to resolve security related issues (#5223)

* update-readme.md

* update readme.md

* to resolve security issues

* suppress the test recording cred scan failure

* try suppression rule

* try to resolve credscan issue

* fix credscan

* try use placeholder

.config/CredScanSuppressions.json

@@ -0,0 +1,76 @@
+
+{
+    "tool": "Credential Scanner",
+    "suppressions": [
+        {
+            "file": [
+                "lib\\services\\datafactoryManagement\\lib\\models\\index.d.ts",
+                "test\\recordings\\blobservice-tests.nock.js",
+                "runtime\\ms-rest-azure\\index.d.ts",
+                "runtime\\ms-rest-azure\\lib\\login.js",
+                "runtime\\ms-rest-azure\\lib\\credentials\\msiAppServiceTokenCredentials.js",
+                "test\\recordings\\mpnsservice-tests.nock.js",
+                "test\\recordings\\scmservice-tests.nock.js",
+                "test\\recordings\\serviceBusManagement-tests.nock.js",
+                "runtime\\ms-rest-azure\\test\\msiAppServiceTokenCredentialTests.js",
+                "runtime\\ms-rest-azure\\test\\data\\auth-customEnv.json",
+                "runtime\\ms-rest-azure\\test\\data\\auth-usProd.json",
+                "test\\recordings\\serviceManagement-tests.nock.js",
+                "test\\azure-tests.js",
+                "test\\common\\hmacsha256sign-tests.js",
+                "test\\recordings\\wnsservice-tests.nock.js",
+                "test\\common\\storageservicesettings-tests.js",
+                "test\\data\\certificate.pem",
+                "test\\recordings\\batchmanagementservice-tests\\Batch_Management_operations_should_get_account_keys_successfully.nock.js",
+                "test\\recordings\\batchmanagementservice-tests\\Batch_Management_operations_should_regenerate_keys_successfully.nock.js",
+                "test\\recordings\\iothub-tests\\IoTHub_IoTHub_Lifecycle_Test_should_get_all_the_iothub_keys_successfully.nock.js",
+                "test\\recordings\\iothub-tests\\IoTHub_IoTHub_Lifecycle_Test_should_get_a_specific_iothub_key_successfully.nock.js",
+                "test\\recordings\\storagemanagementservice-tests\\Storage_Management_storage_accounts_should_list_all_the_storage_account_keys.nock.js",
+                "test\\recordings\\iothub-tests\\IoTHub_IoTHub_Lifecycle_Test_should_update_the_iothub_successfully.nock.js",
+                "test\\recordings\\iothub-tests\\IoTHub_IoTHub_Lifecycle_Test_Suite_retrieve_connection_string_for_external_routing_eventhub_EH_1.nock.js",
+                "test\\recordings\\iothub-tests\\IoTHub_IoTHub_Lifecycle_Test_Suite_retrieve_connection_string_for_external_routing_eventhub_EH_2.nock.js",
+                "test\\recordings\\storagemanagementservice-tests\\Storage_Management_storage_accounts_should_regenerate_storage_account_keys.nock.js",
+                "test\\recordings\\iothub-tests\\IoTHub_IoTHub_Lifecycle_Test_Suite_retrieve_connection_string_for_external_routing_queue_-_Queue1.nock.js",
+                "test\\recordings\\iothub-tests\\IoTHub_IoTHub_Lifecycle_Test_Suite_retrieve_connection_string_for_external_routing_topic_-_Topic1.nock.js",
+                "test\\recordings\\datalakeAnalyticsManagement-tests\\Data_Lake_Analytics_Clients_Account_Job_and_Catalog_Data_Lake_Analytics_Account_adding_and_removing_blob_storage_accounts_to_the_account_should_work.nock.js",
+                "test\\recordings\\iothub-tests\\IoTHub_IoTHub_Lifecycle_Test_Suite_should_create_the_iothub_successfully.nock.js",
+                "test\\services\\batch\\batchClient-tests.js",
+                "test\\services\\batchManagement\\batchManagementClient-tests.js",
+                "test\\recordings\\iothub-tests\\IoTHub_IoTHub_Lifecycle_Test_Suite_should_get_all_the_iothub_keys_successfully.nock.js",
+                "test\\recordings\\iothub-tests\\IoTHub_IoTHub_Lifecycle_Test_Suite_should_get_a_specific_iothub_key_successfully.nock.js",
+                "test\\recordings\\iothub-tests\\IoTHub_IoTHub_Lifecycle_Test_Suite_should_update_the_iothub_successfully.nock.js",
+                "test\\recordings\\notificationhubsservice-Hub-tests\\Notification_Hubs_Management_NotificationHub_Tests_CRUD.nock.js",
+                "test\\recordings\\notificationhubsservice-NS-tests\\Notification_Hubs_Management_Namespace_Tests_CRUD.nock.js",
+                "test\\recordings\\powerbiembeddedmanagementclient-tests\\PowerBI_Embedded_Management_Client_workspace_collections_get_access_keys_for_workspace_collection.nock.js",
+                "test\\recordings\\powerbiembeddedmanagementclient-tests\\PowerBI_Embedded_Management_Client_workspace_collections_regenerate_access_keys_for_the_workspace_collection.nock.js",
+                "test\\recordings\\servermanagement-tests\\ServerManagement_Creates_a_node_for_this_PC..nock.js",
+                "test\\recordings\\servermanagement-tests\\ServerManagement_Creates_a_session_and_makes_a_powershell_call..nock.js",
+                "test\\services\\table\\tableservice-tests.js",
+                "test\\services\\table\\internal\\sharedkeylitetable-tests.js",
+                "test\\services\\blob\\blobservice-tests.js",
+                "test\\services\\blob\\internal\\sharedaccesssignature-tests.js",
+                "test\\services\\blob\\internal\\sharedkey-tests.js",
+                "test\\services\\keyVault\\keyVault-certificate-tests.js",
+                "test\\services\\mysqlManagement\\mySQLManagementClient-tests.js",
+                "test\\services\\postgresqlManagement\\postgreSQLManagementClient-tests.js",
+                "test\\services\\queue\\queueservice-tests.js",
+                "test\\services\\serviceBus\\servicebusservice-tests.js",
+                "test\\services\\sql\\sqlmanagementservice-tests.js",
+                "test\\services\\sql\\sqlservice-tests.js"
+            ],
+            "_justification": "This is the secret place holder used by test"
+        },
+        {
+            "placeholder": "Pa$$w0rd",
+            "_justification": "This is the secret place holder used by test"
+        },
+        {
+            "placeholder": "WinterisComing!",
+            "_justification": "This is the secret place holder used by test"
+        },
+        {
+            "placeholder": "F00Bar!!",
+            "_justification": "This is the secret place holder used by test"
+        }
+    ]
+}

README.md

@@ -1,11 +1,11 @@
 # Announcing the new Azure SDK for JavaScript
 
-We are excited to announce that we are building a new [Azure SDK for JavaScript](https://github.com/azure/azure-sdk-for-js) in a new GitHub repo located here: https://github.com/azure/azure-sdk-for-js.
+We are excited to announce that we are building a new [Azure SDK for JavaScript](https://github.com/azure/azure-sdk-for-js) in a new GitHub repo located here: https://github.com/azure/azure-sdk-for-js.  
 These packages ship with TypeScript type definitions and have both Node.js and Browser support.
 
 Below are key points regarding deprecation of the packages in this repo and migration to the new packages
 
-- All of the management plane SDKs (`azure-arm-*`) and most of the data plane SDKs (`azure-*`), along with the rollup package `azure` in this repository, are deprecated as of **July, 2019**. They have been replaced by the [Azure SDK for JavaScript](https://github.com/azure/azure-sdk-for-js) packages.
+- All of the management plane SDKs (`azure-arm-*`) and most of the data plane SDKs (`azure-*`), along with the rollup package `azure` in this repository, have been deprecated as of **July, 2019**. They have been replaced by the [Azure SDK for JavaScript](https://github.com/azure/azure-sdk-for-js) packages.
 - All of the management plane SDKs for the V1 Azure API (Azure Service Management) `azure-asm-*` will continue to be maintained from the Azure SDK for Node.js repository. We expect customers using these packages to move to Azure Resource Manager API packages at their earliest convenience.
 - To migrate your code from **Azure SDK for Node.js** to the new **Azure SDK for JavaScript**, first identify the counterparts in the new SDK and then read our [Migration from Node.js packages (azure-sdk-for-node) to JavaScript packages (azure-sdk-for-js)](https://github.com/Azure/azure-sdk-for-js/blob/master/documentation/Migration.md) article.
 

lib/common/package.json

@@ -11,7 +11,7 @@
     "Tavares, Chris <ctavares@microsoft.com>",
     "Kulshrestha, Ankur <ankurkul@microsoft.com>"
   ],
-  "version": "0.9.26",
+  "version": "0.9.27",
   "description": "Microsoft Azure Common Client Library for node",
   "tags": [
     "azure",
@@ -31,7 +31,7 @@
     "through": "~2.3.4",
     "tunnel": "~0.0.2",
     "underscore": "^1.13.1",
-    "validator": "^9.4.1",
+    "validator": "13.7.0",
     "xml2js": "^0.4.19",
     "xmlbuilder": "15.1.1"
   },

runtime/ms-rest/package.json

@@ -5,7 +5,7 @@
     "email": "azsdkteam@microsoft.com",
     "url": "https://github.com/Azure/azure-sdk-for-node"
   },
-  "version": "2.5.4",
+  "version": "2.5.5",
   "description": "Client Runtime for Node.js client libraries generated using AutoRest",
   "tags": [
     "node",
@@ -28,6 +28,7 @@
     "is-stream": "^1.1.0",
     "moment": "^2.21.0",
     "request": "^2.88.0",
+    "http-signature": "1.3.6",
     "through": "^2.3.8",
     "tunnel": "0.0.5",
     "uuid": "^3.2.1"