Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Bump the npm_and_yarn group across 1 directory with 11 updates #132

Open
wants to merge 1 commit into
base: main
Choose a base branch
from

Conversation

dependabot[bot]
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github May 3, 2024

Bumps the npm_and_yarn group with 11 updates in the / directory:

Package From To
express 4.18.2 4.19.2
firebase-tools 12.9.1 13.6.0
browserify-sign 4.2.1 4.2.3
protobufjs 7.2.4 7.2.6
firebase-admin 11.11.1 12.1.0
ip 1.1.8 1.1.9
jose 4.15.3 4.15.5
jsrsasign 10.5.26 removed
@simplewebauthn/server 6.3.0-alpha.1 10.0.0
undici 5.26.5 5.28.4
firebase 10.7.1 10.11.1

Updates express from 4.18.2 to 4.19.2

Release notes

Sourced from express's releases.

4.19.2

What's Changed

Full Changelog: expressjs/express@4.19.1...4.19.2

4.19.1

What's Changed

Full Changelog: expressjs/express@4.19.0...4.19.1

4.19.0

What's Changed

New Contributors

Full Changelog: expressjs/express@4.18.3...4.19.0

4.18.3

Main Changes

Other Changes

... (truncated)

Changelog

Sourced from express's changelog.

4.19.2 / 2024-03-25

  • Improved fix for open redirect allow list bypass

4.19.1 / 2024-03-20

  • Allow passing non-strings to res.location with new encoding handling checks

4.19.0 / 2024-03-20

4.18.3 / 2024-02-29

Commits
  • 04bc627 4.19.2
  • da4d763 Improved fix for open redirect allow list bypass
  • 4f0f6cc 4.19.1
  • a003cfa Allow passing non-strings to res.location with new encoding handling checks f...
  • a1fa90f fixed un-edited version in history.md for 4.19.0
  • 11f2b1d build: fix build due to inconsistent supertest behavior in older versions
  • 084e365 4.19.0
  • 0867302 Prevent open redirect allow list bypass due to encodeurl
  • 567c9c6 Add note on how to update docs for new release (#5541)
  • 69a4cf2 deps: [email protected]
  • Additional commits viewable in compare view
Maintainer changes

This version was pushed to npm by wesleytodd, a new releaser for express since your current version.


Updates firebase-tools from 12.9.1 to 13.6.0

Release notes

Sourced from firebase-tools's releases.

v13.6.0

  • Released Firestore Emulator 1.19.4. This version fixes a minor bug with reserve ids and adds a reset endpoint for Datastore Mode.
  • Released PubSub Emulator 0.8.2. This version includes support for no_wrapper options.
  • Fixes issue where GitHub actions service account cannot add preview URLs to Auth authorized domains. (#6895)
  • Fixes issue where GOOGLE_CLOUD_QUOTA_PROJECT breaks functions source uploads (#6917)

v13.5.2

  • Fix hosting rewrite deployment bug for skipped functions (#6658).

v13.5.1

  • Release Emulator Suite UI v1.11.8 which adds support for Multiple DBs in the Emulator UI Firestore page via editing the URL. (#6874)

v13.5.0

  • Enable dynamic debugger port for functions + support for inspecting multiple codebases (#6854)
  • Inject an environment variable in the node functions emulator to tell the google-gax SDK not to look for the metadata service. (#6860)
  • Release Firestore Emulator 1.19.3 which fixes ancestor and namespace scope queries for Datastore Mode. This release also fixes internal errors seen across REST API and firebase-js-sdk.
  • v2 scheduled functions with explicit service accounts trigger eventarc to use that service account (#6858)
  • v2 event functions with explicit service accounts trigger eventarc to use that service account (#6859)

v13.4.1

  • Released Firestore emulator v1.19.2, which fixes some bugs affecting client SDKs when in Datastore Mode.
  • Fix demo projects + web frameworks with emulators (#6737)
  • Fix Next.js static routes with server actions (#6664)
  • Fixed an issue where GOOGLE_CLOUD_QUOTA_PROJECT was not correctly respected. (#6801)
  • Make VPC egress settings in functions parameterizeable (#6843)

v13.4.0

  • Added new commands for managing Firestore backups and restoring databases. (#6778)
  • Fixed quota attribution for Firebase Auth API calls. (#6819)

v13.3.1

  • Release Cloud Firestore emulator v1.19.1:
    • Adds support for Datastore Mode to the Firstore Emulator. Adds --database-mode flag to gcloud emulator firestore start command. Note that this is a preview feature and if you find any bugs, please file them here: https://github.com/firebase/firebase-tools/issues.
  • Improve FAH onboarding flow to connect backends with SCMs (#6764).
  • Fixed issue where GitHub actions would fail due to lack of permission. (#6791)

v13.3.0

  • Improved detection for when login has expired due to Google Cloud Session Control. (#1846)
  • Added support for Python 3.12. (#6679)
  • Fixed issues with internal utilities. (#6754)
  • Fixed an issue where firestore:delete wouldn't target the emulator when expected. (#6537)

v13.2.1

  • Fixed an issue where appdistribution:distribute would always attempt to run tests. (#6749)

v13.2.0

  • Added rudimentary email enumeration protection for auth emulator. (#6702)

... (truncated)

Commits

Updates browserify-sign from 4.2.1 to 4.2.3

Changelog

Sourced from browserify-sign's changelog.

v4.2.3 - 2024-03-05

Commits

v4.2.2 - 2023-10-25

Fixed

Commits

  • Only apps should have lockfiles 09a8995
  • [eslint] switch to eslint 83fe463
  • [meta] add npmignore and auto-changelog 4418183
  • [meta] fix package.json indentation 9ac5a5e
  • [Tests] migrate from travis to github actions d845d85
  • [Fix] sign: throw on unsupported padding scheme 8767739
  • [Fix] properly check the upper bound for DSA signatures 85994cd
  • [Tests] handle openSSL not supporting a scheme f5f17c2
  • [Deps] update bn.js, browserify-rsa, elliptic, parse-asn1, readable-stream, safe-buffer a67d0eb
  • [Dev Deps] update nyc, standard, tape cc5350b
  • [Tests] always run coverage; downgrade nyc 75ce1d5
  • [meta] add safe-publish-latest dcf49ce
  • [Tests] add npm run posttest 75dd8fd
  • [Dev Deps] update tape 3aec038
  • [Tests] skip unsupported schemes 703c83e
  • [Tests] node < 6 lacks array includes 3aa43cf
  • [Dev Deps] fix eslint range 98d4e0d
Commits
  • bf2c3ec v4.2.3
  • 9247adf [patch] widen support to 0.12
  • f427270 [Deps] update `parse-asn1
  • 87f3a35 [Dev Deps] update aud, npmignore, tape
  • fb261ce [Deps] update elliptic
  • 4d0ee49 [patch] drop minimum node support to v1
  • 9e2bf12 [Deps] pin hash-base to ~3.0, due to a breaking change
  • 168e16f [Deps] pin elliptic due to a breaking change
  • 37a4758 [actions] remove redundant finisher
  • 4af5a90 v4.2.2
  • Additional commits viewable in compare view
Maintainer changes

This version was pushed to npm by ljharb, a new releaser for browserify-sign since your current version.


Updates protobufjs from 7.2.4 to 7.2.6

Release notes

Sourced from protobufjs's releases.

protobufjs: v7.2.6

7.2.6 (2024-01-16)

Bug Fixes

  • report missing import properly in loadSync (#1960) (af3ff83)

protobufjs: v7.2.5

7.2.5 (2023-08-21)

Bug Fixes

Changelog

Sourced from protobufjs's changelog.

7.2.6 (2024-01-16)

Bug Fixes

  • report missing import properly in loadSync (#1960) (af3ff83)

7.2.5 (2023-08-21)

Bug Fixes

Commits

Updates firebase-admin from 11.11.1 to 12.1.0

Release notes

Sourced from firebase-admin's releases.

Firebase Admin Node.js SDK v12.1.0

New Features

  • feat(rc): Add server side Remote Config support (#2529)

Miscellaneous

  • [chore] Release 12.1.0 (#2532)
  • Fix minor typo (#2533)
  • chore: Excluding certain event_types from processing uid (#2370)
  • build(deps-dev): bump gulp from 4.0.2 to 5.0.0 (#2526)
  • build(deps-dev): bump @​firebase/app-compat from 0.2.29 to 0.2.30 (#2527)
  • build(deps): bump @​google-cloud/firestore from 7.5.0 to 7.6.0 (#2528)
  • build(deps): bump undici in /.github/actions/send-email (#2521)
  • build(deps-dev): bump @​firebase/auth-types from 0.12.0 to 0.12.1 (#2514)
  • build(deps-dev): bump mocha from 10.3.0 to 10.4.0 (#2513)
  • build(deps): bump @​types/node from 20.11.30 to 20.12.2 (#2516)
  • build(deps): bump @​google-cloud/firestore from 7.4.0 to 7.5.0 (#2517)
  • build(deps-dev): bump @​firebase/app-compat from 0.2.28 to 0.2.29 (#2510)
  • build(deps): bump @​google-cloud/storage from 7.7.0 to 7.9.0 (#2509)
  • build(deps-dev): bump @​microsoft/api-extractor from 7.42.3 to 7.43.0 (#2511)
  • build(deps): bump @​types/node from 20.11.24 to 20.11.30 (#2508)
  • [chore] Fixed links to rtdb api docs (#2501)
  • issue 2467: add async to send each loop to prevent local validation from throwing in an unknown state (#2469)
  • build(deps): bump @​fastify/busboy from 2.1.0 to 2.1.1 (#2491)
  • build(deps): bump follow-redirects in /.github/actions/send-email (#2497)
  • build(deps): bump @​google-cloud/firestore from 7.3.0 to 7.4.0 (#2499)
  • build(deps): bump jose from 4.15.4 to 4.15.5 (#2489)
  • build(deps-dev): bump @​microsoft/api-extractor from 7.42.0 to 7.42.3 (#2485)
  • build(deps): bump @​types/node from 20.11.19 to 20.11.24 (#2484)
  • build(deps-dev): bump @​firebase/app-compat from 0.2.27 to 0.2.28 (#2483)
  • build(deps-dev): bump @​microsoft/api-extractor from 7.40.3 to 7.42.0 (#2480)
  • build(deps-dev): bump eslint from 8.56.0 to 8.57.0 (#2473)
  • build(deps-dev): bump nock from 13.5.3 to 13.5.4 (#2475)
  • build(deps-dev): bump @​microsoft/api-extractor from 7.40.1 to 7.40.3 (#2465)
  • build(deps-dev): bump nock from 13.5.1 to 13.5.3 (#2463)
  • build(deps): bump @​types/node from 20.11.17 to 20.11.19 (#2464)
  • build(deps): bump undici in /.github/actions/send-email (#2459)
  • build(deps): bump @​types/node from 20.11.5 to 20.11.17 (#2455)
  • build(deps-dev): bump mocha from 10.2.0 to 10.3.0 (#2454)
  • build(deps-dev): bump @​microsoft/api-extractor from 7.39.4 to 7.40.1 (#2452)
  • [chore] Update Github action workflows to fix node version and set-output deprecation warnings (#2431)
  • [chore] Bump mailgun.js to v10.1.0 (#2451)
  • build(deps): bump @​google-cloud/firestore from 7.1.0 to 7.3.0 (#2446)
  • build(deps-dev): bump @​types/uuid from 9.0.7 to 9.0.8 (#2445)
  • build(deps-dev): bump @​firebase/app-compat from 0.2.25 to 0.2.27 (#2443)
  • build(deps-dev): bump @​types/sinon from 17.0.2 to 17.0.3 (#2442)
  • [chore] Bump @actions/core to ^1.10.1 to remove set-output warning and set action to use Node 20 (#2432)
  • build(deps-dev): bump ts-node from 10.9.1 to 10.9.2 (#2435)

... (truncated)

Commits
  • 67151e6 [chore] Release 12.1.0 (#2532)
  • ba20755 Fix minor typo (#2533)
  • 19c74dc chore: Excluding certain event_types from processing uid (#2370)
  • a833f4e feat(rc): Add server side Remote Config support (#2529)
  • a00de0c build(deps-dev): bump gulp from 4.0.2 to 5.0.0 (#2526)
  • 25b2c68 build(deps-dev): bump @​firebase/app-compat from 0.2.29 to 0.2.30 (#2527)
  • fa59e2a build(deps): bump @​google-cloud/firestore from 7.5.0 to 7.6.0 (#2528)
  • 34f0ac2 build(deps): bump undici in /.github/actions/send-email (#2521)
  • 837b69b build(deps-dev): bump @​firebase/auth-types from 0.12.0 to 0.12.1 (#2514)
  • e7ea83e build(deps-dev): bump mocha from 10.3.0 to 10.4.0 (#2513)
  • Additional commits viewable in compare view

Updates ip from 1.1.8 to 1.1.9

Commits

Updates jose from 4.15.3 to 4.15.5

Release notes

Sourced from jose's releases.

v4.15.5

Fixes

v4.15.4

Fixes

Changelog

Sourced from jose's changelog.

4.15.5 (2024-03-07)

Fixes

  • add a maxOutputLength option to zlib inflate (1b91d88)

4.15.4 (2023-10-14)

Fixes

Commits
  • 765aafd chore(release): 4.15.5
  • b36e45e test: add export check to x509 pem import tests
  • e839ecb test: stop testing JWE RSA1_5 Algorithm
  • 1b91d88 fix: add a maxOutputLength option to zlib inflate
  • 9ca2b24 build: remove release action
  • f3035d8 chore: cleanup after release
  • f0bb220 chore(release): 4.15.4
  • 6f38554 chore: bump dev deps
  • 936c9df fix(types): export GetKeyFunction (#592)
  • 5ac6619 chore: bump dev deps
  • Additional commits viewable in compare view

Removes jsrsasign

Updates @simplewebauthn/server from 6.3.0-alpha.1 to 10.0.0

Release notes

Sourced from @​simplewebauthn/server's releases.

v10.0.0 - The one that goes up to 20

Thanks for everything, Node 16 and Node 18, but it's time to move on! The headlining change of this release is the targeting of Node LTS v20+ as the minimum Node runtime. Additional developer-centric quality-of-life changes have also been made in the name of streamlining use of SimpleWebAuthn on both the back end and front end.

This release is packed with updates, so buckle up! Refactor advice for breaking changes is, as always, offered below.

Packages

  • @​simplewebauthn/browser@​10.0.0
  • @​simplewebauthn/server@​10.0.0
  • @​simplewebauthn/types@​10.0.0

Changes

  • [server] The minimum supported Node version has been raised to Node v20 (#531)
  • [server] user.displayName now defaults to an empty string if a value is not specified for userDisplayName when calling generateRegistrationOptions() (#538)
  • [browser] The browserSupportsWebAuthnAutofill() helper will no longer break in environments in which PublicKeyCredential is not present (#557, with thanks to @​clarafitzgerald)

Breaking Changes

  • [server] The following breaking changes were made in PR #529:
    • generateRegistrationOptions() now expects Base64URLString for excluded credential IDs
    • generateAuthenticationOptions() now expects Base64URLString for allowed credential IDs
    • credentialID returned from response verification methods is now a Base64URLString
    • AuthenticatorDevice.credentialID is now a Base64URLString
    • isoBase64URL.isBase64url() is now called isoBase64URL.isBase64URL()
  • [browser, server] The following breaking changes were made in PR #552:
    • generateRegistrationOptions() now accepts an optional Uint8Array instead of a string for userID
    • isoBase64URL.toString() and isoBase64URL.fromString() have been renamed
    • generateRegistrationOptions() will now generate random user IDs
    • user.id is now treated like a base64url string in startRegistration()
    • userHandle is now treated like a base64url string in startAuthentication()
  • [server] rpID is now a required argument when calling generateAuthenticationOptions() (#555)

[server] generateRegistrationOptions() now expects Base64URLString for excluded credential IDs

... (truncated)

Changelog

Sourced from @​simplewebauthn/server's changelog.

v10.0.0 - The one that goes up to 20

Thanks for everything, Node 16 and Node 18, but it's time to move on! The headlining change of this release is the targeting of Node LTS v20+ as the minimum Node runtime. Additional developer-centric quality-of-life changes have also been made in the name of streamlining use of SimpleWebAuthn on both the back end and front end.

This release is packed with updates, so buckle up! Refactor advice for breaking changes is, as always, offered below.

Packages

  • @​simplewebauthn/browser@​10.0.0
  • @​simplewebauthn/server@​10.0.0
  • @​simplewebauthn/types@​10.0.0

Changes

  • [server] The minimum supported Node version has been raised to Node v20 (#531)
  • [server] user.displayName now defaults to an empty string if a value is not specified for userDisplayName when calling generateRegistrationOptions() (#538)
  • [browser] The browserSupportsWebAuthnAutofill() helper will no longer break in environments in which PublicKeyCredential is not present (#557, with thanks to @​clarafitzgerald)

Breaking Changes

  • [server] The following breaking changes were made in PR #529:
    • generateRegistrationOptions() now expects Base64URLString for excluded credential IDs
    • generateAuthenticationOptions() now expects Base64URLString for allowed credential IDs
    • credentialID returned from response verification methods is now a Base64URLString
    • AuthenticatorDevice.credentialID is now a Base64URLString
    • isoBase64URL.isBase64url() is now called isoBase64URL.isBase64URL()
  • [browser, server] The following breaking changes were made in PR #552:
    • generateRegistrationOptions() now accepts an optional Uint8Array instead of a string for userID
    • isoBase64URL.toString() and isoBase64URL.fromString() have been renamed
    • generateRegistrationOptions() will now generate random user IDs
    • user.id is now treated like a base64url string in startRegistration()
    • userHandle is now treated like a base64url string in startAuthentication()
  • [server] rpID is now a required argument when calling generateAuthenticationOptions() (#555)

[server] generateRegistrationOptions() now expects Base64URLString for excluded credential IDs

... (truncated)

Commits
  • 81d9e49 chore(release): publish v10.0.0
  • 7a86e80 Modernize server method docstrings
  • eb1988a Require rpID arg when generating auth options
  • b316c3f Update uses of base64url string methods
  • 84a2ea5 Clarify string encoding on isoBase64URL methods
  • a95489e Remove trailing close parenthesis
  • d470a1c Explicitly disallow string userIDs
  • 9ebd9ec Update generateRegistrationOptions tests
  • 4c3f693 Generate user IDs by default
  • b1b6d33 Add method to generate user IDs
  • Additional commits viewable in compare view

Updates undici from 5.26.5 to 5.28.4

Release notes

Sourced from undici's releases.

v5.28.4

⚠️ Security Release ⚠️

Full Changelog: nodejs/undici@v5.28.3...v5.28.4

v5.28.3

⚠️ Security Release ⚠️

Fixes:

Full Changelog: nodejs/undici@v5.28.2...v5.28.3

v5.28.2

What's Changed

New Contributors

Full Changelog: nodejs/undici@v5.28.1...v5.28.2

v5.28.1

What's Changed

... (truncated)

Commits

Updates firebase from 10.7.1 to 10.11.1

Commits

Bumps the npm_and_yarn group with 11 updates in the / directory:

| Package | From | To |
| --- | --- | --- |
| [express](https://github.com/expressjs/express) | `4.18.2` | `4.19.2` |
| [firebase-tools](https://github.com/firebase/firebase-tools) | `12.9.1` | `13.6.0` |
| [browserify-sign](https://github.com/crypto-browserify/browserify-sign) | `4.2.1` | `4.2.3` |
| [protobufjs](https://github.com/protobufjs/protobuf.js) | `7.2.4` | `7.2.6` |
| [firebase-admin](https://github.com/firebase/firebase-admin-node) | `11.11.1` | `12.1.0` |
| [ip](https://github.com/indutny/node-ip) | `1.1.8` | `1.1.9` |
| [jose](https://github.com/panva/jose) | `4.15.3` | `4.15.5` |
| [jsrsasign](https://github.com/kjur/jsrsasign) | `10.5.26` | `removed` |
| [@simplewebauthn/server](https://github.com/MasterKale/SimpleWebAuthn/tree/HEAD/packages/server) | `6.3.0-alpha.1` | `10.0.0` |
| [undici](https://github.com/nodejs/undici) | `5.26.5` | `5.28.4` |
| [firebase](https://github.com/firebase/firebase-js-sdk) | `10.7.1` | `10.11.1` |



Updates `express` from 4.18.2 to 4.19.2
- [Release notes](https://github.com/expressjs/express/releases)
- [Changelog](https://github.com/expressjs/express/blob/master/History.md)
- [Commits](expressjs/express@4.18.2...4.19.2)

Updates `firebase-tools` from 12.9.1 to 13.6.0
- [Release notes](https://github.com/firebase/firebase-tools/releases)
- [Changelog](https://github.com/firebase/firebase-tools/blob/master/CHANGELOG.md)
- [Commits](firebase/firebase-tools@v12.9.1...v13.6.0)

Updates `browserify-sign` from 4.2.1 to 4.2.3
- [Changelog](https://github.com/browserify/browserify-sign/blob/main/CHANGELOG.md)
- [Commits](browserify/browserify-sign@v4.2.1...v4.2.3)

Updates `protobufjs` from 7.2.4 to 7.2.6
- [Release notes](https://github.com/protobufjs/protobuf.js/releases)
- [Changelog](https://github.com/protobufjs/protobuf.js/blob/master/CHANGELOG.md)
- [Commits](protobufjs/protobuf.js@protobufjs-v7.2.4...protobufjs-v7.2.6)

Updates `firebase-admin` from 11.11.1 to 12.1.0
- [Release notes](https://github.com/firebase/firebase-admin-node/releases)
- [Commits](firebase/firebase-admin-node@v11.11.1...v12.1.0)

Updates `ip` from 1.1.8 to 1.1.9
- [Commits](indutny/node-ip@v1.1.8...v1.1.9)

Updates `jose` from 4.15.3 to 4.15.5
- [Release notes](https://github.com/panva/jose/releases)
- [Changelog](https://github.com/panva/jose/blob/v4.15.5/CHANGELOG.md)
- [Commits](panva/jose@v4.15.3...v4.15.5)

Removes `jsrsasign`

Updates `@simplewebauthn/server` from 6.3.0-alpha.1 to 10.0.0
- [Release notes](https://github.com/MasterKale/SimpleWebAuthn/releases)
- [Changelog](https://github.com/MasterKale/SimpleWebAuthn/blob/master/CHANGELOG.md)
- [Commits](https://github.com/MasterKale/SimpleWebAuthn/commits/v10.0.0/packages/server)

Updates `undici` from 5.26.5 to 5.28.4
- [Release notes](https://github.com/nodejs/undici/releases)
- [Commits](nodejs/undici@v5.26.5...v5.28.4)

Updates `firebase` from 10.7.1 to 10.11.1
- [Release notes](https://github.com/firebase/firebase-js-sdk/releases)
- [Changelog](https://github.com/firebase/firebase-js-sdk/blob/master/CHANGELOG.md)
- [Commits](https://github.com/firebase/firebase-js-sdk/compare/[email protected]@10.11.1)

---
updated-dependencies:
- dependency-name: express
  dependency-type: direct:production
  dependency-group: npm_and_yarn
- dependency-name: firebase-tools
  dependency-type: direct:development
  dependency-group: npm_and_yarn
- dependency-name: browserify-sign
  dependency-type: indirect
  dependency-group: npm_and_yarn
- dependency-name: protobufjs
  dependency-type: indirect
  dependency-group: npm_and_yarn
- dependency-name: firebase-admin
  dependency-type: direct:production
  dependency-group: npm_and_yarn
- dependency-name: ip
  dependency-type: indirect
  dependency-group: npm_and_yarn
- dependency-name: jose
  dependency-type: indirect
  dependency-group: npm_and_yarn
- dependency-name: jsrsasign
  dependency-type: indirect
  dependency-group: npm_and_yarn
- dependency-name: "@simplewebauthn/server"
  dependency-type: direct:production
  dependency-group: npm_and_yarn
- dependency-name: undici
  dependency-type: indirect
  dependency-group: npm_and_yarn
- dependency-name: firebase
  dependency-type: direct:production
  dependency-group: npm_and_yarn
...

Signed-off-by: dependabot[bot] <[email protected]>
@dependabot dependabot bot added dependencies Pull requests that update a dependency file javascript Pull requests that update Javascript code labels May 3, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
dependencies Pull requests that update a dependency file javascript Pull requests that update Javascript code
Projects
None yet
Development

Successfully merging this pull request may close these issues.

0 participants