Fix babel package vulnerability #3622
Merged
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
etcart
approved these changes
Apr 5, 2024
paulpilone
pushed a commit
that referenced
this pull request
May 29, 2024
* Fix babel package vulnerability * update package * update .babelrc * update .eslintrc.js * fix error:ES Modules may not assign module.exports or exports.*
4 tasks
paulpilone
added a commit
that referenced
this pull request
May 31, 2024
* Update ECS Cluster EBS Volume Default Encryption Settings (CUMULUS-3547/NDCUM-1184) (#3580) * Updated Encrypted=true for EBS volume(s) associated with instances in the ECS cluster * Updated the ChangeLog based on CUMULUS-3547 changes --------- Co-authored-by: GitHub Actions <[email protected]> Co-authored-by: Tim Clark <[email protected]> Co-authored-by: Jonathan Kovarik <[email protected]> * Jk/bugfix/cumulus 3587 pull in express boom (#3583) * Initial commit - update deps, bring in expressboom * Refactor to more modern JS standards * Add api/lib expressBoom * Fix lint error * Update CHANGELOG * Revert CVE whitelist * Remove express-boom/revert inadvertant merge issue * Proposed CI changes * re-add audit whitelist as sub-dependencies will fail until next release * Merge pull request #3582 from nasa/pp/CUMULUS-3527-sync-granule-sftp-failure (#3652) [CUMULUS-3527] Adds support for additional kex algorithms to sftp-client Co-authored-by: Paul Pilone <[email protected]> * CUMULUS-3673: Fixes Granules API URI encoding by escaping path components. (#3629) * URI encodes granule API path components. * Updates CL for CUMULUS-3673 * Fixes JSDoc linter warnings * Removes JSDoc types from granules API handler * Updates CnmWorkflowFromSqsSpec to not encode collection ID * WIP: Updating specs to not encode collection ID * WIP: Updates specs to not encode collection ID * WIP: Fixes linter errors in spec files * Removes unnecessary JSDoc blocks * WIP: Removes last bits of int test encoding collection IDs * Fix babel package vulnerability (#3622) * Fix babel package vulnerability * update package * update .babelrc * update .eslintrc.js * fix error:ES Modules may not assign module.exports or exports.* * Updates supertest to fix critical vulnerability * Removes libxmljs due to unuse and audit failures * Adds hoek to audit allow list --------- Co-authored-by: Tim Clark <[email protected]> Co-authored-by: GitHub Actions <[email protected]> Co-authored-by: Tim Clark <[email protected]> Co-authored-by: Jonathan Kovarik <[email protected]> Co-authored-by: jennyhliu <[email protected]>
paulpilone
added a commit
that referenced
this pull request
May 31, 2024
* Update ECS Cluster EBS Volume Default Encryption Settings (CUMULUS-3547/NDCUM-1184) (#3580) * Updated Encrypted=true for EBS volume(s) associated with instances in the ECS cluster * Updated the ChangeLog based on CUMULUS-3547 changes --------- Co-authored-by: GitHub Actions <[email protected]> Co-authored-by: Tim Clark <[email protected]> Co-authored-by: Jonathan Kovarik <[email protected]> * Jk/bugfix/cumulus 3587 pull in express boom (#3583) * Initial commit - update deps, bring in expressboom * Refactor to more modern JS standards * Add api/lib expressBoom * Fix lint error * Update CHANGELOG * Revert CVE whitelist * Remove express-boom/revert inadvertant merge issue * Proposed CI changes * re-add audit whitelist as sub-dependencies will fail until next release * Merge pull request #3582 from nasa/pp/CUMULUS-3527-sync-granule-sftp-failure (#3652) [CUMULUS-3527] Adds support for additional kex algorithms to sftp-client Co-authored-by: Paul Pilone <[email protected]> * CUMULUS-3673: Fixes Granules API URI encoding by escaping path components. (#3629) * URI encodes granule API path components. * Updates CL for CUMULUS-3673 * Fixes JSDoc linter warnings * Removes JSDoc types from granules API handler * Updates CnmWorkflowFromSqsSpec to not encode collection ID * WIP: Updating specs to not encode collection ID * WIP: Updates specs to not encode collection ID * WIP: Fixes linter errors in spec files * Removes unnecessary JSDoc blocks * WIP: Removes last bits of int test encoding collection IDs * Fix babel package vulnerability (#3622) * Fix babel package vulnerability * update package * update .babelrc * update .eslintrc.js * fix error:ES Modules may not assign module.exports or exports.* * Updates supertest to fix critical vulnerability * CUMULUS-3951 - Deploy all SNS topics with encrypted storage (#3646) * Update SNS topics to be encrypted in terraform * Update example package to encrypt test topics * Update api package test fixtures to match deployed code/encryption options * Update CHANGELOG * Refactor SNS creation into aws-client helper method * Update CHANGELOG * Fix: add missing `await` * Removes libxmljs due to unuse and audit failures * Adds hoek to audit allow list * Removes linter errors from original cherry-pick --------- Co-authored-by: Tim Clark <[email protected]> Co-authored-by: GitHub Actions <[email protected]> Co-authored-by: Tim Clark <[email protected]> Co-authored-by: Jonathan Kovarik <[email protected]> Co-authored-by: jennyhliu <[email protected]>
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Summary: Summary of changes
Addresses CUMULUS-XX: Develop amazing new feature
Changes
PR Checklist