diff --git a/CHANGELOG.md b/CHANGELOG.md index 82194805..326af7ce 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -5,6 +5,12 @@ All notable changes to this project will be documented in this file. The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/), and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html). +## [1.1.6] - 2024-06-24 + +### Fixed + +- Upgrade ws to resolve CVE + ## [1.1.5] - 2024-06-17 ### Fixed diff --git a/makefiles/common_config.mk b/makefiles/common_config.mk index 318acfcc..85d645cb 100644 --- a/makefiles/common_config.mk +++ b/makefiles/common_config.mk @@ -15,7 +15,7 @@ export AWS_REGION ?= ${DEFAULTS.AWS_REGION} # ======================================================== export SOLUTION_NAME ?= connected-mobility-solution-on-aws export SOLUTION_DESCRIPTION ?= Accelerate development and deployment of connected vehicle assets with purpose-built, deployment-ready accelerators, and an Automotive Cloud Developer Portal -export SOLUTION_VERSION ?= v1.1.5 +export SOLUTION_VERSION ?= v1.1.6 export SOLUTION_AUTHOR = AWS Industrial Solutions Team export SOLUTION_ID = SO0241 # Path is relative to this file's location, moving this file requires updating this path. diff --git a/source/lib/setup.py b/source/lib/setup.py index bb0dcf36..f8a2f965 100644 --- a/source/lib/setup.py +++ b/source/lib/setup.py @@ -49,7 +49,7 @@ def finalize_options(self) -> None: "toml>=0.10.2", ], name="cms_common", - version="1.1.5", + version="1.1.6", description="Common library used in CMS modules", packages=find_packages( exclude=[ diff --git a/source/modules/acdp/backstage/cdk/Makefile b/source/modules/acdp/backstage/cdk/Makefile index e1d02862..dc04d664 100644 --- a/source/modules/acdp/backstage/cdk/Makefile +++ b/source/modules/acdp/backstage/cdk/Makefile @@ -17,7 +17,7 @@ export AWS_REGION ?= ${DEFAULTS.AWS_REGION} # ======================================================== export SOLUTION_NAME ?= connected-mobility-solution-on-aws export SOLUTION_DESCRIPTION ?= Accelerate development and deployment of connected vehicle assets with purpose-built, deployment-ready accelerators, and an Automotive Cloud Developer Portal -export SOLUTION_VERSION ?= v1.1.5 +export SOLUTION_VERSION ?= v1.1.6 export SOLUTION_AUTHOR = AWS Industrial Solutions Team export SOLUTION_ID = SO0241 export APPLICATION_TYPE = AWS-Solutions diff --git a/source/modules/acdp/backstage/package.json b/source/modules/acdp/backstage/package.json index 865f3ad1..3c5fec48 100644 --- a/source/modules/acdp/backstage/package.json +++ b/source/modules/acdp/backstage/package.json @@ -1,6 +1,6 @@ { "name": "acdp-backstage", - "version": "1.1.5", + "version": "1.1.6", "private": true, "license": "Apache-2.0", "description": "Backstage implementation preconfigured to work with CMS", @@ -46,7 +46,8 @@ "@types/react-dom": "^18", "mysql2": "^3.9.8", "formidable": "^3.2.4", - "braces": "^3.0.3" + "braces": "^3.0.3", + "ws": "^8.17.1" }, "lint-staged": { "*.{js,jsx,ts,tsx,mjs,cjs}": [ diff --git a/source/modules/acdp/backstage/packages/app/package.json b/source/modules/acdp/backstage/packages/app/package.json index 4e7d0d8a..7cdee21b 100644 --- a/source/modules/acdp/backstage/packages/app/package.json +++ b/source/modules/acdp/backstage/packages/app/package.json @@ -1,6 +1,6 @@ { "name": "app", - "version": "1.1.5", + "version": "1.1.6", "private": true, "bundled": true, "license": "Apache-2.0", diff --git a/source/modules/acdp/backstage/packages/backend/package.json b/source/modules/acdp/backstage/packages/backend/package.json index 4da97802..701b7aa4 100644 --- a/source/modules/acdp/backstage/packages/backend/package.json +++ b/source/modules/acdp/backstage/packages/backend/package.json @@ -1,6 +1,6 @@ { "name": "backend", - "version": "1.1.5", + "version": "1.1.6", "main": "dist/index.cjs.js", "types": "src/index.ts", "private": true, diff --git a/source/modules/acdp/backstage/plugins/acdp-backend/package.json b/source/modules/acdp/backstage/plugins/acdp-backend/package.json index 758659eb..825bb9d7 100644 --- a/source/modules/acdp/backstage/plugins/acdp-backend/package.json +++ b/source/modules/acdp/backstage/plugins/acdp-backend/package.json @@ -1,7 +1,7 @@ { "name": "backstage-plugin-acdp-backend", "description": "ACDP Backend plugin for Backstage", - "version": "1.1.5", + "version": "1.1.6", "main": "src/index.ts", "types": "src/index.ts", "license": "Apache-2.0", diff --git a/source/modules/acdp/backstage/plugins/acdp-common/package.json b/source/modules/acdp/backstage/plugins/acdp-common/package.json index 132d9894..5b6399d9 100644 --- a/source/modules/acdp/backstage/plugins/acdp-common/package.json +++ b/source/modules/acdp/backstage/plugins/acdp-common/package.json @@ -1,7 +1,7 @@ { "name": "backstage-plugin-acdp-common", "description": "Common interfaces for ACDP plugins", - "version": "1.1.5", + "version": "1.1.6", "main": "src/index.ts", "types": "src/index.ts", "license": "Apache-2.0", diff --git a/source/modules/acdp/backstage/plugins/acdp/package.json b/source/modules/acdp/backstage/plugins/acdp/package.json index 20bb3650..17a87e0e 100644 --- a/source/modules/acdp/backstage/plugins/acdp/package.json +++ b/source/modules/acdp/backstage/plugins/acdp/package.json @@ -1,7 +1,7 @@ { "name": "backstage-plugin-acdp", "description": "ACDP plugin for Backstage", - "version": "1.1.5", + "version": "1.1.6", "main": "src/index.ts", "types": "src/index.ts", "license": "Apache-2.0", diff --git a/source/modules/acdp/backstage/yarn.lock b/source/modules/acdp/backstage/yarn.lock index 7f37e651..e8c37a76 100644 --- a/source/modules/acdp/backstage/yarn.lock +++ b/source/modules/acdp/backstage/yarn.lock @@ -11211,7 +11211,7 @@ anymatch@^3.0.3, anymatch@~3.1.2: picomatch "^2.0.4" "app@file:packages/app": - version "1.1.4" + version "1.1.5" dependencies: "@backstage/app-defaults" "^1.5.0" "@backstage/catalog-model" "^1.4.4" @@ -24595,7 +24595,16 @@ string-length@^4.0.1: char-regex "^1.0.2" strip-ansi "^6.0.0" -"string-width-cjs@npm:string-width@^4.2.0", "string-width@^1.0.2 || 2 || 3 || 4", string-width@^4.1.0, string-width@^4.2.0, string-width@^4.2.3: +"string-width-cjs@npm:string-width@^4.2.0": + version "4.2.3" + resolved "https://registry.npmjs.org/string-width/-/string-width-4.2.3.tgz#269c7117d27b05ad2e536830a8ec895ef9c6d010" + integrity sha512-wKyQRQpjJ0sIp62ErSZdGsjMJWsap5oRNihHhu6G7JVO/9jIB6UyevL+tXuOqrng8j/cxKTWyWUwvSTriiZz/g== + dependencies: + emoji-regex "^8.0.0" + is-fullwidth-code-point "^3.0.0" + strip-ansi "^6.0.1" + +"string-width@^1.0.2 || 2 || 3 || 4", string-width@^4.1.0, string-width@^4.2.0, string-width@^4.2.3: version "4.2.3" resolved "https://registry.npmjs.org/string-width/-/string-width-4.2.3.tgz#269c7117d27b05ad2e536830a8ec895ef9c6d010" integrity sha512-wKyQRQpjJ0sIp62ErSZdGsjMJWsap5oRNihHhu6G7JVO/9jIB6UyevL+tXuOqrng8j/cxKTWyWUwvSTriiZz/g== @@ -24673,7 +24682,7 @@ string_decoder@~1.1.1: dependencies: safe-buffer "~5.1.0" -"strip-ansi-cjs@npm:strip-ansi@^6.0.1", strip-ansi@6.0, strip-ansi@^6.0.0, strip-ansi@^6.0.1: +"strip-ansi-cjs@npm:strip-ansi@^6.0.1": version "6.0.1" resolved "https://registry.npmjs.org/strip-ansi/-/strip-ansi-6.0.1.tgz#9e26c63d30f53443e9489495b2105d37b67a85d9" integrity sha512-Y38VPSHcqkFrCpFnQ9vuSXmquuv5oXOKpGeT6aGrr3o3Gc9AlVa6JBfUSOCnbxGGZF+/0ooI7KrPuUSztUdU5A== @@ -24687,6 +24696,13 @@ strip-ansi@5.2.0: dependencies: ansi-regex "^4.1.0" +strip-ansi@6.0, strip-ansi@^6.0.0, strip-ansi@^6.0.1: + version "6.0.1" + resolved "https://registry.npmjs.org/strip-ansi/-/strip-ansi-6.0.1.tgz#9e26c63d30f53443e9489495b2105d37b67a85d9" + integrity sha512-Y38VPSHcqkFrCpFnQ9vuSXmquuv5oXOKpGeT6aGrr3o3Gc9AlVa6JBfUSOCnbxGGZF+/0ooI7KrPuUSztUdU5A== + dependencies: + ansi-regex "^5.0.1" + strip-ansi@^7.0.1: version "7.1.0" resolved "https://registry.npmjs.org/strip-ansi/-/strip-ansi-7.1.0.tgz#d5b6568ca689d8561370b0707685d22434faff45" @@ -26652,7 +26668,7 @@ wordwrap@^1.0.0: resolved "https://registry.npmjs.org/wordwrap/-/wordwrap-1.0.0.tgz#27584810891456a4171c8d0226441ade90cbcaeb" integrity sha512-gvVzJFlPycKc5dZN4yPkP8w7Dc37BtP1yczEneOb4uq34pXZcvrtRTmWV8W+Ume+XCxKgbjM+nevkyFPMybd4Q== -"wrap-ansi-cjs@npm:wrap-ansi@^7.0.0", wrap-ansi@^7.0.0: +"wrap-ansi-cjs@npm:wrap-ansi@^7.0.0": version "7.0.0" resolved "https://registry.npmjs.org/wrap-ansi/-/wrap-ansi-7.0.0.tgz#67e145cff510a6a6984bdf1152911d69d2eb9e43" integrity sha512-YVGIj2kamLSTxw6NsZjoBxfSwsn0ycdesmc4p+Q21c5zPuZ1pl+NfxVdxPtdHvmNVOQ6XSYG4AUtyt/Fi7D16Q== @@ -26670,6 +26686,15 @@ wrap-ansi@^6.0.1, wrap-ansi@^6.2.0: string-width "^4.1.0" strip-ansi "^6.0.0" +wrap-ansi@^7.0.0: + version "7.0.0" + resolved "https://registry.npmjs.org/wrap-ansi/-/wrap-ansi-7.0.0.tgz#67e145cff510a6a6984bdf1152911d69d2eb9e43" + integrity sha512-YVGIj2kamLSTxw6NsZjoBxfSwsn0ycdesmc4p+Q21c5zPuZ1pl+NfxVdxPtdHvmNVOQ6XSYG4AUtyt/Fi7D16Q== + dependencies: + ansi-styles "^4.0.0" + string-width "^4.1.0" + strip-ansi "^6.0.0" + wrap-ansi@^8.1.0: version "8.1.0" resolved "https://registry.npmjs.org/wrap-ansi/-/wrap-ansi-8.1.0.tgz#56dc22368ee570face1b49819975d9b9a5ead214" @@ -26730,15 +26755,10 @@ write-pkg@4.0.0: type-fest "^0.4.1" write-json-file "^3.2.0" -ws@^7.4.6: - version "7.5.9" - resolved "https://registry.npmjs.org/ws/-/ws-7.5.9.tgz#54fa7db29f4c7cec68b1ddd3a89de099942bb591" - integrity sha512-F+P9Jil7UiSKSkppIiD94dN07AwvFixvLIj1Og1Rl9GGMuNipJnV9JzjD6XuqmAeiswGvUmNLjr5cFuXwNS77Q== - -ws@^8.11.0, ws@^8.12.0, ws@^8.13.0, ws@^8.15.0, ws@^8.16.0: - version "8.16.0" - resolved "https://registry.npmjs.org/ws/-/ws-8.16.0.tgz#d1cd774f36fbc07165066a60e40323eab6446fd4" - integrity sha512-HS0c//TP7Ina87TfiPUz1rQzMhHrl/SG2guqRcTOIUYD2q8uhUdNHZYJUaQ8aTGPzCh+c6oawMKW35nFl1dxyQ== +ws@^7.4.6, ws@^8.11.0, ws@^8.12.0, ws@^8.13.0, ws@^8.15.0, ws@^8.16.0, ws@^8.17.1: + version "8.17.1" + resolved "https://registry.yarnpkg.com/ws/-/ws-8.17.1.tgz#9293da530bb548febc95371d90f9c878727d919b" + integrity sha512-6XQFvXTkbfUOZOKKILFG1PDK2NDQs4azKQl26T0YS5CxqWLgXajbPZ+h4gZekJyRqFU8pvnbAbbs/3TgRPy+GQ== xcase@^2.0.1: version "2.0.1" diff --git a/source/modules/cms_vehicle_simulator/source/console/package-lock.json b/source/modules/cms_vehicle_simulator/source/console/package-lock.json index d839fcc7..331149ff 100644 --- a/source/modules/cms_vehicle_simulator/source/console/package-lock.json +++ b/source/modules/cms_vehicle_simulator/source/console/package-lock.json @@ -10983,27 +10983,6 @@ "node": ">=8" } }, - "node_modules/@react-native-community/cli-server-api/node_modules/ws": { - "version": "7.5.9", - "resolved": "https://registry.npmjs.org/ws/-/ws-7.5.9.tgz", - "integrity": "sha512-F+P9Jil7UiSKSkppIiD94dN07AwvFixvLIj1Og1Rl9GGMuNipJnV9JzjD6XuqmAeiswGvUmNLjr5cFuXwNS77Q==", - "peer": true, - "engines": { - "node": ">=8.3.0" - }, - "peerDependencies": { - "bufferutil": "^4.0.1", - "utf-8-validate": "^5.0.2" - }, - "peerDependenciesMeta": { - "bufferutil": { - "optional": true - }, - "utf-8-validate": { - "optional": true - } - } - }, "node_modules/@react-native-community/cli-tools": { "version": "12.3.6", "resolved": "https://registry.npmjs.org/@react-native-community/cli-tools/-/cli-tools-12.3.6.tgz", @@ -14060,12 +14039,6 @@ "resolved": "https://registry.npmjs.org/async/-/async-3.2.5.tgz", "integrity": "sha512-baNZyqaaLhyLVKm/DlvdW051MSgO6b8eVfIezl9E5PqWxFgzLm/wQntEW4zOytVburDEr0JlALEpdOFwvErLsg==" }, - "node_modules/async-limiter": { - "version": "1.0.1", - "resolved": "https://registry.npmjs.org/async-limiter/-/async-limiter-1.0.1.tgz", - "integrity": "sha512-csOlWGAcRFJaI6m+F2WKdnMKr4HhdhFVBk0H/QbJFMCr+uO2kwohwXQPxw/9OCxp05r5ghVBFSyioixx3gfkNQ==", - "peer": true - }, "node_modules/asynckit": { "version": "0.4.0", "resolved": "https://registry.npmjs.org/asynckit/-/asynckit-0.4.0.tgz", @@ -24076,26 +24049,6 @@ "node": ">=10" } }, - "node_modules/jsdom/node_modules/ws": { - "version": "7.5.9", - "resolved": "https://registry.npmjs.org/ws/-/ws-7.5.9.tgz", - "integrity": "sha512-F+P9Jil7UiSKSkppIiD94dN07AwvFixvLIj1Og1Rl9GGMuNipJnV9JzjD6XuqmAeiswGvUmNLjr5cFuXwNS77Q==", - "engines": { - "node": ">=8.3.0" - }, - "peerDependencies": { - "bufferutil": "^4.0.1", - "utf-8-validate": "^5.0.2" - }, - "peerDependenciesMeta": { - "bufferutil": { - "optional": true - }, - "utf-8-validate": { - "optional": true - } - } - }, "node_modules/jsesc": { "version": "2.5.2", "resolved": "https://registry.npmjs.org/jsesc/-/jsesc-2.5.2.tgz", @@ -25244,27 +25197,6 @@ "url": "https://github.com/chalk/wrap-ansi?sponsor=1" } }, - "node_modules/metro/node_modules/ws": { - "version": "7.5.9", - "resolved": "https://registry.npmjs.org/ws/-/ws-7.5.9.tgz", - "integrity": "sha512-F+P9Jil7UiSKSkppIiD94dN07AwvFixvLIj1Og1Rl9GGMuNipJnV9JzjD6XuqmAeiswGvUmNLjr5cFuXwNS77Q==", - "peer": true, - "engines": { - "node": ">=8.3.0" - }, - "peerDependencies": { - "bufferutil": "^4.0.1", - "utf-8-validate": "^5.0.2" - }, - "peerDependenciesMeta": { - "bufferutil": { - "optional": true - }, - "utf-8-validate": { - "optional": true - } - } - }, "node_modules/metro/node_modules/y18n": { "version": "5.0.8", "resolved": "https://registry.npmjs.org/y18n/-/y18n-5.0.8.tgz", @@ -28350,27 +28282,6 @@ "ws": "^7" } }, - "node_modules/react-devtools-core/node_modules/ws": { - "version": "7.5.9", - "resolved": "https://registry.npmjs.org/ws/-/ws-7.5.9.tgz", - "integrity": "sha512-F+P9Jil7UiSKSkppIiD94dN07AwvFixvLIj1Og1Rl9GGMuNipJnV9JzjD6XuqmAeiswGvUmNLjr5cFuXwNS77Q==", - "peer": true, - "engines": { - "node": ">=8.3.0" - }, - "peerDependencies": { - "bufferutil": "^4.0.1", - "utf-8-validate": "^5.0.2" - }, - "peerDependenciesMeta": { - "bufferutil": { - "optional": true - }, - "utf-8-validate": { - "optional": true - } - } - }, "node_modules/react-dom": { "version": "18.2.0", "resolved": "https://registry.npmjs.org/react-dom/-/react-dom-18.2.0.tgz", @@ -33450,26 +33361,6 @@ "url": "https://opencollective.com/webpack" } }, - "node_modules/webpack-dev-server/node_modules/ws": { - "version": "8.16.0", - "resolved": "https://registry.npmjs.org/ws/-/ws-8.16.0.tgz", - "integrity": "sha512-HS0c//TP7Ina87TfiPUz1rQzMhHrl/SG2guqRcTOIUYD2q8uhUdNHZYJUaQ8aTGPzCh+c6oawMKW35nFl1dxyQ==", - "engines": { - "node": ">=10.0.0" - }, - "peerDependencies": { - "bufferutil": "^4.0.1", - "utf-8-validate": ">=5.0.2" - }, - "peerDependenciesMeta": { - "bufferutil": { - "optional": true - }, - "utf-8-validate": { - "optional": true - } - } - }, "node_modules/webpack-manifest-plugin": { "version": "4.1.1", "resolved": "https://registry.npmjs.org/webpack-manifest-plugin/-/webpack-manifest-plugin-4.1.1.tgz", @@ -34204,12 +34095,23 @@ } }, "node_modules/ws": { - "version": "6.2.2", - "resolved": "https://registry.npmjs.org/ws/-/ws-6.2.2.tgz", - "integrity": "sha512-zmhltoSR8u1cnDsD43TX59mzoMZsLKqUweyYBAIvTngR3shc0W6aOZylZmq/7hqyVxPdi+5Ud2QInblgyE72fw==", - "peer": true, - "dependencies": { - "async-limiter": "~1.0.0" + "version": "8.17.1", + "resolved": "https://registry.npmjs.org/ws/-/ws-8.17.1.tgz", + "integrity": "sha512-6XQFvXTkbfUOZOKKILFG1PDK2NDQs4azKQl26T0YS5CxqWLgXajbPZ+h4gZekJyRqFU8pvnbAbbs/3TgRPy+GQ==", + "engines": { + "node": ">=10.0.0" + }, + "peerDependencies": { + "bufferutil": "^4.0.1", + "utf-8-validate": ">=5.0.2" + }, + "peerDependenciesMeta": { + "bufferutil": { + "optional": true + }, + "utf-8-validate": { + "optional": true + } } }, "node_modules/xml-name-validator": { diff --git a/source/modules/cms_vehicle_simulator/source/console/package.json b/source/modules/cms_vehicle_simulator/source/console/package.json index 3535b923..f78c0aba 100644 --- a/source/modules/cms_vehicle_simulator/source/console/package.json +++ b/source/modules/cms_vehicle_simulator/source/console/package.json @@ -48,7 +48,8 @@ "nth-check": "^2.0.1", "typescript": "5.1.6", "@babel/traverse": "^7.23.2", - "braces": "^3.0.3" + "braces": "^3.0.3", + "ws": "^8.17.1" }, "scripts": { "start": "react-scripts start", diff --git a/source/modules/vpc/source/template.yaml b/source/modules/vpc/source/template.yaml index 3b13ea20..571d537a 100644 --- a/source/modules/vpc/source/template.yaml +++ b/source/modules/vpc/source/template.yaml @@ -1,7 +1,7 @@ AWSTemplateFormatVersion: "2010-09-09" -Description: (SO0241-CMS.23) connected-mobility-solution-on-aws - vpc. Version v1.1.5 +Description: (SO0241-CMS.23) connected-mobility-solution-on-aws - vpc. Version v1.1.6 This template deploys a VPC, with a pair of public and private subnets spread across two Availability Zones. It deploys an internet gateway, with a default route on the public subnets. It deploys a pair of NAT gateways (one in each AZ),