[Snyk] Upgrade firebase-admin from 9.1.1 to 9.10.0 #1
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode characters
Snyk has created this PR to upgrade firebase-admin from 9.1.1 to 9.10.0. See this package in npm: https://www.npmjs.com/package/firebase-admin See this project in Snyk: https://app.snyk.io/org/maxmood/project/ee11e8f2-3871-4b66-8f8c-fe8ada49b22f?utm_source=github&utm_medium=upgrade-pr
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Add this suggestion to a batch that can be applied as a single commit. This suggestion is invalid because no changes were made to the code. Suggestions cannot be applied while the pull request is closed. Suggestions cannot be applied while viewing a subset of changes. Only one suggestion per line can be applied in a batch. Add this suggestion to a batch that can be applied as a single commit. Applying suggestions on deleted lines is not supported. You must change the existing code in this line in order to create a valid suggestion. Outdated suggestions cannot be applied. This suggestion has been applied or marked resolved. Suggestions cannot be applied from pending reviews. Suggestions cannot be applied on multi-line comments. Suggestions cannot be applied while the pull request is queued to merge. Suggestion cannot be applied right now. Please check back later.
Snyk has created this PR to upgrade firebase-admin from 9.1.1 to 9.10.0.
ℹ️ Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.
The recommended version fixes:
SNYK-JS-NODEFORGE-598677
Why? Proof of Concept exploit, Has a fix available, CVSS 7.3
SNYK-JS-GRPCGRPCJS-1038818
Why? Proof of Concept exploit, Has a fix available, CVSS 7.3
SNYK-JS-FIREBASEUTIL-1038324
Why? Proof of Concept exploit, Has a fix available, CVSS 7.3
(*) Note that the real score may have changed since the PR was raised.
Release notes
Package name: firebase-admin
- 9.10.0 - 2021-06-24
- feat(fis): Adding the admin.installations() API for deleting Firebase installation IDs (#1187)
- fix: Updated TOC for new Auth type aliases (#1342)
- fix(docs): replace all global.html -> admin.html (#1341)
- fix(auth): Better type hierarchies for Auth API (#1294)
- [chore] Release 9.10.0 (#1345)
- build(deps-dev): bump @ types/minimist from 1.2.0 to 1.2.1 (#1336)
- build(deps-dev): bump gulp-filter from 6.0.0 to 7.0.0 (#1334)
- build(deps-dev): bump request-promise from 4.2.5 to 4.2.6 (#1331)
- build(deps): bump @ firebase/database from 0.10.0 to 0.10.4 (#1328)
- build(deps-dev): bump @ firebase/app from 0.6.21 to 0.6.26 (#1329)
- build(deps-dev): bump @ types/mocha from 2.2.48 to 8.2.2 (#1323)
- build(deps): bump @ google-cloud/firestore from 4.5.0 to 4.12.2 (#1325)
- build(deps-dev): bump bcrypt from 5.0.0 to 5.0.1 (#1324)
- build(deps-dev): bump @ types/sinon-chai from 3.2.4 to 3.2.5 (#1316)
- build(deps-dev): bump nock from 13.0.11 to 13.1.0 (#1313)
- build(deps-dev): bump @ types/jsonwebtoken from 8.5.0 to 8.5.1 (#1315)
- build(deps-dev): bump del from 2.2.2 to 6.0.0 (#1310)
- build(deps): bump ws from 7.3.1 to 7.4.6 (#1309)
- build(deps-dev): bump nock from 13.0.5 to 13.0.11 (#1311)
- Add OAuthResponseType to ToC (#1303)
- Update OIDC reference docs (#1305)
- 9.9.0 - 2021-05-26
- change: The Admin SDK now requires Node.js 10.13.0 or higher. (#1300)
- feat(auth): Added code flow support for OIDC flow. (#1220)
- fix(auth): make MFA uid optional for updateUser operations (#1278)
- fix: Revert regression introduced in #1257 (#1277)
- [chore] Release 9.9.0 (#1302)
- Fixed integration test failure of skipped tests (#1299)
- chore: Teporarily disabling sendToDeviceGroup integration test (#1292)
- build(deps-dev): bump @ microsoft/api-extractor from 7.11.2 to 7.15.2 (#1291)
- build(deps-dev): bump chalk from 1.1.3 to 4.1.1 (#1288)
- build(deps-dev): bump nyc from 14.1.1 to 15.1.0 (#1290)
- build(deps-dev): bump sinon from 9.0.2 to 9.2.4 (#1289)
- build(deps-dev): bump run-sequence from 1.2.2 to 2.2.1 (#1282)
- build(deps-dev): bump gulp-header from 1.8.12 to 2.0.9 (#1283)
- chore: Remove gulp-replace dependency (#1285)
- chore: Enabled dependabot (#1279)
- build(deps): bump jose from 2.0.4 to 2.0.5 (#1265)
- build(deps): bump handlebars from 4.7.6 to 4.7.7 (#1253)
- 9.8.0 - 2021-05-10
- fix: adds missing EMAIL_NOT_FOUND error code (#1246)
- [chore] Release 9.8.0 (#1266)
- Fix @ types/node conflict with grpc and port type (#1258)
- build(deps): bump hosted-git-info from 2.8.8 to 2.8.9 (#1260)
- feat: Add abuse reduction support (#1264)
- Fix storage emulator env formatting (#1257)
- build(deps): bump y18n from 3.2.1 to 3.2.2 (#1208)
- chore: Upgraded RTDB and other @ firebase dependencies (#1250)
- build(deps-dev): bump lodash from 4.17.19 to 4.17.21 (#1255)
- 9.7.0 - 2021-04-27
- 9.6.0 - 2021-03-29
- 9.5.0 - 2021-02-10
- 9.4.2 - 2020-12-09
- 9.4.1 - 2020-11-13
- fix(rc): Fix Version update time parsing failure (#1089)
- [chore] Release 9.4.1 (#1091)
- Reinstating tag that devsite needs present to supress machine translation. (#1090)
- 9.4.0 - 2020-11-12
- 9.3.0 - 2020-10-22
- 9.2.0 - 2020-09-15
- 9.1.1 - 2020-08-20
from firebase-admin GitHub release notesNew Features
Bug Fixes
Miscellaneous
Breaking Changes
New Features
Bug Fixes
Miscellaneous
Bug Fixes
Miscellaneous
Read more
Read more
Read more
Read more
Bug Fixes
Miscellaneous
Read more
Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.
For more information:
🧐 View latest project report
🛠 Adjust upgrade PR settings
🔕 Ignore this dependency or unsubscribe from future upgrade PRs