Skip to content

updated typed-rest-client to 2.2.0 to fix qs vulnerability in azure-arm-rest package #565

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
v-dko wants to merge 4 commits into
base: main
Choose a base branch
from
Open

updated typed-rest-client to 2.2.0 to fix qs vulnerability in azure-arm-rest package #565

v-dko wants to merge 4 commits into from

Conversation

@v-dko
Copy link
Contributor

@v-dko v-dko commented Jan 23, 2026

Description

updated typed-rest-client to 2.2.0 to fix qs vulnerability in azure-arm-rest package

Package Name

azure-arm-rest package

Risk Assessment (Low / Medium / High)

Low

Unit Tests Added or Updated

No

Additional Testing Performed

L0 test cases are passed

Documentation Changes Required (Yes / No)

No

Dependencies

_No

@v-dko v-dko requested review from a team and manolerazvan as code owners January 23, 2026 08:51
@v-dko
Copy link
Contributor Author

v-dko commented Jan 23, 2026

/azp run

@azure-pipelines
Copy link

azure-pipelines bot commented Jan 23, 2026

Azure Pipelines successfully started running 1 pipeline(s).

starkmsu
starkmsu reviewed Jan 23, 2026
View reviewed changes
common-npm-packages/webdeployment-common/Tests/L1XdtTransform.ts
function readXmlFile(path: string): ltx.Element {
const buffer = fs.readFileSync(path);
const encoding = detectFileEncoding(path, buffer)[0].toString();
const encoding = detectFileEncoding(path, buffer)[0].toString() as BufferEncoding;
Copy link
Contributor

@starkmsu starkmsu Jan 23, 2026
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Here and below we need to handle a case when detectFileEncoding(path, buffer)[0].toString() can't be converted to BufferEncoding.
According to the current implementation of detectFileEncoding it can return null

@v-dko v-dko mentioned this pull request Jan 23, 2026
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@starkmsu starkmsu starkmsu left review comments

@manolerazvan manolerazvan Awaiting requested review from manolerazvan manolerazvan is a code owner

At least 1 approving review is required to merge this pull request.

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@v-dko @starkmsu