Skip to content

[Snyk] Security upgrade firebase-admin from 5.13.1 to 9.0.0#28

Open
snyk-io[bot] wants to merge 6 commits intomainfrom
snyk-fix-07d90c9781d140ffa572910484381c93
Open

[Snyk] Security upgrade firebase-admin from 5.13.1 to 9.0.0#28
snyk-io[bot] wants to merge 6 commits intomainfrom
snyk-fix-07d90c9781d140ffa572910484381c93

Conversation

@snyk-io
Copy link
Copy Markdown

@snyk-io snyk-io bot commented May 17, 2024

This PR was automatically created by Snyk using the credentials of a real user.


Snyk has created this PR to fix one or more vulnerable packages in the `npm` dependencies of this project.

Changes included in this PR

  • Changes to the following files to upgrade the vulnerable dependencies to a fixed version:
    • functions/testapp/functions/package.json
    • functions/testapp/functions/package-lock.json

Vulnerabilities that will be fixed

With an upgrade:
Severity Priority Score (*) Issue Breaking Change Exploit Maturity
medium severity 146/1000
Why? Confidentiality impact: High, Integrity impact: None, Availability impact: None, Scope: Unchanged, Exploit Maturity: Proof of Concept, User Interaction (UI): None, Privileges Required (PR): None, Attack Complexity: High, Attack Vector: Network, EPSS: 0.00274, Social Trends: No, Days since published: 1285, Reachable: No, Transitive dependency: Yes, Is Malicious: No, Business Criticality: High, Provider Urgency: Medium, Package Popularity Score: 99, Impact: 5.99, Likelihood: 2.43, Score Version: V5		 Server-Side Request Forgery (SSRF)
SNYK-JS-AXIOS-1038255		 Yes Proof of Concept
high severity 161/1000
Why? Confidentiality impact: None, Integrity impact: None, Availability impact: High, Scope: Unchanged, Exploit Maturity: Proof of Concept, User Interaction (UI): None, Privileges Required (PR): None, Attack Complexity: Low, Attack Vector: Network, EPSS: 0.01568, Social Trends: No, Days since published: 988, Reachable: No, Transitive dependency: Yes, Is Malicious: No, Business Criticality: High, Provider Urgency: High, Package Popularity Score: 99, Impact: 5.99, Likelihood: 2.68, Score Version: V5		 Regular Expression Denial of Service (ReDoS)
SNYK-JS-AXIOS-1579269		 Yes Proof of Concept
medium severity 63/1000
Why? Confidentiality impact: None, Integrity impact: None, Availability impact: Low, Scope: Unchanged, Exploit Maturity: Proof of Concept, User Interaction (UI): None, Privileges Required (PR): None, Attack Complexity: Low, Attack Vector: Network, EPSS: 0.00279, Social Trends: No, Days since published: 1849, Reachable: No, Transitive dependency: Yes, Is Malicious: No, Business Criticality: High, Provider Urgency: Medium, Package Popularity Score: 99, Impact: 2.35, Likelihood: 2.65, Score Version: V5		 Denial of Service (DoS)
SNYK-JS-AXIOS-174505		 Yes Proof of Concept
high severity 167/1000
Why? Confidentiality impact: High, Integrity impact: Low, Availability impact: None, Scope: Unchanged, Exploit Maturity: Proof of Concept, User Interaction (UI): Required, Privileges Required (PR): None, Attack Complexity: Low, Attack Vector: Network, EPSS: 0.00055, Social Trends: No, Days since published: 204, Reachable: No, Transitive dependency: Yes, Is Malicious: No, Business Criticality: High, Provider Urgency: High, Package Popularity Score: 99, Impact: 7.03, Likelihood: 2.36, Score Version: V5		 Cross-site Request Forgery (CSRF)
SNYK-JS-AXIOS-6032459		 Yes Proof of Concept
medium severity 67/1000
Why? Confidentiality impact: None, Integrity impact: None, Availability impact: Low, Scope: Unchanged, Exploit Maturity: Proof of Concept, User Interaction (UI): None, Privileges Required (PR): None, Attack Complexity: Low, Attack Vector: Network, EPSS: 0.01055, Social Trends: No, Days since published: 154, Reachable: No, Transitive dependency: Yes, Is Malicious: No, Business Criticality: High, Provider Urgency: Medium, Package Popularity Score: 99, Impact: 2.35, Likelihood: 2.83, Score Version: V5		 Regular Expression Denial of Service (ReDoS)
SNYK-JS-AXIOS-6124857		 Yes Proof of Concept
high severity 125/1000
Why? Confidentiality impact: None, Integrity impact: None, Availability impact: High, Scope: Unchanged, Exploit Maturity: No data, User Interaction (UI): None, Privileges Required (PR): None, Attack Complexity: Low, Attack Vector: Network, EPSS: 0.01055, Social Trends: No, Days since published: 132, Reachable: No, Transitive dependency: Yes, Is Malicious: No, Business Criticality: High, Provider Urgency: High, Package Popularity Score: 99, Impact: 5.99, Likelihood: 2.08, Score Version: V5		 Prototype Pollution
SNYK-JS-AXIOS-6144788		 Yes No Known Exploit
high severity 125/1000
Why? Confidentiality impact: None, Integrity impact: None, Availability impact: High, Scope: Unchanged, Exploit Maturity: No data, User Interaction (UI): None, Privileges Required (PR): None, Attack Complexity: Low, Attack Vector: Network, EPSS: 0.01055, Social Trends: No, Days since published: 3, Reachable: No, Transitive dependency: Yes, Is Malicious: No, Business Criticality: High, Provider Urgency: High, Package Popularity Score: 99, Impact: 5.99, Likelihood: 2.08, Score Version: V5		 Uncontrolled resource consumption
SNYK-JS-BRACES-6838727		 Yes No Known Exploit
medium severity 119/1000
Why? Confidentiality impact: High, Integrity impact: None, Availability impact: None, Scope: Unchanged, Exploit Maturity: Proof of Concept, User Interaction (UI): Required, Privileges Required (PR): None, Attack Complexity: High, Attack Vector: Network, EPSS: 0.00144, Social Trends: No, Days since published: 855, Reachable: No, Transitive dependency: Yes, Is Malicious: No, Business Criticality: High, Provider Urgency: Medium, Package Popularity Score: 99, Impact: 5.99, Likelihood: 1.98, Score Version: V5		 Information Exposure
SNYK-JS-FOLLOWREDIRECTS-2332181		 Yes Proof of Concept
low severity 21/1000
Why? Confidentiality impact: Low, Integrity impact: None, Availability impact: None, Scope: Unchanged, Exploit Maturity: No data, User Interaction (UI): None, Privileges Required (PR): Low, Attack Complexity: High, Attack Vector: Adjacent, EPSS: 0.00133, Social Trends: No, Days since published: 827, Reachable: No, Transitive dependency: Yes, Is Malicious: No, Business Criticality: High, Provider Urgency: Low, Package Popularity Score: 99, Impact: 2.35, Likelihood: 0.877, Score Version: V5		 Information Exposure
SNYK-JS-FOLLOWREDIRECTS-2396346		 Yes No Known Exploit
high severity 158/1000
Why? Confidentiality impact: Low, Integrity impact: Low, Availability impact: Low, Scope: Unchanged, Exploit Maturity: Proof of Concept, User Interaction (UI): None, Privileges Required (PR): None, Attack Complexity: Low, Attack Vector: Network, EPSS: 0.00051, Social Trends: No, Days since published: 136, Reachable: No, Transitive dependency: Yes, Is Malicious: No, Business Criticality: High, Provider Urgency: High, Package Popularity Score: 99, Impact: 5.62, Likelihood: 2.81, Score Version: V5		 Improper Input Validation
SNYK-JS-FOLLOWREDIRECTS-6141137		 Yes Proof of Concept
medium severity 159/1000
Why? Confidentiality impact: High, Integrity impact: None, Availability impact: None, Scope: Unchanged, Exploit Maturity: Proof of Concept, User Interaction (UI): None, Privileges Required (PR): Low, Attack Complexity: Low, Attack Vector: Network, EPSS: 0.00044, Social Trends: No, Days since published: 62, Reachable: No, Transitive dependency: Yes, Is Malicious: No, Business Criticality: High, Provider Urgency: Medium, Package Popularity Score: 99, Impact: 5.99, Likelihood: 2.64, Score Version: V5		 Information Exposure
SNYK-JS-FOLLOWREDIRECTS-6444610		 Yes Proof of Concept
medium severity 63/1000
Why? Confidentiality impact: None, Integrity impact: None, Availability impact: Low, Scope: Unchanged, Exploit Maturity: Proof of Concept, User Interaction (UI): None, Privileges Required (PR): None, Attack Complexity: Low, Attack Vector: Network, EPSS: 0.01244, Social Trends: No, Days since published: 1220, Reachable: No, Transitive dependency: Yes, Is Malicious: No, Business Criticality: High, Provider Urgency: Medium, Package Popularity Score: 99, Impact: 2.35, Likelihood: 2.67, Score Version: V5		 Regular Expression Denial of Service (ReDoS)
SNYK-JS-GLOBPARENT-1016905		 Yes Proof of Concept
medium severity 141/1000
Why? Confidentiality impact: None, Integrity impact: None, Availability impact: High, Scope: Unchanged, Exploit Maturity: Proof of Concept, User Interaction (UI): None, Privileges Required (PR): None, Attack Complexity: Low, Attack Vector: Local, EPSS: 0.01055, Social Trends: No, Days since published: 168, Reachable: No, Transitive dependency: Yes, Is Malicious: No, Business Criticality: High, Provider Urgency: Medium, Package Popularity Score: 99, Impact: 5.99, Likelihood: 2.35, Score Version: V5		 Missing Release of Resource after Effective Lifetime
SNYK-JS-INFLIGHT-6095116		 Yes Proof of Concept
high severity 125/1000
Why? Confidentiality impact: None, Integrity impact: None, Availability impact: High, Scope: Unchanged, Exploit Maturity: No data, User Interaction (UI): None, Privileges Required (PR): None, Attack Complexity: Low, Attack Vector: Network, EPSS: 0.01055, Social Trends: No, Days since published: 3, Reachable: No, Transitive dependency: Yes, Is Malicious: No, Business Criticality: High, Provider Urgency: High, Package Popularity Score: 99, Impact: 5.99, Likelihood: 2.08, Score Version: V5		 Inefficient Regular Expression Complexity
SNYK-JS-MICROMATCH-6838728		 Yes No Known Exploit
medium severity 63/1000
Why? Confidentiality impact: None, Integrity impact: Low, Availability impact: None, Scope: Unchanged, Exploit Maturity: Proof of Concept, User Interaction (UI): None, Privileges Required (PR): None, Attack Complexity: Low, Attack Vector: Network, EPSS: 0.00068, Social Trends: No, Days since published: 861, Reachable: No, Transitive dependency: Yes, Is Malicious: No, Business Criticality: High, Provider Urgency: Medium, Package Popularity Score: 99, Impact: 2.35, Likelihood: 2.64, Score Version: V5		 Open Redirect
SNYK-JS-NODEFORGE-2330875		 Yes Proof of Concept
medium severity 99/1000
Why? Confidentiality impact: Low, Integrity impact: Low, Availability impact: Low, Scope: Unchanged, Exploit Maturity: No data, User Interaction (UI): None, Privileges Required (PR): Low, Attack Complexity: Low, Attack Vector: Network, EPSS: 0.01055, Social Trends: No, Days since published: 858, Reachable: No, Transitive dependency: Yes, Is Malicious: No, Business Criticality: High, Provider Urgency: Medium, Package Popularity Score: 99, Impact: 5.62, Likelihood: 1.75, Score Version: V5		 Prototype Pollution
SNYK-JS-NODEFORGE-2331908		 Yes No Known Exploit
medium severity 94/1000
Why? Confidentiality impact: Low, Integrity impact: Low, Availability impact: Low, Scope: Unchanged, Exploit Maturity: No data, User Interaction (UI): None, Privileges Required (PR): None, Attack Complexity: High, Attack Vector: Network, EPSS: 0.00071, Social Trends: No, Days since published: 788, Reachable: No, Transitive dependency: Yes, Is Malicious: No, Business Criticality: High, Provider Urgency: Medium, Package Popularity Score: 99, Impact: 5.62, Likelihood: 1.67, Score Version: V5		 Improper Verification of Cryptographic Signature
SNYK-JS-NODEFORGE-2430337		 Yes No Known Exploit
high severity 107/1000
Why? Confidentiality impact: Low, Integrity impact: Low, Availability impact: Low, Scope: Unchanged, Exploit Maturity: No data, User Interaction (UI): None, Privileges Required (PR): None, Attack Complexity: Low, Attack Vector: Network, EPSS: 0.00072, Social Trends: No, Days since published: 788, Reachable: No, Transitive dependency: Yes, Is Malicious: No, Business Criticality: High, Provider Urgency: High, Package Popularity Score: 99, Impact: 5.62, Likelihood: 1.89, Score Version: V5		 Improper Verification of Cryptographic Signature
SNYK-JS-NODEFORGE-2430339		 Yes No Known Exploit
medium severity 94/1000
Why? Confidentiality impact: Low, Integrity impact: Low, Availability impact: Low, Scope: Unchanged, Exploit Maturity: No data, User Interaction (UI): None, Privileges Required (PR): None, Attack Complexity: High, Attack Vector: Network, EPSS: 0.00062, Social Trends: No, Days since published: 788, Reachable: No, Transitive dependency: Yes, Is Malicious: No, Business Criticality: High, Provider Urgency: Medium, Package Popularity Score: 99, Impact: 5.62, Likelihood: 1.67, Score Version: V5		 Improper Verification of Cryptographic Signature
SNYK-JS-NODEFORGE-2430341		 Yes No Known Exploit
high severity 115/1000
Why? Confidentiality impact: None, Integrity impact: None, Availability impact: High, Scope: Unchanged, Exploit Maturity: No data, User Interaction (UI): None, Privileges Required (PR): None, Attack Complexity: Low, Attack Vector: Network, EPSS: 0.01055, Social Trends: No, Days since published: 823, Reachable: No, Transitive dependency: Yes, Is Malicious: No, Business Criticality: High, Provider Urgency: High, Package Popularity Score: 99, Impact: 5.99, Likelihood: 1.92, Score Version: V5		 Prototype Pollution
SNYK-JS-UNSETVALUE-2400660		 Yes No Known Exploit

(*) Note that the real score may have changed since the PR was raised.

Check the changes in this PR to ensure they won't cause issues with your project.

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information:
🧐 View latest project report

🛠 Adjust project settings

📚 Read more about Snyk's upgrade and patch logic

Learn how to fix vulnerabilities with free interactive lessons:

🦉 Server-Side Request Forgery (SSRF)
🦉 Regular Expression Denial of Service (ReDoS)
🦉 Cross-site Request Forgery (CSRF)
🦉 More lessons are available in Snyk Learn

Hawthorne001 and others added 6 commits February 20, 2024 13:49
@Hawthorne001
Create cmake-single-platform.yml
42c80b1
@Hawthorne001
Create msbuild.yml
37e4846
@Hawthorne001
Create c-cpp.yml
3120694
@snyk-bot
fix: upgrade firebase-admin from 5.10.0 to 5.13.1
99eb0f3 
Snyk has created this PR to upgrade firebase-admin from 5.10.0 to 5.13.1.

See this package in npm:
https://www.npmjs.com/package/firebase-admin

See this project in Snyk:
https://app.snyk.io/org/hawthorne001/project/6cb08067-7e0f-4511-9766-bfe74f81f1eb?utm_source=github&utm_medium=referral&page=upgrade-pr
@Hawthorne001
Merge pull request #27 from Hawthorne001/snyk-upgrade-5036a15392c1236…
62c091c 
…e0897c78dd9718bc3

[Snyk] Upgrade firebase-admin from 5.10.0 to 5.13.1
@snyk-io
fix: functions/testapp/functions/package.json & functions/testapp/fun…
8db8da5 
…ctions/package-lock.json to reduce vulnerabilities

The following vulnerabilities are fixed with an upgrade:
- https://snyk.io/vuln/SNYK-JS-AXIOS-1038255
- https://snyk.io/vuln/SNYK-JS-AXIOS-1579269
- https://snyk.io/vuln/SNYK-JS-AXIOS-174505
- https://snyk.io/vuln/SNYK-JS-AXIOS-6032459
- https://snyk.io/vuln/SNYK-JS-AXIOS-6124857
- https://snyk.io/vuln/SNYK-JS-AXIOS-6144788
- https://snyk.io/vuln/SNYK-JS-BRACES-6838727
- https://snyk.io/vuln/SNYK-JS-FOLLOWREDIRECTS-2332181
- https://snyk.io/vuln/SNYK-JS-FOLLOWREDIRECTS-2396346
- https://snyk.io/vuln/SNYK-JS-FOLLOWREDIRECTS-6141137
- https://snyk.io/vuln/SNYK-JS-FOLLOWREDIRECTS-6444610
- https://snyk.io/vuln/SNYK-JS-GLOBPARENT-1016905
- https://snyk.io/vuln/SNYK-JS-INFLIGHT-6095116
- https://snyk.io/vuln/SNYK-JS-MICROMATCH-6838728
- https://snyk.io/vuln/SNYK-JS-NODEFORGE-2330875
- https://snyk.io/vuln/SNYK-JS-NODEFORGE-2331908
- https://snyk.io/vuln/SNYK-JS-NODEFORGE-2430337
- https://snyk.io/vuln/SNYK-JS-NODEFORGE-2430339
- https://snyk.io/vuln/SNYK-JS-NODEFORGE-2430341
- https://snyk.io/vuln/SNYK-JS-UNSETVALUE-2400660
@socket-security
Copy link
Copy Markdown

socket-security bot commented May 17, 2024

New and removed dependencies detected. Learn more about Socket for GitHub ↗︎

Package New capabilities Transitives Size Publisher
npm/@firebase/app-types@0.6.1 None 0 9.46 kB chholland
npm/@firebase/auth-interop-types@0.1.5 None 0 2.05 kB chholland
npm/@firebase/component@0.1.19 None 0 110 kB chholland
npm/@firebase/database-types@0.5.2 None 0 5.7 kB chholland
npm/@firebase/database@0.6.13 environment 0 6.42 MB chholland
npm/@firebase/logger@0.2.6 None 0 75.1 kB chholland
npm/@firebase/util@0.3.2 None 0 662 kB chholland
npm/@google-cloud/firestore@4.15.1 environment 0 5.53 MB google-wombot
npm/@google-cloud/paginator@3.0.7 None 0 48.7 kB google-wombot
npm/@google-cloud/projectify@2.1.1 None 0 30.9 kB google-wombot
npm/@google-cloud/promisify@2.0.4 None 0 35.3 kB google-wombot
npm/@google-cloud/storage@5.20.5 environment, filesystem 0 759 kB google-wombot
npm/@grpc/grpc-js@1.6.12 environment, filesystem, network +7 7 MB murgatroid99
npm/@grpc/proto-loader@0.6.13 filesystem 0 73.3 kB murgatroid99
npm/@tootallnate/once@2.0.0 None 0 16.3 kB tootallnate
npm/@types/node@10.17.60 None 0 632 kB types
npm/ansi-styles@4.3.0 None 0 17 kB sindresorhus
npm/arrify@2.0.1 None 0 3.19 kB sindresorhus
npm/async-retry@1.3.3 None 0 5.21 kB leerobinson
npm/base64-js@1.5.1 None 0 9.62 kB feross
npm/bignumber.js@9.1.2 None 0 351 kB mikemcl
npm/cliui@7.0.4 None 0 30.6 kB oss-bot
npm/color-convert@2.0.1 None 0 27.2 kB qix
npm/color-name@1.1.4 None 0 6.69 kB dfcreative
npm/compressible@2.0.18 None 0 7.36 kB dougwilson
npm/configstore@5.0.1 None 0 7.61 kB sindresorhus
npm/crypto-random-string@2.0.0 None 0 3.93 kB sindresorhus
npm/dicer@0.3.1 None 0 48.3 kB mscdex
npm/dot-prop@5.3.0 None 0 9.61 kB sindresorhus
npm/duplexify@4.1.3 None 0 18.3 kB mafintosh
npm/end-of-stream@1.4.4 None 0 6.23 kB mafintosh
npm/escalade@3.1.2 filesystem 0 11.6 kB lukeed
npm/fast-text-encoding@1.0.6 None 0 32.2 kB samthor
npm/faye-websocket@0.11.3 network 0 30.7 kB jcoglan
npm/firebase-admin@9.0.0 environment, filesystem, network 0 879 kB google-wombot
npm/gaxios@4.3.3 environment, network 0 68.1 kB google-wombot
npm/gcp-metadata@4.3.1 environment 0 59.6 kB google-wombot
npm/get-caller-file@2.0.5 None 0 4.72 kB stefanpenner
npm/google-auth-library@7.14.1 environment, filesystem, shell +2 453 kB google-wombot
npm/google-gax@2.30.5 environment, filesystem, network, shell +1 14.2 MB google-wombot
npm/google-p12-pem@3.1.4 filesystem +1 1.68 MB google-wombot
npm/graceful-fs@4.2.11 environment, filesystem 0 32.5 kB isaacs
npm/gtoken@5.3.2 filesystem 0 36.4 kB google-wombot
npm/hash-stream-validation@0.2.4 None 0 9.07 kB stephenplusplus
npm/http-proxy-agent@5.0.0 network 0 17.1 kB tootallnate
npm/is-obj@2.0.0 None 0 2.82 kB sindresorhus
npm/is-stream@2.0.1 None 0 5.93 kB sindresorhus
npm/json-bigint@1.0.0 None 0 37.3 kB sidorares
npm/jsonwebtoken@8.5.1 None +1 80.6 kB ziluvatar
npm/lru-cache@6.0.0 None 0 15.6 kB isaacs
npm/mime@3.0.0 None 0 60.1 kB broofa
npm/node-forge@0.9.2 None 0 1.7 MB davidlehn
npm/object-hash@3.0.0 None 0 58.9 kB addaleax
npm/p-limit@3.1.0 None 0 7.75 kB sindresorhus
npm/proto3-json-serializer@0.1.9 None 0 81.4 kB google-wombot
npm/pump@3.0.0 filesystem 0 7.78 kB mafintosh
npm/pumpify@2.0.1 None 0 10.2 kB mafintosh
npm/require-directory@2.1.1 filesystem 0 12.1 kB troygoode
npm/retry@0.13.1 None 0 18.9 kB tim-kos
npm/semver@5.7.2 None 0 63.3 kB lukekarrys
npm/signal-exit@3.0.7 None 0 9.96 kB isaacs
npm/stream-shift@1.0.3 None 0 4.46 kB mafintosh
npm/streamsearch@1.1.0 None 0 16.6 kB mscdex
npm/teeny-request@7.2.0 environment, network 0 64.4 kB google-wombot
npm/tslib@1.14.1 None 0 34 kB typescript-bot
npm/typedarray-to-buffer@3.1.5 None 0 8.84 kB feross
npm/unique-string@2.0.0 None 0 2.88 kB sindresorhus
npm/uuid@8.3.2 None 0 116 kB ctavan
npm/wrap-ansi@7.0.0 None 0 10.6 kB sindresorhus
npm/write-file-atomic@3.0.3 filesystem 0 12.8 kB isaacs
npm/xdg-basedir@4.0.0 None 0 5.69 kB sindresorhus
npm/y18n@5.0.8 filesystem 0 23.4 kB oss-bot
npm/yargs-parser@20.2.9 environment, filesystem 0 124 kB oss-bot
npm/yargs@16.2.0 environment, filesystem 0 286 kB oss-bot

🚮 Removed packages: npm/@firebase/app-types@0.3.10, npm/@firebase/app@0.3.17, npm/@firebase/database-types@0.3.11, npm/@firebase/database@0.3.20, npm/@firebase/logger@0.1.13, npm/@firebase/util@0.2.14, npm/@google-cloud/common@0.16.2, npm/@google-cloud/firestore@0.15.4, npm/@google-cloud/storage@1.6.0, npm/@mapbox/node-pre-gyp@1.0.11, npm/@mrmlnc/readdir-enhanced@2.2.1, npm/@nodelib/fs.stat@1.1.3, npm/@types/bytebuffer@5.0.49, npm/@types/caseless@0.12.5, npm/@types/duplexify@3.6.4, npm/@types/google-cloud__storage@1.1.7, npm/@types/long@3.0.32, npm/@types/node@8.9.5, npm/@types/request@2.48.12, npm/@types/tough-cookie@4.0.5, npm/abbrev@1.1.1, npm/acorn-es7-plugin@1.1.7, npm/acorn@5.7.4, npm/ajv@6.12.6, npm/aproba@2.0.0, npm/are-we-there-yet@2.0.0, npm/arr-diff@4.0.0, npm/arr-flatten@1.1.0, npm/arr-union@3.1.0, npm/array-buffer-byte-length@1.0.1, npm/array-filter@1.0.0, npm/array-union@1.0.2, npm/array-uniq@1.0.3, npm/array-unique@0.3.2, npm/arraybuffer.prototype.slice@1.0.3, npm/arrify@1.0.1, npm/ascli@1.0.1, npm/asn1@0.2.3, npm/assert-plus@1.0.0, npm/assign-symbols@1.0.0, npm/async@2.6.0, npm/asynckit@0.4.0, npm/atob@2.1.2, npm/available-typed-arrays@1.0.7, npm/aws-sign2@0.7.0, npm/aws4@1.12.0, npm/axios@0.18.0, npm/balanced-match@1.0.2, npm/base@0.11.2, npm/bcrypt-pbkdf@1.0.1, npm/brace-expansion@1.1.11, npm/braces@2.3.2, npm/buffer-equal@1.0.0, npm/buffer-from@1.0.0, npm/bun@0.0.12, npm/bytebuffer@5.0.1, npm/cache-base@1.0.1, npm/call-bind@1.0.7, npm/call-me-maybe@1.0.2, npm/call-signature@0.0.2, npm/camelcase@2.1.1, npm/capture-stack-trace@1.0.0, npm/caseless@0.12.0, npm/chownr@2.0.0, npm/class-utils@0.3.6, npm/cliui@3.2.0, npm/code-point-at@1.1.0, npm/collection-visit@1.0.0, npm/color-support@1.1.3, npm/colour@0.7.1, npm/combined-stream@1.0.6, npm/component-emitter@1.3.1, npm/compressible@2.0.13, npm/concat-map@0.0.1, npm/concat-stream@1.6.2, npm/configstore@3.1.1, npm/console-control-strings@1.1.0, npm/copy-descriptor@0.1.1, npm/core-js@2.6.12, npm/core-util-is@1.0.2, npm/create-error-class@3.0.2, npm/crypto-random-string@1.0.0, npm/dashdash@1.14.1, npm/data-view-buffer@1.0.1, npm/data-view-byte-length@1.0.1, npm/data-view-byte-offset@1.0.0, npm/debug@3.1.0, npm/decamelize@1.2.0, npm/decode-uri-component@0.2.2, npm/deep-equal@1.1.2, npm/define-data-property@1.1.4, npm/define-properties@1.2.1, npm/define-property@2.0.2, npm/delayed-stream@1.0.0, npm/delegates@1.0.0, npm/detect-libc@2.0.3, npm/diff-match-patch@1.0.5, npm/dir-glob@2.0.0, npm/dom-storage@2.1.0, npm/dot-prop@4.2.0, npm/duplexify@3.7.1, npm/eastasianwidth@0.2.0, npm/ecc-jsbn@0.1.1, npm/empower-core@1.2.0, npm/empower@1.3.1, npm/end-of-stream@1.4.1, npm/es-abstract@1.23.3, npm/es-define-property@1.0.0, npm/es-errors@1.3.0, npm/es-object-atoms@1.0.0, npm/es-set-tostringtag@2.0.3, npm/es-to-primitive@1.2.1, npm/es6-promise@4.2.8, npm/es6-promisify@5.0.0, npm/espurify@1.8.1, npm/estraverse@4.3.0, npm/expand-brackets@2.1.4, npm/extend-shallow@3.0.2, npm/extglob@2.0.4, npm/extsprintf@1.3.0, npm/fast-glob@2.2.7, npm/fast-json-stable-stringify@2.1.0, npm/faye-websocket@0.11.1, npm/fill-range@4.0.0, npm/find-up@2.1.0, npm/firebase-admin@5.13.1, npm/follow-redirects@1.4.1, npm/for-each@0.3.3, npm/for-in@1.0.2, npm/forever-agent@0.6.1, npm/form-data@2.3.2, npm/fragment-cache@0.2.1, npm/fs-minipass@2.1.0, npm/fs.realpath@1.0.0, npm/function-bind@1.1.2, npm/function.prototype.name@1.1.6, npm/functions-have-names@1.2.3, npm/gauge@3.0.2, npm/gaxios@1.8.4, npm/gcp-metadata@0.6.3, npm/gcs-resumable-upload@0.9.0, npm/get-intrinsic@1.2.4, npm/get-symbol-description@1.0.2, npm/get-value@2.0.6, npm/getpass@0.1.7, npm/glob-parent@3.1.0, npm/glob-to-regexp@0.3.0, npm/glob@7.2.3, npm/globalthis@1.0.4, npm/globby@8.0.2, npm/google-auth-library@1.6.1, npm/google-auto-auth@0.9.7, npm/google-gax@0.17.1, npm/google-p12-pem@1.0.5, npm/google-proto-files@0.16.1, npm/gopd@1.0.1, npm/graceful-fs@4.1.11, npm/grpc@1.24.11, npm/gtoken@2.3.3, npm/har-schema@2.0.0, npm/har-validator@5.1.5, npm/has-bigints@1.0.2, npm/has-property-descriptors@1.0.2, npm/has-proto@1.0.3, npm/has-symbols@1.0.3, npm/has-tostringtag@1.0.2, npm/has-unicode@2.0.1, npm/has-value@1.0.0, npm/has-values@1.0.0, npm/hash-stream-validation@0.2.1, npm/hasown@2.0.2, npm/http-signature@1.2.0, npm/ignore@3.3.10, npm/indexof@0.0.1, npm/inflight@1.0.6, npm/internal-slot@1.0.7, npm/invert-kv@1.0.0, npm/is-accessor-descriptor@1.0.1, npm/is-arguments@1.1.1, npm/is-array-buffer@3.0.4, npm/is-bigint@1.0.4, npm/is-boolean-object@1.1.2, npm/is-buffer@1.1.6, npm/is-callable@1.2.7, npm/is-data-descriptor@1.0.1, npm/is-data-view@1.0.1, npm/is-date-object@1.0.5, npm/is-descriptor@1.0.3, npm/is-extendable@1.0.1, npm/is-extglob@2.1.1, npm/is-glob@4.0.3, npm/is-negative-zero@2.0.3, npm/is-number-object@1.0.7, npm/is-number@3.0.0, npm/is-obj@1.0.1, npm/is-plain-object@2.0.4, npm/is-regex@1.1.4, npm/is-shared-array-buffer@1.0.3, npm/is-string@1.0.7, npm/is-symbol@1.0.4, npm/is-typed-array@1.1.13, npm/is-weakref@1.0.2, npm/is-windows@1.0.2, npm/is@3.2.1, npm/isarray@1.0.0, npm/isobject@3.0.1, npm/isstream@0.1.2, npm/jsbn@0.1.1, npm/json-schema-traverse@0.4.1, npm/json-schema@0.2.3, npm/json-stringify-safe@5.0.1, npm/jsonwebtoken@8.1.0, npm/jsprim@1.4.1, npm/kind-of@6.0.3, npm/lcid@1.0.0, npm/locate-path@2.0.0, npm/lodash.clone@4.5.0, npm/lodash.merge@4.6.2, npm/log-driver@1.2.7, npm/lru-cache@4.1.5, npm/make-dir@1.2.0, npm/map-cache@0.2.2, npm/map-visit@1.0.0, npm/merge2@1.4.1, npm/methmeth@1.1.0, npm/micromatch@3.1.10, npm/mime@2.2.0, npm/minimatch@3.1.2, npm/minipass@5.0.0, npm/minizlib@2.1.2, npm/mixin-deep@1.3.2, npm/mkdirp@1.0.4, npm/modelo@4.2.3, npm/nan@2.19.0, npm/nanomatch@1.2.13, npm/node-forge@0.7.4, npm/nopt@5.0.0, npm/npmlog@5.0.1, npm/number-is-nan@1.0.1, npm/oauth-sign@0.9.0, npm/object-copy@0.1.0, npm/object-inspect@1.13.1, npm/object-is@1.1.6, npm/object-keys@1.1.1, npm/object-visit@1.0.1, npm/object.assign@4.1.5, npm/object.pick@1.3.0, npm/optjs@3.2.2, npm/os-locale@1.4.0, npm/p-limit@1.3.0, npm/p-locate@2.0.0, npm/p-try@1.0.0, npm/pascalcase@0.1.1, npm/path-dirname@1.0.2, npm/path-exists@3.0.0, npm/path-is-absolute@1.0.1, npm/path-type@3.0.0, npm/performance-now@2.1.0, npm/pify@3.0.0, npm/pkg-up@2.0.0, npm/posix-character-classes@0.1.1, npm/possible-typed-array-names@1.0.0, npm/power-assert-context-formatter@1.2.0, npm/power-assert-context-reducer-ast@1.2.0, npm/power-assert-context-traversal@1.2.0, npm/power-assert-formatter@1.4.1, npm/power-assert-renderer-assertion@1.2.0, npm/power-assert-renderer-base@1.1.1, npm/power-assert-renderer-comparison@1.2.0, npm/power-assert-renderer-diagram@1.2.0, npm/power-assert-renderer-file@1.2.0, npm/power-assert-util-string-width@1.2.0, npm/power-assert@1.6.1, npm/process-nextick-args@2.0.0, npm/pseudomap@1.0.2, npm/psl@1.9.0, npm/pump@2.0.1, npm/pumpify@1.4.0, npm/punycode@2.3.1, npm/readable-stream@2.3.5, npm/regex-not@1.0.2, npm/regexp.prototype.flags@1.5.2, npm/repeat-element@1.1.4, npm/repeat-string@1.6.1, npm/request@2.88.2, npm/resolve-url@0.2.1, npm/ret@0.1.15, npm/retry-axios@0.3.2, npm/retry-request@3.3.1, npm/rimraf@3.0.2, npm/safe-array-concat@1.1.2, npm/safe-regex-test@1.0.3, npm/safe-regex@1.1.0, npm/semver@7.6.2, npm/set-blocking@2.0.0, npm/set-function-length@1.2.2, npm/set-function-name@2.0.2, npm/set-value@2.0.1, npm/side-channel@1.0.6, npm/signal-exit@3.0.2, npm/slash@1.0.0, npm/snakeize@0.1.0, npm/snapdragon-node@2.1.1, npm/snapdragon-util@3.0.1, npm/snapdragon@0.8.2, npm/source-map-resolve@0.5.3, npm/source-map-url@0.4.1, npm/source-map@0.5.7, npm/split-array-stream@1.0.3, npm/split-string@3.1.0, npm/sshpk@1.14.1, npm/static-extend@0.1.2, npm/stream-shift@1.0.0, npm/string-format-obj@1.1.1, npm/string.prototype.trim@1.2.9, npm/string.prototype.trimend@1.0.8, npm/string.prototype.trimstart@1.0.8, npm/string_decoder@1.0.3, npm/stringifier@1.4.1, npm/tar@6.2.1, npm/through2@2.0.3, npm/to-object-path@0.3.0, npm/to-regex-range@2.1.1, npm/to-regex@3.0.2, npm/tough-cookie@2.5.0, npm/traverse@0.6.9, npm/tslib@1.9.3, npm/tunnel-agent@0.6.0, npm/tweetnacl@0.14.5, npm/type-name@2.0.2, npm/typed-array-buffer@1.0.2, npm/typed-array-byte-length@1.0.1, npm/typed-array-byte-offset@1.0.2, npm/typed-array-length@1.0.6, npm/typedarray.prototype.slice@1.0.3, npm/typedarray@0.0.6, npm/unbox-primitive@1.0.2, npm/union-value@1.0.1, npm/unique-string@1.0.0, npm/universal-deep-strict-equal@1.2.2, npm/unset-value@1.0.0, npm/uri-js@4.4.1, npm/urix@0.1.0, npm/use@3.1.1, npm/uuid@3.4.0, npm/verror@1.10.0, npm/which-boxed-primitive@1.0.2, npm/which-typed-array@1.1.15, npm/wide-align@1.1.5, npm/window-size@0.1.4, npm/wrap-ansi@2.1.0, npm/write-file-atomic@2.3.0, npm/xdg-basedir@3.0.0, npm/xmlhttprequest@1.8.0, npm/y18n@3.2.2, npm/yallist@2.1.2

View full report↗︎

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@Hawthorne001 @snyk-bot