Bump node version from 14.20.0 to 14.20.1 to resolve CVE-2022-35256 (#…

…3166) * Bump node version from 14.20.0 to 14.20.1 to resolve CVE-2022-35256 Signed-off-by: Zilong Xia <zilongx@amazon.com> * Update the PR number in CHANGELOG Signed-off-by: Zilong Xia <zilongx@amazon.com> Signed-off-by: Zilong Xia <zilongx@amazon.com>
opensearch-project · Jan 5, 2023 · 90b34f3 · 90b34f3
1 parent 5719fb9
commit 90b34f3
Show file tree

Hide file tree

Showing 7 changed files with 7 additions and 6 deletions.
diff --git a/.node-version b/.node-version
@@ -1 +1 @@
-14.20.0
+14.20.1
diff --git a/.nvmrc b/.nvmrc
@@ -1 +1 @@
-14.20.0
+14.20.1
diff --git a/CHANGELOG.md b/CHANGELOG.md
@@ -14,6 +14,7 @@ Inspired from [Keep a Changelog](https://keepachangelog.com/en/1.0.0/)
 - Eliminate dependency on `got` versions older than 11.8.5 ([#2801](https://github.com/opensearch-project/OpenSearch-Dashboards/pull/2801))
 - [Multi DataSource] Add explicit no spellcheck on password fields ([#2818](https://github.com/opensearch-project/OpenSearch-Dashboards/pull/2818))
 - [CVE-2022-25912] Bumps simple-git from 3.4.0 to 3.15.0 ([#3036](https://github.com/opensearch-project/OpenSearch-Dashboards/pull/3036))
+- [CVE-2022-35256] Bumps node version from 14.20.0 to 14.20.1 [#3166](https://github.com/opensearch-project/OpenSearch-Dashboards/pull/3166))
 
 ### 📈 Features/Enhancements
 

diff --git a/Dockerfile b/Dockerfile
@@ -1,4 +1,4 @@
-ARG NODE_VERSION=14.20.0
+ARG NODE_VERSION=14.20.1
 FROM node:${NODE_VERSION} AS base
 
 ENV HOME '.'

diff --git a/TESTING.md b/TESTING.md
@@ -24,7 +24,7 @@ In general, we recommend four tiers of tests:
 
 # Requirements
 * Install the latest NodeJS, [NPM](https://www.npmjs.com/get-npm) and [Yarn](https://classic.yarnpkg.com/en/docs/install/#mac-stable)
-    * `nvm install v14.20.0`
+    * `nvm install v14.20.1`
     * `npm install -g yarn`
 
 # Running tests

diff --git a/package.json b/package.json
@@ -465,7 +465,7 @@
     "zlib": "^1.0.5"
   },
   "engines": {
-    "node": "14.20.0",
+    "node": "14.20.1",
     "yarn": "^1.21.1"
   }
 }
diff --git a/yarn.lock b/yarn.lock
@@ -11726,7 +11726,7 @@ loader-runner@^2.4.0:
   resolved "https://registry.yarnpkg.com/loader-runner/-/loader-runner-2.4.0.tgz#ed47066bfe534d7e84c4c7b9998c2a75607d9357"
   integrity sha512-Jsmr89RcXGIwivFY21FcRrisYZfvLMTWx5kOLc+JTxtpBOG6xML0vzbc6SEQG2FO9/4Fc3wW4LVcB5DmGflaRw==
 
-loader-utils@^1.2.3, loader-utils@^2.0.0, loader-utils@^2.0.3, loader-utils@^2.0.4:
+loader-utils@^1.2.3, loader-utils@^2.0.0, loader-utils@^2.0.4:
   version "2.0.4"
   resolved "https://registry.yarnpkg.com/loader-utils/-/loader-utils-2.0.4.tgz#8b5cb38b5c34a9a018ee1fc0e6a066d1dfcc528c"
   integrity sha512-xXqpXoINfFhgua9xiqD8fPFHgkoq1mmmpE92WlDbm9rNRd/EbRb+Gqf908T2DMfuHjjJlksiK2RbHVOdD/MqSw==