AWS AmazonCloudWatch high security documentation change
Summary
Updated Node.js runtime from syn-nodejs-4.2 to syn-nodejs-5.0 including dependency upgrades to address CVE GHSA-jxxr-4gwj-5jf2
Security assessment
Explicitly mentions upgrading brace-expansion to address CVE GHSA-jxxr-4gwj-5jf2, indicating a security vulnerability fix. This change documents a security patch that prevents potential exploitation.
Diff
diff --git a/AmazonCloudWatch/latest/monitoring/CloudWatch_Synthetics_Library_Nodejs.md b/AmazonCloudWatch/latest/monitoring/CloudWatch_Synthetics_Library_Nodejs.md index e425f76e7..47c789245 100644 --- a//AmazonCloudWatch/latest/monitoring/CloudWatch_Synthetics_Library_Nodejs.md +++ b//AmazonCloudWatch/latest/monitoring/CloudWatch_Synthetics_Library_Nodejs.md @@ -7 +7 @@ -syn-nodejs-4.2 +syn-nodejs-5.0 @@ -15 +15 @@ The naming convention for these runtime versions is `syn-`language` -`majorversi -## syn-nodejs-4.2 +## syn-nodejs-5.0 @@ -32,0 +33,20 @@ Starting Synthetics `syn-nodejs-3.1` and later, Synthetics runtime uses the new +**Changes in syn-nodejs-5.0** + + * Upgrade `brace-expansion` to 5.0.6 to address the following CVE: + + * GHSA-jxxr-4gwj-5jf2 + + + + +The following earlier runtime versions for Node.js are still supported. + +### syn-nodejs-4.2 + +**Major dependencies** : + + * AWS Lambda runtime Node.js 22.x + + + + @@ -64,2 +83,0 @@ Starting Synthetics `syn-nodejs-3.1` and later, Synthetics runtime uses the new -The following earlier runtime versions for Node.js are still supported. -