Skip to content

Commit 0bb7eac

Browse files
dinesh1patelJamesCollettCGIhmcts-jenkins-a-to-c[bot]hemantt
authored
CCD-7013 :: bumped qs to ^6.14.1 (#519)
* bumped qs to ^6.14.1 * updated yarn.lock via yarn install command * Update redis from 20.13.4 to 24.0.8 * Bumping chart version/ fixing aliases --------- Co-authored-by: JamesCollettCGI <james.collett@hmcts.net> Co-authored-by: hmcts-jenkins-a-to-c <62422075+hmcts-jenkins-a-to-c[bot]@users.noreply.github.com> Co-authored-by: Hemanth Potipati <hrpotipati@gmail.com>
1 parent 2f6629d commit 0bb7eac

5 files changed

Lines changed: 389 additions & 468 deletions

File tree

charts/ccd-case-activity-api/Chart.yaml

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -2,7 +2,7 @@ apiVersion: v2
22
description: Helm chart for the HMCTS CCD Case Activity
33
name: ccd-case-activity-api
44
home: https://github.com/hmcts/ccd-case-activity-api
5-
version: 1.3.14
5+
version: 1.3.15
66
maintainers:
77
- name: HMCTS CCD Dev Team
88
email: ccd-devops@HMCTS.NET
@@ -11,6 +11,6 @@ dependencies:
1111
version: 3.2.0
1212
repository: 'oci://hmctspublic.azurecr.io/helm'
1313
- name: redis
14-
version: 20.13.4
14+
version: 24.0.8
1515
repository: "oci://registry-1.docker.io/bitnamicharts"
1616
condition: redis.enabled

package-lock.json

Lines changed: 3 additions & 18 deletions
Some generated files are not rendered by default. Learn more about customizing how changed files appear on GitHub.

package.json

Lines changed: 4 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -79,6 +79,9 @@
7979
"sonar-scanner": "^3.1.0",
8080
"supertest": "^3.0.0"
8181
},
82+
"overrides": {
83+
"qs": "6.14.1"
84+
},
8285
"resolutions": {
8386
"async": "^2.6.4",
8487
"lodash": "^4.17.21",
@@ -98,7 +101,7 @@
98101
"minimatch": "^3.0.5",
99102
"cookiejar": "^2.1.4",
100103
"flat": "^5.0.1",
101-
"qs": "^6.11.0",
104+
"qs": "6.14.1",
102105
"semver": "7.7.2",
103106
"@grpc/grpc-js": "1.13.4",
104107
"cross-spawn": "^7.0.6"

yarn-audit-known-issues

Lines changed: 0 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -3,4 +3,3 @@
33
{"value":"lodash","children":{"ID":1112455,"Issue":"Lodash has Prototype Pollution Vulnerability in `_.unset` and `_.omit` functions","URL":"https://github.com/advisories/GHSA-xxjr-mmjv-4gpg","Severity":"moderate","Vulnerable Versions":">=4.0.0 <=4.17.22","Tree Versions":["4.17.21"],"Dependents":["@hmcts/properties-volume@npm:0.0.14"]}}
44
{"value":"lodash.clone","children":{"ID":"lodash.clone (deprecation)","Issue":"This package is deprecated. Use structuredClone instead.","Severity":"moderate","Vulnerable Versions":"4.5.0","Tree Versions":["4.5.0"],"Dependents":["ioredis@npm:3.2.2"]}}
55
{"value":"lodash.pick","children":{"ID":"lodash.pick (deprecation)","Issue":"This package is deprecated. Use destructuring assignment syntax instead.","Severity":"moderate","Vulnerable Versions":"3.1.0","Tree Versions":["3.1.0"],"Dependents":["ioredis@npm:3.2.2"]}}
6-
{"value":"qs","children":{"ID":1111755,"Issue":"qs's arrayLimit bypass in its bracket notation allows DoS via memory exhaustion","URL":"https://github.com/advisories/GHSA-6rw7-vpxm-498p","Severity":"high","Vulnerable Versions":"<6.14.1","Tree Versions":["6.14.0"],"Dependents":["body-parser@npm:1.20.3"]}}

0 commit comments

Comments
 (0)