Skip to content
New issue

Have a question about this project? # for a free GitHub account to open an issue and contact its maintainers and the community.

#

By clicking “#”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? # to your account

Jump to bottom

[Snyk] Upgrade: firebase-functions, probot #24

Open
wants to merge 1 commit into
base: master
Choose a base branch
from
Open

[Snyk] Upgrade: firebase-functions, probot #24

wants to merge 1 commit into from

Conversation

X-oss-byte
Copy link
Owner

snyk-top-banner

Snyk has created this PR to upgrade multiple dependencies.

👯‍♂ The following dependencies are linked and will therefore be updated together.

ℹ️ Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.

Name Versions Released on

firebase-functions
from 4.4.1 to 4.9.0 | 7 versions ahead of your current version | 5 months ago
on 2024-04-04
probot
from 12.3.1 to 12.4.0 | 4 versions ahead of your current version | 3 months ago
on 2024-06-03

Issues fixed by the recommended upgrade:

Issue Score Exploit Maturity
high severity Improper Handling of Exceptional Conditions
SNYK-JS-OCTOKITWEBHOOKS-6129527		 624 No Known Exploit
high severity Improper Handling of Exceptional Conditions
SNYK-JS-PROBOT-6129524		 624 No Known Exploit
Release notes
Package name: firebase-functions
  • 4.9.0 - 2024-04-04
    • Add new 2nd gen Firestore auth context triggers. (#1519)
  • 4.8.2 - 2024-03-29

    Fix bug with CORS options for an array of one string (#1544)

  • 4.8.1 - 2024-03-19

    Fix bug where 1st gen functions eventually fail with stack too deep (#1540)
    Make simple CORS options static for improved debugability (#1536)

  • 4.8.0 - 2024-03-08

    Add onInit callback function for global variable initialization (#1531)

  • 4.7.0 - 2024-02-07
    • Fixes access on deeply nested, nonexistent property. (#1432)
    • Add IteratedDataSnapshot interface to match with firebase admin v12 (#1517).
    • Make bucket parameterizeable in storage functions (#1518)
    • Introduce helper library for select and multi-select input (#1518)
  • 4.6.0 - 2024-01-03
    • Wrap 2nd gen onCall functions with trace context. (#1491)
    • Bump peer depdencies for firebase-admin to support 12.0.0. (#1509)
  • 4.5.0 - 2023-11-02
    • Remove HTTP server shutdown message. (#1457)
    • Add features to task queue functions. (#1423)
    • Add traces to V2 Firestore trigger logs. (#1440)
    • Fix incorrectly parsed timestamps in auth blocking functions. (#1472)
    • Add recaptcha verdict support for auth blocking functions (#1458)
  • 4.4.1 - 2023-06-12
    • Update list of supported regions for 2nd Gen Functions. (#1402)
    • Fix bug where log message on structured log was being overwritten (#1416)
    • Fix bug where exists() should return true for falsy values like 0, "" (#1410)
from firebase-functions GitHub release notes
Package name: probot
  • 12.4.0 - 2024-06-03

    12.4.0 (2024-06-03)

    Features

    • set x-github-delivery header to event.id for all requests sent from context.octokit in event handlers (#2026) (f1985e5)
  • 12.3.4 - 2024-05-01

    12.3.4 (2024-05-01)

    Bug Fixes

  • 12.3.3 - 2023-11-15
  • 12.3.2 - 2023-11-14
  • 12.3.1 - 2023-06-14
from probot GitHub release notes

Important

  • Check the changes in this PR to ensure they won't cause issues with your project.
  • This PR was automatically created by Snyk using the credentials of a real user.
  • Max score is 1000. Note that the real score may have changed since the PR was raised.

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.

For more information:

@snyk-bot
fix: upgrade multiple dependencies with Snyk
921f3fa 
Snyk has created this PR to upgrade:
  - firebase-functions from 4.4.1 to 4.9.0.
    See this package in npm: https://www.npmjs.com/package/firebase-functions
  - probot from 12.3.1 to 12.4.0.
    See this package in npm: https://www.npmjs.com/package/probot

See this project in Snyk:
https://app.snyk.io/org/sammytezzy/project/6f360e9a-f291-4004-bb14-422e414312f8?utm_source=github&utm_medium=referral&page=upgrade-pr
@stackblitz StackBlitz
Copy link

stackblitz bot commented Sep 7, 2024

Review PR in StackBlitz Codeflow Run & review this pull request in StackBlitz Codeflow.

@changeset-bot changeset-bot
Copy link

changeset-bot bot commented Sep 7, 2024

⚠️ No Changeset found

Latest commit: 921f3fa

Merging this PR will not cause a version bump for any packages. If these changes should not result in a new version, you're good to go. If these changes should result in a version bump, you need to add a changeset.

Click here to learn what changesets are, and how to add one.

Click here if you're a maintainer who wants to add a changeset to this PR

sourcery-ai[bot]
sourcery-ai bot reviewed Sep 7, 2024
View reviewed changes
Copy link

@sourcery-ai sourcery-ai bot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

We have skipped reviewing this pull request. Here's why:

  • It seems to have been created by a bot ('[Snyk]' found in title). We assume it knows what it's doing!
  • We don't review packaging changes - Let us know if you'd like us to change this.

# for free to join this conversation on GitHub. Already have an account? # to comment
Reviewers

@sourcery-ai sourcery-ai[bot] sourcery-ai[bot] left review comments

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@X-oss-byte @snyk-bot