Skip to content

[Snyk] Security upgrade actions-on-google from 1.11.0 to 2.0.0#28

Open
qnelo wants to merge 1 commit intomasterfrom
snyk-fix-f55f2b4ea1e1e0ccb54d0d18fdf0d81f
Open

[Snyk] Security upgrade actions-on-google from 1.11.0 to 2.0.0#28
qnelo wants to merge 1 commit intomasterfrom
snyk-fix-f55f2b4ea1e1e0ccb54d0d18fdf0d81f

Conversation

@qnelo
Copy link
Owner

@qnelo qnelo commented Jan 9, 2023

This PR was automatically created by Snyk using the credentials of a real user.


Snyk has created this PR to fix one or more vulnerable packages in the `npm` dependencies of this project.

Changes included in this PR

  • Changes to the following files to upgrade the vulnerable dependencies to a fixed version:
    • functions/package.json

Vulnerabilities that will be fixed

With an upgrade:
Severity Priority Score (*) Issue Breaking Change Exploit Maturity
low severity 461/1000
Why? Recently disclosed, Has a fix available, CVSS 3.5		 Regular Expression Denial of Service (ReDoS)
SNYK-JS-DEBUG-3227433		 Yes No Known Exploit

(*) Note that the real score may have changed since the PR was raised.

Commit messages
Package name: actions-on-google The new version differs by 34 commits.
  • b1a53d1 Update README and change version to 2.0.0
  • 54b37eb Merge branch 'master' into v2.0.0-alpha
  • 31a5c5b Basic unit tests for Arguments
  • e000de7 Merge "Add framework tests" into v2.0.0-alpha
  • e33e446 Add framework tests
  • 6968c5a Merge "Add disableOutputCheck flag for doc generation" into v2.0.0-alpha
  • 2c110d0 Basic unit tests for actionssdk.ts
  • 247d25b Add disableOutputCheck flag for doc generation
  • 32dda0f Add more tests
  • 1b133fc Work to publish client library reference on github pages
  • c76091f Unit tests for actionssdk/conversation
  • a1e3aed Add tests for assistant.ts
  • f17087d Add argument type documentation on UPDATES_USER_ID
  • 68f3c18 Remove plugins/utils/samples folders and scripts
  • 96ec7fd Throw custom error when response has not been set
  • 79694a6 Make non public properties more clear to be not public
  • a79af9b Fix default option mediaType being overwritten when undefined
  • e3e7bd0 Add support for Dialogflow followup events
  • 20ba1b6 Add support for Dialogflow incoming responses
  • 935d0f9 Add jsdoc starting from v1 jsdoc
  • d25edf0 Bump version to 2.0.0-alpha.4
  • 6d14b7f Add support for recently released features
  • ff17526 Bump version to 2.0.0-alpha.3
  • 4aebea7 Merge remote-tracking branch 'github/v2.0.0-alpha' into v2.0.0-alpha

See the full diff

Check the changes in this PR to ensure they won't cause issues with your project.

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information:
🧐 View latest project report

🛠 Adjust project settings

📚 Read more about Snyk's upgrade and patch logic

Learn how to fix vulnerabilities with free interactive lessons:

🦉 Regular Expression Denial of Service (ReDoS)

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@qnelo @snyk-bot