Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[Snyk] Upgrade aws4 from 1.6.0 to 1.11.0 #1

Open
wants to merge 1 commit into
base: master
Choose a base branch
from
Open

[Snyk] Upgrade aws4 from 1.6.0 to 1.11.0 #1

wants to merge 1 commit into from

Conversation

snyk-bot
Copy link

Snyk has created this PR to upgrade aws4 from 1.6.0 to 1.11.0.

merge advice
ℹ️ Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.

  • The recommended version is 7 versions ahead of your current version.
  • The recommended version was released a year ago, on 2020-10-31.
Release notes
Package name: aws4
  • 1.11.0 - 2020-10-31

    Addresses #119 by ignoring certain unsignable headers when calculating signature.

    This shouldn't break any existing clients talking to AWS services, as these services shouldn't need these headers signed.

  • 1.10.1 - 2020-08-12

    Fixes a regression introduced in 2bae4be incorrectly decoding S3 paths with a %2B in them

  • 1.10.0 - 2020-05-22
    • Add parsing for newer-style S3 hosts (<bucket>.s3.amazonaws.com/<key> and <bucket>.s3.<region>.amazonaws.com/<key>), which fixes the parsing aspect of #107
    • If S3 host not specified, create it as s3.<region>.amazonaws.com instead of the now deprecated s3-<region>.amazonaws.com
  • 1.9.1 - 2020-01-13

    1.9.1

  • 1.9.0 - 2019-11-26

    1.9.0

  • 1.8.0 - 2018-08-06

    1.8.0

  • 1.7.0 - 2018-04-07

    1.7.0

  • 1.6.0 - 2017-02-07

    1.6.0

from aws4 GitHub release notes
Commit messages
Package name: aws4
  • 771266f 1.11.0
  • 1c5a4b6 Ignore certain headers when signing
  • cfbf3e3 1.10.1
  • 6b5da6f Make sure we don't escape %2B for S3
  • d34f46a Use https instead of http as name in README
  • 7be5f7a Bumps deps in browser example
  • 349de39 Create FUNDING.yml
  • 29b4fbf Document signQuery in README
  • 5b354d6 Remove package-lock
  • 12a19a1 Downgrade mocha/should again to support older node versions
  • 09c55bf 1.10.0
  • 90675ba Cleanup README and examples
  • ec6bb36 Add support for parsing newer style S3 hostnames
  • 44bb963 Just use https now, no need for an example with http
  • c45e001 1.9.1
  • 28cc97f Sort query keys before joining with "="
  • 28a518a 1.9.0
  • 4633f64 Add integration tests for testing live AWS
  • 2bae4be Don't encode URLs as agressively
  • dc04a3b Fix permissions for aws-sig-v4-test-suite
  • e205243 Add note about aws4fetch to README
  • 1f45008 1.8.0
  • 1de8c5b Merge pull request #74 from DanielHeckrath/patch-1
  • 97bf56c fix: only match zero or one occurrence of .cn suffix

Compare

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.

For more information:

🧐 View latest project report

🛠 Adjust upgrade PR settings

🔕 Ignore this dependency or unsubscribe from future upgrade PRs

@snyk-bot snyk-bot mentioned this pull request Oct 11, 2021
Open
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
1 participant
@snyk-bot