Skip to content
This repository has been archived by the owner on Sep 27, 2022. It is now read-only.

[Snyk] Security upgrade @google-cloud/datastore from 2.0.0 to 3.1.0 #58

Open
wants to merge 1 commit into
base: master
Choose a base branch
from

Conversation

snyk-bot
Copy link
Contributor

@snyk-bot snyk-bot commented Sep 5, 2021

Snyk has created this PR to fix one or more vulnerable packages in the `npm` dependencies of this project.

merge advice

Changes included in this PR

  • Changes to the following files to upgrade the vulnerable dependencies to a fixed version:
    • package.json

Vulnerabilities that will be fixed

With an upgrade:
Severity Priority Score (*) Issue Breaking Change Exploit Maturity
high severity 768/1000
Why? Proof of Concept exploit, Recently disclosed, Has a fix available, CVSS 7.5
Regular Expression Denial of Service (ReDoS)
SNYK-JS-AXIOS-1579269
Yes Proof of Concept

(*) Note that the real score may have changed since the PR was raised.

Commit messages
Package name: @google-cloud/datastore The new version differs by 77 commits.
  • 9933893 Release v3.1.0 (#327)
  • 7d9f77f build: create docs test npm scripts (#328)
  • 8a99d56 refactor: clean up types for tests (#325)
  • 9b39431 refactor: asyncify the system test (#324)
  • e8c72a2 build: test using @ grpc/grpc-js in CI (#323)
  • a2acca3 refactor(types): enable noImplicitAny for transaction.ts & request.ts (#305)
  • dc66029 docs: update contributing path in README (#322)
  • 315207a chore: move CONTRIBUTING.md to root (#321)
  • f45a5c0 docs: add lint/fix example to contributing guide (#319)
  • 95e127b Automerge by dpebot
  • a61b680 fix(deps): update dependency google-gax to ^0.25.0 (#316)
  • fd8248f docs(samples): Update Datastore snippet for read only transaction
  • a5cf576 chore(deps): update dependency eslint-config-prettier to v4 (#313)
  • 98e5899 feat: typings for gapic files (#307)
  • 61b4114 fix(deps): update dependency google-gax to ^0.24.0 (#312)
  • 860e209 build: ignore googleapis.com in doc link check (#311)
  • 51a5ce5 fix(types): Make gaxOptions optional in Transaction.rollback() (#310)
  • 4cd6019 docs(key): copy Datastore#key examples to Key ctor (#306)
  • 8a4a985 fix(deps): update dependency google-auth-library to v3 (#302)
  • f8a5240 chore: update year in the license headers. (#304)
  • 401b2e1 Release v3.0.1 (#301)
  • 177b11b fix: ship the build directory (#300)
  • 70ea500 build: check broken links in generated docs (#292)
  • f839e58 Release v3.0.0 (#298)

See the full diff

Check the changes in this PR to ensure they won't cause issues with your project.


Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information:
🧐 View latest project report

🛠 Adjust project settings

📚 Read more about Snyk's upgrade and patch logic

The following vulnerabilities are fixed with an upgrade:
- https://snyk.io/vuln/SNYK-JS-AXIOS-1579269
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

1 participant