[Snyk] Upgrade firebase-admin from 11.3.0 to 13.0.1 #625
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Snyk has created this PR to upgrade firebase-admin from 11.3.0 to 13.0.1. See this package in npm: firebase-admin See this project in Snyk: https://app.snyk.io/org/aravindvnair99-github-marketplace/project/3e229b24-b2de-4c21-9d58-eebf425f44fc?utm_source=github&utm_medium=referral&page=upgrade-pr
Insecure File Management (1)
More info on how to fix Insecure File Management in JavaScript. Insecure Use of Crypto (1)
More info on how to fix Insecure Use of Crypto in JavaScript. Vulnerable Libraries (7)
More info on how to fix Vulnerable Libraries in JavaScript. 👉 Go to the dashboard for detailed results. 📥 Happy? Share your feedback with us. |
|
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Snyk has created this PR to upgrade firebase-admin from 11.3.0 to 13.0.1.
ℹ️ Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.
The recommended version is 23 versions ahead of your current version.
The recommended version was released on 25 days ago.
Issues fixed by the recommended upgrade:
SNYK-JS-MARKDOWNIT-6483324
SNYK-JS-TAFFYDB-2992450
SNYK-JS-GRPCGRPCJS-7242922
SNYK-JS-JOSE-6419224
SNYK-JS-JSONWEBTOKEN-3180022
SNYK-JS-JSONWEBTOKEN-3180024
SNYK-JS-JSONWEBTOKEN-3180026
SNYK-JS-WORDWRAP-3149973
Release notes
Package name: firebase-admin
-
13.0.1 - 2024-11-20
- fix: Fix the property names when initializing the SDK with ServiceAccount type (#2779)
- [chore] Release 13.0.1 (#2780)
- build(deps-dev): bump @ firebase/auth-compat from 0.5.15 to 0.5.16 (#2776)
- build(deps): bump google-auth-library from 9.14.2 to 9.15.0 (#2773)
- build(deps): bump @ firebase/database-compat from 2.0.0 to 2.0.1 (#2774)
- build(deps-dev): bump @ firebase/auth-types from 0.12.2 to 0.12.3 (#2775)
-
13.0.0 - 2024-11-12
- change(rc): Update Remote Config condition evaluation hashing (#2760)
- change(fcm): Remove deprecated FCM APIs (#2759)
- change: Update Node support to 18 (#2756)
- change: Migrate credentials to use google-auth-library (#2466)
- feat(fcm): Add directBootOk field to AndroidConfig (#2745)
- fix: Set the Quota Project ID only for ADC human accounts (#2761)
- [chore] Release 13.0.0 (#2764)
- build(deps): bump uuid from 11.0.2 to 11.0.3 (#2767)
- build(deps-dev): bump nock from 13.5.5 to 13.5.6 (#2766)
- chore: Add
- chore: Upgrade dependencies (#2757)
- Request timeout const name correction (#2743)
- build(deps-dev): bump @ firebase/app-compat from 0.2.43 to 0.2.45 (#2746)
-
12.7.0 - 2024-10-24
- feat(auth): Add recaptcha and sms toll fraud support for phone auth (#2625)
- fix: Pin
- [chore] Release 12.7.0 (#2741)
- build(deps-dev): bump @ microsoft/api-extractor from 7.47.9 to 7.47.11 (#2734)
- build(deps-dev): bump @ types/lodash from 4.17.10 to 4.17.12 (#2735)
- chore: Add
- chore: Update auth.spec.ts (#2737)
- chore: fix dataconnect integration tests (#2736)
- build(deps-dev): bump @ firebase/app-compat from 0.2.42 to 0.2.43 (#2729)
- build(deps-dev): bump @ types/lodash from 4.17.9 to 4.17.10 (#2730)
- fixes function name resolution to cloud tasks emulator queue (#2726)
- build(deps-dev): bump @ types/mocha from 10.0.8 to 10.0.9 (#2721)
- build(deps-dev): bump @ firebase/app-compat from 0.2.41 to 0.2.42 (#2722)
- build(deps-dev): bump nyc from 17.0.0 to 17.1.0 (#2718)
- build(deps): bump @ google-cloud/storage from 7.12.1 to 7.13.0 (#2717)
- build(deps-dev): bump @ types/mocha from 10.0.7 to 10.0.8 (#2719)
-
12.6.0 - 2024-09-30
- feat: Add Data Connect API (#2701)
- fix(auth): Add missing
- [chore] Release 12.6.0 (#2715)
- build(deps-dev): bump @ types/lodash from 4.17.7 to 4.17.9 (#2710)
- build(deps-dev): bump @ firebase/app-compat from 0.2.39 to 0.2.41 (#2711)
- build(deps-dev): bump eslint from 8.57.0 to 8.57.1 (#2707)
- build(deps-dev): bump @ microsoft/api-extractor from 7.47.6 to 7.47.9 (#2706)
- build(deps): bump @ google-cloud/firestore from 7.9.0 to 7.10.0 (#2705)
-
12.5.0 - 2024-09-12
- feat(rc): SSRC targeting (#2665)
- fix: updating comments with VibrateTimingsMillis and defaultVibrateTimings instead of vibrate_timings and default_vibrate_timings (#2598)
- fix: support httpAgent in JwksFetcher (#2689)
- [chore] Release 12.5.0 Take 2 (#2703)
- [chore] Release 12.5.0 (#2702)
- chore: Upgrade actions/upload-artifact@v4 (#2700)
- build(deps): bump actions/download-artifact in /.github/workflows (#2694)
- Create CHANGELOG.md (#2626)
-
12.4.0 - 2024-08-22
- [chore] Release 12.4.0 (#2674)
- build(deps-dev): bump @ firebase/app-compat from 0.2.38 to 0.2.39 (#2677)
- chore: Deprecate sendToTopic and Condition (#2683)
- build(deps): bump @ types/node from 22.1.0 to 22.3.0 (#2675)
- build(deps-dev): bump mocha from 10.7.0 to 10.7.3 (#2670)
- build(deps): bump @ google-cloud/storage from 7.12.0 to 7.12.1 (#2669)
- build(deps): bump axios in /.github/actions/send-email (#2673)
- build(deps-dev): bump @ microsoft/api-extractor from 7.47.5 to 7.47.6 (#2671)
- Reroute Cloud Tasks to emulator when it is running (#2649)
-
12.3.1 - 2024-08-08
- fix:
- [chore] Release 12.3.1 (#2667)
- chore: Skip sendToDeviceGroup integration test (#2666)
- build(deps-dev): bump @ microsoft/api-extractor from 7.47.2 to 7.47.5 (#2661)
- build(deps): bump @ types/node from 22.0.1 to 22.1.0 (#2663)
- build(deps-dev): bump @ firebase/app-compat from 0.2.37 to 0.2.38 (#2664)
- build(deps): bump @ types/node from 20.14.11 to 22.0.1 (#2657)
- build(deps-dev): bump chai from 4.4.1 to 4.5.0 (#2650)
- build(deps-dev): bump @ firebase/app-compat from 0.2.35 to 0.2.37 (#2653)
- build(deps): bump fast-xml-parser from 4.4.0 to 4.4.1 (#2654)
-
12.3.0 - 2024-07-25
- feat(fcm): Add HTTP2 support for
- [chore] Release 12.3.0 (#2644)
- build(deps): bump @ types/node from 20.14.8 to 20.14.11 (#2641)
- build(deps-dev): bump @ microsoft/api-extractor from 7.47.0 to 7.47.2 (#2642)
- build(deps): bump @ google-cloud/storage from 7.11.2 to 7.12.0 (#2643)
- build(deps-dev): bump mocha and @ types/mocha (#2640)
- build(deps): bump @ fastify/busboy from 2.1.1 to 3.0.0 (#2632)
- build(deps-dev): bump @ types/lodash from 4.17.5 to 4.17.7 (#2636)
- Remove Remote Config dependency on Long JS (#2614)
- build(deps): bump @ google-cloud/firestore from 7.8.0 to 7.9.0 (#2618)
- build(deps-dev): bump nyc from 15.1.0 to 17.0.0 (#2616)
- chore: update integration test resources (#2615)
- build(deps-dev): bump @ types/uuid from 9.0.8 to 10.0.0 (#2612)
- build(deps): bump @ types/node from 20.14.2 to 20.14.8 (#2613)
-
12.2.0 - 2024-06-20
- change: Deprecate Node.js 16 support (#2574)
- fix: Replace
- fix: Make ADC + human account work with firebase-admin (#2553)
- fix: Use optional chaining in FirebaseError (#2581)
- [chore] Release 12.2.0 (#2605)
- build(deps): bump uuid from 9.0.1 to 10.0.0 (#2599)
- build(deps-dev): bump chai-exclude from 2.1.0 to 2.1.1 (#2593)
- build(deps-dev): bump braces from 3.0.2 to 3.0.3 (#2595)
- build(deps): bump @ grpc/grpc-js from 1.10.8 to 1.10.9 (#2592)
- build(deps-dev): bump @ types/lodash from 4.17.4 to 4.17.5 (#2594)
- build(deps): bump @ google-cloud/firestore from 7.7.0 to 7.8.0 (#2583)
- build(deps): bump @ types/node from 20.12.12 to 20.14.0 (#2585)
- build(deps-dev): bump @ firebase/app-compat from 0.2.34 to 0.2.35 (#2575)
- build(deps-dev): bump chai-as-promised from 7.1.1 to 7.1.2 (#2578)
- build(deps): bump @ google-cloud/storage from 7.11.0 to 7.11.1 (#2579)
-
12.1.1 - 2024-05-21
- fix: Export error classes (#2151)
- [chore] Release 12.1.1 (#2561)
- build(deps): updgrade jwks-rsa (#2570)
- --- (#2568)
- --- (#2566)
- --- (#2567)
- --- (#2569)
- build(deps-dev): bump @ firebase/auth-types from 0.12.1 to 0.12.2 (#2556)
- build(deps-dev): bump @ microsoft/api-extractor from 7.43.2 to 7.43.7 (#2559)
- chore: upgrade firestore to 7.7.0 (#2560)
- build(deps-dev): bump @ firebase/app-compat from 0.2.32 to 0.2.33 (#2555)
- build(deps): bump @ google-cloud/firestore from 7.6.0 to 7.7.0 (#2558)
- Fix api extractor issues to expose error types (#2549)
- build(deps-dev): bump @ types/lodash from 4.17.0 to 4.17.1 (#2546)
- build(deps): bump @ google-cloud/storage from 7.10.2 to 7.11.0 (#2547)
- build(deps-dev): bump @ microsoft/api-extractor from 7.43.1 to 7.43.2 (#2545)
- build(deps): bump @ types/node from 20.12.7 to 20.12.10 (#2544)
- build(deps-dev): bump @ firebase/app-compat from 0.2.31 to 0.2.32 (#2540)
- build(deps): bump @ google-cloud/storage from 7.10.1 to 7.10.2 (#2541)
- build(deps): bump @ google-cloud/storage from 7.10.0 to 7.10.1 (#2536)
- Update package.json to use farmhash 3.3.1 (#2534)
-
12.1.0 - 2024-04-16
-
12.0.0 - 2023-12-07
-
11.11.1 - 2023-11-23
-
11.11.0 - 2023-09-28
-
11.10.1 - 2023-07-13
-
11.10.0 - 2023-07-12
-
11.9.0 - 2023-05-30
-
11.8.0 - 2023-05-04
-
11.7.0 - 2023-04-18
-
11.6.0 - 2023-04-06
-
11.5.0 - 2023-01-19
-
11.4.1 - 2022-12-22
-
11.4.0 - 2022-12-15
-
11.3.0 - 2022-11-17
from firebase-admin GitHub release notesBug Fixes
Miscellaneous
Breaking Changes
New Features
Bug Fixes
Miscellaneous
X-Goog-Api-Clientmetric header to outgoing authorized http requests (#2763)New Features
Bug Fixes
@ firebase/database-compattov1.0.8(#2739)Miscellaneous
X-Goog-Api-Clientmetric header to Auth and FCM requests (#2738)New Features
Bug Fixes
Math.floor()when settingvalidDurationincreateSessionCookie()(#2712)Miscellaneous
New Features
Bug Fixes
Miscellaneous
Miscellaneous
Bug Fixes
getToken()returns existing promise to a token if one exists instead of a new token. (#2648)Miscellaneous
New Features
sendEach()andsendEachForMulticast()(#2550)Miscellaneous
Breaking Changes
Bug Fixes
farmhashwithfarmhash-modern(#2603)Miscellaneous
Bug Fixes
Miscellaneous
Important
Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.
For more information: