[pull] master from aws:master#574
Open
pull[bot] wants to merge 68 commits into
Open
Conversation
Adding a CVE-2023-46809 option to integration-node to skip RSA_PKCS1_OAEP_PADDING test vectors. Adding a CI target to start node with --security-revert=CVE-2023-46809 and attempt RSA_PKCS1_OAEP_PADDING test vectors.
run `npm audit fix`
In the SDK credentials.expiration now needs to be a `Date` object. See: aws/aws-sdk-js-v3#5890
In the SDK credentials.expiration now needs to be a `Date` object. This also removes `@aws-sdk/karma-credential-loader` See: aws/aws-sdk-js-v3#5890
…1377) Bumps [express](https://github.com/expressjs/express) from 4.18.1 to 4.19.2. - [Release notes](https://github.com/expressjs/express/releases) - [Changelog](https://github.com/expressjs/express/blob/master/History.md) - [Commits](expressjs/express@4.18.1...4.19.2) --- updated-dependencies: - dependency-name: express dependency-type: direct:production ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Rishav karanjit <karanjitrishav4@gmail.com>
) Bumps [fast-xml-parser](https://github.com/NaturalIntelligence/fast-xml-parser) to 4.4.1 and updates ancestor dependency [@aws-sdk/credential-provider-node](https://github.com/aws/aws-sdk-js-v3/tree/HEAD/packages/credential-provider-node). These dependencies need to be updated together. Updates `fast-xml-parser` from 4.2.5 to 4.4.1 - [Release notes](https://github.com/NaturalIntelligence/fast-xml-parser/releases) - [Changelog](https://github.com/NaturalIntelligence/fast-xml-parser/blob/master/CHANGELOG.md) - [Commits](NaturalIntelligence/fast-xml-parser@v4.2.5...v4.4.1) Updates `@aws-sdk/credential-provider-node` from 3.614.0 to 3.637.0 - [Release notes](https://github.com/aws/aws-sdk-js-v3/releases) - [Changelog](https://github.com/aws/aws-sdk-js-v3/blob/main/packages/credential-provider-node/CHANGELOG.md) - [Commits](https://github.com/aws/aws-sdk-js-v3/commits/v3.637.0/packages/credential-provider-node) --- updated-dependencies: - dependency-name: fast-xml-parser dependency-type: indirect - dependency-name: "@aws-sdk/credential-provider-node" dependency-type: direct:production ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Bumps [axios](https://github.com/axios/axios) from 1.7.2 to 1.7.5. - [Release notes](https://github.com/axios/axios/releases) - [Changelog](https://github.com/axios/axios/blob/v1.x/CHANGELOG.md) - [Commits](axios/axios@v1.7.2...v1.7.5) --- updated-dependencies: - dependency-name: axios dependency-type: indirect ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Rishav karanjit <karanjitrishav4@gmail.com>
Bumps and [cross-spawn](https://github.com/moxystudio/node-cross-spawn). These dependencies needed to be updated together. Updates `cross-spawn` from 7.0.3 to 7.0.6 - [Changelog](https://github.com/moxystudio/node-cross-spawn/blob/master/CHANGELOG.md) - [Commits](moxystudio/node-cross-spawn@v7.0.3...v7.0.6) Updates `cross-spawn` from 6.0.5 to 7.0.6 - [Changelog](https://github.com/moxystudio/node-cross-spawn/blob/master/CHANGELOG.md) - [Commits](moxystudio/node-cross-spawn@v7.0.3...v7.0.6) --- updated-dependencies: - dependency-name: cross-spawn dependency-type: indirect - dependency-name: cross-spawn dependency-type: indirect ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Adding the Hierarchical Keyring to the ESDK-JS. This adds the Key Store and support for using Branch Keys. The Key Store is read only, and the Cryptographic Materials Provider Library in Java, Python, or C# is required to create branch keys at this time.
For a given encrypt manifest, integration-node now takes `—-decryptManifest` | `-d` This will create a zipped decrypt manifest that can be consumed by decrypt.
`npm audit fix --force`
BREAKING CHANGE: - no longer tests against nor supports NodeJS 16
Co-authored-by: Shubham Chaturvedi <scchatur@amazon.com>
* Allow GHA to git push * fix(CI): Empty commit --------- Co-authored-by: Shubham Chaturvedi <scchatur@amazon.com>
* Allow GHA to git push * fix(CI): Empty commit * fix(ci): release bot credentials --------- Co-authored-by: Shubham Chaturvedi <scchatur@amazon.com>
* Allow GHA to git push * fix(CI): Empty commit * fix(ci): release bot credentials * fix(ci): git auth --------- Co-authored-by: Shubham Chaturvedi <scchatur@amazon.com>
* Allow GHA to git push * fix(CI): Empty commit * fix(ci): release bot credentials * fix(ci): git auth * fix(ci-debug): log auth username --------- Co-authored-by: Shubham Chaturvedi <scchatur@amazon.com>
* Allow GHA to git push * fix(CI): Empty commit * fix(ci): release bot credentials * fix(ci): git auth * fix(ci-debug): log auth username * fix(ci): git release auth --------- Co-authored-by: Shubham Chaturvedi <scchatur@amazon.com>
* Allow GHA to git push * fix(CI): Empty commit * fix(ci): release bot credentials * fix(ci): git auth * fix(ci-debug): log auth username * fix(ci): git release auth * fix(ci): force pull in publish step --------- Co-authored-by: Shubham Chaturvedi <scchatur@amazon.com>
* Allow GHA to git push * fix(CI): Empty commit * fix(ci): release bot credentials * fix(ci): git auth * fix(ci-debug): log auth username * fix(ci): git release auth * fix(ci): force pull in publish step * fix(ci): npm token for publish --------- Co-authored-by: Shubham Chaturvedi <scchatur@amazon.com>
* Allow GHA to git push * fix(CI): Empty commit * fix(ci): release bot credentials * fix(ci): git auth * fix(ci-debug): log auth username * fix(ci): git release auth * fix(ci): force pull in publish step * fix(ci): npm token for publish * fix(ci): npm otp fix for publish --------- Co-authored-by: Shubham Chaturvedi <scchatur@amazon.com>
… before creating the branch key material node object (#1650)
BREAKING CHANGE: The AWS Encryption SDK for JavaScript no longer supports Internet Explorer 11 (IE11). The msCrypto shim and related IE11 detection code have been removed from the web-crypto-backend module. Co-authored-by: Lucas McDonald <lucmcdon@amazon.com>
* feat: Adds VersionKey API to version the branch key (#1642) * feat: Adds VersionKey API to version the branch key * fix: removes console log which caused the lint failures --------- Co-authored-by: Bikram Sharma <shbikram@amazon.com> * feat: Adds CreateKey API to create a branch key * test: update test cases to ensure EC is preserved when creating and versioning a branch key * test: Adds comment about EC prefix behavior difference between dafny and JavaScript implementation * test: Updates the test to ensure EC we get in branch key doesn't contain internal prefix
This reverts commit 16d2573.
This reverts commit ea1a944.
This reverts commit 8292ddb.
Add branch matrix strategy to daily CI workflow so it runs against both master and v4.x branches. This ensures the v4.x maintenance branch is tested daily to catch dependency rot and regressions. - Add branch input to shared-ci.yml and ci.yml reusable workflows - Use ref parameter in checkout step to support branch selection - Add [master, v4.x] matrix to daily_ci.yml
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
9 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
See Commits and Changes for more details.
Created by
pull[bot]
Can you help keep this open source service alive? 💖 Please sponsor : )