From db5e3589a06f9524271bf67321950b7739f08c5a Mon Sep 17 00:00:00 2001 From: Christina Holland Date: Wed, 26 Jan 2022 10:03:11 -0800 Subject: [PATCH 1/4] Bump node-fetch versions --- integration/messaging/package.json | 2 +- packages/auth-compat/package.json | 2 +- packages/auth/package.json | 2 +- packages/firestore/package.json | 2 +- packages/functions/package.json | 2 +- packages/rules-unit-testing/package.json | 2 +- packages/storage/package.json | 2 +- repo-scripts/changelog-generator/package.json | 2 +- 8 files changed, 8 insertions(+), 8 deletions(-) diff --git a/integration/messaging/package.json b/integration/messaging/package.json index a3f62b7f8ec..48cccec1170 100644 --- a/integration/messaging/package.json +++ b/integration/messaging/package.json @@ -15,7 +15,7 @@ "express": "4.17.1", "geckodriver": "2.0.4", "mocha": "9.1.1", - "node-fetch": "2.6.5", + "node-fetch": "2.6.7", "selenium-assistant": "6.1.0" } } diff --git a/packages/auth-compat/package.json b/packages/auth-compat/package.json index d3f75ab4294..3d723e03a0f 100644 --- a/packages/auth-compat/package.json +++ b/packages/auth-compat/package.json @@ -47,7 +47,7 @@ "@firebase/auth-types": "0.11.0", "@firebase/component": "0.5.10", "@firebase/util": "1.4.3", - "node-fetch": "2.6.5", + "node-fetch": "2.6.7", "selenium-webdriver": "^4.0.0-beta.2", "tslib": "^2.1.0" }, diff --git a/packages/auth/package.json b/packages/auth/package.json index 3b8454da97d..64832af8f2d 100644 --- a/packages/auth/package.json +++ b/packages/auth/package.json @@ -80,7 +80,7 @@ "@firebase/component": "0.5.10", "@firebase/logger": "0.3.2", "@firebase/util": "1.4.3", - "node-fetch": "2.6.5", + "node-fetch": "2.6.7", "selenium-webdriver": "4.0.0-rc-1", "tslib": "^2.1.0" }, diff --git a/packages/firestore/package.json b/packages/firestore/package.json index b1903e1c2fe..4691d95bed9 100644 --- a/packages/firestore/package.json +++ b/packages/firestore/package.json @@ -83,7 +83,7 @@ "@firebase/webchannel-wrapper": "0.6.1", "@grpc/grpc-js": "^1.3.2", "@grpc/proto-loader": "^0.6.0", - "node-fetch": "2.6.5", + "node-fetch": "2.6.7", "tslib": "^2.1.0" }, "peerDependencies": { diff --git a/packages/functions/package.json b/packages/functions/package.json index 7b03b8df6a8..e243744d0ed 100644 --- a/packages/functions/package.json +++ b/packages/functions/package.json @@ -66,7 +66,7 @@ "@firebase/auth-interop-types": "0.1.6", "@firebase/app-check-interop-types": "0.1.0", "@firebase/util": "1.4.3", - "node-fetch": "2.6.5", + "node-fetch": "2.6.7", "tslib": "^2.1.0" }, "nyc": { diff --git a/packages/rules-unit-testing/package.json b/packages/rules-unit-testing/package.json index 867e3357566..fffca9291cf 100644 --- a/packages/rules-unit-testing/package.json +++ b/packages/rules-unit-testing/package.json @@ -39,6 +39,6 @@ "url": "https://github.com/firebase/firebase-js-sdk/issues" }, "dependencies": { - "node-fetch": "2.6.5" + "node-fetch": "2.6.7" } } diff --git a/packages/storage/package.json b/packages/storage/package.json index a062621d389..5b4bd891766 100644 --- a/packages/storage/package.json +++ b/packages/storage/package.json @@ -43,7 +43,7 @@ "dependencies": { "@firebase/util": "1.4.3", "@firebase/component": "0.5.10", - "node-fetch": "2.6.5", + "node-fetch": "2.6.7", "tslib": "^2.1.0" }, "peerDependencies": { diff --git a/repo-scripts/changelog-generator/package.json b/repo-scripts/changelog-generator/package.json index 6f9026fc554..93759895287 100644 --- a/repo-scripts/changelog-generator/package.json +++ b/repo-scripts/changelog-generator/package.json @@ -18,7 +18,7 @@ "dependencies": { "@changesets/types": "3.3.0", "@changesets/get-github-info": "0.5.0", - "node-fetch": "2.6.5", + "node-fetch": "2.6.7", "@types/node-fetch": "2.5.12" }, "license": "Apache-2.0", From 75a76ab06d5d51c8da2cf149405e0f78a339411f Mon Sep 17 00:00:00 2001 From: Christina Holland Date: Wed, 26 Jan 2022 10:03:36 -0800 Subject: [PATCH 2/4] new yarn.lock --- yarn.lock | 9 ++++++++- 1 file changed, 8 insertions(+), 1 deletion(-) diff --git a/yarn.lock b/yarn.lock index 5fb5ae129b1..0154c8ba87e 100644 --- a/yarn.lock +++ b/yarn.lock @@ -11918,7 +11918,14 @@ node-emoji@^1.4.1: dependencies: lodash "^4.17.21" -node-fetch@2.6.5, node-fetch@^2.5.0, node-fetch@^2.6.1: +node-fetch@2.6.7: + version "2.6.7" + resolved "https://registry.npmjs.org/node-fetch/-/node-fetch-2.6.7.tgz#24de9fba827e3b4ae44dc8b20256a379160052ad" + integrity sha512-ZjMPFEfVx5j+y2yF35Kzx5sF7kDzxuDj6ziH4FFbOp87zKDZNx8yExJIb05OGF4Nlt9IHFIMBkRl41VdvcNdbQ== + dependencies: + whatwg-url "^5.0.0" + +node-fetch@^2.5.0, node-fetch@^2.6.1: version "2.6.5" resolved "https://registry.npmjs.org/node-fetch/-/node-fetch-2.6.5.tgz#42735537d7f080a7e5f78b6c549b7146be1742fd" integrity sha512-mmlIVHJEu5rnIxgEgez6b9GgWXbkZj5YZ7fx+2r94a2E+Uirsp6HsPTPlomfdHtpt/B0cdKviwkoaM6pyvUOpQ== From 737680d1d0c0c29faba97d2dbbf94d71ce180b36 Mon Sep 17 00:00:00 2001 From: Christina Holland Date: Wed, 26 Jan 2022 11:44:58 -0800 Subject: [PATCH 3/4] add changeset --- .changeset/metal-apes-double.md | 12 ++++++++++++ 1 file changed, 12 insertions(+) create mode 100644 .changeset/metal-apes-double.md diff --git a/.changeset/metal-apes-double.md b/.changeset/metal-apes-double.md new file mode 100644 index 00000000000..ddfe60e9a34 --- /dev/null +++ b/.changeset/metal-apes-double.md @@ -0,0 +1,12 @@ +--- +'firebase-messaging-integration-test': patch +'@firebase/auth': patch +'@firebase/auth-compat': patch +'@firebase/firestore': patch +'@firebase/functions': patch +'@firebase/rules-unit-testing': patch +'@firebase/storage': patch +'@firebase/changelog-generator': patch +--- + +Upgrade `node-fetch` dependency due to a security issue. From d57807f813a68a4f4cea55550a71087dec4886c2 Mon Sep 17 00:00:00 2001 From: Christina Holland Date: Wed, 26 Jan 2022 11:47:27 -0800 Subject: [PATCH 4/4] rm ignored packages from changeset --- .changeset/metal-apes-double.md | 2 -- 1 file changed, 2 deletions(-) diff --git a/.changeset/metal-apes-double.md b/.changeset/metal-apes-double.md index ddfe60e9a34..7be2ab634ee 100644 --- a/.changeset/metal-apes-double.md +++ b/.changeset/metal-apes-double.md @@ -1,12 +1,10 @@ --- -'firebase-messaging-integration-test': patch '@firebase/auth': patch '@firebase/auth-compat': patch '@firebase/firestore': patch '@firebase/functions': patch '@firebase/rules-unit-testing': patch '@firebase/storage': patch -'@firebase/changelog-generator': patch --- Upgrade `node-fetch` dependency due to a security issue.