Skip to content

chore(deps): bump proxy-agent to 5.0.0#16469

Merged
mergify[bot] merged 3 commits intomasterfrom
huijbers/bump-resolver
Sep 13, 2021
Merged

chore(deps): bump proxy-agent to 5.0.0#16469
mergify[bot] merged 3 commits intomasterfrom
huijbers/bump-resolver

Conversation

@rix0rrr
Copy link
Copy Markdown
Contributor

@rix0rrr rix0rrr commented Sep 13, 2021

Addresses another vulnerability in pac-resolver.

By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license

@rix0rrr
chore(deps): bump proxy-agent to 5.0.0
9dc0a32 
Addresses another vulnerability in `pac-resolver`.
@rix0rrr rix0rrr requested a review from a team September 13, 2021 08:24
@rix0rrr rix0rrr self-assigned this Sep 13, 2021
@gitpod-io
Copy link
Copy Markdown

gitpod-io bot commented Sep 13, 2021

@mergify mergify bot added the contribution/core This is a PR that came from AWS. label Sep 13, 2021
@mergify
Copy link
Copy Markdown
Contributor

mergify bot commented Sep 13, 2021

Thank you for contributing! Your pull request will be updated from master and then merged automatically (do not update manually, and be sure to allow changes to be pushed to your fork).

@mergify
Copy link
Copy Markdown
Contributor

mergify bot commented Sep 13, 2021

Thank you for contributing! Your pull request will be updated from master and then merged automatically (do not update manually, and be sure to allow changes to be pushed to your fork).

@mergify mergify bot merged commit 1df0e1b into master Sep 13, 2021
@mergify mergify bot deleted the huijbers/bump-resolver branch September 13, 2021 11:05
@mergify
Copy link
Copy Markdown
Contributor

mergify bot commented Sep 13, 2021

Thank you for contributing! Your pull request will be updated from master and then merged automatically (do not update manually, and be sure to allow changes to be pushed to your fork).

@aws-cdk-automation
Copy link
Copy Markdown
Collaborator

aws-cdk-automation commented Sep 13, 2021

AWS CodeBuild CI Report

  • CodeBuild project: AutoBuildProject89A8053A-LhjRyN9kxr8o
  • Commit ID: 7ad195d
  • Result: SUCCEEDED
  • Build Logs (available for 30 days)

Powered by github-codebuild-logs, available on the AWS Serverless Application Repository

@wiget wiget mentioned this pull request Sep 14, 2021
Closed
@dal13002 dal13002 mentioned this pull request Sep 16, 2021
Closed
@peterwoodworth peterwoodworth mentioned this pull request Sep 20, 2021
Closed
@mikkotikkanen
Copy link
Copy Markdown

mikkotikkanen commented Sep 21, 2021
edited
Loading

Howcome this is not released as part of the v1.123.0 (released 4 days ago) as it still has the ^4.0.1 of proxy-agent (which was fixed and merged in this PR 8 days ago)?

image

Which obviously leads to npm audit failing as the pac-resolver vulnerability is still there (which is fixed in proxy-agent v5+)

@mikkotikkanen
Copy link
Copy Markdown

mikkotikkanen commented Sep 22, 2021
edited
Loading

Looks like this is now included in the latest release 1.124.0 👍

image

@mlafeldt
Copy link
Copy Markdown

mlafeldt commented Sep 22, 2021

Looks like this is now included in the latest release 1.124.0 👍

Awesome! Didn't make it into the changelog though.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

1 more reviewer

@nija-at nija-at nija-at approved these changes

Reviewers whose approvals may not affect merge requirements

Assignees

@rix0rrr rix0rrr

Labels

contribution/core This is a PR that came from AWS.

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

5 participants

@rix0rrr @aws-cdk-automation @mikkotikkanen @mlafeldt @nija-at