From ead06f621e7fa91d9418b5481eda508f6e2c7cce Mon Sep 17 00:00:00 2001 From: jrgaray Date: Wed, 25 Sep 2024 13:27:26 -0400 Subject: [PATCH] Upgrade to v1.0.13 --- CHANGELOG.md | 4 ++++ source/package-lock.json | 4 ++-- source/package.json | 2 +- source/webui/package-lock.json | 13 +++++++------ source/webui/package.json | 5 +++-- 5 files changed, 17 insertions(+), 11 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index e905918..b815db4 100755 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -5,6 +5,10 @@ All notable changes to this project will be documented in this file. The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/), and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html). +## [1.0.13] - 2024-9 + +- Upgrade `rollup` to mitigate [CVE-2024-47068](https://nvd.nist.gov/vuln/detail/CVE-2024-47068) + ## [1.0.12] - 2024-9 - `path-to-regexp` to mitigate [CVE-2024-45296](https://avd.aquasec.com/nvd/cve-2024-45296) diff --git a/source/package-lock.json b/source/package-lock.json index 0be50fb..32c018e 100644 --- a/source/package-lock.json +++ b/source/package-lock.json @@ -1,12 +1,12 @@ { "name": "account-assessment-for-aws-organizations", - "version": "1.0.12", + "version": "1.0.13", "lockfileVersion": 3, "requires": true, "packages": { "": { "name": "account-assessment-for-aws-organizations", - "version": "1.0.12", + "version": "1.0.13", "license": "Apache-2.0", "dependencies": { "@aws-cdk/aws-servicecatalogappregistry-alpha": "^2.158.0-alpha.0", diff --git a/source/package.json b/source/package.json index c46395e..bfd4305 100755 --- a/source/package.json +++ b/source/package.json @@ -1,6 +1,6 @@ { "name": "account-assessment-for-aws-organizations", - "version": "1.0.12", + "version": "1.0.13", "description": "Account Assessment for AWS Organizations (SO0217)", "license": "Apache-2.0", "author": { diff --git a/source/webui/package-lock.json b/source/webui/package-lock.json index 41b19ad..a65f244 100644 --- a/source/webui/package-lock.json +++ b/source/webui/package-lock.json @@ -1,12 +1,12 @@ { "name": "account-assessment-for-aws-organizations-webui", - "version": "1.0.12", + "version": "1.0.13", "lockfileVersion": 3, "requires": true, "packages": { "": { "name": "account-assessment-for-aws-organizations-webui", - "version": "1.0.12", + "version": "1.0.13", "license": "Apache-2.0", "dependencies": { "@aws-amplify/api": "^5.4.12", @@ -24608,14 +24608,15 @@ } }, "node_modules/rollup": { - "version": "2.79.1", - "resolved": "https://registry.npmjs.org/rollup/-/rollup-2.79.1.tgz", - "integrity": "sha512-uKxbd0IhMZOhjAiD5oAFp7BqvkA4Dv47qpOCtaNvng4HBwdbWtdOh8f5nZNuk2rp51PMGk3bzfWu5oayNEuYnw==", + "version": "3.29.5", + "resolved": "https://registry.npmjs.org/rollup/-/rollup-3.29.5.tgz", + "integrity": "sha512-GVsDdsbJzzy4S/v3dqWPJ7EfvZJfCHiDqe80IyrF59LYuP+e6U1LJoUqeuqRbwAWoMNoXivMNeNAOf5E22VA1w==", "bin": { "rollup": "dist/bin/rollup" }, "engines": { - "node": ">=10.0.0" + "node": ">=14.18.0", + "npm": ">=8.0.0" }, "optionalDependencies": { "fsevents": "~2.3.2" diff --git a/source/webui/package.json b/source/webui/package.json index 487f491..e84f5d2 100644 --- a/source/webui/package.json +++ b/source/webui/package.json @@ -1,6 +1,6 @@ { "name": "account-assessment-for-aws-organizations-webui", - "version": "1.0.12", + "version": "1.0.13", "description": "Account Assessment for AWS Organizations (SO0217)", "license": "Apache-2.0", "author": { @@ -89,7 +89,8 @@ "path-to-regexp": ">=8.1.0" }, "path-to-regexp": ">=8.1.0", - "micromatch": ">=4.0.8" + "micromatch": ">=4.0.8", + "rollup": "3.29.5" }, "jest": { "testMatch": [