Skip to content

Comments

[Snyk] Security upgrade @aws-sdk/client-bedrock-runtime from 3.943.0 to 3.974.0#10669

Open
sestinj wants to merge 1 commit intomainfrom
snyk-fix-66e780b8a2ec9f3014513f9ef4d1e7f3
Open

[Snyk] Security upgrade @aws-sdk/client-bedrock-runtime from 3.943.0 to 3.974.0#10669
sestinj wants to merge 1 commit intomainfrom
snyk-fix-66e780b8a2ec9f3014513f9ef4d1e7f3

Conversation

@sestinj
Copy link
Contributor

@sestinj sestinj commented Feb 20, 2026
edited by cubic-dev-ai bot
Loading

snyk-top-banner

Snyk has created this PR to fix 1 vulnerabilities in the npm dependencies of this project.

Snyk changed the following file(s):

  • packages/openai-adapters/package.json
  • packages/openai-adapters/package-lock.json

Vulnerabilities that will be fixed with an upgrade:

Issue Score
high severity Uncaught Exception
SNYK-JS-FASTXMLPARSER-15155603		   828  

Important

  • Check the changes in this PR to ensure they won't cause issues with your project.
  • Max score is 1000. Note that the real score may have changed since the PR was raised.
  • This PR was automatically created by Snyk using the credentials of a real user.

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information:
🧐 View latest project report
📜 Customise PR templates
🛠 Adjust project settings
📚 Read about Snyk's upgrade logic

Learn how to fix vulnerabilities with free interactive lessons:

🦉 Uncaught Exception

Continue Tasks: ❌ 7 failed — View all

Summary by cubic

Upgraded @aws-sdk/client-bedrock-runtime in openai-adapters to 3.974.0 to fix a high-severity Uncaught Exception vulnerability (SNYK-JS-FASTXMLPARSER-15155603). Keeps our AWS SDK current and reduces crash risk.

  • Dependencies
    • Bumped @aws-sdk/client-bedrock-runtime from ^3.931.0 to ^3.974.0.
    • Updated package-lock.json.

Written for commit 335f323. Summary will update on new commits.

@snyk-bot
fix: packages/openai-adapters/package.json & packages/openai-adapters…
335f323 
…/package-lock.json to reduce vulnerabilities

The following vulnerabilities are fixed with an upgrade:
- https://snyk.io/vuln/SNYK-JS-FASTXMLPARSER-15155603
@sestinj sestinj requested a review from a team as a code owner February 20, 2026 04:25
@sestinj sestinj requested review from RomneyDa and removed request for a team February 20, 2026 04:25
@dosubot dosubot bot added the size:XS This PR changes 0-9 lines, ignoring generated files. label Feb 20, 2026
cubic-dev-ai[bot]
cubic-dev-ai bot reviewed Feb 20, 2026
View reviewed changes
Copy link
Contributor

@cubic-dev-ai cubic-dev-ai bot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

No issues found across 2 files

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@cubic-dev-ai cubic-dev-ai[bot] cubic-dev-ai[bot] left review comments

@RomneyDa RomneyDa Awaiting requested review from RomneyDa RomneyDa is a code owner automatically assigned from continuedev/continue-code-reviewers

At least 1 approving review is required to merge this pull request.

Assignees

No one assigned

Labels

size:XS This PR changes 0-9 lines, ignoring generated files.

Projects

Issues and PRs
Status: Todo

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@sestinj @snyk-bot