[Snyk] Upgrade firebase from 10.8.0 to 10.12.3 #37

iky95 · 2024-07-25T10:02:31Z

This PR was automatically created by Snyk using the credentials of a real user.

![snyk-top-banner](https://github.com/andygongea/OWASP-Benchmark/assets/818805/c518c423-16fe-447e-b67f-ad5a49b5d123)

Snyk has created this PR to upgrade firebase from 10.8.0 to 10.12.3.

ℹ️ Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.

The recommended version is 144 versions ahead of your current version.
The recommended version was released on 22 days ago.

Issues fixed by the recommended upgrade:

Issue	Score	Exploit Maturity
Uncontrolled Resource Consumption SNYK-JS-GRPCGRPCJS-7242922	345	No Known Exploit
Permissive Cross-domain Policy with Untrusted Domains SNYK-JS-UNDICI-6252336	345	No Known Exploit
Improper Access Control SNYK-JS-UNDICI-6564963	345	No Known Exploit
Improper Authorization SNYK-JS-UNDICI-6564964	345	No Known Exploit

Release notes

Package name: firebase

10.12.3 - 2024-07-03
For more detailed release notes, see Firebase JavaScript SDK Release Notes.

What's Changed

@ firebase/analytics@0.10.5

Patch Changes
- Updated dependencies [192561b15]:
- @ firebase/util@1.9.7
- @ firebase/component@0.6.8
- @ firebase/installations@0.6.8
@ firebase/analytics-compat@0.2.11

Patch Changes
- Updated dependencies [192561b15]:
- @ firebase/util@1.9.7
- @ firebase/analytics@0.10.5
- @ firebase/component@0.6.8
@ firebase/app@0.10.6

Patch Changes
- ed1c99379 #8335 - Guard the use of FinalizationRegistry in FirebaseServerApp initialization based on the availability of FinalizationRegistry in the runtime.
- 192561b15 #8315 (fixes #8299) - fix: server app should initialize in web workers
- f01806221 #8341 - The FirebaseServerAppSettings.name field inherited from FirebaseAppSettings is now omitted
  instead of overloading the value as undefined. This fixes a TypeScript compilation error. For more
  information, see GitHub Issue #8336.
- Updated dependencies [192561b15]:
- @ firebase/util@1.9.7
- @ firebase/component@0.6.8
@ firebase/app-check@0.8.5

Patch Changes
- Updated dependencies [192561b15]:
- @ firebase/util@1.9.7
- @ firebase/component@0.6.8
@ firebase/app-check-compat@0.3.12

Patch Changes
- Updated dependencies [192561b15]:
- @ firebase/util@1.9.7
- @ firebase/app-check@0.8.5
- @ firebase/component@0.6.8
@ firebase/app-compat@0.2.36

Patch Changes
- Updated dependencies [192561b15, ed1c99379, 192561b15, f01806221]:
- @ firebase/util@1.9.7
- @ firebase/app@0.10.6
- @ firebase/component@0.6.8
@ firebase/auth@1.7.5

Patch Changes
- Updated dependencies [192561b15]:
- @ firebase/util@1.9.7
- @ firebase/component@0.6.8
@ firebase/auth-compat@0.5.10

Patch Changes
- Updated dependencies [192561b15]:
- @ firebase/util@1.9.7
- @ firebase/auth@1.7.5
- @ firebase/component@0.6.8
@ firebase/component@0.6.8

Patch Changes
- Updated dependencies [192561b15]:
- @ firebase/util@1.9.7
@ firebase/database@1.0.6

Patch Changes
- Updated dependencies [192561b15]:
- @ firebase/util@1.9.7
- @ firebase/component@0.6.8
@ firebase/database-compat@1.0.6

Patch Changes
- Updated dependencies [192561b15]:
- @ firebase/util@1.9.7
- @ firebase/component@0.6.8
- @ firebase/database@1.0.6
- @ firebase/database-types@1.0.4
@ firebase/database-types@1.0.4

Patch Changes
- Updated dependencies [192561b15]:
- @ firebase/util@1.9.7
firebase@10.12.3

Patch Changes
- ed1c99379 #8335 - Guard the use of FinalizationRegistry in FirebaseServerApp initialization based on the availability of FinalizationRegistry in the runtime.
- ecadbe380 #8339 (fixes #8314) - Fix persistence multi-tab snapshot listener metadata sync issue.
- f01806221 #8341 - The FirebaseServerAppSettings.name field inherited from FirebaseAppSettings is now omitted
  instead of overloading the value as undefined. This fixes a TypeScript compilation error. For more
  information, see GitHub Issue #8336.
- Updated dependencies [192561b15, ed1c99379, 192561b15, ecadbe380, e7260e23d, f01806221]:
- @ firebase/util@1.9.7
- @ firebase/app@0.10.6
- @ firebase/firestore@4.6.4
- @ firebase/vertexai-preview@0.0.3
- @ firebase/analytics@0.10.5
- @ firebase/analytics-compat@0.2.11
- @ firebase/app-check@0.8.5
- @ firebase/app-check-compat@0.3.12
- @ firebase/app-compat@0.2.36
- @ firebase/auth@1.7.5
- @ firebase/auth-compat@0.5.10
- @ firebase/database@1.0.6
- @ firebase/database-compat@1.0.6
- @ firebase/firestore-compat@0.3.33
- @ firebase/functions@0.11.6
- @ firebase/functions-compat@0.3.12
- @ firebase/installations@0.6.8
- @ firebase/installations-compat@0.2.8
- @ firebase/messaging@0.12.10
- @ firebase/messaging-compat@0.2.10
- @ firebase/performance@0.6.8
- @ firebase/performance-compat@0.2.8
- @ firebase/remote-config@0.4.8
- @ firebase/remote-config-compat@0.2.8
- @ firebase/storage@0.12.6
- @ firebase/storage-compat@0.3.9
@ firebase/firestore@4.6.4

Patch Changes
- ecadbe380 #8339 (fixes #8314) - Fix persistence multi-tab snapshot listener metadata sync issue.
- Updated dependencies [192561b15, b09a267ba]:
- @ firebase/util@1.9.7
- @ firebase/webchannel-wrapper@1.0.1
- @ firebase/component@0.6.8
@ firebase/firestore-compat@0.3.33

Patch Changes
- Updated dependencies [192561b15, ecadbe380]:
- @ firebase/util@1.9.7
- @ firebase/firestore@4.6.4
- @ firebase/component@0.6.8
@ firebase/functions@0.11.6

Patch Changes
- Updated dependencies [192561b15]:
- @ firebase/util@1.9.7
- @ firebase/component@0.6.8
@ firebase/functions-compat@0.3.12

Patch Changes
- Updated dependencies [192561b15]:
- @ firebase/util@1.9.7
- @ firebase/component@0.6.8
- @ firebase/functions@0.11.6
@ firebase/installations@0.6.8

Patch Changes
- Updated dependencies [192561b15]:
- @ firebase/util@1.9.7
- @ firebase/component@0.6.8
@ firebase/installations-compat@0.2.8

Patch Changes
- Updated dependencies [192561b15]:
- @ firebase/util@1.9.7
- @ firebase/component@0.6.8
- @ firebase/installations@0.6.8
@ firebase/messaging@0.12.10

Patch Changes
- Updated dependencies [192561b15]:
- @ firebase/util@1.9.7
- @ firebase/component@0.6.8
- @ firebase/installations@0.6.8
@ firebase/messaging-compat@0.2.10

Patch Changes
- Updated dependencies [192561b15]:
- @ firebase/util@1.9.7
- @ firebase/component@0.6.8
- @ firebase/messaging@0.12.10
@ firebase/performance@0.6.8

Patch Changes
- Updated dependencies [192561b15]:
- @ firebase/util@1.9.7
- @ firebase/component@0.6.8
- @ firebase/installations@0.6.8
@ firebase/performance-compat@0.2.8

Patch Changes
- Updated dependencies [192561b15]:
- @ firebase/util@1.9.7
- @ firebase/component@0.6.8
- @ firebase/performance@0.6.8
@ firebase/remote-config@0.4.8

Patch Changes
- Updated dependencies [192561b15]:
- @ firebase/util@1.9.7
- @ firebase/component@0.6.8
- @ firebase/installations@0.6.8
@ firebase/remote-config-compat@0.2.8

Patch Changes
- Updated dependencies [192561b15]:
- @ firebase/util@1.9.7
- @ firebase/component@0.6.8
- @ firebase/remote-config@0.4.8
@ firebase/storage@0.12.6

Patch Changes
- Updated dependencies [192561b15]:
- @ firebase/util@1.9.7
- @ firebase/component@0.6.8
@ firebase/storage-compat@0.3.9

Patch Changes
- Updated dependencies [192561b15]:
- @ firebase/util@1.9.7
- @ firebase/component@0.6.8
- @ firebase/storage@0.12.6
@ firebase/util@1.9.7

Patch Changes
- 192561b15 #8315 (fixes #8299) - fix: browser detection (detect either window or web worker)
@ firebase/vertexai-preview@0.0.3

Patch Changes
- e7260e23d #8240 - Add a publicly exported VertexAIError class.
- Updated dependencies [192561b15]:
- @ firebase/util@1.9.7
- @ firebase/component@0.6.8
@ firebase/webchannel-wrapper@1.0.1

Patch Changes
- b09a267ba #8331 - fix: Fix a typo in the webchannel-wrapper's package.json that affected ems5 exports.
10.12.3-canary.fd8bd4b02 - 2024-07-16
10.12.3-canary.f58d48cd4 - 2024-07-16
10.12.3-canary.d752e8096 - 2024-07-10
10.12.3-canary.84fe88079 - 2024-07-10
10.12.3-canary.52f8deb1d - 2024-07-03
10.12.3-canary.4b4db85ff - 2024-07-15
10.12.3-canary.1b9d95e5a - 2024-07-19
10.12.3-canary.025f2a103 - 2024-07-18
10.12.3-20240703135951 - 2024-07-03
10.12.3-20240702143745 - 2024-07-02
10.12.2 - 2024-05-27
10.12.2-eap-firestore-backfiller.87babf60c - 2024-06-25
10.12.2-canary.f01806221 - 2024-07-01
10.12.2-canary.ed1c99379 - 2024-06-28
10.12.2-canary.ecadbe380 - 2024-06-28
10.12.2-canary.e7260e23d - 2024-06-25
10.12.2-canary.ca4139101 - 2024-06-20
10.12.2-canary.c60aac1de - 2024-07-02
10.12.2-canary.b09a267ba - 2024-06-24
10.12.2-canary.a90255a27 - 2024-06-05
10.12.2-canary.92a39b5ba - 2024-06-04
10.12.2-canary.872e6f63e - 2024-05-31
10.12.2-canary.8360014ac - 2024-06-21
10.12.2-canary.7c256b420 - 2024-05-29
10.12.2-canary.766a53ea9 - 2024-07-02
10.12.2-canary.5e16ccfb3 - 2024-05-30
10.12.2-canary.5c75bec14 - 2024-07-01
10.12.2-canary.576c1b1f7 - 2024-06-18
10.12.2-canary.436331ac4 - 2024-06-04
10.12.2-canary.3df57edf0 - 2024-05-31
10.12.2-canary.226fe8aa5 - 2024-06-27
10.12.2-canary.192561b15 - 2024-06-28
10.12.2-canary.08a3a936c - 2024-05-27
10.12.2-20240523185724 - 2024-05-23
10.12.1 - 2024-05-20
10.12.1-canary.aa060a7f6 - 2024-05-22
10.12.1-canary.7381f21a3 - 2024-05-20
10.12.1-canary.52d626655 - 2024-05-23
10.12.1-canary.4f157b486 - 2024-05-23
10.12.1-canary.3883133c3 - 2024-05-21
10.12.1-canary.370b6c8b7 - 2024-05-23
10.12.1-canary.0af23e02e - 2024-05-23
10.12.1-20240520195236 - 2024-05-20
10.12.0 - 2024-05-13
10.12.0-dataconnect-preview.877f8b7d0 - 2024-05-13
10.12.0-dataconnect-preview.388b61c7e - 2024-05-13
10.12.0-canary.f66769cca - 2024-05-15
10.12.0-canary.9cbb1845e - 2024-05-14
10.12.0-canary.8fb372afb - 2024-05-13
10.12.0-canary.43a8d99d2 - 2024-05-16
10.12.0-canary.2ce95696f - 2024-05-14
10.12.0-20240509155850 - 2024-05-09
10.12.0-20240508224036 - 2024-05-08
10.12.0-20240508213348 - 2024-05-08
10.11.1 - 2024-04-25
10.11.1-dataconnect-preview.f2ddc3d7b - 2024-05-08
10.11.1-dataconnect-preview.f2a1a4bfb - 2024-05-08
10.11.1-dataconnect-preview.b8e015c81 - 2024-05-08
10.11.1-dataconnect-preview.81ee5169c - 2024-05-09
10.11.1-dataconnect-preview.4f89ef789 - 2024-05-08
10.11.1-dataconnect-preview.42eb5e521 - 2024-05-08
10.11.1-dataconnect-preview.323fdc1b8 - 2024-05-09
10.11.1-canary.f631553c3 - 2024-05-06
10.11.1-canary.f25b9e53e - 2024-05-02
10.11.1-canary.e80b80738 - 2024-05-08
10.11.1-canary.ab883d016 - 2024-05-09
10.11.1-canary.7709f1016 - 2024-04-25
10.11.1-canary.506b8a6ab - 2024-05-08
10.11.1-canary.4b49630c7 - 2024-05-01
10.11.1-canary.14f9da66f - 2024-05-02
10.11.1-20240424141009 - 2024-04-24
10.11.0 - 2024-04-11
10.11.0-vertexai-preview.1aadc47ed - 2024-04-22
10.11.0-passkey-preview.103ead202 - 2024-05-20
10.11.0-canary.f24c9532a - 2024-04-22
10.11.0-canary.ef3039ba8 - 2024-04-14
10.11.0-canary.e1a7764cf - 2024-04-24
10.11.0-canary.db1ad5a82 - 2024-04-11
10.11.0-canary.d1eae3a10 - 2024-04-17
10.11.0-canary.c9a9babce - 2024-04-12
10.11.0-canary.be59b952a - 2024-04-12
10.11.0-canary.bd12e83cd - 2024-04-11
10.11.0-canary.b74d8a211 - 2024-04-20
10.11.0-canary.aa412d3b4 - 2024-04-15
10.11.0-canary.84f9ff008 - 2024-04-18
10.11.0-canary.826b57130 - 2024-04-11
10.11.0-canary.7db2e04c6 - 2024-04-11
10.11.0-canary.71ab2f536 - 2024-04-19
10.11.0-canary.6333607fe - 2024-04-18
10.11.0-canary.62a20ff98 - 2024-04-22
10.11.0-canary.55fef6d62 - 2024-04-18
10.11.0-canary.55435c9f3 - 2024-04-15
10.11.0-canary.4be78a3d2 - 2024-04-15
10.11.0-canary.44a66b91d - 2024-04-18
10.11.0-canary.399ae5ab9 - 2024-04-18
10.11.0-canary.36b283f3f - 2024-04-23
10.11.0-canary.07b2dc7df - 2024-04-15
10.11.0-canary.02b4ea928 - 2024-04-19
10.11.0-canary.337638470 - 2024-04-17
10.11.0-canary.224419457 - 2024-04-18
10.11.0-20240410213044 - 2024-04-10
10.11.0-20240409134135 - 2024-04-09
10.10.0 - 2024-03-28
10.10.0-vertexai-preview.f25ccbbaf - 2024-04-08
10.10.0-vertexai-preview.cdcc49eb9 - 2024-04-04
10.10.0-vertexai-preview.8b70fc586 - 2024-04-04
10.10.0-vertexai-preview.597bf4fbd - 2024-04-04
10.10.0-vertexai-preview.3d11ecc97 - 2024-04-10
10.10.0-vertex-preview.8b70fc586 - 2024-04-04
10.10.0-canary.fe09d8338 - 2024-04-08
10.10.0-canary.f1a57d00d - 2024-04-08
10.10.0-canary.b64b947b8 - 2024-04-03
10.10.0-canary.ad8d5470d - 2024-04-10
10.10.0-canary.a6fa54417 - 2024-04-09
10.10.0-canary.9297ef398 - 2024-04-09
10.10.0-canary.6d31930b3 - 2024-04-02
10.10.0-canary.666dddae0 - 2024-03-29
10.10.0-canary.6393c9592 - 2024-04-10
10.10.0-canary.42fcdfe4c - 2024-03-28
10.10.0-canary.36b261c65 - 2024-04-10
10.10.0-canary.13ddddf52 - 2024-04-10
10.10.0-canary.0068ed5ab - 2024-04-09
10.10.0-20240326182825 - 2024-03-26
10.9.0 - 2024-03-14
10.9.0-canary.ed84efe50 - 2024-03-23
10.9.0-canary.c8a2568dd - 2024-03-26
10.9.0-canary.c6ecac8ac - 2024-03-28
10.9.0-canary.9fc463325 - 2024-03-25
10.9.0-canary.9ca1a4e4f - 2024-03-21
10.9.0-canary.89541ef74 - 2024-03-22
10.9.0-canary.1eb302f5a - 2024-03-14
10.9.0-canary.1494c4b80 - 2024-03-14
10.9.0-canary.0c5150106 - 2024-03-20
10.9.0-20240312134553 - 2024-03-12
10.8.2-20240311134132 - 2024-03-11
10.8.1 - 2024-02-28
10.8.1-canary.feb5038e5 - 2024-03-08
10.8.1-canary.e60188d47 - 2024-02-28
10.8.1-canary.ce88e71e7 - 2024-03-11
10.8.1-canary.6d487d7de - 2024-03-11
10.8.1-canary.2b22838aa - 2024-03-08
10.8.1-canary.245dd26e1 - 2024-03-06
10.8.1-20240227144051 - 2024-02-27
10.8.0 - 2024-02-01

from firebase GitHub release notes

Important

Check the changes in this PR to ensure they won't cause issues with your project.
This PR was automatically created by Snyk using the credentials of a real user.
Max score is 1000. Note that the real score may have changed since the PR was raised.

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.

For more information:

🧐 View latest project report

📜 Customise PR templates

🛠 Adjust upgrade PR settings

🔕 Ignore this dependency or unsubscribe from future upgrade PRs

Snyk has created this PR to upgrade firebase from 10.8.0 to 10.12.3. See this package in npm: firebase See this project in Snyk: https://app.snyk.io/org/iky95/project/83f1092f-ac3c-4fa1-9c02-b20d0611d341?utm_source=github&utm_medium=referral&page=upgrade-pr

github-actions · 2024-07-25T10:02:46Z

Hey there and thank you for opening this pull request! 👋🏼

We require pull request titles to follow the Conventional Commits specification and it looks like your proposed title needs to be adjusted.

Details:

No release type found in pull request title "[Snyk] Upgrade firebase from 10.8.0 to 10.12.3". Add a prefix to indicate what kind of release this pull request corresponds to. For reference, see https://www.conventionalcommits.org/

Available types:
 - build
 - chore
 - ci
 - docs
 - feat
 - impr
 - fix
 - perf
 - refactor
 - revert
 - style
 - test

github-actions · 2024-08-01T20:32:00Z

This PR is stale. Please trigger a re-run of the PR check action.

github-actions bot added the Stale label Aug 1, 2024

github-actions bot closed this Aug 9, 2024

[Snyk] Upgrade firebase from 10.8.0 to 10.12.3 #37

[Snyk] Upgrade firebase from 10.8.0 to 10.12.3 #37

Uh oh!

Conversation

iky95 commented Jul 25, 2024

Snyk has created this PR to upgrade firebase from 10.8.0 to 10.12.3.

Issues fixed by the recommended upgrade:

What's Changed

@ firebase/analytics@0.10.5

Patch Changes

@ firebase/analytics-compat@0.2.11

Patch Changes

@ firebase/app@0.10.6

Patch Changes

@ firebase/app-check@0.8.5

Patch Changes

@ firebase/app-check-compat@0.3.12

Patch Changes

@ firebase/app-compat@0.2.36

Patch Changes

@ firebase/auth@1.7.5

Patch Changes

@ firebase/auth-compat@0.5.10

Patch Changes

@ firebase/component@0.6.8

Patch Changes

@ firebase/database@1.0.6

Patch Changes

@ firebase/database-compat@1.0.6

Patch Changes

@ firebase/database-types@1.0.4

Patch Changes

firebase@10.12.3

Patch Changes

@ firebase/firestore@4.6.4

Patch Changes

@ firebase/firestore-compat@0.3.33

Patch Changes

@ firebase/functions@0.11.6

Patch Changes

@ firebase/functions-compat@0.3.12

Patch Changes

@ firebase/installations@0.6.8

Patch Changes

@ firebase/installations-compat@0.2.8

Patch Changes

@ firebase/messaging@0.12.10

Patch Changes

@ firebase/messaging-compat@0.2.10

Patch Changes

@ firebase/performance@0.6.8

Patch Changes

@ firebase/performance-compat@0.2.8

Patch Changes

@ firebase/remote-config@0.4.8

Patch Changes

@ firebase/remote-config-compat@0.2.8

Patch Changes

@ firebase/storage@0.12.6

Patch Changes

@ firebase/storage-compat@0.3.9

Patch Changes

@ firebase/util@1.9.7

Patch Changes

@ firebase/vertexai-preview@0.0.3

Patch Changes

@ firebase/webchannel-wrapper@1.0.1

Patch Changes

Uh oh!

github-actions bot commented Jul 25, 2024

Uh oh!

github-actions bot commented Aug 1, 2024

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!