Skip to content

Commit 9b3f06a

Browse files
gyz0072004gyz0072004
authored
Port PR #25502 from main
- bump xml2js version to resolve CVE-2023-0842 for @azure/core-http (#25502) @azure/core-http
1 parent 1df8a1c commit 9b3f06a

File tree

3 files changed

+42
-21
lines changed

3 files changed

+42
-21
lines changed

common/config/rush/pnpm-lock.yaml

+35-20
Some generated files are not rendered by default. Learn more about customizing how changed files appear on GitHub.

sdk/core/core-http/CHANGELOG.md

+6
Original file line numberDiff line numberDiff line change
@@ -1,5 +1,11 @@
11
# Release History
22

3+
## 2.3.2 (2023-04-17)
4+
5+
### Other Changes
6+
7+
- Upgrade dependency `xml2js` version to `^0.5.0`.
8+
39
## 2.3.1 (2022-11-09)
410

511
### Bugs Fixed

sdk/core/core-http/package.json

+1-1
Original file line numberDiff line numberDiff line change
@@ -130,7 +130,7 @@
130130
"tslib": "^2.2.0",
131131
"tunnel": "^0.0.6",
132132
"uuid": "^8.3.0",
133-
"xml2js": "^0.4.19"
133+
"xml2js": "^0.5.0"
134134
},
135135
"devDependencies": {
136136
"@azure/eslint-plugin-azure-sdk": "^3.0.0",

0 commit comments

Comments
 (0)