build(deps): bump firebase from 3.9.0 to 10.9.0 in /examples/ssr/hn2 #153

dependabot · 2024-11-18T21:01:44Z

Bumps firebase from 3.9.0 to 10.9.0.

Release notes

4.5.2

Fixes

Fixed a regression where the react-native property was missing from the firebase package.json

Fixed a regression where the value of firebase.SDK_VERSION wasn't properly being populated.

Commits

1eb302f Version Packages (#8063)
b498867 Merge master into release
ce88e71 snapshot listeners source from cache (#7982)
6d487d7 Prevent using authTokenSyncURL if the string begins with a double slash (#8060)
b4d59d6 Merge master into release
2b22838 Fix glob pattern to work with Node 20 and its NPM version (#8059)
feb5038 Update CI node.js versions to 20.x (#8055)
245dd26 Enforce authTokenSyncURL being a path and not a url. (#8056)
e60188d Version Packages (#8046)
7e2efbf Merge master into release
Additional commits viewable in compare view

Maintainer changes

This version was pushed to npm by google-wombot, a new releaser for firebase since your current version.

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

@dependabot rebase will rebase this PR
@dependabot recreate will recreate this PR, overwriting any edits that have been made to it
@dependabot merge will merge this PR after your CI passes on it
@dependabot squash and merge will squash and merge this PR after your CI passes on it
@dependabot cancel merge will cancel a previously requested merge and block automerging
@dependabot reopen will reopen this PR if it is closed
@dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
@dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
@dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
@dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
@dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
You can disable automated security fix PRs for this repo from the Security Alerts page.

Bumps [firebase](https://github.com/firebase/firebase-js-sdk) from 3.9.0 to 10.9.0. - [Release notes](https://github.com/firebase/firebase-js-sdk/releases) - [Changelog](https://github.com/firebase/firebase-js-sdk/blob/main/CHANGELOG.md) - [Commits](https://github.com/firebase/firebase-js-sdk/compare/@firebase/[email protected]@10.9.0) --- updated-dependencies: - dependency-name: firebase dependency-type: direct:production ... Signed-off-by: dependabot[bot] <[email protected]>

ibcheckmarx · 2024-11-18T21:13:43Z

Checkmarx One – Scan Summary & Details – 49af97a4-9b79-40d6-acc4-3ba09d20e571

New Issues

Issue	Source File / Package	Checkmarx Insight
CVE-2022-37611	Npm-gh-pages-1.1.0	Vulnerable Package
CVE-2024-40643	Npm-htmlparser2-3.10.1	Vulnerable Package
CVE-2024-40643	Npm-htmlparser2-3.9.2	Vulnerable Package
CVE-2024-40643	Npm-htmlparser2-3.3.0	Vulnerable Package
CVE-2024-42461	Npm-elliptic-6.4.0	Vulnerable Package
CVE-2024-42461	Npm-elliptic-6.4.1	Vulnerable Package
CVE-2024-48949	Npm-elliptic-6.4.1	Vulnerable Package
CVE-2024-48949	Npm-elliptic-6.4.0	Vulnerable Package
CVE-2020-26311	Npm-useragent-2.3.0	Vulnerable Package
CVE-2022-37620	Npm-html-minifier-3.5.5	Vulnerable Package
CVE-2022-37620	Npm-html-minifier-3.5.16	Vulnerable Package
CVE-2022-37620	Npm-html-minifier-3.5.8	Vulnerable Package
CVE-2022-37620	Npm-html-minifier-3.5.21	Vulnerable Package
CVE-2024-21536	Npm-http-proxy-middleware-0.17.3	Vulnerable Package
CVE-2024-21536	Npm-http-proxy-middleware-0.18.0	Vulnerable Package
CVE-2024-21536	Npm-http-proxy-middleware-0.19.2	Vulnerable Package
CVE-2024-21536	Npm-http-proxy-middleware-0.17.4	Vulnerable Package
CVE-2024-21536	Npm-http-proxy-middleware-0.19.1	Vulnerable Package
CVE-2024-27088	Npm-es5-ext-0.10.45	Vulnerable Package
CVE-2024-27088	Npm-es5-ext-0.10.49	Vulnerable Package
CVE-2024-27088	Npm-es5-ext-0.10.30	Vulnerable Package
CVE-2024-27088	Npm-es5-ext-0.10.38	Vulnerable Package
CVE-2024-29180	Npm-webpack-dev-middleware-3.4.0	Vulnerable Package
CVE-2024-29180	Npm-webpack-dev-middleware-3.6.2	Vulnerable Package
CVE-2024-29180	Npm-webpack-dev-middleware-1.12.0	Vulnerable Package
CVE-2024-29180	Npm-webpack-dev-middleware-2.0.5	Vulnerable Package
CVE-2024-29180	Npm-webpack-dev-middleware-3.6.0	Vulnerable Package
CVE-2024-29180	Npm-webpack-dev-middleware-1.12.2	Vulnerable Package
CVE-2024-29180	Npm-webpack-dev-middleware-2.0.6	Vulnerable Package
CVE-2024-29180	Npm-webpack-dev-middleware-1.10.1	Vulnerable Package
CVE-2024-29415	Npm-ip-1.0.1	Vulnerable Package
CVE-2024-29415	Npm-ip-1.1.9	Vulnerable Package
CVE-2024-29415	Npm-ip-1.1.5	Vulnerable Package
CVE-2024-33883	Npm-ejs-2.6.1	Vulnerable Package
CVE-2024-33883	Npm-ejs-2.5.7	Vulnerable Package
CVE-2024-37890	Npm-ws-4.0.0	Vulnerable Package
CVE-2024-37890	Npm-ws-4.1.0	Vulnerable Package
CVE-2024-37890	Npm-ws-3.2.0	Vulnerable Package
CVE-2024-37890	Npm-ws-2.3.1	Vulnerable Package
CVE-2024-37890	Npm-ws-6.1.3	Vulnerable Package
CVE-2024-37890	Npm-ws-3.3.3	Vulnerable Package
CVE-2024-38355	Npm-socket.io-2.1.1	Vulnerable Package
CVE-2024-4068	Npm-braces-0.1.5	Vulnerable Package
CVE-2024-4068	Npm-braces-2.3.0	Vulnerable Package
CVE-2024-4068	Npm-braces-2.3.2	Vulnerable Package
CVE-2024-4068	Npm-braces-1.8.5	Vulnerable Package
CVE-2024-45296	Npm-path-to-regexp-0.1.7	Vulnerable Package
CVE-2024-45296	Npm-path-to-regexp-1.7.0	Vulnerable Package
CVE-2024-45590	Npm-body-parser-1.19.0	Vulnerable Package
CVE-2024-45590	Npm-body-parser-1.18.3	Vulnerable Package
CVE-2024-45590	Npm-body-parser-1.18.2	Vulnerable Package
CVE-2019-18799	Npm-node-sass-4.5.3	Vulnerable Package
CVE-2020-8244	Npm-bl-1.2.2	Vulnerable Package
CVE-2024-28849	Npm-follow-redirects-1.6.1	Vulnerable Package
CVE-2024-28849	Npm-follow-redirects-1.7.0	Vulnerable Package
CVE-2024-28863	Npm-tar-4.3.3	Vulnerable Package
CVE-2024-28863	Npm-tar-2.2.1	Vulnerable Package
CVE-2024-28863	Npm-tar-4.4.8	Vulnerable Package
CVE-2024-28863	Npm-tar-4.4.1	Vulnerable Package
CVE-2024-29041	Npm-express-4.15.4	Vulnerable Package
CVE-2024-29041	Npm-express-4.16.4	Vulnerable Package
CVE-2024-29041	Npm-express-4.16.3	Vulnerable Package
CVE-2024-29041	Npm-express-4.15.2	Vulnerable Package
CVE-2024-29041	Npm-express-4.16.2	Vulnerable Package
CVE-2024-29041	Npm-express-4.14.1	Vulnerable Package
CVE-2024-34343	Npm-nuxt-1.4.1	Vulnerable Package
CVE-2024-34343	Npm-nuxt-1.3.0	Vulnerable Package
CVE-2024-34343	Npm-nuxt-1.0.0-rc11	Vulnerable Package
CVE-2024-36361	Npm-pug-code-gen-2.0.0	Vulnerable Package
CVE-2024-4067	Npm-micromatch-2.3.11	Vulnerable Package
CVE-2024-4067	Npm-micromatch-3.1.10	Vulnerable Package
CVE-2024-4067	Npm-micromatch-3.1.5	Vulnerable Package
CVE-2024-42459	Npm-elliptic-6.4.0	Vulnerable Package
CVE-2024-42459	Npm-elliptic-6.4.1	Vulnerable Package
CVE-2024-42460	Npm-elliptic-6.4.1	Vulnerable Package
CVE-2024-42460	Npm-elliptic-6.4.0	Vulnerable Package
CVE-2024-43796	Npm-express-4.16.3	Vulnerable Package
CVE-2024-43796	Npm-express-4.14.1	Vulnerable Package
CVE-2024-43796	Npm-express-4.15.2	Vulnerable Package
CVE-2024-43796	Npm-express-4.16.2	Vulnerable Package
CVE-2024-43796	Npm-express-4.15.4	Vulnerable Package
CVE-2024-43796	Npm-express-4.16.4	Vulnerable Package
CVE-2024-43799	Npm-send-0.15.4	Vulnerable Package
CVE-2024-43799	Npm-send-0.15.1	Vulnerable Package
CVE-2024-43799	Npm-send-0.16.1	Vulnerable Package
CVE-2024-43799	Npm-send-0.14.2	Vulnerable Package
CVE-2024-43799	Npm-send-0.16.2	Vulnerable Package
CVE-2024-43799	Npm-send-0.15.5	Vulnerable Package
CVE-2024-43800	Npm-serve-static-1.12.1	Vulnerable Package
CVE-2024-43800	Npm-serve-static-1.12.5	Vulnerable Package
CVE-2024-43800	Npm-serve-static-1.12.4	Vulnerable Package
CVE-2024-43800	Npm-serve-static-1.13.1	Vulnerable Package
CVE-2024-43800	Npm-serve-static-1.11.2	Vulnerable Package
CVE-2024-43800	Npm-serve-static-1.13.2	Vulnerable Package
CVE-2024-47068	Npm-rollup-0.50.0	Vulnerable Package
CVE-2024-47068	Npm-rollup-0.66.6	Vulnerable Package
CVE-2024-47764	Npm-cookie-0.3.1	Vulnerable Package
CVE-2024-6783	Npm-vue-template-compiler-2.5.13	Vulnerable Package
CVE-2024-6783	Npm-vue-template-compiler-2.5.16	Vulnerable Package
CVE-2024-6783	Npm-vue-template-compiler-2.7.16	Vulnerable Package
CVE-2024-6783	Npm-vue-template-compiler-2.6.6	Vulnerable Package
CVE-2024-6783	Npm-vue-template-compiler-2.4.4	Vulnerable Package
CVE-2024-6783	Npm-vue-template-compiler-2.1.10	Vulnerable Package
CVE-2024-6783	Npm-vue-template-compiler-2.2.4	Vulnerable Package
CVE-2024-6783	Npm-vue-template-compiler-2.6.10	Vulnerable Package
CVE-2024-30260	Npm-undici-5.28.3	Vulnerable Package
CVE-2024-30261	Npm-undici-5.28.3	Vulnerable Package
CVE-2024-48948	Npm-elliptic-6.4.1	Vulnerable Package
CVE-2024-48948	Npm-elliptic-6.4.0	Vulnerable Package
CVE-2024-9506	Npm-vue-template-compiler-2.6.6	Vulnerable Package
CVE-2024-9506	Npm-vue-server-renderer-2.6.10	Vulnerable Package
CVE-2024-9506	Npm-vue-2.6.10	Vulnerable Package
CVE-2024-9506	Npm-vue-template-compiler-2.6.10	Vulnerable Package
CVE-2024-9506	Npm-vue-2.6.6	Vulnerable Package
CVE-2024-9506	Npm-vue-template-compiler-2.5.13	Vulnerable Package
CVE-2024-9506	Npm-vue-2.7.16	Vulnerable Package
CVE-2024-9506	Npm-vue-server-renderer-2.4.4	Vulnerable Package
CVE-2024-9506	Npm-vue-2.1.10	Vulnerable Package
CVE-2024-9506	Npm-vue-server-renderer-2.7.16	Vulnerable Package
CVE-2024-9506	Npm-vue-2.5.13	Vulnerable Package
CVE-2024-9506	Npm-vue-template-compiler-2.5.16	Vulnerable Package
CVE-2024-9506	Npm-@vue/compiler-sfc-2.7.16	Vulnerable Package
CVE-2024-9506	Npm-vue-template-compiler-2.2.4	Vulnerable Package
CVE-2024-9506	Npm-vue-2.4.4	Vulnerable Package
CVE-2024-9506	Npm-vue-server-renderer-2.5.16	Vulnerable Package
CVE-2024-9506	Npm-vue-2.5.16	Vulnerable Package
CVE-2024-9506	Npm-vue-server-renderer-2.5.13	Vulnerable Package
CVE-2024-9506	Npm-vue-template-compiler-2.7.16	Vulnerable Package
CVE-2024-9506	Npm-vue-2.2.4	Vulnerable Package
CVE-2024-9506	Npm-vue-template-compiler-2.4.4	Vulnerable Package
CVE-2024-9506	Npm-vue-template-compiler-2.1.10	Vulnerable Package

Fixed Issues

Severity	Issue	Source File / Package
	CVE-2017-18214	Npm-moment-2.18.1
	CVE-2022-23539	Npm-jsonwebtoken-7.4.0
	CVE-2022-23540	Npm-jsonwebtoken-7.4.0
	Cxab55612e-3a56	Npm-braces-3.0.2
	Cxab55612e-3a56	Npm-braces-1.8.5
	Cxab55612e-3a56	Npm-braces-0.1.5
	Cxab55612e-3a56	Npm-braces-2.3.0
	Cxab55612e-3a56	Npm-braces-2.3.2
	Cxca84a1c2-1f12	Npm-micromatch-3.1.10
	Cxca84a1c2-1f12	Npm-micromatch-3.1.5
	Cxca84a1c2-1f12	Npm-micromatch-2.3.11
	Cxf6e7f2c1-dc59	Npm-yauzl-2.4.1
	Cxf6e7f2c1-dc59	Npm-yauzl-2.10.0
	CVE-2022-23541	Npm-jsonwebtoken-7.4.0
	Cx65afcea4-5e85	Npm-event-pubsub-4.3.0
	Cxba768ce4-aa4e	Npm-node-ipc-9.1.1
	Cxc785342e-d1eb	Npm-js-message-1.0.5
	Cxe84e5215-7539	Npm-js-queue-2.0.0
	Cxf9de4751-620f	Npm-easy-stack-1.0.0

dependabot bot added the dependencies Pull requests that update a dependency file label Nov 18, 2024

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

build(deps): bump firebase from 3.9.0 to 10.9.0 in /examples/ssr/hn2 #153

build(deps): bump firebase from 3.9.0 to 10.9.0 in /examples/ssr/hn2 #153

dependabot bot commented on behalf of github Nov 18, 2024

ibcheckmarx commented Nov 18, 2024

build(deps): bump firebase from 3.9.0 to 10.9.0 in /examples/ssr/hn2 #153

Are you sure you want to change the base?

build(deps): bump firebase from 3.9.0 to 10.9.0 in /examples/ssr/hn2 #153

Conversation

dependabot bot commented on behalf of github Nov 18, 2024

4.5.2

Fixes

ibcheckmarx commented Nov 18, 2024

New Issues

Fixed Issues