Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Update dependency @azure/identity to v4 [SECURITY] #63

Open
wants to merge 1 commit into
base: main
Choose a base branch
from
Open

Update dependency @azure/identity to v4 [SECURITY] #63

wants to merge 1 commit into from

Conversation

renovate[bot]
Copy link

@renovate renovate bot commented Aug 6, 2024
edited
Loading

This PR contains the following updates:

Package Change Age Adoption Passing Confidence
@azure/identity (source) 2.0.5 -> 4.2.1 age adoption passing confidence

GitHub Vulnerability Alerts

CVE-2024-35255

Azure Identity Libraries and Microsoft Authentication Library Elevation of Privilege Vulnerability.

Release Notes

Azure/azure-sdk-for-js (@​azure/identity)

v4.2.1

Compare Source

v4.2.0

Compare Source

4.2.0 (2021-06-15)

New Features
  • Added support for the 7.2 version of the Key Vault service API.
Bug Fixes
  • Fixed a bug with beginDeleteSecret and beginRecoverDeletedSecret in which unknown service errors wouldn't bubble up properly to the end users.
  • Fixed an issue where retrying a failed initial Key Vault request may result in an empty body.
  • Added a certificateKeyId?: string secret property to use instead of the deprecated keyId?: URL and removed "lib": ["dom"] from tsconfig.json
Changes since 4.2.0-beta.4:
  • Fixed a bug with beginDeleteSecret and beginRecoverDeletedSecret in which unknown service errors wouldn't bubble up properly to the end users.
  • Renamed the KeyVaultSecretId to KeyVaultSecretIdentifier, and exported a method to parse Key Vault Secret Ids: parseKeyVaultSecretIdentifier.

v4.1.0

Compare Source

4.1.0 (2024-08-07)

Features Added
  • Vector Search: This feature introduces vector indexes, vector embedding policy and vector queries to enable vector similarity search in JS SDK. docs
  • All versions and deletes mode in change feed: The All versions and deletes mode is added in change feed mode which captures every version and every change (create, update, and delete) made to items. docs
  • Bypassing integrated cache: The option to bypass integrated cache is now available in RequestOptions. docs
  • Computed Properties: Support for adding Computed Properties in items is added. docs
  • Composite Indexing: The JS SDK now supports including composite indexes in the indexing policy, improving query performance on multiple fields. docs
  • Correlated Activity Id: Correlated Activity Id is added in header of every query request on Items. This helps in troubleshooting by linking all requests for a query that involves multiple server interactions and partitions. Correlated Activity Id can be accessed through query response headers or response.correlatedActivityId.
  • Split proof Bulk API: Earlier, whenever Bulk API encountered a partition split during processing, it would return an error message. Now, JS SDK ensures that the Bulk API is resistant to partition split. #​18682
  • Improved samples: The samples have been updated in this release, now organized into two folders: v3 for features up to the v3 release, and v4 for features up to the v4 release.
  • Added support for MakeList and MakeSet query aggregators
Vector Search
  • The following sample shows how to create a container with vector embedding and indexing policies.
// define vector indexing policy
const vectorEmbeddingPolicy = {
  vectorEmbeddings: [
    {
      path: "/vector1",
      dataType: VectorEmbeddingDataType.UInt8,
      dimensions: 1000,
      distanceFunction: VectorEmbeddingDistanceFunction.Euclidean,
    },
    {
      path: "/vector2",
      dataType: VectorEmbeddingDataType.Int8,
      dimensions: 200,
      distanceFunction: VectorEmbeddingDistanceFunction.DotProduct,
    },
    {
      path: "/vector3",
      dataType: VectorEmbeddingDataType.UInt8,
      dimensions: 400,
      distanceFunction: VectorEmbeddingDistanceFunction.Cosine,
    },
  ],
};

// add vector indexes in Indexing Policy
const indexingPolicy = {
  automatic: true,
  indexingMode: "consistent",
  vectorIndexes: [
    { path: "/vector1", type: VectorIndexType.Flat },
    { path: "/vector2", type: VectorIndexType.QuantizedFlat },
    { path: "/vector3", type: VectorIndexType.DiskANN },
  ],
};

// define and create container with vector Embedding Policy
const containerDefinition = {
  id: containerId,
  partitionKey: { paths: ["/id"] },
  indexingPolicy: indexingPolicy,
  vectorEmbeddingPolicy: vectorEmbeddingPolicy,
};
await database.containers.createIfNotExists(containerDefinition);
  • Vector Search queries without TOP or LIMIT+OFFSET are blocked by default, with an option to disable this check using allowUnboundedNonStreamingQueries in query FeedOptions. Also added an internal buffer size check to prevent excessive memory consumption, throwing errors if the buffer size exceeds the default. The max buffer size can be increased using the vectorSearchBufferSize option from query FeedOptions.
Change Feed - All versions and deletes mode
  • The AllVersionsAndDeletes mode is only supported with ChangeFeedStartFrom.Now and ChangeFeedStartFrom.Continuation.
  • To read from the change feed in all versions and deletes mode, include changeFeedMode in changeFeedIteratorOptions:
    const changeFeedIteratorOptions: ChangeFeedIteratorOptions = {
      maxItemCount: 5,
      changeFeedStartFrom: ChangeFeedStartFrom.Now(),
      changeFeedMode: ChangeFeedMode.AllVersionsAndDeletes,
    };
    const iterator = container.items.getChangeFeedIterator(changeFeedIteratorOptions);
Bypassing Integrated Cache
  • Here is a sample showing how to enable bypassIntegratedCache in RequestOptions.
  const options: RequestOptions = {bypassIntegratedCache: true};
  const response = await container.item("1").read(options);
Computed Properties
  • The following snippet configures computed properties for a container:
    const computedProperties: ComputedProperty[] = [{
      name: "lowerLastName",
      query:
        "SELECT VALUE LOWER(IS_DEFINED(c.lastName) ? c.lastName : c.parents[0].familyName) FROM c",
    },];
    const { resource: containerdef } = await database.containers.createIfNotExists({
      id: containerName,
      computedProperties: computedProperties,
      indexingPolicy: indexingPolicy,
    });
    const container: Container = database.container(containerdef.id);
Composite Indexing
  • Here's a sample of adding composite indexes for a container:
    const containerDefinition: ContainerDefinition = {
      id: "containerWithCompositeIndexingPolicy",
      indexingPolicy: {
        automatic: true,
        indexingMode: IndexingMode.consistent,
        includedPaths: [
          {
            path: "/*",
          },
        ],
        excludedPaths: [],
        compositeIndexes: [
          [
            { path: "/key", order: "ascending" },
            { path: "/field", order: "ascending" },
          ],
        ],
      },
    };
    await database.containers.create(containerDefinition);
  • Added support for passing a custom HttpClient when constructing a CosmosClient.
Breaking Changes
Dropped Support for TypeScript 4.1
  • We have opted to discontinue support for TypeScript version 4.1. Consequently, the minimum supported TypeScript version has been elevated to 4.2. Kindly ensure that your environment is promptly updated to align with these changes.
Bugs Fixed
  • Fix Bulk operations(Read, Delete, and Patch) failing due to wrong format of partition key in non-partitioned container.

v4.0.1

Compare Source

v4.0.0

Compare Source

4.0.0 (2023-09-12)
Features Added
  • Added Changefeed support for partition keys, feed ranges, and entire container. #​18062
  • Added Diagnostics to all response objects, i.e. ResourceResponse (parent class for ItemRespone, ContainerResponse etc.), FeedResponse, ChangeFeedIteratorResponse,
    ErrorResponse, BulkOperationResponse. #​21177
  • Added support for hierarchical partitions. #​23416
  • Added support of index metrics. #​20194
  • Improved the retry utility to align with other language SDKs. Now, it automatically retries requests on the next available region when encountering HTTP 503 errors (Service Unavailable)
    and handles HTTP timeouts more effectively, enhancing the SDK's reliability. #​23475
  • Added priority based throttling. docs #​26393
Bugs Fixed
  • Updated response codes for the getDatabase() method. #​25932
  • Fix Upsert operation failing when partition key of container is /id and /id is missing in the document. #​21383
Breaking Changes
  • The definition of PartitionKey is changed, PartitionKeyDefinition is now a independent type. #​23416

v3.4.2

Compare Source

v3.4.1

Compare Source

v3.4.0

Compare Source

v3.3.2

Compare Source

v3.3.1

Compare Source

v3.3.0

Compare Source

v3.2.4

Compare Source

v3.2.3

Compare Source

v3.2.2

Compare Source

v3.2.1

Compare Source

v3.2.0

Compare Source

v3.1.4

Compare Source

v3.1.3

Compare Source

v3.1.2

Compare Source

v3.1.1

Compare Source

v3.1.0

Compare Source

3.1.0 (2023-10-18)

Features

  • Added Interface ManagedServiceIdentity
  • Added Interface UserAssignedIdentity
  • Added Type Alias ManagedServiceIdentityType
  • Interface ManagedHsmResource has a new optional parameter identity
  • Added Enum KnownManagedServiceIdentityType

v3.0.1

Compare Source

v3.0.0

Compare Source

3.0.0 (2021-06-09)

Breaking changes
  • Updates the rhea-promise and rhea dependencies to version 2.x. rhea contains a breaking change that changes deserialization of timestamps from numbers to Date objects.
  • Removes the AsyncLock and defaultLock exports. defaultCancellableLock should be used instead.

v2.1.0

Compare Source

2.1.0 (2021-02-08)

  • Fixes the bug reported in issue 13048.
    Now an informative error is thrown describing the circumstance that led to the error.
  • Adds the ability to configure the amqpHostname and port that a ConnectionContextBase will use when connecting to a service.
    The host field refers to the DNS host or IP address of the service, whereas the amqpHostname
    is the fully qualified host name of the service. Normally host and amqpHostname will be the same.
    However if your network does not allow connecting to the service via the public host,
    you can specify a custom host (e.g. an application gateway) via the host field and continue
    using the public host as the amqpHostname.

Configuration

📅 Schedule: Branch creation - "" in timezone Europe/Oslo, Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.

  • If you want to rebase/retry this PR, check this box

This PR was generated by Mend Renovate. View the repository job log.

@renovate renovate bot added the security label Aug 6, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
security
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
0 participants