Upgrade to sharp with metadata #3
Open
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Member
juliankmazo
commented
Nov 1, 2023
juliankmazo
commented
- Upgrade to the current release on https://github.com/aws-solutions/serverless-image-handler
Update to version v6.0.0
Updated the architecture diagram path in README.md
chore: added close inactive issues GitHub workflow
…e-readme docs: update 'Customizing the Solution' section
update to version v6.1.0
Add github actions
Address eslint and codeql issues
…e-config chore(pipeline): pipeline config
…package-lock chore(gitignore): Add package-lock to gitignore
…-solutions#421) * Update node version * Update contributing for develop branch and PR steps * Update CONTRIBUTING.md, PULL_REQUEST_TEMPLATE.md, Add package-lock to gitignore Co-authored-by: Doug Toppin <[email protected]>
Co-authored-by: Doug Toppin <[email protected]>
* Update code-style-lint.yml only=dev is no longer supported and it is invalid config with npm i * Replace AxiosRequestConfig with RawAxiosRequestConfig In 1.2.3 AxiosRequestConfig interface has been refactored with RawAxiosRequestConfig. Committing package-lock.json for repeatable builds to prevent similar issues Reference: https://github.com/axios/axios/releases/tag/v1.2.3 Co-authored-by: Garvit Singh <[email protected]>
* Add package dependency files and do not ignore * Commit package-lock.json files Co-authored-by: Doug Toppin <[email protected]>
Bumps [json5](https://github.com/json5/json5) from 1.0.1 to 1.0.2. - [Release notes](https://github.com/json5/json5/releases) - [Changelog](https://github.com/json5/json5/blob/main/CHANGELOG.md) - [Commits](json5/json5@v1.0.1...v1.0.2) --- updated-dependencies: - dependency-name: json5 dependency-type: indirect ... Signed-off-by: dependabot[bot] <[email protected]> Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Correct release date
chore(release): 6.1.1
…tack deployments (aws-solutions#438) * Add stack name to service catalog application This allows multiple stack deployments in the same account, region * Update cdk snapshot * Add changelog entry * Prepend AppRegistry application name with static name Stack name is used in naming AppRegistry application and attribute group; which must not begin with aws. The change adds support for stack names starting with aws-*
chore(release): 6.1.1
…s-solutions#464) update xml2js version, add changelog entry run prettier, update snapshot, update versions update changelog with s3 change reason Co-authored-by: Doug Toppin <[email protected]>
update to v6.2.0 open-source release
Update to Version v6.2.3
![github-advanced-security[bot]](https://avatars.githubusercontent.com/in/57789?s=60&v=4){kind=small}
| } else if (definedEnvironmentVariables) { | ||
| // use rewrite function then thumbor mappings | ||
| return RequestTypes.CUSTOM; | ||
| } else if (matchThumbor1.test(path) && (matchThumbor2.test(path) || matchThumbor3.test(path))) { |
Check failure
Code scanning / CodeQL
Polynomial regular expression used on uncontrolled data
| * @returns Cumulative edits based on the previous edits and the current filter. | ||
| */ | ||
| public mapFilter(filterExpression: string, fileFormat: ImageFormatTypes, previousEdits: ImageEdits = {}): ImageEdits { | ||
| const matched = filterExpression.match(/:(.+)\((.*)\)/); // NOSONAR |
Check failure
Code scanning / CodeQL
Polynomial regular expression used on uncontrolled data
| // Fill the preview image | ||
| $(`#img-preview`).attr(`src`, `${appVariables.apiEndpoint}/${enc}`); | ||
| // Fill the request body field | ||
| $(`#preview-request-body`).html(JSON.stringify(request, undefined, 2)); |
Check warning
Code scanning / CodeQL
DOM text reinterpreted as HTML
| // Check the provided bucket against the allowed list | ||
| const sourceBuckets = this.getAllowedSourceBuckets(); | ||
|
|
||
| if (sourceBuckets.includes(request.bucket) || new RegExp("^" + sourceBuckets[0] + "$").exec(request.bucket)) { |
Check failure
Code scanning / CodeQL
Regular expression injection
| const patternStrings = REWRITE_MATCH_PATTERN.split("/"); | ||
| const flags = patternStrings.pop(); | ||
| const parsedPatternString = REWRITE_MATCH_PATTERN.slice(1, REWRITE_MATCH_PATTERN.length - 1 - flags.length); | ||
| const regExp = new RegExp(parsedPatternString, flags); |
Check failure
Code scanning / CodeQL
Regular expression injection
| const patternStrings = REWRITE_MATCH_PATTERN.split("/"); | ||
| const flags = patternStrings.pop(); | ||
| const parsedPatternString = REWRITE_MATCH_PATTERN.slice(1, REWRITE_MATCH_PATTERN.length - 1 - flags.length); | ||
| const regExp = new RegExp(parsedPatternString, flags); |
Check failure
Code scanning / CodeQL
Regular expression injection
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
15 participants
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.