Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[Snyk] Fix for 1 vulnerabilities #41

Open
wants to merge 1 commit into
base: master
Choose a base branch
from
Open

[Snyk] Fix for 1 vulnerabilities #41

wants to merge 1 commit into from

Conversation

jeremylorino
Copy link
Owner

This PR was automatically created by Snyk using the credentials of a real user.


Snyk has created this PR to fix one or more vulnerable packages in the `npm` dependencies of this project.

Changes included in this PR

  • Changes to the following files to upgrade the vulnerable dependencies to a fixed version:
    • package.json
    • package-lock.json

Vulnerabilities that will be fixed

With an upgrade:
Severity Priority Score (*) Issue Breaking Change Exploit Maturity
high severity 661/1000
Why? Recently disclosed, Has a fix available, CVSS 7.5		 Missing Release of Resource after Effective Lifetime
SNYK-JS-INFLIGHT-6095116		 Yes No Known Exploit

(*) Note that the real score may have changed since the PR was raised.

Commit messages
Package name: @google-cloud/logging-winston The new version differs by 112 commits.
  • 8305c92 chore: release 1.0.0 (#326)
  • a46f385 chore: remove root and samples package-lock.json (#338)
  • fc87d65 fix(deps): bump minimum required dependencies (#336)
  • 2d72bc1 chore: update @ google-cloud/common to 2.x (#331)
  • d55c939 build: remove verbose logging from test scripts (#332)
  • 2214438 build: ignore proto files in test coverage (#330)
  • 9afc5e0 chore: clean up dev dependencies (#327)
  • c83050b build: add configuration for automated doc deployment (#328)
  • 059c2a1 fix(deps): update dependency @ google-cloud/logging to v5 (#324)
  • b3d666e build: updated kokoro config for coverage and release-please (#321)
  • 6260654 build: add new kokoro config for coverage and release-please (#320)
  • 450295f fix: use immutable winston level (#319)
  • 6182968 fix(deps): update dependency google-auth-library to v4 (#317)
  • c7ab418 chore(deps): update dependency @ google-cloud/common to v1 (#318)
  • 27b41e4 chore(chore): upgrade to gts 1.0.0 (#310)
  • d466a45 build: only pipe to codecov if tests run on Node 10
  • a61911b build: allow Node 10 on presubmit to push to codecov (#316)
  • 7418f77 build: allow Node 10 to push to codecov (#315)
  • 1f3e345 build: patch Windows container, fixing Node 10 (#314)
  • 7010ee5 chore: do not run CI on grpc-js (#311)
  • 7ff405c chore(deps): update dependency eslint-plugin-node to v9 (#312)
  • c777689 build!: upgrade engines field to >=8.10.0 (#308)
  • 08631b7 chore!: drop node 6 support (#307)
  • f762657 chore: removing node6 CI (#309)

See the full diff

Package name: @google-cloud/pubsub The new version differs by 250 commits.
  • bb26010 chore: release 0.29.0 (#609)
  • c72491f refactor(subscriber): message stream retry logic (#607)
  • 46c75a2 chore(deps): update dependency jsdoc to v3.6.2 (#606)
  • ef45af3 refactor: use core grpc (#608)
  • 6415e7c fix(deps): update dependency google-gax to v1 (#604)
  • 2e669a1 fix(deps): update dependency @ google-cloud/precise-date to v1 (#603)
  • baf9d39 fix(deps): update dependency google-auth-library to v4 (#601)
  • 1ae8db9 fix: DEADLINE_EXCEEDED retry code is idempotent (#605)
  • a72df8a test: fix snapshot fixture creation (#602)
  • 39b1dac fix: DEADLINE_EXCEEDED no longer treated as idempotent and retried
  • 22dc668 build: update build config and doc comments (#593)
  • 181553a fix(deps): update dependency @ google-cloud/paginator to v1 (#592)
  • 76f5c7b build: allow Node 10 on presubmit to push to codecov (#598)
  • bbc59fa build: allow Node 10 to push to codecov (#597)
  • 397f876 build: patch Windows container, fixing Node 10 (#596)
  • a9dd7f1 chore: do not run CI on grpc-js (#586)
  • fb76bf4 chore(deps): update dependency eslint-plugin-node to v9 (#587)
  • d01d010 fix(deps): update dependency @ google-cloud/projectify to v1 (#588)
  • dad7530 fix(deps): update dependency @ google-cloud/promisify to v1 (#589)
  • 6ef6260 chore(deps): update dependency gts to v1 (#579)
  • 2116474 build!: upgrade engines field to >=8.10.0 (#584)
  • 2004351 chore: removing node6 CI (#585)
  • 4214a4f fix(deps): update dependency google-gax to ^0.26.0 (#583)
  • b5f8df2 chore: update formatting for generated code (#580)

See the full diff

Check the changes in this PR to ensure they won't cause issues with your project.

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information:
🧐 View latest project report

🛠 Adjust project settings

📚 Read more about Snyk's upgrade and patch logic

Learn how to fix vulnerabilities with free interactive lessons:

🦉 Learn about vulnerability in an interactive lesson of Snyk Learn.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@jeremylorino @snyk-bot