From 3859718f158a4fb5e6da27dfcb6e770750eeeb43 Mon Sep 17 00:00:00 2001 From: Brendan Myers <6362494+BearHanded@users.noreply.github.com> Date: Tue, 27 Feb 2024 09:51:33 -0500 Subject: [PATCH 1/6] [Snyk] Upgrade aws-sdk from 2.1326.0 to 2.1531.0 (#2041) Co-authored-by: snyk-bot --- services/ui-auth/package.json | 2 +- services/ui-auth/yarn.lock | 31 +++++++++++++------------------ 2 files changed, 14 insertions(+), 19 deletions(-) diff --git a/services/ui-auth/package.json b/services/ui-auth/package.json index ddc79cf9be..f5372e61e2 100644 --- a/services/ui-auth/package.json +++ b/services/ui-auth/package.json @@ -12,7 +12,7 @@ "serverless-s3-bucket-helper": "Enterprise-CMCS/serverless-s3-bucket-helper#0.1.1" }, "dependencies": { - "aws-sdk": "^2.1310.0", + "aws-sdk": "^2.1531.0", "xml2js": "0.6.0" } } diff --git a/services/ui-auth/yarn.lock b/services/ui-auth/yarn.lock index d4877c03b2..f44e75cdd7 100644 --- a/services/ui-auth/yarn.lock +++ b/services/ui-auth/yarn.lock @@ -7,10 +7,10 @@ available-typed-arrays@^1.0.5: resolved "https://registry.yarnpkg.com/available-typed-arrays/-/available-typed-arrays-1.0.5.tgz#92f95616501069d07d10edb2fc37d3e1c65123b7" integrity sha512-DMD0KiN46eipeziST1LPP/STfDU0sufISXmjSgvVsoU2tqxctQeASejWcfNtxYKqETM1UxQ8sp2OrSBWpHY6sw== -aws-sdk@^2.1310.0: - version "2.1326.0" - resolved "https://registry.yarnpkg.com/aws-sdk/-/aws-sdk-2.1326.0.tgz#91da60f08d10e4e1db0640c97bc7d2298fde8f17" - integrity sha512-LSGiO4RSooupHnkvYbPOuOYqwAxmcnYinwIxBz4P1YI8ulhZZ/pypOj/HKqC629UyhY1ndSMtlM1l56U74UclA== +aws-sdk@^2.1531.0: + version "2.1545.0" + resolved "https://registry.yarnpkg.com/aws-sdk/-/aws-sdk-2.1545.0.tgz#8678ae8117a426d4a6602408e7f47f176356d7ca" + integrity sha512-iDUv6ksG7lTA0l/HlOgYdO6vfYFA1D2/JzAEXSdgKY0C901WgJqBtfs2CncOkCgDe2CjmlMuqciBzAfxCIiKFA== dependencies: buffer "4.9.2" events "1.1.1" @@ -21,7 +21,7 @@ aws-sdk@^2.1310.0: url "0.10.3" util "^0.12.4" uuid "8.0.0" - xml2js "0.4.19" + xml2js "0.6.2" base64-js@^1.0.2: version "1.5.1" @@ -213,14 +213,6 @@ which-typed-array@^1.1.2: has-tostringtag "^1.0.0" is-typed-array "^1.1.10" -xml2js@0.4.19: - version "0.4.19" - resolved "https://registry.yarnpkg.com/xml2js/-/xml2js-0.4.19.tgz#686c20f213209e94abf0d1bcf1efaa291c7827a7" - integrity sha512-esZnJZJOiJR9wWKMyuvSE1y6Dq5LCuJanqhxslH2bxM6duahNZ+HMpCLhBQGZkbX6xRf8x1Y2eJlgt2q3qo49Q== - dependencies: - sax ">=0.6.0" - xmlbuilder "~9.0.1" - xml2js@0.6.0: version "0.6.0" resolved "https://registry.yarnpkg.com/xml2js/-/xml2js-0.6.0.tgz#07afc447a97d2bd6507a1f76eeadddb09f7a8282" @@ -229,12 +221,15 @@ xml2js@0.6.0: sax ">=0.6.0" xmlbuilder "~11.0.0" +xml2js@0.6.2: + version "0.6.2" + resolved "https://registry.yarnpkg.com/xml2js/-/xml2js-0.6.2.tgz#dd0b630083aa09c161e25a4d0901e2b2a929b499" + integrity sha512-T4rieHaC1EXcES0Kxxj4JWgaUQHDk+qwHcYOCFHfiwKz7tOVPLq7Hjq9dM1WCMhylqMEfP7hMcOIChvotiZegA== + dependencies: + sax ">=0.6.0" + xmlbuilder "~11.0.0" + xmlbuilder@~11.0.0: version "11.0.1" resolved "https://registry.yarnpkg.com/xmlbuilder/-/xmlbuilder-11.0.1.tgz#be9bae1c8a046e76b31127726347d0ad7002beb3" integrity sha512-fDlsI/kFEx7gLvbecc0/ohLG50fugQp8ryHzMTuW9vSa1GJ0XYWKnhsUx7oie3G98+r56aTQIUB4kht42R3JvA== - -xmlbuilder@~9.0.1: - version "9.0.7" - resolved "https://registry.yarnpkg.com/xmlbuilder/-/xmlbuilder-9.0.7.tgz#132ee63d2ec5565c557e20f4c22df9aca686b10d" - integrity sha512-7YXTQc3P2l9+0rjaUbLwMKRhtmwg1M1eDf6nag7urC7pIPYLD9W/jmzQ4ptRSUbodw5S0jfoGTflLemQibSpeQ== From a8b2a28d4e4fdb7c70e0a884bfe491682cbea3d4 Mon Sep 17 00:00:00 2001 From: Berry Davenport Date: Tue, 27 Feb 2024 14:18:44 -0500 Subject: [PATCH 2/6] Attempt to suppress email (#2069) --- services/ui-auth/handlers/createUsers.js | 1 + 1 file changed, 1 insertion(+) diff --git a/services/ui-auth/handlers/createUsers.js b/services/ui-auth/handlers/createUsers.js index 0f176630ab..77c2cadd42 100644 --- a/services/ui-auth/handlers/createUsers.js +++ b/services/ui-auth/handlers/createUsers.js @@ -12,6 +12,7 @@ async function myHandler(event, context, callback) { UserPoolId: userPoolId, Username: users[i].username, DesiredDeliveryMediums: ["EMAIL"], + MessageAction: "SUPPRESS", UserAttributes: users[i].attributes, }; var passwordData = { From e0faf206100c526427eb1e492d5805fe1366ac71 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Tue, 27 Feb 2024 16:36:54 -0500 Subject: [PATCH 3/6] Bump es5-ext from 0.10.61 to 0.10.63 in /services/app-api (#2068) Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Berry Davenport --- services/app-api/yarn.lock | 28 +++++++++++++++------------- 1 file changed, 15 insertions(+), 13 deletions(-) diff --git a/services/app-api/yarn.lock b/services/app-api/yarn.lock index 3e3f9e46d6..46037a3241 100644 --- a/services/app-api/yarn.lock +++ b/services/app-api/yarn.lock @@ -2140,22 +2140,14 @@ error-ex@^1.3.1: dependencies: is-arrayish "^0.2.1" -es5-ext@^0.10.12, es5-ext@^0.10.35, es5-ext@^0.10.46, es5-ext@^0.10.47, es5-ext@^0.10.49, es5-ext@^0.10.50, es5-ext@^0.10.53, es5-ext@^0.10.59, es5-ext@~0.10.14, es5-ext@~0.10.2, es5-ext@~0.10.46: - version "0.10.61" - resolved "https://registry.yarnpkg.com/es5-ext/-/es5-ext-0.10.61.tgz#311de37949ef86b6b0dcea894d1ffedb909d3269" - integrity sha512-yFhIqQAzu2Ca2I4SE2Au3rxVfmohU9Y7wqGR+s7+H7krk26NXhIRAZDgqd6xqjCEFUomDEA3/Bo/7fKmIkW1kA== - dependencies: - es6-iterator "^2.0.3" - es6-symbol "^3.1.3" - next-tick "^1.1.0" - -es5-ext@^0.10.61, es5-ext@^0.10.62: - version "0.10.62" - resolved "https://registry.yarnpkg.com/es5-ext/-/es5-ext-0.10.62.tgz#5e6adc19a6da524bf3d1e02bbc8960e5eb49a9a5" - integrity sha512-BHLqn0klhEpnOKSrzn/Xsz2UIW8j+cGmo9JLzr8BiUapV8hPL9+FliFqjwr9ngW7jWdnxv6eO+/LqyhJVqgrjA== +es5-ext@^0.10.12, es5-ext@^0.10.35, es5-ext@^0.10.46, es5-ext@^0.10.47, es5-ext@^0.10.49, es5-ext@^0.10.50, es5-ext@^0.10.53, es5-ext@^0.10.59, es5-ext@^0.10.61, es5-ext@^0.10.62, es5-ext@~0.10.14, es5-ext@~0.10.2, es5-ext@~0.10.46: + version "0.10.63" + resolved "https://registry.yarnpkg.com/es5-ext/-/es5-ext-0.10.63.tgz#9c222a63b6a332ac80b1e373b426af723b895bd6" + integrity sha512-hUCZd2Byj/mNKjfP9jXrdVZ62B8KuA/VoK7X8nUh5qT+AxDmcbvZz041oDVZdbIN1qW6XY9VDNwzkvKnZvK2TQ== dependencies: es6-iterator "^2.0.3" es6-symbol "^3.1.3" + esniff "^2.0.1" next-tick "^1.1.0" es6-iterator@^2.0.3, es6-iterator@~2.0.3: @@ -2232,6 +2224,16 @@ esniff@^1.1.0: d "1" es5-ext "^0.10.12" +esniff@^2.0.1: + version "2.0.1" + resolved "https://registry.yarnpkg.com/esniff/-/esniff-2.0.1.tgz#a4d4b43a5c71c7ec51c51098c1d8a29081f9b308" + integrity sha512-kTUIGKQ/mDPFoJ0oVfcmyJn4iBDRptjNVIzwIFR7tqWXdVI9xfA2RMwY/gbSpJG3lkdWNEjLap/NqVHZiJsdfg== + dependencies: + d "^1.0.1" + es5-ext "^0.10.62" + event-emitter "^0.3.5" + type "^2.7.2" + esprima@^4.0.0, esprima@^4.0.1: version "4.0.1" resolved "https://registry.yarnpkg.com/esprima/-/esprima-4.0.1.tgz#13b04cdb3e6c5d19df91ab6987a8695619b0aa71" From d96f264c3e286e6f079165834d034a2525253a16 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Tue, 27 Feb 2024 16:38:47 -0500 Subject: [PATCH 4/6] Bump es5-ext from 0.10.61 to 0.10.63 (#2067) Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Berry Davenport --- yarn.lock | 28 +++++++++++++++------------- 1 file changed, 15 insertions(+), 13 deletions(-) diff --git a/yarn.lock b/yarn.lock index adc85b2196..d701cb90fb 100644 --- a/yarn.lock +++ b/yarn.lock @@ -4696,22 +4696,14 @@ es-to-primitive@^1.2.1: is-date-object "^1.0.1" is-symbol "^1.0.2" -es5-ext@^0.10.12, es5-ext@^0.10.35, es5-ext@^0.10.46, es5-ext@^0.10.47, es5-ext@^0.10.49, es5-ext@^0.10.50, es5-ext@^0.10.53, es5-ext@^0.10.59, es5-ext@^0.10.61, es5-ext@~0.10.14, es5-ext@~0.10.2, es5-ext@~0.10.46: - version "0.10.61" - resolved "https://registry.yarnpkg.com/es5-ext/-/es5-ext-0.10.61.tgz#311de37949ef86b6b0dcea894d1ffedb909d3269" - integrity sha512-yFhIqQAzu2Ca2I4SE2Au3rxVfmohU9Y7wqGR+s7+H7krk26NXhIRAZDgqd6xqjCEFUomDEA3/Bo/7fKmIkW1kA== - dependencies: - es6-iterator "^2.0.3" - es6-symbol "^3.1.3" - next-tick "^1.1.0" - -es5-ext@^0.10.62: - version "0.10.62" - resolved "https://registry.yarnpkg.com/es5-ext/-/es5-ext-0.10.62.tgz#5e6adc19a6da524bf3d1e02bbc8960e5eb49a9a5" - integrity sha512-BHLqn0klhEpnOKSrzn/Xsz2UIW8j+cGmo9JLzr8BiUapV8hPL9+FliFqjwr9ngW7jWdnxv6eO+/LqyhJVqgrjA== +es5-ext@^0.10.12, es5-ext@^0.10.35, es5-ext@^0.10.46, es5-ext@^0.10.47, es5-ext@^0.10.49, es5-ext@^0.10.50, es5-ext@^0.10.53, es5-ext@^0.10.59, es5-ext@^0.10.61, es5-ext@^0.10.62, es5-ext@~0.10.14, es5-ext@~0.10.2, es5-ext@~0.10.46: + version "0.10.63" + resolved "https://registry.yarnpkg.com/es5-ext/-/es5-ext-0.10.63.tgz#9c222a63b6a332ac80b1e373b426af723b895bd6" + integrity sha512-hUCZd2Byj/mNKjfP9jXrdVZ62B8KuA/VoK7X8nUh5qT+AxDmcbvZz041oDVZdbIN1qW6XY9VDNwzkvKnZvK2TQ== dependencies: es6-iterator "^2.0.3" es6-symbol "^3.1.3" + esniff "^2.0.1" next-tick "^1.1.0" es6-iterator@^2.0.3, es6-iterator@~2.0.3: @@ -5127,6 +5119,16 @@ esniff@^1.1.0: d "1" es5-ext "^0.10.12" +esniff@^2.0.1: + version "2.0.1" + resolved "https://registry.yarnpkg.com/esniff/-/esniff-2.0.1.tgz#a4d4b43a5c71c7ec51c51098c1d8a29081f9b308" + integrity sha512-kTUIGKQ/mDPFoJ0oVfcmyJn4iBDRptjNVIzwIFR7tqWXdVI9xfA2RMwY/gbSpJG3lkdWNEjLap/NqVHZiJsdfg== + dependencies: + d "^1.0.1" + es5-ext "^0.10.62" + event-emitter "^0.3.5" + type "^2.7.2" + espree@^7.3.0, espree@^7.3.1: version "7.3.1" resolved "https://registry.yarnpkg.com/espree/-/espree-7.3.1.tgz#f2df330b752c6f55019f8bd89b7660039c1bbbb6" From 4848fabbaf79deecc7381c49bd222dd3b9e4b24f Mon Sep 17 00:00:00 2001 From: ailZhou <127151429+ailZhou@users.noreply.github.com> Date: Wed, 28 Feb 2024 10:10:50 -0500 Subject: [PATCH 5/6] [Fix] SS-HH Cypress Test (#2070) --- tests/cypress/support/commands.ts | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/tests/cypress/support/commands.ts b/tests/cypress/support/commands.ts index 67fdc68187..4feb65293b 100644 --- a/tests/cypress/support/commands.ts +++ b/tests/cypress/support/commands.ts @@ -68,6 +68,12 @@ Cypress.Commands.add("goToHealthHomeSetMeasures", () => { cy.get('[data-cy="tableBody"]').then(($tbody) => { if ($tbody.find('[data-cy^="HHCS"]').length > 0) { cy.get('[data-cy^="HHCS"]').first().click(); + } else { + // adds first available HH core set if no healthhome was made + cy.get('[data-cy="add-hhbutton"]').click(); // clicking on adding child core set measures + cy.get('[data-cy="HealthHomeCoreSet-SPA"]').select(1); // select first available SPA + cy.get('[data-cy="Create"]').click(); //clicking create + cy.get('[data-cy^="HHCS"]').first().click(); } }); }); From 9b7c3bf228b24acd9f823bfb433122e5e2bd47ea Mon Sep 17 00:00:00 2001 From: Brendan Myers <6362494+BearHanded@users.noreply.github.com> Date: Wed, 28 Feb 2024 11:29:20 -0500 Subject: [PATCH 6/6] [Snyk] Security upgrade pac-resolver from 6.0.2 to 7.0.1 (#2049) Co-authored-by: snyk-bot --- services/ui-src/package.json | 2 +- services/ui-src/yarn.lock | 18 ++++++------------ 2 files changed, 7 insertions(+), 13 deletions(-) diff --git a/services/ui-src/package.json b/services/ui-src/package.json index efe6ca2f53..781d82659d 100644 --- a/services/ui-src/package.json +++ b/services/ui-src/package.json @@ -20,7 +20,7 @@ "node-fetch": "3.3.1", "node-forge": "1.3.1", "object-path": "^0.11.8", - "pac-resolver": "6.0.2", + "pac-resolver": "7.0.1", "react": "^17.0.1", "react-bootstrap": "^2.0.1", "react-dom": "^17.0.1", diff --git a/services/ui-src/yarn.lock b/services/ui-src/yarn.lock index 22b5bee99d..5d1e3313cf 100644 --- a/services/ui-src/yarn.lock +++ b/services/ui-src/yarn.lock @@ -6956,7 +6956,7 @@ defined@^1.0.0: resolved "https://registry.yarnpkg.com/defined/-/defined-1.0.0.tgz#c98d9bcef75674188e110969151199e39b1fa693" integrity sha1-yY2bzvdWdBiOEQlpFRGZ45sfppM= -degenerator@^2.2.0, degenerator@^4.0.4: +degenerator@^2.2.0, degenerator@^4.0.4, degenerator@^5.0.0: version "4.0.4" resolved "https://registry.yarnpkg.com/degenerator/-/degenerator-4.0.4.tgz#dbeeb602c64ce543c1f17e2c681d1d0cc9d4a0ac" integrity sha512-MTZdZsuNxSBL92rsjx3VFWe57OpRlikyLbcx2B5Dmdv6oScqpMrvpY7zHLMymrUxo3U5+suPUMsNgW/+SZB1lg== @@ -8871,11 +8871,6 @@ ip@^1.1.0, ip@^1.1.5: resolved "https://registry.yarnpkg.com/ip/-/ip-1.1.5.tgz#bdded70114290828c0a039e72ef25f5aaec4354a" integrity sha1-vd7XARQpCCjAoDnnLvJfWq7ENUo= -ip@^1.1.8: - version "1.1.8" - resolved "https://registry.yarnpkg.com/ip/-/ip-1.1.8.tgz#ae05948f6b075435ed3307acce04629da8cdbf48" - integrity sha512-PuExPYUiu6qMBQb4l06ecm6T6ujzhmh+MeJcW9wa89PoAz5pvd4zPgN5WJV104mb6S2T1AwNIAaB70JNrLQWhg== - ipaddr.js@1.9.1: version "1.9.1" resolved "https://registry.yarnpkg.com/ipaddr.js/-/ipaddr.js-1.9.1.tgz#bff38543eeb8984825079ff3a2a8e6cbd46781b3" @@ -10930,13 +10925,12 @@ pac-proxy-agent@^4.1.0: raw-body "^2.2.0" socks-proxy-agent "5" -pac-resolver@6.0.2: - version "6.0.2" - resolved "https://registry.yarnpkg.com/pac-resolver/-/pac-resolver-6.0.2.tgz#742ef24d2805b18c0a684ac02bcb0b5ce9644648" - integrity sha512-EQpuJ2ifOjpZY5sg1Q1ZeAxvtLwR7Mj3RgY8cysPGbsRu3RBXyJFWxnMus9PScjxya/0LzvVDxNh/gl0eXBU4w== +pac-resolver@7.0.1: + version "7.0.1" + resolved "https://registry.yarnpkg.com/pac-resolver/-/pac-resolver-7.0.1.tgz#54675558ea368b64d210fd9c92a640b5f3b8abb6" + integrity sha512-5NPgf87AT2STgwa2ntRMr45jTKrYBGkVU36yT0ig/n/GMAa3oPqhZfIQ2kMEimReg0+t9kZViDVZ83qfVUlckg== dependencies: - degenerator "^4.0.4" - ip "^1.1.8" + degenerator "^5.0.0" netmask "^2.0.2" pac-resolver@^4.1.0: