[Snyk] Fix for 1 vulnerabilities

[rubenfiszel]

Snyk has created this PR to fix 1 vulnerabilities in the npm dependencies of this project.

Snyk changed the following file(s):

• benchmarks/pulumi/package.json
• benchmarks/pulumi/package-lock.json

Vulnerabilities that will be fixed with an upgrade:

	Issue	Score
	Regular Expression Denial of Service (ReDoS) SNYK-JS-BRACEEXPANSION-9789073	508

---

Important

• Check the changes in this PR to ensure they won't cause issues with your project.
• Max score is 1000. Note that the real score may have changed since the PR was raised.
• This PR was automatically created by Snyk using the credentials of a real user.

---

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information:
🧐 View latest project report
📜 Customise PR templates
🛠 Adjust project settings
📚 Read about Snyk's upgrade logic

---

Learn how to fix vulnerabilities with free interactive lessons:

🦉 Regular Expression Denial of Service (ReDoS)

---

Important

Upgrade @pulumi/aws and @pulumi/awsx in package.json to fix a ReDoS vulnerability.

• Dependencies:
  • Upgrade @pulumi/aws from ^5.0.0 to ^6.18.1 in package.json to address ReDoS vulnerability.
  • Upgrade @pulumi/awsx from ^1.0.4 to ^2.0.2 in package.json for the same reason.
• Vulnerability Fix:
  • Fixes Regular Expression Denial of Service (ReDoS) vulnerability identified as [SNYK-JS-BRACEEXPANSION-9789073].

^{This description was created by for b1af0e0. You can customize this summary. It will automatically update as commits are pushed.}

[ellipsis-dev]

Important

Looks good to me! 👍

Reviewed everything up to b1af0e0 in 45 seconds. Click for details.

• Reviewed 15 lines of code in 1 files
• Skipped 1 files when reviewing.
• Skipped posting 2 draft comments. View those below.
• Modify your settings and rules to customize what types of comments Ellipsis leaves. And don't forget to react with 👍 or 👎 to teach Ellipsis.

1. benchmarks/pulumi/package.json:9

• Draft comment:
  Major version update for @pulumi/aws (from ^5.0.0 to ^6.18.1). Ensure to review any breaking changes in the new API.
• Reason this comment was not posted:
  Comment did not seem useful. Confidence is useful = 0% <= threshold 50% This comment is about a major version update for a dependency, which is related to dependencies. The comment advises to review breaking changes, which falls under asking the PR author to ensure something. This violates the rules.

2. benchmarks/pulumi/package.json:10

• Draft comment:
  Major version update for @pulumi/awsx (from ^1.0.4 to ^2.0.2). Verify that your configurations remain compatible.
• Reason this comment was not posted:
  Comment did not seem useful. Confidence is useful = 0% <= threshold 50% This comment is about a major version update for a dependency. It asks the PR author to verify compatibility, which is against the rules. The comment does not provide a specific suggestion or point out a specific issue with the code.

Workflow ID: wflow_inTus4ZiGlw2iIva

^{You can customize by changing your verbosity settings, reacting with 👍 or 👎, replying to comments, or adding code review rules.}

[cloudflare-workers-and-pages]

Deploying windmill with    Cloudflare Pages

Latest commit:	b1af0e0
Status:	✅  Deploy successful!
Preview URL:	https://225949bf.windmill.pages.dev
Branch Preview URL:	https://snyk-fix-3403a171c26d9686f43.windmill.pages.dev

View logs