[Snyk] Security upgrade googleapis-common from 0.7.2 to 2.0.0 #13

takeratta · 2023-06-20T17:35:43Z

This PR was automatically created by Snyk using the credentials of a real user.

Snyk has created this PR to fix one or more vulnerable packages in the `npm` dependencies of this project.

Changes included in this PR

Changes to the following files to upgrade the vulnerable dependencies to a fixed version:
- src/apis/sqladmin/package.json

Vulnerabilities that will be fixed

With an upgrade:

Severity	Priority Score (*)	Issue	Breaking Change	Exploit Maturity
	658/1000 Why? Proof of Concept exploit, Recently disclosed, Has a fix available, CVSS 5.3	Regular Expression Denial of Service (ReDoS) SNYK-JS-SEMVER-3247795	Yes	Proof of Concept

(*) Note that the real score may have changed since the PR was raised.

Commit messages

Package name: googleapis-common

The new version differs by 36 commits.

b4798a7 chore: release 2.0.0 ([Snyk] Security upgrade googleapis-common from 0.7.2 to 2.0.0 #128)
5f83c34 fix(deps): update dependency google-auth-library to v4 ([Snyk] Security upgrade googleapis-common from 0.7.2 to 2.0.0 #127)
3cbd1d4 chore(deps): update dependency ts-loader to v6 ([Snyk] Security upgrade googleapis-common from 0.7.2 to 2.0.0 #126)
4920fbc build: only pipe to codecov if tests run on Node 10 ([Snyk] Security upgrade googleapis-common from 0.7.2 to 2.0.0 #122)
d96a0a9 build: allow Node 10 on presubmit to push to codecov ([Snyk] Security upgrade googleapis-common from 0.7.2 to 2.0.0 #125)
1e3f6a1 build: allow Node 10 to push to codecov ([Snyk] Security upgrade googleapis-common from 0.7.2 to 2.0.0 #124)
2f90265 build: patch Windows container, fixing Node 10 ([Snyk] Security upgrade googleapis-common from 0.7.2 to 2.0.0 #123)
5b4c1a6 chore(deps): update dependency null-loader to v1 ([Snyk] Security upgrade googleapis-common from 0.7.2 to 2.0.0 #113)
7fdb4f7 chore(deps): update dependency @ types/nock to v10 ([Snyk] Security upgrade googleapis-common from 0.7.2 to 2.0.0 #115)
0db9055 fix(deps): update dependency gaxios to v2 ([Snyk] Security upgrade googleapis-common from 0.7.2 to 2.0.0 #116)
5cf2732 chore(deps): update dependency gts to v1 ([Snyk] Security upgrade googleapis-common from 0.7.2 to 2.0.0 #114)
584ac85 chore: do not run CI on grpc-js ([Snyk] Security upgrade googleapis-common from 0.7.2 to 2.0.0 #120)
ba257e8 build!: upgrade engines field to >=8.10.0 ([Snyk] Security upgrade googleapis-common from 0.7.2 to 2.0.0 #119)
c671c5d chore: removing node6 CI ([Snyk] Security upgrade googleapis-common from 0.7.2 to 2.0.0 #118)
a839d2e update to .nycrc with --all enabled ([Snyk] Security upgrade googleapis-common from 0.7.2 to 2.0.0 #117)
fa558e2 chore(deps): update dependency nyc to v14 ([Snyk] Security upgrade googleapis-common from 0.7.2 to 2.0.0 #111)
e08507a chore(deps): update dependency is-docker to v2 ([Snyk] Security upgrade googleapis-common from 0.7.2 to 2.0.0 #112)
489a819 chore(deps): update dependency @ types/tmp to v0.1.0
ade153b chore(deps): update dependency typescript to ~3.4.0
143c2c2 Release v1.0.0 ([Snyk] Security upgrade googleapis-common from 0.7.2 to 2.0.0 #107)
1defd62 feat: retry requests by default ([Snyk] Security upgrade googleapis-common from 0.7.2 to 2.0.0 #104)
aefab0d chore: publish to npm using wombat ([Snyk] Security upgrade googleapis-common from 0.7.2 to 2.0.0 #101)
aa728dc build: use per-repo publish token ([Snyk] Security upgrade googleapis-common from 0.7.2 to 2.0.0 #100)
d5645ad build: Add docuploader credentials to node publish jobs ([Snyk] Fix for 1 vulnerabilities #98)

See the full diff

Check the changes in this PR to ensure they won't cause issues with your project.

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information:
🧐 View latest project report

🛠 Adjust project settings

📚 Read more about Snyk's upgrade and patch logic

Learn how to fix vulnerabilities with free interactive lessons:

🦉 Regular Expression Denial of Service (ReDoS)

The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-JS-SEMVER-3247795

fix: src/apis/sqladmin/package.json to reduce vulnerabilities

af8cf88

The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-JS-SEMVER-3247795

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

[Snyk] Security upgrade googleapis-common from 0.7.2 to 2.0.0 #13

[Snyk] Security upgrade googleapis-common from 0.7.2 to 2.0.0 #13

takeratta commented Jun 20, 2023

[Snyk] Security upgrade googleapis-common from 0.7.2 to 2.0.0 #13

Are you sure you want to change the base?

[Snyk] Security upgrade googleapis-common from 0.7.2 to 2.0.0 #13

Conversation

takeratta commented Jun 20, 2023

Snyk has created this PR to fix one or more vulnerable packages in the `npm` dependencies of this project.

Changes included in this PR

Vulnerabilities that will be fixed

With an upgrade: