Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

[Snyk] Upgrade node-lambda from 0.8.15 to 0.22.0 #7

Open
wants to merge 1 commit into
base: dev
Choose a base branch
from

Conversation

snyk-bot
Copy link

Snyk has created this PR to upgrade node-lambda from 0.8.15 to 0.22.0.

merge advice
ℹ️ Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.


  • The recommended version is 21 versions ahead of your current version.
  • The recommended version was released 22 days ago, on 2022-02-17.

The recommended version fixes:

Severity Issue PriorityScore (*) Exploit Maturity
Denial of Service (DoS)
SNYK-JS-JSZIP-1251497
372/1000
Why? Proof of Concept exploit, CVSS 5.3
Proof of Concept

(*) Note that the real score may have changed since the PR was raised.

Release notes
Package name: node-lambda
  • 0.22.0 - 2022-02-17

    [0.22.0] - 2022-02-17

    Features

    • Support for Architectures parameter #591

    Bugfixes

    • fix: skip installing the package, when there is no package.json #589
  • 0.21.0 - 2021-11-12

    [0.21.0] - 2021-11-10

    Features

    • feat: support for yarn #581
  • 0.20.0 - 2021-09-30

    [0.20.0] - 2021-09-25

    Features

    • updated proxy-agent to 5.0.0 #574
    • show suggestions after an error for an unknown command or option #572
    • feat: drop nodejs10x from lambda runtime #571

    Bugfixes

    • fix(_uploadExisting): fix function update errors #575
    • test: fix npm install test failing in some cases #569
    • Clean the tmp dir during _archivePrebuilt to match _buildAndArchive behavior #518
  • 0.19.1 - 2021-04-24

    [0.19.1] - 2021-04-24

    Bugfixes

    • Fix errors caused by old proxy-agent #564
  • 0.19.0 - 2021-03-30
  • 0.18.0 - 2021-02-20

    [0.18.0] - 2021-02-19

    Features

    • feat: support nodejs14.x runtime #553
    • Upgrade Mocha to fix high sev vulnerability. #551
    • docs: add a note to the README about deploying container image #549
    • Support npm7 #550
    • feat: support for 'ImageUri' parameter #548
    • upgrade 'commander' to 7 #547
    • ci: add 'fail-fast: false' setting #546
    • use starsWith instead of indexOf #545
    • Upgrade 'standard' #543
    • Update S3_LOCATION_POSSIBLE_VALUES #542
    • Bump bl from 4.0.2 to 4.0.3 #541
    • Add description of vpc options #540
    • Upgrade packages #538
    • Bump lodash from 4.17.15 to 4.17.19 #536
    • Add build badge in README #534
  • 0.17.0 - 2020-06-13

    [0.17.0] - 2020-05-14

    Features

    • Implement a simple API Gateway event #530
      • [README] Add the 'apiGateway' option to the run command #532
    • Add Node.js 14 to CI settings #524
    • Drop old Node support #523
    • Bump acorn from 7.0.0 to 7.1.1 #522
    • Add Silent or quiet mode when deploying #520
      • [README update] Add silent option to deploy command #521
    • Update README (remove --endpoint of run subcommand, add --endpoint of deploy subcommand) #514

    Bugfixes

    • Upgrade "aws-xray-sdk-core" #529
    • Fix Lambda update failure #526
  • 0.16.0 - 2020-02-12

    [0.15.0] - 2019-12-11

    Features:

    • adds tagging on new and updated functions #508
    • Add nodejs12.x to runtime #510
    • Don't audit packages when installing #505
    • Use ci instead of install when installing packages #502
    • Add reference to TypeScript example/template #497
    • Drop nodejs6.10 #495
    • Warn on providing unknown commands #494
    • Fix tests
      • Fix GitHub Actions workflow #506
      • Fix npm ci test. #509
      • Remove appveyor.yml #504
      • Modify unit tests #501
      • Fix GitHub Actions workflow #500
      • Add GitHub Actions workflow #499

    [0.16.0] - 2020-02-12

    Features:

    • Remove osx from travis #513
    • Drop nodejs8.10 from runtime #516
  • 0.14.0 - 2019-05-27

    [0.14.0] - 2019-05-25

    Features

    • Support Node.js 10.x #487
    • Add Node.js 12 to CI setting #486
    • Add file to configure aws authentication settings #482
    • Add layers option to readme #481
    • Add option to specify Lambda Layers #480
    • Upgrade packages #479
    • Add dockerVolumes option in package in order to mount additional volumes #473
    • Add keepNodeModules option in package #472

    Bugfixes

    • Remove 'packageDirectory' option from 'deploy' #484
    • Update s3deploy bucket handling #475
    • Fix Docker volume mount from OSX - #461 #471
  • 0.13.0 - 2018-11-15

    [0.13.0] - 2018-11-15

    Features

    • Drop nodejs4.3 #469
    • Update maximum timeout value from 300 to 900 #465
    • Modify to follow the rules of the new 'standard' #463
    • Add 'osx' to CI os #464
    • Update CI test to LTS version #462
    • Upgrade archiver #460

    Bugfixes

    • Fix value of StartingPosition #467
  • 0.12.0 - 2018-08-16

    [0.12.0] - 2018-08-10

    Features

    • Implemente to specify bucket name of S3 #458
    • Implement deployment using S3 (Create a bucket for each region.) #455
    • Add class for uploading deploy package to S3 #454
    • Fix to throw an error except ResourceNotFoundException #452
    • Feature upload to s3 and deploy from bucket #446
    • npm update #445
    • Upgrade dependent packages #441
    • Add simple test of _deployToRegion() and deploy() #439
    • Remove unnecessary package load in test/main.js #438
    • Add cache of node modules to CI setting #436
    • Modify require to { } statement #435
    • Fix to use includes instead of indexOf #433
    • Remove test code for Node.js4 #432
    • Upgrade fs-extra #431
    • Stop supporting Node.js 4 #430
    • Fix using klaw instead of fs.walk #424
    • Add Node.js10 to CI setting #428

    Bugfixes

    • Fix StatementId #451
    • Bugfix of initialValue of recude in s3events #447
    • Added handling to catch and log error return from async lambda #443
    • Log result of an async handler method by resolving promise if a promise #440
    • Fix to display return value of handler #427
    • Fix to set array when same bucket #423
  • 0.11.7 - 2018-04-12
  • 0.11.6 - 2018-01-07
  • 0.11.5 - 2017-12-11
  • 0.11.4 - 2017-09-22
  • 0.11.3 - 2017-07-07
  • 0.11.2 - 2017-07-05
  • 0.11.1 - 2017-07-04
  • 0.11.0 - 2017-06-16
  • 0.10.0 - 2017-05-10
  • 0.9.0 - 2017-04-13
  • 0.8.15 - 2017-03-28
from node-lambda GitHub release notes
Commit messages
Package name: node-lambda
  • 10f1e21 bump to 0.22.0 (#600)
  • ae78fb1 Upgrade packages (#599)
  • cdd1413 chore(deps): bump vm2 from 3.9.5 to 3.9.7 (#598)
  • 8c75e09 docs(readme): add architecture options (#596)
  • d476d6c Follow best practice and require process rather than use global (#595)
  • 9138e72 Improve CI settings (#594)
  • bcb7bf7 Bump vm2 from 3.9.3 to 3.9.5 (#593)
  • 156ad85 Support for Architectures parameter (#591)
  • 86443db test: fix error with npm8 (#592)
  • 3d442b3 fix: skip installing the package, when there is no `package.json` (#589)
  • 911cb6d docs(readme): add a note about deploying using s3 (#588)
  • 435c6bd bump to 0.21.0 (#586)
  • 0f70793 ci: add 17.x to node-version (#584)
  • 7c2b65b docs(readme): update help content of command (#585)
  • 599bd76 Update README.md (#582)
  • 7399619 chore: change description of "packageManager" command option (#583)
  • 8358673 feat: support for yarn (#581)
  • 02df10f feat(lib/main): separate `_npmInstall` method into `_getNpmInstallCommand` and `_packageInstall` (#580)
  • 3478b87 ci: update node-version (#578)
  • 84f831b bump to 0.20.0 (#576)
  • 87580cb fix(_uploadExisting): fix function update errors (#575)
  • 8175737 updated proxy-agent to 5.0.0 (#574)
  • abd3db5 show suggestions after an error for an unknown command or option (#572)
  • 5513e64 feat: drop nodejs10x from lambda runtime (#571)

Compare


Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.

For more information:

🧐 View latest project report

🛠 Adjust upgrade PR settings

🔕 Ignore this dependency or unsubscribe from future upgrade PRs

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

1 participant