gcp-dataprep-bigquery-twitter-stream icon indicating copy to clipboard operation
gcp-dataprep-bigquery-twitter-stream copied to clipboard

Published 20 hours ago verified publisher icon jeremylorino

[Snyk] Fix for 2 vulnerabilities

Open jeremylorino opened this issue 9 months ago • 0 comments

This PR was automatically created by Snyk using the credentials of a real user.


Snyk has created this PR to fix one or more vulnerable packages in the `npm` dependencies of this project.

Changes included in this PR

  • Changes to the following files to upgrade the vulnerable dependencies to a fixed version:
    • package.json
    • package-lock.json

Vulnerabilities that will be fixed

With an upgrade:
Severity Priority Score (*) Issue Breaking Change Exploit Maturity
high severity 661/1000
Why? Recently disclosed, Has a fix available, CVSS 7.5		 Uncontrolled resource consumption
SNYK-JS-BRACES-6838727		 No No Known Exploit
high severity 661/1000
Why? Recently disclosed, Has a fix available, CVSS 7.5		 Inefficient Regular Expression Complexity
SNYK-JS-MICROMATCH-6838728		 No No Known Exploit

(*) Note that the real score may have changed since the PR was raised.

Commit messages
Package name: @google-cloud/pubsub The new version differs by 141 commits.
  • 2fe206b feat: release @ google-cloud/pubsub v0.21.0 (#333)
  • b852c58 fix(deps): update dependency google-gax to ^0.22.0 (#335)
  • f465ba9 chore(deps): update dependency gts to ^0.9.0 (#334)
  • f9466ce chore: update eslintignore config (#332)
  • f50b95d chore(build): eslint all js files, and use js for all generated files (#331)
  • e2444d9 refactor: drop dependencies on google-proto-files and async (#329)
  • e0b4518 docs(samples): update samples to use async/await (#305)
  • aa9c442 chore(deps): update dependency @ google-cloud/nodejs-repo-tools to v3 (#328)
  • f551564 refactor: use Object.assign where possible (#324)
  • 5c8b2e0 chore: drop contributors from multiple places (#325)
  • cdcc23f chore(deps): update dependency @ types/is to v0.0.21 (#323)
  • 8c1efa6 refactor(ts): introduce a round of types (#319)
  • f50fd13 chore: use latest npm on Windows (#322)
  • 6cd4da3 fix(deps): update dependency through2 to v3 (#320)
  • bb357fc refactor(ts): enable noImplicitThis (#316)
  • 6c74961 Add Pub/Sub ack deadline example (#315)
  • f8bd0ae refactor(ts): convert to typescript (#310)
  • 1984bce chore: update CircleCI config (#309)
  • 13b9451 chore: include build in eslintignore (#304)
  • c79c28c chore(deps): update dependency eslint-plugin-node to v8 (#300)
  • c16287a chore: update issue templates (#299)
  • 54b04b4 chore: remove old issue template (#297)
  • bfdf7e6 build: run tests on node11 (#296)
  • a36bc31 chores(build): do not collect sponge.xml from windows builds (#295)

See the full diff

Check the changes in this PR to ensure they won't cause issues with your project.

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information: 🧐 View latest project report

🛠 Adjust project settings

📚 Read more about Snyk's upgrade and patch logic

Learn how to fix vulnerabilities with free interactive lessons:

🦉 Uncontrolled resource consumption

jeremylorino avatar May 13 '24 23:05 jeremylorino