diff --git a/CHANGELOG.md b/CHANGELOG.md index f7103d0a72b3..56fa191f2d0e 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -9,6 +9,7 @@ Inspired from [Keep a Changelog](https://keepachangelog.com/en/1.0.0/) ### 🛡 Security +- [CVE-2021-23490] Bump parse-link-header from `1.0.1` to `2.0.0` ([#3738](https://github.com/opensearch-project/OpenSearch-Dashboards/pull/3738)) - [CVE-2022-25758] Bump scss-tokenizer from `0.3.0` to `0.4.3` ([#3727](https://github.com/opensearch-project/OpenSearch-Dashboards/pull/3727)) - [CVE-2021-3765] Update `@microsoft/api-documenter` and `@microsoft/api-extractor` versions to bump validator from `8.2.0` to `13.9.0` ([#3725](https://github.com/opensearch-project/OpenSearch-Dashboards/pull/3725)) - [CVE-2022-1537] Bump grunt from `1.4.1` to `1.5.3` ([#3723](https://github.com/opensearch-project/OpenSearch-Dashboards/pull/3723)) diff --git a/packages/osd-test/package.json b/packages/osd-test/package.json index b1bf2f50f4b5..3d36be8507f4 100644 --- a/packages/osd-test/package.json +++ b/packages/osd-test/package.json @@ -33,7 +33,7 @@ "glob": "^7.1.7", "joi": "^13.5.2", "lodash": "^4.17.21", - "parse-link-header": "^1.0.1", + "parse-link-header": "^2.0.0", "rxjs": "^6.5.5", "strip-ansi": "^6.0.0", "tar-fs": "^2.1.0", diff --git a/yarn.lock b/yarn.lock index c6e63076a8e6..d01ed199296c 100644 --- a/yarn.lock +++ b/yarn.lock @@ -16367,10 +16367,10 @@ parse-json@^5.0.0: json-parse-better-errors "^1.0.1" lines-and-columns "^1.1.6" -parse-link-header@^1.0.1: - version "1.0.1" - resolved "https://registry.yarnpkg.com/parse-link-header/-/parse-link-header-1.0.1.tgz#bedfe0d2118aeb84be75e7b025419ec8a61140a7" - integrity sha1-vt/g0hGK64S+deewJUGeyKYRQKc= +parse-link-header@^2.0.0: + version "2.0.0" + resolved "https://registry.yarnpkg.com/parse-link-header/-/parse-link-header-2.0.0.tgz#949353e284f8aa01f2ac857a98f692b57733f6b7" + integrity sha512-xjU87V0VyHZybn2RrCX5TIFGxTVZE6zqqZWMPlIKiSKuWh/X5WZdt+w1Ki1nXB+8L/KtL+nZ4iq+sfI6MrhhMw== dependencies: xtend "~4.0.1"