angularfire
angularfire copied to clipboard
@angular/fire has a transitive vulnerable dependency to protobufjs 6.11.*
Version info
Angular: 16.2.5
Firebase: 10.4.0
AngularFire: 7.6.1
Other (e.g. Ionic/Cordova, Node, browser, operating system): a
How to reproduce these conditions
Failing test unit, Stackblitz demonstrating the problem a
Steps to set up and reproduce a Sample data and security rules
a
Debug output
** Errors in the JavaScript console **
a
** Output from firebase.database().enableLogging(true);
**
a
** Screenshots **
Expected behavior
firestore > 4.2.*
protobufjs >7.2.4
Actual behavior
angular/fire depends on firestore 3.13.0 and protobufjs 6.11.*
firebase initial issue: #7484
firebase@10
is not appropriate for @angular/[email protected]
https://github.com/angular/angularfire#angular-and-firebase-versions
The Fix was backported to latest v8, v9, or v10 Firebase JS SDK.