Skip to content

[Snyk] Upgrade firebase-admin from 11.6.0 to 11.11.1 #2

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
roblo1801 wants to merge 1 commit into
base: main
Choose a base branch
from
Open

[Snyk] Upgrade firebase-admin from 11.6.0 to 11.11.1 #2

roblo1801 wants to merge 1 commit into from

Conversation

@roblo1801
Copy link
Owner

@roblo1801 roblo1801 commented May 17, 2024

This PR was automatically created by Snyk using the credentials of a real user.


Snyk has created this PR to upgrade firebase-admin from 11.6.0 to 11.11.1.

ℹ️ Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.

  • The recommended version is 7 versions ahead of your current version.

  • The recommended version was released 6 months ago, on 2023-11-23.

The recommended version fixes:

Severity Issue PriorityScore (*) Exploit Maturity
Infinite loop
SNYK-JS-MARKDOWNIT-6483324		 482/1000
Why? Proof of Concept exploit, CVSS 7.5		 Proof of Concept
Prototype Pollution
SNYK-JS-PROTOBUFJS-5756498		 482/1000
Why? Proof of Concept exploit, CVSS 7.5		 Proof of Concept

(*) Note that the real score may have changed since the PR was raised.

Release notes
Package name: firebase-admin
  • 11.11.1 - 2023-11-23

    Miscellaneous

    • [chore] Release 11.11.1 (#2387)
    • build(deps): bump jwks-rsa from 3.0.1 to 3.1.0 (#2381)
    • chore(deps): bump google-cloud/firestore to 6.8.0 (#2385)
    • build(deps-dev): bump @ microsoft/api-extractor from 7.36.3 to 7.38.3 (#2380)
    • build(deps-dev): bump @ types/sinon-chai from 3.2.9 to 3.2.12 (#2366)
    • build(deps-dev): bump @ babel/traverse from 7.21.4 to 7.23.2 (#2343)
    • build(deps-dev): bump eslint from 8.50.0 to 8.51.0 (#2330)
    • build(deps-dev): bump @ types/firebase-token-generator (#2322)
    • Bug Fix for issue #2320 (#2321)
  • 11.11.0 - 2023-09-28

    New Features

    • feat(auth): Add Email Privacy support in Project and Tenant config (#2198)

    Miscellaneous

    • [chore] Release 11.11.0 (#2315)
    • build(deps-dev): bump @ types/lodash from 4.14.197 to 4.14.199 (#2309)
    • build(deps-dev): bump eslint from 8.47.0 to 8.50.0 (#2311)
    • Update github.ref value in release.yml (#2313)
    • build(deps-dev): bump nock from 13.3.2 to 13.3.3 (#2288)
    • build(deps-dev): bump bcrypt from 5.1.0 to 5.1.1 (#2289)
    • build(deps-dev): bump eslint from 8.43.0 to 8.47.0 (#2279)
    • build(deps-dev): bump @ types/lodash from 4.14.195 to 4.14.197 (#2280)
    • build(deps-dev): bump @ typescript-eslint/eslint-plugin (#2282)
    • build(deps-dev): bump nock from 13.3.1 to 13.3.2 (#2270)
    • build(deps-dev): bump @ firebase/auth-compat from 0.4.3 to 0.4.4 (#2273)
    • build(deps-dev): bump @ typescript-eslint/parser from 5.59.9 to 5.62.0 (#2264)
    • build(deps): bump @ google-cloud/firestore from 6.6.1 to 6.7.0 (#2265)
    • build(deps-dev): bump @ types/uuid from 9.0.1 to 9.0.2 (#2267)
    • build(deps-dev): bump @ firebase/app-compat from 0.2.13 to 0.2.15 (#2263)
    • build(deps): bump @ google-cloud/storage from 6.11.0 to 6.12.0 (#2253)
    • build(deps-dev): bump @ microsoft/api-extractor from 7.36.1 to 7.36.3 (#2261)
    • build(deps): bump word-wrap from 1.2.3 to 1.2.4 (#2256)
    • build(deps): bump @ types/node from 20.3.2 to 20.4.2 (#2255)
    • build(deps-dev): bump @ firebase/auth-compat from 0.4.2 to 0.4.3 (#2252)
  • 11.10.1 - 2023-07-13

    Miscellaneous

    • [chore] Release 11.10.1 (#2248)
    • Revert "chore: upgrade databse-compat (#2244)" (#2247)
  • 11.10.0 - 2023-07-12

    New Features

    • feat(functions): Add features to task queue functions (#2216)
    • feat(auth): Add TotpInfo field to UserRecord (#2197)
    • feat(storage): Add getDownloadUrl method to the Storage API (#2036)

    Bug Fixes

    • fix: Update TOTP docstrings (#2245)

    Miscellaneous

    • [chore] Release 11.10.0 (#2246)
    • chore: upgrade databse-compat (#2244)
    • build(deps): bump semver from 5.7.1 to 5.7.2 (#2242)
    • build(deps-dev): bump @ microsoft/api-extractor from 7.36.0 to 7.36.1 (#2239)
    • build(deps-dev): bump sinon from 15.0.4 to 15.2.0 (#2240)
    • Fixed docgen for getDownloadURL (#2241)
    • Fix Memory Leak in AsyncHttpCall affecting auth.listUsers (#2236)
    • build(deps): bump @ google-cloud/storage from 6.9.5 to 6.11.0 (#2231)
    • build(deps): bump @ google-cloud/firestore from 6.6.0 to 6.6.1 (#2232)
    • build(deps-dev): bump @ firebase/app-compat from 0.2.7 to 0.2.13 (#2233)
    • Fixes to password policy validation (#2227)
    • Fix nesting in auth config tests (#2228)
    • build(deps-dev): bump eslint from 8.41.0 to 8.43.0 (#2218)
    • build(deps-dev): bump @ typescript-eslint/eslint-plugin (#2223)
    • build(deps-dev): bump @ microsoft/api-extractor from 7.34.4 to 7.36.0 (#2219)
    • build(deps): bump @ types/node from 18.16.3 to 20.3.2 (#2224)
    • Expose MultiDB within Firestore (#2209)
    • build(deps-dev): bump @ typescript-eslint/parser from 5.59.2 to 5.59.9 (#2205)
    • build(deps-dev): bump @ types/lodash from 4.14.194 to 4.14.195 (#2206)
    • build(deps-dev): bump @ firebase/auth-compat from 0.4.1 to 0.4.2 (#2208)
  • 11.9.0 - 2023-05-30

    New Features

    • feat(auth): Add Password Policies support in Project and Tenant config (#2107)

    Bug Fixes

    • fix(firestore): Export Filter type from Firestore (#2192)

    Miscellaneous

    • [chore] Release 11.9.0 (#2196)
    • build(deps-dev): bump yargs from 17.7.1 to 17.7.2 (#2199)
    • build(deps-dev): bump @ typescript-eslint/eslint-plugin (#2200)
    • build(deps-dev): bump @ types/firebase-token-generator (#2201)
    • chore: Upgrade Firestore to v6.6.0 (#2193)
    • fix Unsafe JavaScript Equality Checking (#2183)
    • build(deps-dev): bump nock from 13.3.0 to 13.3.1 (#2187)
    • build(deps-dev): bump @ typescript-eslint/eslint-plugin (#2188)
    • build(deps-dev): bump eslint from 8.40.0 to 8.41.0 (#2189)
    • build(deps-dev): bump @ typescript-eslint/eslint-plugin (#2182)
    • build(deps-dev): bump @ types/chai from 4.3.4 to 4.3.5 (#2178)
    • build(deps-dev): bump eslint from 8.39.0 to 8.40.0 (#2177)
    • chore: Pin firebase-tools@11.30.0 to fix the CIs (#2185)
  • 11.8.0 - 2023-05-04

    New Features

    • feat(appcheck): Added replay protection feature to App Check verifyToken() API (#2148)

    Miscellaneous

    • [chore] Release 11.8.0 (#2175)
    • build(deps-dev): bump @ firebase/auth-compat from 0.3.7 to 0.4.1 (#2173)
    • build(deps): bump @ types/node from 18.16.1 to 18.16.3 (#2172)
    • build(deps-dev): bump @ typescript-eslint/parser from 5.59.0 to 5.59.2 (#2171)
    • build(deps): bump @ types/node from 18.15.11 to 18.16.1 (#2166)
    • build(deps-dev): bump eslint from 8.38.0 to 8.39.0 (#2160)
    • build(deps-dev): bump sinon from 15.0.3 to 15.0.4 (#2162)
  • 11.7.0 - 2023-04-18

    New Features

    • feat(auth): reCAPTCHA Public preview (#2129)
    • feat(fcm): Add sendEach and sendEachForMulticast for FCM batch send (#2138)

    Miscellaneous

    • [chore] Release 11.7.0 (#2158)
    • build(deps-dev): bump @ types/sinon from 10.0.13 to 10.0.14 (#2157)
    • build(deps-dev): bump @ types/lodash from 4.14.192 to 4.14.194 (#2156)
    • build(deps-dev): bump @ typescript-eslint/parser from 5.58.0 to 5.59.0 (#2154)
    • chore: Upgrade dependencies (#2147)
  • 11.6.0 - 2023-04-06

    New Features

    • feat(auth): Add TOTP support in Project and Tenant config (#1989)

    Changed

    • Deprecate sendToDevice and sendToDeviceGroup and their response classes (#2090)

    Miscellaneous

    • [chore] Release 11.6.0 (#2139)
    • chore: update app check integration tests (#2140)
    • build(deps-dev): bump @ typescript-eslint/eslint-plugin (#2134)
    • build(deps-dev): bump @ firebase/auth-compat from 0.3.5 to 0.3.7 (#2133)
    • build(deps-dev): bump @ typescript-eslint/parser from 5.56.0 to 5.57.1 (#2135)
    • build(deps): bump @ google-cloud/storage from 6.9.4 to 6.9.5 (#2136)
    • build(deps-dev): bump sinon from 15.0.2 to 15.0.3 (#2126)
    • build(deps): bump @ firebase/database-compat from 0.3.1 to 0.3.4 (#2125)
    • build(deps): bump @ types/node from 18.15.5 to 18.15.10 (#2123)
    • build(deps-dev): bump eslint from 8.35.0 to 8.36.0 (#2124)
    • build(deps-dev): bump @ firebase/auth-compat from 0.3.1 to 0.3.5 (#2127)
    • build(deps-dev): bump sinon from 15.0.1 to 15.0.2 (#2120)
    • build(deps): bump @ google-cloud/storage from 6.9.3 to 6.9.4 (#2119)
    • build(deps-dev): bump @ firebase/app-compat from 0.2.3 to 0.2.5 (#2118)
    • build(deps-dev): bump @ typescript-eslint/eslint-plugin (#2121)
    • build(deps): bump @ types/node from 18.15.3 to 18.15.5 (#2117)
    • build(deps): bump @ firebase/database-types from 0.10.3 to 0.10.4 (#2101)
    • build(deps-dev): bump yargs from 17.6.0 to 17.7.1 (#2099)
    • build(deps-dev): bump @ typescript-eslint/parser from 5.48.2 to 5.56.0 (#2115)
    • build(deps): bump @ types/node from 18.14.2 to 18.15.3 (#2114)
    • build(deps): bump @ google-cloud/firestore from 6.4.3 to 6.5.0 (#2102)
    • build(deps): bump @ types/node from 18.13.0 to 18.14.2 (#2088)
    • build(deps-dev): bump @ types/uuid from 8.3.4 to 9.0.1 (#2086)
    • build(deps-dev): bump minimist from 1.2.7 to 1.2.8 (#2081)
    • build(deps-dev): bump @ typescript-eslint/eslint-plugin (#2087)
    • build(deps-dev): bump eslint from 8.33.0 to 8.35.0 (#2089)
    • Fixing links to externally defined RTDB APIs. (#2085)
    • build(deps): bump @ google-cloud/storage from 6.8.0 to 6.9.3 (#2082)
    • build(deps): bump @ google-cloud/firestore from 6.4.2 to 6.4.3 (#2079)
    • build(deps): bump @ google-cloud/firestore from 6.4.0 to 6.4.2 (#2074)
    • build(deps-dev): bump @ firebase/auth-types from 0.11.1 to 0.12.0 (#2072)
    • build(deps-dev): bump @ firebase/app-compat from 0.2.1 to 0.2.3 (#2071)
    • build(deps): bump @ firebase/database-types from 0.10.0 to 0.10.3 (#2073)
    • build(deps-dev): bump @ microsoft/api-extractor from 7.34.3 to 7.34.4 (#2070)
    • build(deps): bump @ types/node from 18.11.14 to 18.13.0 (#2067)
    • build(deps-dev): bump @ microsoft/api-extractor from 7.33.5 to 7.34.3 (#2064)
    • build(deps): bump @ fastify/busboy from 1.1.0 to 1.2.1 (#2066)
    • build(deps-dev): bump eslint from 8.31.0 to 8.33.0 (#2060)
    • build(deps): bump @ firebase/database-compat from 0.3.0 to 0.3.1 (#2059)
    • build(deps-dev): bump nock from 13.2.9 to 13.3.0 (#2058)
    • build(deps-dev): bump @ firebase/auth-compat from 0.2.24 to 0.3.1 (#2053)
    • build(deps-dev): bump @ firebase/app-compat from 0.1.37 to 0.2.1 (#2052)
from firebase-admin GitHub release notes

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.

For more information:

🧐 View latest project report

🛠 Adjust upgrade PR settings

🔕 Ignore this dependency or unsubscribe from future upgrade PRs

Note: This is a default PR template raised by Snyk. Find out more about how you can customise Snyk PRs in our documentation.

@snyk-bot
fix: upgrade firebase-admin from 11.6.0 to 11.11.1
ae71c44 
Snyk has created this PR to upgrade firebase-admin from 11.6.0 to 11.11.1.

See this package in npm:
firebase-admin

See this project in Snyk:
https://app.snyk.io/org/roblo1801/project/1970346f-7e74-4bea-84ad-e2913a2adaec?utm_source=github&utm_medium=referral&page=upgrade-pr
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@roblo1801 @snyk-bot