From 11f76ade5d97116bf9b6ec1d879c0aa8f45cb578 Mon Sep 17 00:00:00 2001
From: Anan Zhuang <ananzh@amazon.com>
Date: Thu, 30 Mar 2023 01:05:50 +0000
Subject: [PATCH] [CVE-2021-23490][1.x] Bump parse-link-header from 1.0.1 to
 2.0.0

Issue Resolve
https://github.com/opensearch-project/OpenSearch-Dashboards/issues/1111

Backport PR
https://github.com/opensearch-project/OpenSearch-Dashboards/pull/1108

Signed-off-by: Anan Zhuang <ananzh@amazon.com>
---
 CHANGELOG.md                   | 2 ++
 packages/osd-test/package.json | 2 +-
 yarn.lock                      | 8 ++++----
 3 files changed, 7 insertions(+), 5 deletions(-)

diff --git a/CHANGELOG.md b/CHANGELOG.md
index ee3e300b611f..a6332fcac3bc 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -9,6 +9,8 @@ Inspired from [Keep a Changelog](https://keepachangelog.com/en/1.0.0/)
 
 ### 🛡 Security
 
+- [CVE-2021-23490] Bump parse-link-header from `1.0.1` to `2.0.0` ([#3738](https://github.com/opensearch-project/OpenSearch-Dashboards/pull/3738))
+
 ### 📈 Features/Enhancements
 
 - [Optimizer] Increase timeout waiting for the exiting of an optimizer worker ([#3193](https://github.com/opensearch-project/OpenSearch-Dashboards/pull/3193))
diff --git a/packages/osd-test/package.json b/packages/osd-test/package.json
index b1bf2f50f4b5..3d36be8507f4 100644
--- a/packages/osd-test/package.json
+++ b/packages/osd-test/package.json
@@ -33,7 +33,7 @@
     "glob": "^7.1.7",
     "joi": "^13.5.2",
     "lodash": "^4.17.21",
-    "parse-link-header": "^1.0.1",
+    "parse-link-header": "^2.0.0",
     "rxjs": "^6.5.5",
     "strip-ansi": "^6.0.0",
     "tar-fs": "^2.1.0",
diff --git a/yarn.lock b/yarn.lock
index a7245bc6235d..aef4f9e03ba8 100644
--- a/yarn.lock
+++ b/yarn.lock
@@ -16327,10 +16327,10 @@ parse-json@^5.0.0:
     json-parse-better-errors "^1.0.1"
     lines-and-columns "^1.1.6"
 
-parse-link-header@^1.0.1:
-  version "1.0.1"
-  resolved "https://registry.yarnpkg.com/parse-link-header/-/parse-link-header-1.0.1.tgz#bedfe0d2118aeb84be75e7b025419ec8a61140a7"
-  integrity sha1-vt/g0hGK64S+deewJUGeyKYRQKc=
+parse-link-header@^2.0.0:
+  version "2.0.0"
+  resolved "https://registry.yarnpkg.com/parse-link-header/-/parse-link-header-2.0.0.tgz#949353e284f8aa01f2ac857a98f692b57733f6b7"
+  integrity sha512-xjU87V0VyHZybn2RrCX5TIFGxTVZE6zqqZWMPlIKiSKuWh/X5WZdt+w1Ki1nXB+8L/KtL+nZ4iq+sfI6MrhhMw==
   dependencies:
     xtend "~4.0.1"