega from 5.22.1 to 5.23.0 ([#3533](https://github.com/opensearch-project/OpenSearch-Dashboards/pull/3533)) -- [CVE-2023-0842]Bump xml2js from 0.4.23 to 0.5.0 ([#3842](https://github.com/opensearch-project/OpenSearch-Dashboards/pull/3842)) +- [CVE-2023-0842] Bump xml2js from 0.4.23 to 0.5.0 ([#3842](https://github.com/opensearch-project/OpenSearch-Dashboards/pull/3842)) ### 📈 Features/Enhancements diff --git a/package.json b/package.json index 926f6e79cc5..998a5335fb4 100644 --- a/package.json +++ b/package.json @@ -96,7 +96,8 @@ "**/typescript": "4.0.2", "**/unset-value": "^2.0.1", "**/jest-config": "npm:@amoo-miki/jest-config@27.5.1", - "**/jest-jasmine2": "npm:@amoo-miki/jest-jasmine2@27.5.1" + "**/jest-jasmine2": "npm:@amoo-miki/jest-jasmine2@27.5.1", + "**/xml2js": "^0.5.0" }, "workspaces": { "packages": [ diff --git a/yarn.lock b/yarn.lock index 3c8172b093d..18c70fc0352 100644 --- a/yarn.lock +++ b/yarn.lock @@ -3729,9 +3729,9 @@ integrity sha512-JRGsPEPCrYqTXU0Cr+Yu7esPBE2yvH7ucOHr+JuBy0F59kglPvO5gkmtyEvf3P6dASSkScvy/XQ6SC1QEBFDuA== "@types/xml2js@^0.4.5": - version "0.4.9" - resolved "https://registry.yarnpkg.com/@types/xml2js/-/xml2js-0.4.9.tgz#a38267d8c2fe121c96922b12ee3bd89a58a6e20e" - integrity sha512-CHiCKIihl1pychwR2RNX5mAYmJDACgFVCMT5OArMaO3erzwXVcBqPcusr+Vl8yeeXukxZqtF8mZioqX+mpjjdw== + version "0.4.11" + resolved "https://registry.yarnpkg.com/@types/xml2js/-/xml2js-0.4.11.tgz#bf46a84ecc12c41159a7bd9cf51ae84129af0e79" + integrity sha512-JdigeAKmCyoJUiQljjr7tQG3if9NkqGUgwEUqBvV0N7LM4HyQk7UXCnusRa1lnvXAEYJ8mw8GtZWioagNztOwA== dependencies: "@types/node" "*" @@ -4703,10 +4703,10 @@ available-typed-arrays@^1.0.5: resolved "https://registry.yarnpkg.com/available-typed-arrays/-/available-typed-arrays-1.0.5.tgz#92f95616501069d07d10edb2fc37d3e1c65123b7" integrity sha512-DMD0KiN46eipeziST1LPP/STfDU0sufISXmjSgvVsoU2tqxctQeASejWcfNtxYKqETM1UxQ8sp2OrSBWpHY6sw== -aws-sdk@^2.650.0: - version "2.1214.0" - resolved "https://registry.yarnpkg.com/aws-sdk/-/aws-sdk-2.1214.0.tgz#6a57945b5bc9db79f8ee5ed99128a06110a88f83" - integrity sha512-50WxqYgEDB5UxwPJ0IDFWXe3ipAHhHmqfRnMNaQaZhb2aJpprbT7c0zic8AH9E1xJ9s+6QkhYrwQf/vXEHnLwg== +aws-sdk@^2.650.0, aws-sdk@^2.814.0: + version "2.1358.0" + resolved "https://registry.yarnpkg.com/aws-sdk/-/aws-sdk-2.1358.0.tgz#86996622bc6c6ca6aed460273a168d6aeea27086" + integrity sha512-ZolqFlnm0mDNgub7FGrVi7r5A1rw+58zZziKhlis3IxOtIpHdx4BQU5pH4htAMuD0Ct557p/dC/wmnZH/1Rc9Q== dependencies: buffer "4.9.2" events "1.1.1" @@ -4717,23 +4717,7 @@ aws-sdk@^2.650.0: url "0.10.3" util "^0.12.4" uuid "8.0.0" - xml2js "0.4.19" - -aws-sdk@^2.814.0: - version "2.1271.0" - resolved "https://registry.yarnpkg.com/aws-sdk/-/aws-sdk-2.1271.0.tgz#a060fe65ff33afddb7385913200df4a26717f691" - integrity sha512-hQF+mjwe2FXFKOMNQGlfqn9InIL1bRp650ftctRqDo+VpnrYnKqF9eZa5Hk2kugs3/WUa4J2aqQa+foGWeH+Fg== - dependencies: - buffer "4.9.2" - events "1.1.1" - ieee754 "1.1.13" - jmespath "0.16.0" - querystring "0.2.0" - sax "1.2.1" - url "0.10.3" - util "^0.12.4" - uuid "8.0.0" - xml2js "0.4.19" + xml2js "0.5.0" aws4@^1.11.0: version "1.11.0" @@ -18425,23 +18409,7 @@ xml-parse-from-string@^1.0.0: resolved "https://registry.yarnpkg.com/xml-parse-from-string/-/xml-parse-from-string-1.0.1.tgz#a9029e929d3dbcded169f3c6e28238d95a5d5a28" integrity sha1-qQKekp09vN7RafPG4oI42VpdWig= -xml2js@0.4.19: - version "0.4.19" - resolved "https://registry.yarnpkg.com/xml2js/-/xml2js-0.4.19.tgz#686c20f213209e94abf0d1bcf1efaa291c7827a7" - integrity sha512-esZnJZJOiJR9wWKMyuvSE1y6Dq5LCuJanqhxslH2bxM6duahNZ+HMpCLhBQGZkbX6xRf8x1Y2eJlgt2q3qo49Q== - dependencies: - sax ">=0.6.0" - xmlbuilder "~9.0.1" - -xml2js@^0.4.5: - version "0.4.23" - resolved "https://registry.yarnpkg.com/xml2js/-/xml2js-0.4.23.tgz#a0c69516752421eb2ac758ee4d4ccf58843eac66" - integrity sha512-ySPiMjM0+pLDftHgXY4By0uswI3SPKLDw/i3UXbnO8M/p28zqexCUoPmQFrYD+/1BzhGJSs2i1ERWKJAtiLrug== - dependencies: - sax ">=0.6.0" - xmlbuilder "~11.0.0" - -xml2js@^0.5.0: +xml2js@0.5.0, xml2js@^0.4.5, xml2js@^0.5.0: version "0.5.0" resolved "https://registry.yarnpkg.com/xml2js/-/xml2js-0.5.0.tgz#d9440631fbb2ed800203fad106f2724f62c493b7" integrity sha512-drPFnkQJik/O+uPKpqSgr22mpuFHqKdbS835iAQrUC73L2F5WkboIRd63ai/2Yg6I1jzifPFKH2NTK+cfglkIA== @@ -18459,11 +18427,6 @@ xmlbuilder@~11.0.0: resolved "https://registry.yarnpkg.com/xmlbuilder/-/xmlbuilder-11.0.1.tgz#be9bae1c8a046e76b31127726347d0ad7002beb3" integrity sha512-fDlsI/kFEx7gLvbecc0/ohLG50fugQp8ryHzMTuW9vSa1GJ0XYWKnhsUx7oie3G98+r56aTQIUB4kht42R3JvA== -xmlbuilder@~9.0.1: - version "9.0.7" - resolved "https://registry.yarnpkg.com/xmlbuilder/-/xmlbuilder-9.0.7.tgz#132ee63d2ec5565c557e20f4c22df9aca686b10d" - integrity sha512-7YXTQc3P2l9+0rjaUbLwMKRhtmwg1M1eDf6nag7urC7pIPYLD9W/jmzQ4ptRSUbodw5S0jfoGTflLemQibSpeQ== - xmlchars@^2.2.0: version "2.2.0" resolved "https://registry.yarnpkg.com/xmlchars/-/xmlchars-2.2.0.tgz#060fe1bcb7f9c76fe2a17db86a9bc3ab894210cb" From 86fb708f59778d1979ca06ea6f03b706bea9c7ec Mon Sep 17 00:00:00 2001 From: Aozixuan Priscilla Guan Date: Fri, 14 Apr 2023 15:23:27 -0500 Subject: [PATCH 14/14] Fix aws sdk version Signed-off-by: Aozixuan Priscilla Guan --- yarn.lock | 28 ++++++++++++++++++++++------ 1 file changed, 22 insertions(+), 6 deletions(-) diff --git a/yarn.lock b/yarn.lock index 18c70fc0352..455b3475298 100644 --- a/yarn.lock +++ b/yarn.lock @@ -4703,10 +4703,10 @@ available-typed-arrays@^1.0.5: resolved "https://registry.yarnpkg.com/available-typed-arrays/-/available-typed-arrays-1.0.5.tgz#92f95616501069d07d10edb2fc37d3e1c65123b7" integrity sha512-DMD0KiN46eipeziST1LPP/STfDU0sufISXmjSgvVsoU2tqxctQeASejWcfNtxYKqETM1UxQ8sp2OrSBWpHY6sw== -aws-sdk@^2.650.0, aws-sdk@^2.814.0: - version "2.1358.0" - resolved "https://registry.yarnpkg.com/aws-sdk/-/aws-sdk-2.1358.0.tgz#86996622bc6c6ca6aed460273a168d6aeea27086" - integrity sha512-ZolqFlnm0mDNgub7FGrVi7r5A1rw+58zZziKhlis3IxOtIpHdx4BQU5pH4htAMuD0Ct557p/dC/wmnZH/1Rc9Q== +aws-sdk@^2.650.0: + version "2.1214.0" + resolved "https://registry.yarnpkg.com/aws-sdk/-/aws-sdk-2.1214.0.tgz#6a57945b5bc9db79f8ee5ed99128a06110a88f83" + integrity sha512-50WxqYgEDB5UxwPJ0IDFWXe3ipAHhHmqfRnMNaQaZhb2aJpprbT7c0zic8AH9E1xJ9s+6QkhYrwQf/vXEHnLwg== dependencies: buffer "4.9.2" events "1.1.1" @@ -4717,7 +4717,23 @@ aws-sdk@^2.650.0, aws-sdk@^2.814.0: url "0.10.3" util "^0.12.4" uuid "8.0.0" - xml2js "0.5.0" + xml2js "0.4.19" + +aws-sdk@^2.814.0: + version "2.1271.0" + resolved "https://registry.yarnpkg.com/aws-sdk/-/aws-sdk-2.1271.0.tgz#a060fe65ff33afddb7385913200df4a26717f691" + integrity sha512-hQF+mjwe2FXFKOMNQGlfqn9InIL1bRp650ftctRqDo+VpnrYnKqF9eZa5Hk2kugs3/WUa4J2aqQa+foGWeH+Fg== + dependencies: + buffer "4.9.2" + events "1.1.1" + ieee754 "1.1.13" + jmespath "0.16.0" + querystring "0.2.0" + sax "1.2.1" + url "0.10.3" + util "^0.12.4" + uuid "8.0.0" + xml2js "0.4.19" aws4@^1.11.0: version "1.11.0" @@ -18409,7 +18425,7 @@ xml-parse-from-string@^1.0.0: resolved "https://registry.yarnpkg.com/xml-parse-from-string/-/xml-parse-from-string-1.0.1.tgz#a9029e929d3dbcded169f3c6e28238d95a5d5a28" integrity sha1-qQKekp09vN7RafPG4oI42VpdWig= -xml2js@0.5.0, xml2js@^0.4.5, xml2js@^0.5.0: +xml2js@0.4.19, xml2js@^0.4.5, xml2js@^0.5.0: version "0.5.0" resolved "https://registry.yarnpkg.com/xml2js/-/xml2js-0.5.0.tgz#d9440631fbb2ed800203fad106f2724f62c493b7" integrity sha512-drPFnkQJik/O+uPKpqSgr22mpuFHqKdbS835iAQrUC73L2F5WkboIRd63ai/2Yg6I1jzifPFKH2NTK+cfglkIA==