gcp-dataprep-bigquery-twitter-stream
gcp-dataprep-bigquery-twitter-stream copied to clipboard
Published
20 hours ago •
jeremylorino
jeremylorino
[Snyk] Fix for 1 vulnerabilities
Snyk has created this PR to fix one or more vulnerable packages in the `npm` dependencies of this project.
Changes included in this PR
- Changes to the following files to upgrade the vulnerable dependencies to a fixed version:
- package.json
- package-lock.json
Vulnerabilities that will be fixed
With an upgrade:
| Severity | Priority Score (*) | Issue | Breaking Change | Exploit Maturity |
|---|---|---|---|---|
 |
768/1000 Why? Proof of Concept exploit, Recently disclosed, Has a fix available, CVSS 7.5 |
Prototype Pollution SNYK-JS-ASYNC-2441827 |
Yes | Proof of Concept |
(*) Note that the real score may have changed since the PR was raised.
Commit messages
Package name: @google-cloud/pubsub
The new version differs by 91 commits.- 8dde3c4 fix: System tests were using get() incorrectly. (#251)
- fb07bc3 Update CI config (#249)
- c33b3fd Retry npm install in CI (#241)
- 0db53bf fix(deps): update dependency delay to v4 (#239)
- 30ac556 Re-generate library using /synth.py (#236)
- c9e277f fix: (sample tests): Validate short names. (#235)
- 8d6c1c1 fix: Return error if subscription name already exists. (#226)
- 4cf8b9b fix: (tests) Provide projectId to PubSub constructor. (#221)
- 6efe142 Release nodejs-pubsub v0.20.0 (#230)
- fdb0aa8 fix docs (#229)
- b8033ee fix(deps): update dependency google-auth-library to v2 (#228)
- 893a577 Re-generate library using /synth.py (#227)
- 9eba9da chore(deps): update dependency nyc to v13 (#225)
- 257b9d8 Update the CI config (#220)
- cb0d3d5 test: fix import sample failures (#218)
- 76d9926 fix(deps): update dependency google-gax to ^0.19.0 (#216)
- 5792339 chore: make the CircleCI config consistent
- afb5dc4 chore: use arrow functions (#215)
- 38d874d chore(deps): update dependency eslint-config-prettier to v3 (#213)
- cbd1f0d chore: convert to es classes (#211)
- 5d19454 chore: drop dependency on @ google-cloud/common (#210)
- f4fd0b1 chore: do not use npm ci (#209)
- e7221e7 chore: use let and const (#204)
- 79e7480 chore: ignore package-lock.json (#207)
Package name: winston
The new version differs by 250 commits.- b47d5d5 3.3.0
- b6bc918 Prepare for v3.3.0
- 9354721 doc: fix whitespace and trailing comma. (#1778)
- 3d07a80 docs: add example of uncaughtRejections logging (#1780)
- df25fa2 fix: change property of handleRejections (#1779)
- 950cbcd Add options to request (#1777)
- 1c75292 Update package-lock.json (#1772)
- e7d13d5 Exclude unnecessary files from npm package (#1768)
- 75f7edf Fix removes a logger when pass undefined transport (#1785)
- 4b571ba This adds Node.js 14 and removes Node.js 8 as: (#1793)
- 73ae01f Update Sentry transport `require` change (#1754)
- 7b67eb0 Fix typo (#1750)
- 1679c49 Fix Issue where winston removes transport on error (#1364) (#1714)
- 0e0cf14 Fix #1690 (#1691)
- 85a250a Node 12 is LTS now
- bea9c34 Update README.md (#1743)
- 319abf1 Add defaultMeta to Logger index.d.ts (#1736)
- c719706 (typo) Missing label import in example (#1733)
- 8944598 Update index.d.ts (#1729)
- 7bb258c Fix `npm` logging levels on README.md (#1737)
- 64744d7 #1567: document common transport options (#1723)
- ae2335b Add Humio transport link to docs (#1705)
- 785bd9e UPDATE levels on readme (http added) (#1650)
- 4f44acb Add PostgresQL transport to list of community transports (#1697)
Check the changes in this PR to ensure they won't cause issues with your project.
Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.
For more information:
🧐 View latest project report
📚 Read more about Snyk's upgrade and patch logic
Learn how to fix vulnerabilities with free interactive lessons:
