Before opening, please confirm:
JavaScript Framework
React
Amplify APIs
Storage
Amplify Version
v6
Amplify Categories
Not applicable
Backend
Other
Environment information
Details
# Put output below this line
Describe the bug
aws-amplify has a dependency on fast-xml-parser
fast-xml-parser 5.7.2 has a dependency on fast-xml-builder version 1.1.5 which has a security vulnerability - GHSA-5wm8-gmm8-39j9
This is resolved in fast-xml-parser 5.7.3 - https://github.com/NaturalIntelligence/fast-xml-parser/releases/tag/v5.7.3
Expected behavior
aws-amplify should not depend on vulnerable versions of fast-xml-builder
Reproduction steps
install eg: npm i aws-amplify
run npm audit
Code Snippet
// Put your code below this line.
Log output
Details
// Put your logs below this line
aws-exports.js
No response
Manual configuration
No response
Additional configuration
No response
Mobile Device
No response
Mobile Operating System
No response
Mobile Browser
No response
Mobile Browser Version
No response
Additional information and screenshots
No response
Before opening, please confirm:
JavaScript Framework
React
Amplify APIs
Storage
Amplify Version
v6
Amplify Categories
Not applicable
Backend
Other
Environment information
Details
Describe the bug
aws-amplify has a dependency on fast-xml-parser
fast-xml-parser 5.7.2 has a dependency on fast-xml-builder version 1.1.5 which has a security vulnerability - GHSA-5wm8-gmm8-39j9
This is resolved in fast-xml-parser 5.7.3 - https://github.com/NaturalIntelligence/fast-xml-parser/releases/tag/v5.7.3
Expected behavior
aws-amplify should not depend on vulnerable versions of fast-xml-builder
Reproduction steps
install eg: npm i aws-amplify
run npm audit
Code Snippet
// Put your code below this line.Log output
Details
aws-exports.js
No response
Manual configuration
No response
Additional configuration
No response
Mobile Device
No response
Mobile Operating System
No response
Mobile Browser
No response
Mobile Browser Version
No response
Additional information and screenshots
No response