Merge pull request #391 from guardian/wsy/bump-fast-xml

waisingyiu · web-flow · commit d0dc0decf147 · 2026-02-24T10:05:17.000Z
Bump fast-xml-parser to fix security vulnerabilities
diff --git a/archiver-lambda/package.json b/archiver-lambda/package.json
@@ -10,7 +10,7 @@
     "build": "run-p --print-label type-check bundle"
   },
   "devDependencies": {
-    "@aws-sdk/client-lambda": "^3.299.0",
+    "@aws-sdk/client-lambda": "^3.995.0",
     "ts-node-dev": "^1.0.0"
   },
   "dependencies": {
diff --git a/auth-lambda/package.json b/auth-lambda/package.json
@@ -12,6 +12,6 @@
     "jose": "^4.3.7"
   },
   "devDependencies": {
-    "@aws-sdk/client-s3": "^3.299.0"
+    "@aws-sdk/client-s3": "^3.995.0"
   }
 }
diff --git a/bootstrapping-lambda/package.json b/bootstrapping-lambda/package.json
@@ -12,9 +12,9 @@
     "build": "run-p --print-label type-check bundle"
   },
   "devDependencies": {
-    "@aws-sdk/client-appsync": "^3.299.0",
-    "@aws-sdk/client-lambda": "^3.299.0",
-    "@aws-sdk/client-s3": "^3.299.0",
+    "@aws-sdk/client-appsync": "^3.995.0",
+    "@aws-sdk/client-lambda": "^3.995.0",
+    "@aws-sdk/client-s3": "^3.995.0",
     "@babel/preset-typescript": "^7.18.6",
     "@types/cors": "^2.8.12",
     "@types/express": "4.17.17",
@@ -26,7 +26,7 @@
   },
   "dependencies": {
     "@codegenie/serverless-express": "^4.16.0",
-    "@guardian/pan-domain-node": "^1.2.0",
+    "@guardian/pan-domain-node": "^1.2.3",
     "cors": "^2.8.5",
     "express": "4.22.1",
     "jose": "^4.3.7"
diff --git a/email-lambda/package.json b/email-lambda/package.json
@@ -10,8 +10,8 @@
     "build": "run-p --print-label type-check bundle"
   },
   "devDependencies": {
-    "@aws-sdk/client-lambda": "^3.299.0",
-    "@aws-sdk/client-ses": "^3.299.0",
+    "@aws-sdk/client-lambda": "^3.995.0",
+    "@aws-sdk/client-ses": "^3.995.0",
     "@types/react": "16.9.56",
     "ts-node-dev": "^1.0.0"
   },
diff --git a/shared/package.json b/shared/package.json
@@ -7,16 +7,16 @@
     "build": "tsc --noEmit"
   },
   "devDependencies": {
-    "@aws-sdk/client-auto-scaling": "^3.299.0",
-    "@aws-sdk/client-dynamodb": "^3.299.0",
-    "@aws-sdk/client-ec2": "^3.299.0",
-    "@aws-sdk/client-rds": "^3.299.0",
-    "@aws-sdk/client-s3": "^3.299.0",
-    "@aws-sdk/client-ssm": "^3.299.0",
-    "@aws-sdk/client-sts": "^3.299.0",
-    "@aws-sdk/credential-providers": "^3.299.0",
-    "@aws-sdk/lib-dynamodb": "^3.299.0",
-    "@aws-sdk/rds-signer": "^3.299.0",
-    "@aws-sdk/util-dynamodb": "^3.299.0"
+    "@aws-sdk/client-auto-scaling": "^3.995.0",
+    "@aws-sdk/client-dynamodb": "^3.995.0",
+    "@aws-sdk/client-ec2": "^3.995.0",
+    "@aws-sdk/client-rds": "^3.995.0",
+    "@aws-sdk/client-s3": "^3.995.0",
+    "@aws-sdk/client-ssm": "^3.995.0",
+    "@aws-sdk/client-sts": "^3.995.0",
+    "@aws-sdk/credential-providers": "^3.995.0",
+    "@aws-sdk/lib-dynamodb": "^3.995.0",
+    "@aws-sdk/rds-signer": "^3.995.0",
+    "@aws-sdk/util-dynamodb": "^3.995.0"
   }
 }
diff --git a/users-refresher-lambda/package.json b/users-refresher-lambda/package.json
@@ -11,7 +11,7 @@
     "test": "jest 2>&1"
   },
   "devDependencies": {
-    "@aws-sdk/client-s3": "^3.299.0",
+    "@aws-sdk/client-s3": "^3.995.0",
     "@types/iniparser": "^0.0.29",
     "ts-node-dev": "^1.0.0"
   },
diff --git a/yarn.lock b/yarn.lock

Original file line number	Diff line number	Diff line change
`@@ -12,6 +12,6 @@`
`12`	`12`	`"jose": "^4.3.7"`
`13`	`13`	`},`
`14`	`14`	`"devDependencies": {`
`15`		`- "@aws-sdk/client-s3": "^3.299.0"`
	`15`	`+ "@aws-sdk/client-s3": "^3.995.0"`
`16`	`16`	`}`
`17`	`17`	`}`