Upgrade @aws-sdk/client-lambda package to latest version due to a security fix on fast-xml-parser

[RayceeM]

Bug Report

Because of a security vulnerability issue on fast-xml-parser package that was fixed on their latest version 4.2.4, an upgrade of @aws-sdk/client-lambda dependency will be highly appreciated to fix the vulnerability for projects using serverless-offline

Current Behavior

The current serverless-offline npm package has an outdated@aws-sdk/client-lambda which is missing a security fix applied on fast-xml-parser

Expected behavior/code

The new serverless-offline npm package will have updated @aws-sdk/client-lambda that will contain the security fix on fast-xml-parser

Environment

• serverless version: 3.27.0
• serverless-offline version: 12.0.4
• node.js version: 16.17.0
• OS: macOS Ventura 13.4

Possible Solution upgrade @aws-sdk/client-lambda to the latest stable version and create a new serverless-offline release

[aaleksandrov]

Any update on this ? Some of our pipelines got stall because of this

[sergiodurand]

1702 was merged but since the tests are failing I'm still missing the new release.

I've created the PR #1717 to fix the failing tests.