Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
[Backport 1.3] [CVE-2021-3765][1.x] bump validator from 8.2.0 to 13.9…
….0 (#3753) * [CVE-2021-3765][1.x] bump validator from 8.2.0 to 13.9.0 (#3725) validator.js prior to 13.7.0 is vulnerable to Inefficient Regular Expression Complexity. 1.x is using "validator@8.2.0". Main has been bumped to 13.7.0 via PR #1106. The solution is to backport it on 1.x. Backport PR: #1106 Issue Resolved: #1063 Signed-off-by: Anan Zhuang <ananzh@amazon.com> Co-authored-by: Josh Romero <rmerqg@amazon.com> (cherry picked from commit 53ae3cf) Signed-off-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com> # Conflicts: # CHANGELOG.md * add changelog Signed-off-by: Josh Romero <rmerqg@amazon.com> --------- Signed-off-by: Josh Romero <rmerqg@amazon.com> Co-authored-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com> Co-authored-by: Josh Romero <rmerqg@amazon.com> Co-authored-by: Anan Zhuang <ananzh@amazon.com>
- Loading branch information