Skip to content

[Snyk] Security upgrade @aws-sdk/credential-providers from 3.943.0 to 3.974.0#10147

Merged
RomneyDa merged 1 commit intomainfrom
snyk-fix-be7bc5c5ea454c48cbcfb04e4d08b90d
Feb 3, 2026
Merged

[Snyk] Security upgrade @aws-sdk/credential-providers from 3.943.0 to 3.974.0#10147
RomneyDa merged 1 commit intomainfrom
snyk-fix-be7bc5c5ea454c48cbcfb04e4d08b90d

Conversation

@sestinj
Copy link
Contributor

@sestinj sestinj commented Feb 3, 2026
edited by continue bot
Loading

snyk-top-banner

Snyk has created this PR to fix 1 vulnerabilities in the npm dependencies of this project.

Snyk changed the following file(s):

  • packages/openai-adapters/package.json
  • packages/openai-adapters/package-lock.json

Vulnerabilities that will be fixed with an upgrade:

Issue Score
high severity Uncaught Exception
SNYK-JS-FASTXMLPARSER-15155603		   828  

Important

  • Check the changes in this PR to ensure they won't cause issues with your project.
  • Max score is 1000. Note that the real score may have changed since the PR was raised.
  • This PR was automatically created by Snyk using the credentials of a real user.

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information:
🧐 View latest project report
📜 Customise PR templates
🛠 Adjust project settings
📚 Read about Snyk's upgrade logic

Learn how to fix vulnerabilities with free interactive lessons:

🦉 Uncaught Exception

Continue Tasks: ▶️ 2 queued — View all

Summary by cubic

Security upgrade: bump @aws-sdk/credential-providers from ^3.931.0 to ^3.974.0 in packages/openai-adapters to fix the fast-xml-parser “Uncaught Exception” vulnerability flagged by Snyk. No functional code changes.

Written for commit a877781. Summary will update on new commits.

@snyk-bot
fix: packages/openai-adapters/package.json & packages/openai-adapters…
a877781 
…/package-lock.json to reduce vulnerabilities

The following vulnerabilities are fixed with an upgrade:
- https://snyk.io/vuln/SNYK-JS-FASTXMLPARSER-15155603
@sestinj sestinj requested a review from a team as a code owner February 3, 2026 10:17
@sestinj sestinj requested review from Patrick-Erichsen and removed request for a team February 3, 2026 10:17
@dosubot dosubot bot added the size:XS This PR changes 0-9 lines, ignoring generated files. label Feb 3, 2026
@github-actions
Copy link

github-actions bot commented Feb 3, 2026

⚠️ PR Title Format

Your PR title doesn't follow the conventional commit format, but this won't block your PR from being merged. We recommend using this format for better project organization.

Expected Format:

<type>[optional scope]: <description>

Examples:

  • feat: add changelog generation support
  • fix: resolve login redirect issue
  • docs: update README with new instructions
  • chore: update dependencies

Valid Types:

feat, fix, docs, style, refactor, perf, test, build, ci, chore, revert

This helps with:

  • 📝 Automatic changelog generation
  • 🚀 Automated semantic versioning
  • 📊 Better project history tracking

This is a non-blocking warning - your PR can still be merged without fixing this.

@github-actions
Copy link

github-actions bot commented Feb 3, 2026
edited
Loading

✅ Review Complete

Code Review Summary

⚠️ AI review failed. Please check the Continue API key and configuration.

Troubleshooting

  • Verify the CONTINUE_API_KEY secret is set correctly
  • Check that the organization and config path are valid
  • Ensure the Continue service is accessible

cubic-dev-ai[bot]
cubic-dev-ai bot reviewed Feb 3, 2026
View reviewed changes
Copy link
Contributor

@cubic-dev-ai cubic-dev-ai bot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

No issues found across 2 files

@github-project-automation github-project-automation bot moved this from Todo to In Progress in Issues and PRs Feb 3, 2026
@dosubot dosubot bot added the lgtm This PR has been approved by a maintainer label Feb 3, 2026
@RomneyDa RomneyDa merged commit 38a2ca2 into main Feb 3, 2026
73 of 79 checks passed
@RomneyDa RomneyDa deleted the snyk-fix-be7bc5c5ea454c48cbcfb04e4d08b90d branch February 3, 2026 21:31
@github-project-automation github-project-automation bot moved this from In Progress to Done in Issues and PRs Feb 3, 2026
@github-actions github-actions bot locked and limited conversation to collaborators Feb 3, 2026
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.

Reviewers

@cubic-dev-ai cubic-dev-ai[bot] cubic-dev-ai[bot] left review comments

@RomneyDa RomneyDa RomneyDa approved these changes

@Patrick-Erichsen Patrick-Erichsen Awaiting requested review from Patrick-Erichsen Patrick-Erichsen is a code owner automatically assigned from continuedev/continue-code-reviewers

Assignees

No one assigned

Labels

lgtm This PR has been approved by a maintainer size:XS This PR changes 0-9 lines, ignoring generated files.

Projects

Issues and PRs
Status: Done

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@sestinj @RomneyDa @snyk-bot