Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Update crypto browserify to latest version #731

Merged

Conversation

ChristianMurphy
Copy link
Contributor

@ChristianMurphy ChristianMurphy commented Apr 25, 2018

Description of changes:

Updates crypto-browserify to version 3.
Resolves alert in snyk audit.

✗ High severity vulnerability found on crypto-browserify@1.0.9
- desc: Insecure Randomness
- info: https://snyk.io/vuln/npm:crypto-browserify:20140722
- from: aws-amplify@0.2.14 > amazon-cognito-identity-js@2.0.3 > crypto-browserify@1.0.9
No direct dependency upgrade can address this issue.

https://snyk.io/vuln/npm:crypto-browserify:20140722

By submitting this pull request, I confirm that my contribution is made under the terms of the Apache 2.0 license.

@codecov-io
Copy link

@codecov-io codecov-io commented Apr 25, 2018

Codecov Report

Merging #731 into master will not change coverage.
The diff coverage is n/a.

Impacted file tree graph

@@           Coverage Diff           @@
##           master     #731   +/-   ##
=======================================
  Coverage   86.65%   86.65%           
=======================================
  Files          74       74           
  Lines        3529     3529           
  Branches      671      671           
=======================================
  Hits         3058     3058           
  Misses        454      454           
  Partials       17       17

Continue to review full report at Codecov.

Legend - Click here to learn more
Δ = absolute <relative> (impact), ø = not affected, ? = missing data
Powered by Codecov. Last update 9c04a31...ba94b81. Read the comment docs.

@mlabieniec mlabieniec added the Auth label Apr 25, 2018
@mlabieniec mlabieniec added this to Backlog in amazon-cognito-identity-js via automation Apr 25, 2018
Copy link
Contributor

@richardzcode richardzcode left a comment

👍

@richardzcode richardzcode merged commit d5d27d6 into aws-amplify:master Apr 25, 2018
1 check passed
amazon-cognito-identity-js automation moved this from Backlog to Done Apr 25, 2018
@ChristianMurphy ChristianMurphy deleted the update-cypto-browser-version branch Apr 25, 2018
@github-actions
Copy link

@github-actions github-actions bot commented Jun 12, 2021

This pull request has been automatically locked since there hasn't been any recent activity after it was closed. Please open a new issue for related bugs.

Looking for a help forum? We recommend joining the Amplify Community Discord server *-help channels or Discussions for those types of questions.

@github-actions github-actions bot locked as resolved and limited conversation to collaborators Jun 12, 2021
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Labels
Auth
Projects
No open projects
Development

Successfully merging this pull request may close these issues.

None yet

4 participants