dataall icon indicating copy to clipboard operation
dataall copied to clipboard

Published 20 hours ago verified publisher icon data-dot-all

Frontend checks failing due to outdated packages

Open anushka-singh opened this issue 8 months ago • 0 comments

Describe the bug

We have frontend checks failing internally due to outdated packages:

00:21:52 ║ ID      │ Module │ Title                                              │ Paths                                              │ Sev. │ URL                                               │ Ex. ║
00:21:52 ║ 1097615 │ ws     │ ws affected by a DoS when handling a request with  │ @aws-amplify/core>ws                               │ high │ https://github.com/advisories/GHSA-3h5v-q93c-6h6q │ n   ║
00:21:52 ║         │        │ many HTTP headers                                  │ @aws-sdk/middleware-retry>ws                       │      │                                                   │     ║
00:21:52 ║         │        │                                                    │ @react-native-community/cli-server-api>ws          │      │                                                   │     ║
00:21:52 ║         │        │                                                    │ @react-native/dev-middleware>ws                    │      │                                                   │     ║
00:21:52 ║         │        │                                                    │ webpack-dev-server>ws                              │      │                                                   │     ║
00:21:52 ║         │        │                                                    │ ...and 1 more                                      │      │                                                   │     ║
00:21:52 ║ 1097616 │ ws     │ ws affected by a DoS when handling a request with  │ @aws-amplify/core>ws                               │ high │ https://github.com/advisories/GHSA-3h5v-q93c-6h6q │ n   ║
00:21:52 ║         │        │ many HTTP headers                                  │ @aws-sdk/middleware-retry>ws                       │      │                                                   │     ║
00:21:52 ║         │        │                                                    │ @react-native-community/cli-server-api>ws          │      │                                                   │     ║
00:21:52 ║         │        │                                                    │ @react-native/dev-middleware>ws                    │      │                                                   │     ║
00:21:52 ║         │        │                                                    │ webpack-dev-server>ws                              │      │                                                   │     ║
00:21:52 ║         │        │                                                    │ ...and 1 more                                      │      │                                                   │     ║
00:21:52 ║ 1097617 │ ws     │ ws affected by a DoS when handling a request with  │ @aws-amplify/core>ws                               │ high │ https://github.com/advisories/GHSA-3h5v-q93c-6h6q │ n   ║
00:21:52 ║         │        │ many HTTP headers                                  │ @aws-sdk/middleware-retry>ws                       │      │                                                   │     ║
00:21:52 ║         │        │                                                    │ @react-native-community/cli-server-api>ws          │      │                                                   │     ║
00:21:52 ║         │        │                                                    │ @react-native/dev-middleware>ws                    │      │                                                   │     ║
00:21:52 ║         │        │                                                    │ webpack-dev-server>ws

https://github.com/advisories/GHSA-3h5v-q93c-6h6q was published 3 days ago, so my guess is we dont have a fix for these yet which is what is causing the frontend checks to fail.

How to Reproduce

*P.S. Please do not attach files as it's considered a security risk. Add code snippets directly in the message body as much as possible.*

Run frontend checks

Expected behavior

No response

Your project

No response

Screenshots

No response

OS

Mac

Python version

3.8

AWS data.all version

2.5

Additional context

No response

anushka-singh avatar Jun 19 '24 13:06 anushka-singh