generic-webhook-to-eventbridge

generic-webhook-to-eventbridge copied to clipboard

Bumps [terser](https://github.com/terser/terser) from 4.4.2 to 4.8.1. Changelog Sourced from terser's changelog. v4.8.1 (backport) Security fix for RegExps that should not be evaluated (regexp DDOS) v4.8.0 Support for numeric separators (million...

dependabot[bot]

Bumps [async](https://github.com/caolan/async) from 2.6.3 to 2.6.4. Changelog Sourced from async's changelog. v2.6.4 Fix potential prototype pollution exploit (#1828) Commits c6bdaca Version 2.6.4 8870da9 Update built files 4df6754 update changelog 8f7f903...

dependabot[bot]

Bumps [ajv](https://github.com/ajv-validator/ajv) from 6.10.2 to 6.12.6. Release notes Sourced from ajv's releases. v6.12.6 Fix performance issue of "url" format. v6.12.5 Fix uri scheme validation (@​ChALkeR). Fix boolean schemas with strictKeywords...

dependabot[bot]

Improved security for webhooks

6

I love this project, it's a nice demonstration of what you can do with SAR. I'm curious if you have any ideas on how security could be improved for these...

mwarkentin

Bumps [aws-sdk](https://github.com/aws/aws-sdk-js) from 2.619.0 to 2.1030.0. Release notes Sourced from aws-sdk's releases. Release v2.1030.0 See changelog for more information. Release v2.1029.0 See changelog for more information. Release v2.1028.0 See changelog...

dependabot[bot]

Bumps [tmpl](https://github.com/daaku/nodejs-tmpl) from 1.0.4 to 1.0.5. Commits See full diff in compare view [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter...

dependabot[bot]

Bumps [tar](https://github.com/npm/node-tar) from 4.4.13 to 4.4.19. Commits 9a6faa0 4.4.19 70ef812 drop dirCache for symlink on all platforms 3e35515 4.4.18 52b09e3 fix: prevent path escape using drive-relative paths bb93ba2 fix: reserve...

dependabot[bot]

Bumps [path-parse](https://github.com/jbgutierrez/path-parse) from 1.0.6 to 1.0.7. Commits See full diff in compare view [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter...

dependabot[bot]

Bumps [hosted-git-info](https://github.com/npm/hosted-git-info) from 2.8.5 to 2.8.9. Changelog Sourced from hosted-git-info's changelog. 2.8.9 (2021-04-07) Bug Fixes backport regex fix from #76 (29adfe5), closes #84 2.8.8 (2020-02-29) Bug Fixes #61 & #65...

dependabot[bot]

Bumps [lodash](https://github.com/lodash/lodash) from 4.17.15 to 4.17.21. Commits f299b52 Bump to v4.17.21 c4847eb Improve performance of toNumber, trim and trimEnd on large input strings 3469357 Prevent command injection through _.template's variable...

dependabot[bot]