ZeusCloud icon indicating copy to clipboard operation
ZeusCloud copied to clipboard

Published 20 hours ago verified publisher icon Zeus-Labs

[Snyk] Upgrade @aws-sdk/client-secrets-manager from 3.329.0 to 3.359.0

Open vishjain opened this issue 1 year ago • 1 comments

This PR was automatically created by Snyk using the credentials of a real user.


Snyk has created this PR to upgrade @aws-sdk/client-secrets-manager from 3.329.0 to 3.359.0.

As this is a private repository, Snyk-bot does not have access. Therefore, this PR has been created automatically, but appears to have been created by a real user. :sparkles: Snyk has automatically assigned this pull request, set who gets assigned.

:information_source: Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.

  • The recommended version is 19 versions ahead of your current version.
  • The recommended version was released 23 days ago, on 2023-06-23.

The recommended version fixes:

Severity Issue PriorityScore (*) Exploit Maturity
Regular Expression Denial of Service (ReDoS)
SNYK-JS-FASTXMLPARSER-5668858		 589/1000
Why? Has a fix available, CVSS 7.5		 No Known Exploit

(*) Note that the real score may have changed since the PR was raised.

Release notes
Package name: @aws-sdk/client-secrets-manager
  • 3.359.0 - 2023-06-23

    3.359.0(2023-06-23)

    Chores
    Documentation Changes
    • client-verifiedpermissions: Added improved descriptions and new code samples to SDK documentation. (2eb1c550)
    • client-fsx: Update to Amazon FSx documentation. (daf0eeaa)
    • client-rds: Documentation improvements for create, describe, and modify DB clusters and DB instances. (8e56fb35)
    New Features
    • client-devops-guru: This release adds support for encryption via customer managed keys. (89734786)
  • 3.358.0 - 2023-06-22

    3.358.0(2023-06-22)

    New Features
    • client-chime-sdk-identity: AppInstanceBots can be configured to be invoked or not using the Target or the CHIME.mentions attribute for ChannelMessages (b77d9856)
    • client-sfn: Adds support for Versions and Aliases. Adds 8 operations: PublishStateMachineVersion, DeleteStateMachineVersion, ListStateMachineVersions, CreateStateMachineAlias, DescribeStateMachineAlias, UpdateStateMachineAlias, DeleteStateMachineAlias, ListStateMachineAliases (71c4f39e)
    • client-kendra: Introducing Amazon Kendra Retrieve API that can be used to retrieve relevant passages or text excerpts given an input query. (151720c0)
    • client-chime-sdk-messaging: ChannelMessages can be made visible to sender and intended recipient rather than all channel members with the target attribute. For example, a user can send messages to a bot and receive messages back in a group channel without other members seeing them. (a9169d35)
    Tests
    • util-stream: switch lambda test from e2e to integration (#4864) (7c50810c)
  • 3.357.0 - 2023-06-21

    3.357.0(2023-06-21)

    Documentation Changes
    • client-dynamodb: Documentation updates for DynamoDB (5463a95a)
    New Features
    • client-mq: The Cross Region Disaster Recovery feature allows to replicate a brokers state from one region to another in order to provide customers with multi-region resiliency in the event of a regional outage. (983be322)
    • client-sagemaker: This release provides support in SageMaker for output files in training jobs to be uploaded without compression and enable customer to deploy uncompressed model from S3 to real-time inference Endpoints. In addition, ml.trn1n.32xlarge is added to supported instance type list in training job. (f0ede901)
    • client-mediaconvert: This release introduces the bandwidth reduction filter for the HEVC encoder, increases the limits of outputs per job, and updates support for the Nagra SDK to version 1.14.7. (dd88e3f4)
    • client-inspector2: This release adds support for Software Bill of Materials (SBOM) export and the general availability of code scanning for AWS Lambda functions. (d57a444d)
    • client-transfer: This release adds a new parameter StructuredLogDestinations to CreateServer, UpdateServer APIs. (8f0033bb)
    • client-emr: This release introduces a new Amazon EMR EPI called ListSupportedInstanceTypes that returns a list of all instance types supported by a given EMR release. (9875d036)
    • clients: automatic blob type conversions (#4836) (60ec921c)
    Tests
    • stub credentialDefaultProvider in test-http-handler (#4781) (20391b1c)
    • util-stream: skip test for CI (22bb15d0)
  • 3.354.0 - 2023-06-16

    3.354.0(2023-06-16)

    Chores
    Documentation Changes
    • client-iam: Documentation updates for AWS Identity and Access Management (IAM). (8d894a17)
    New Features
    • client-s3: This release adds SDK support for request-payer request header and request-charged response header in the "GetBucketAccelerateConfiguration", "ListMultipartUploads", "ListObjects", "ListObjectsV2" and "ListObjectVersions" S3 APIs. (20bc94f4)
    • client-application-discovery-service: Add Amazon EC2 instance recommendations export (9df6e881)
    • client-account: Improve pagination support for ListRegions (2d430633)
    • client-connect: Updates the *InstanceStorageConfig APIs to support a new ResourceType: SCREEN_RECORDINGS to enable screen recording and specify the storage configurations for publishing the recordings. Also updates DescribeInstance and ListInstances APIs to include InstanceAccessUrl attribute in the API response. (fa804c54)
  • 3.353.0 - 2023-06-15

    3.353.0(2023-06-15)

    Chores
    Documentation Changes
    • client-guardduty: Updated descriptions for some APIs. (3d115304)
    • client-efs: Documentation updates for EFS. (13d4dc2f)
    New Features
    • clients: update client endpoints as of 2023-06-15 (f6dd6a74)
    • client-auditmanager: This release introduces 2 Audit Manager features: CSV exports and new manual evidence options. You can now export your evidence finder results in CSV format. In addition, you can now add manual evidence to a control by entering free-form text or uploading a file from your browser. (2c787644)
    • client-location: Amazon Location Service adds categories to places, including filtering on those categories in searches. Also, you can now add metadata properties to your geofences. (a7c47aba)
    Bug Fixes
    • property-provider: avoid generating default rejected promise when chaining (#4843) (ecc9b5fd)
    • util-dynamodb: reorder marshall function overload signatures (#4829) (cb4a0e30)
    Tests
    • credential-provider-imds:
    • client-cognito-identity: increase process kill timeout to 5000ms (#4839) (77364162)

    For list of updated packages, view updated-packages.md in assets-3.353.0.zip

  • 3.352.0 - 2023-06-13

    3.352.0(2023-06-13)

    Chores
    • util-endpoints: update aws partitions.json (b63f8cdf)
    • endpoints: update endpoints model (fa3610b2)
    • models: update API models (a872f8d4)
    Documentation Changes
    • client-imagebuilder: Change the Image Builder ImagePipeline dateNextRun field to more accurately describe the data. (7500e951)
    New Features
    • clients: update command documentation examples as of 2023-06-13 (34ef2172)
    • client-ec2: This release introduces a new feature, EC2 Instance Connect Endpoint, that enables you to connect to a resource over TCP, without requiring the resource to have a public IPv4 address. (c1ce7e11)
    • client-verifiedpermissions: GA release of Amazon Verified Permissions. (84f48c11)
    • client-s3: Integrate double encryption feature to SDKs. (55c2691c)
    • client-securityhub: Add support for Security Hub Automation Rules (b511d0ca)
    • client-simspaceweaver: This release fixes using aws-us-gov ARNs in API calls and adds documentation for snapshot APIs. (bf99f161)
    • client-wafv2: You can now detect and block fraudulent account creation attempts with the new AWS WAF Fraud Control account creation fraud prevention (ACFP) managed rule group AWSManagedRulesACFPRuleSet. (4439cfd9)
    • client-codeguru-security: Initial release of Amazon CodeGuru Security APIs (9d51aa17)
    • client-lightsail: This release adds pagination for the Get Certificates API operation. (5b996710)
    • client-cloudtrail: This feature allows users to view dashboards for CloudTrail Lake event data stores. (bd2234a2)
    • client-drs: Added APIs to support network replication and recovery using AWS Elastic Disaster Recovery. (8102bf6e)
    • client-wellarchitected: AWS Well-Architected now supports Profiles that help customers prioritize which questions to focus on first by providing a list of prioritized questions that are better aligned with their business goals and outcomes. (775a51a8)
    Tests
    • client-s3: increase process kill timeout to 5000ms (#4830) (c5943ade)

    For list of updated packages, view updated-packages.md in assets-3.352.0.zip

  • 3.350.0 - 2023-06-09
  • 3.348.0 - 2023-06-07
  • 3.347.1 - 2023-06-07
  • 3.347.0 - 2023-06-06
  • 3.345.0 - 2023-06-02
  • 3.344.0 - 2023-06-01
  • 3.342.0 - 2023-05-30
  • 3.341.0 - 2023-05-26
  • 3.338.0 - 2023-05-23
  • 3.337.0 - 2023-05-22
  • 3.335.0 - 2023-05-18
  • 3.334.0 - 2023-05-16
  • 3.332.0 - 2023-05-11
  • 3.329.0 - 2023-05-08
from @aws-sdk/client-secrets-manager GitHub release notes

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.

For more information:

🧐 View latest project report

👩‍💻 Set who automatically gets assigned

🛠 Adjust upgrade PR settings

🔕 Ignore this dependency or unsubscribe from future upgrade PRs

vishjain avatar Jul 17 '23 03:07 vishjain

Updated dependencies detected. Learn more about Socket for GitHub ↗︎

Packages Version New capabilities Transitives Size Publisher
@aws-sdk/client-secrets-manager 3.329.0...3.359.0 None +24/-22 2.49 MB aws-sdk-bot

socket-security[bot] avatar Jul 17 '23 03:07 socket-security[bot]