Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[Snyk] Upgrade @google-cloud/logging-winston from 4.1.1 to 4.1.2 #18

Open
wants to merge 1 commit into
base: main
Choose a base branch
from
Open

[Snyk] Upgrade @google-cloud/logging-winston from 4.1.1 to 4.1.2 #18

wants to merge 1 commit into from

Conversation

snyk-bot
Copy link

@snyk-bot snyk-bot commented Mar 9, 2022

Snyk has created this PR to upgrade @google-cloud/logging-winston from 4.1.1 to 4.1.2.

merge advice
ℹ️ Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.

  • The recommended version is 1 version ahead of your current version.
  • The recommended version was released 21 days ago, on 2022-02-16.

The recommended version fixes:

Severity Issue PriorityScore (*) Exploit Maturity
Prototype Pollution
SNYK-JS-NODEFORGE-2331908		 315/1000
Why? CVSS 6.3		 No Known Exploit
Open Redirect
SNYK-JS-NODEFORGE-2330875		 315/1000
Why? CVSS 6.3		 Proof of Concept
Information Exposure
SNYK-JS-NODEFETCH-2342118		 315/1000
Why? CVSS 6.3		 No Known Exploit

(*) Note that the real score may have changed since the PR was raised.

Release notes
Package name: @google-cloud/logging-winston from @google-cloud/logging-winston GitHub release notes
Commit messages
Package name: @google-cloud/logging-winston
  • 0e9c573 chore(main): release 4.1.2 (#668)
  • 6fcda1e fix: Update dependency @ google-cloud/logging from 9.0.0 to 9.6.9 (#667)
  • 2519fcd docs(nodejs): version support policy edits (#1346) (#665)
  • 6a2c4c7 chore(deps): update actions/setup-node action to v2 (#662)
  • 30b0571 chore: Update blunderbuss settings to a new issues/pr reviewer (#661)
  • ba6bcd7 chore: add api_shortname and library_type to repo metadata (#646)
  • 389b428 build(node): switch back to keystore for publication (#1328) (#660)
  • dc1dae4 chore: update github issue templates (#1085) (#659)
  • 504bb6f test(nodejs): remove 15 add 16 (#1322) (#656)
  • c5b9b06 docs(badges): tweak badge to use new preview/stable language (#1314) (#649)
  • 2643c60 docs(node): support "stable"/"preview" release level (#1312) (#648)
  • 7af52ad Enable staleness and pull request size bots on repository (#647)
  • 3b93148 build: add generated samples to .eslintignore (#642)
  • ded20f5 chore(cloud-rad): delete api-extractor config (#635)
  • a95f6ae chore(deps): update dependency @ types/node to v16 (#633)
  • 3ac0f71 build(node): run linkinator against index.html (#1227) (#632)
  • fbe9ca2 chore: relocate owl bot post processor (#630)
  • 1d696f4 build: enable release-trigger bot (#1212) (#626)

Compare

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.

For more information:

🧐 View latest project report

🛠 Adjust upgrade PR settings

🔕 Ignore this dependency or unsubscribe from future upgrade PRs

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
1 participant
@snyk-bot