Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Update dependency serverless to v4 #20

Open
wants to merge 1 commit into
base: main
Choose a base branch
from

Update dependency serverless to v4

c61475f
Select commit
Loading
Failed to load commit list.
Open

Update dependency serverless to v4 #20

Update dependency serverless to v4
c61475f
Select commit
Loading
Failed to load commit list.
Mend for GitHub.com / Mend Security Check succeeded May 22, 2024 in 1h 9m 48s

Security Report

❗️Scan Warnings: The scan completed with warnings. The integration encountered issues with one or more projects in this repository. Consequently, there may be gaps in the coverage of open-source dependencies used in the repository.

Scan Details Report

general

https://amplearning.jfrog.io/artifactory/libs-release

Step Level Description Details
Checking registry connectivity ⚠Warn Unsupported configuration was provided Unsupported registry hostType gradle, skipped

https://amplearning.jfrog.io/artifactory/libs-snapshot

Step Level Description Details
Checking registry connectivity ⚠Warn Unsupported configuration was provided Unsupported registry hostType gradle, skipped

https://amplearning.jfrog.io/artifactory/plugins-release

Step Level Description Details
Checking registry connectivity ⚠Warn Unsupported configuration was provided Unsupported registry hostType gradle, skipped

https://amplearning.jfrog.io/artifactory/plugins-snapshot

Step Level Description Details
Checking registry connectivity ⚠Warn Unsupported configuration was provided Unsupported registry hostType gradle, skipped

https://amplearning.jfrog.io/artifactory/amplify-maven-internal

Step Level Description Details
Checking registry connectivity ⚠Warn Unsupported configuration was provided Unsupported registry hostType gradle, skipped

https://amplearning.jfrog.io/artifactory/amplify-maven-snapshots

Step Level Description Details
Checking registry connectivity ⚠Warn Unsupported configuration was provided Unsupported registry hostType gradle, skipped

✔️ 👍 You have successfully remediated 55 vulnerabilities in this branch:
CVE Vulnerable Library
CVE-2021-37712 tar-6.1.0.tgz
CVE-2022-25881 http-cache-semantics-4.1.0.tgz
CVE-2021-29060 color-string-1.5.4.tgz
CVE-2023-0842 xml2js-0.4.19.tgz
CVE-2022-24785 moment-2.29.1.tgz
CVE-2021-32804 tar-6.1.0.tgz
CVE-2022-33987 got-11.8.1.tgz
CVE-2020-28500 lodash-4.17.20.tgz
CVE-2021-3807 ansi-regex-4.1.0.tgz
CVE-2022-24066 simple-git-2.31.0.tgz
CVE-2021-3749 axios-0.21.1.tgz
CVE-2022-0355 simple-get-2.8.1.tgz
CVE-2022-25901 cookiejar-2.1.2.tgz
CVE-2022-38900 decode-uri-component-0.2.0.tgz
CVE-2022-25912 simple-git-2.31.0.tgz
CVE-2020-28502 xmlhttprequest-ssl-1.5.5.tgz
CVE-2022-25883 semver-7.3.4.tgz
CVE-2023-36665 protobufjs-6.10.2.tgz
CVE-2022-25883 semver-6.3.0.tgz
CVE-2023-26136 tough-cookie-2.5.0.tgz
CVE-2021-32803 tar-6.1.0.tgz
CVE-2021-32640 ws-6.2.1.tgz
CVE-2021-42581 ramda-0.25.0.tgz
CVE-2022-33987 got-9.6.0.tgz
CVE-2021-31597 xmlhttprequest-ssl-1.5.5.tgz
CVE-2022-2421 socket.io-parser-3.3.2.tgz
CVE-2022-0536 follow-redirects-1.13.2.tgz
CVE-2023-45857 axios-0.21.1.tgz
CVE-2021-3918 json-schema-0.2.3.tgz
CVE-2022-24999 qs-6.5.2.tgz
CVE-2021-3807 ansi-regex-3.0.0.tgz
CVE-2021-37701 tar-6.1.0.tgz
CVE-2024-4067 micromatch-4.0.2.tgz
CVE-2021-32640 ws-7.4.2.tgz
CVE-2023-26159 follow-redirects-1.13.2.tgz
CVE-2021-23337 lodash-4.17.20.tgz
CVE-2021-43138 async-2.6.3.tgz
CVE-2022-25881 http-cache-semantics-3.8.1.tgz
CVE-2022-25883 semver-5.7.1.tgz
CVE-2024-27088 es5-ext-0.10.53.tgz
CVE-2021-43138 async-3.2.0.tgz
CVE-2022-33987 got-8.3.2.tgz
CVE-2022-31129 moment-2.29.1.tgz
CVE-2021-33502 normalize-url-4.5.0.tgz
CVE-2022-25878 protobufjs-6.10.2.tgz
CVE-2021-37713 tar-6.1.0.tgz
CVE-2022-24433 simple-git-2.31.0.tgz
CVE-2024-28863 tar-6.1.0.tgz
CVE-2024-28849 follow-redirects-1.13.2.tgz
CVE-2021-42581 ramda-0.26.1.tgz
CVE-2022-0155 follow-redirects-1.13.2.tgz
WS-2021-0152 color-string-1.5.4.tgz
CVE-2022-0235 node-fetch-2.6.1.tgz
CVE-2023-28155 request-2.88.2.tgz
CVE-2020-12265 decompress-tar-4.1.1.tgz

Base branch total remaining vulnerabilities: 65
Base branch commit: cca6666a235fdd438ab8b8c6c6d32cfa2050e44a


Total libraries scanned: 323

Scan token: 7236d17b8f794eb684e9708c9305a363