[Snyk] Fix for 1 vulnerabilities by snyk-bot · Pull Request #19 · linnovate/service-providers

snyk-bot · 2022-07-04T18:51:44Z

Snyk has created this PR to fix one or more vulnerable packages in the `npm` dependencies of this project.

Changes included in this PR

Changes to the following files to upgrade the vulnerable dependencies to a fixed version:
- package.json

Vulnerabilities that will be fixed

With an upgrade:

Severity	Priority Score (*)	Issue	Breaking Change	Exploit Maturity
	584/1000 Why? Has a fix available, CVSS 7.4	Regular Expression Denial of Service (ReDoS) SNYK-JS-HAWK-2808852	Yes	No Known Exploit

(*) Note that the real score may have changed since the PR was raised.

Commit messages

Package name: google-auth-library

The new version differs by 8 commits.

480ab2d Prepare for 0.10.0 release. (#116)
341e9e3 Fix oauth2 token refresh (#109)
373a741 Add yarn.lock file. (#113)
aa7b8a1 Remove unused dependencies and upgrade remaining dependencies.
1f51a86 Improve repo licensing. (#115)
aa40bb7 Improve dev scripts. (#114)
de0044e bump jws version to 3.1.0 (#108)
968bf1c update dependencies and add david-dm badge (#106)

See the full diff

Package name: googleapis

The new version differs by 28 commits.

d08162b 16.0.0 (#692)
bfeae52 15.1.0 (#690)
f438584 Updates to scripts and dependencies. (#689)
47dc788 15.0.0 (#681)
5f8c16e 14.2.0 (#670)
8ff026c 14.1.0 (#662)
0fd222e chore(package): update async to version 2.1.0 (#649)
5551fdf Update README.md (#646)
5db75f4 14.0.0 (#642)
551c0e7 Fix bad link
548263f Bump version.
6bd1f34 13.0.0 (#634)
487f50b chore(package): update jsdoc to version 3.4.1 (#633)
585b2ef 12.4.0 (#624)
bc2c108 Add support for overriding request options. (#623)
769d760 Add Drive v3 API sample. (#617)
69ce9af 12.3.0 (#616)
acf67ca * Update doc gen to include schema info. (#614)
c3750a8 12.1.0 (#613)
1586e6f Upgrade request dependency, fixes #608 (#612)
d1af41b 12.0.0 (#607)
62a7c6c 11.0.0 (#602)
a67adf7 10.0.0 (#599)
f2eb11f 9.0.0 (#596)

See the full diff

Check the changes in this PR to ensure they won't cause issues with your project.

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information:
🧐 View latest project report

🛠 Adjust project settings

📚 Read more about Snyk's upgrade and patch logic

Learn how to fix vulnerabilities with free interactive lessons:

🦉 Learn about vulnerability in an interactive lesson of Snyk Learn.

The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-JS-HAWK-2808852

fix: package.json to reduce vulnerabilities

199bcdd

The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-JS-HAWK-2808852

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

[Snyk] Fix for 1 vulnerabilities#19

[Snyk] Fix for 1 vulnerabilities#19
snyk-bot wants to merge 1 commit intomasterfrom
snyk-fix-3cd56d98a2d28fabb4271cea97a72d74

snyk-bot commented Jul 4, 2022

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

1 participant

Comments

Conversation

snyk-bot commented Jul 4, 2022

Snyk has created this PR to fix one or more vulnerable packages in the `npm` dependencies of this project.

Changes included in this PR

Vulnerabilities that will be fixed

With an upgrade:

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

1 participant

Comments