Skip to content

Commit

Permalink
Update @grpc/proto-loader dep to address protobufjs security issue (#…
Browse files Browse the repository at this point in the history 
…6442)
  • Loading branch information
@hsubox76
hsubox76 committed Jul 19, 2022
1 parent f36d627 commit 1703bb3
Show file tree
Hide file tree
Showing 10 changed files with 377 additions and 431 deletions.
6 changes: 6 additions & 0 deletions .changeset/cyan-buses-float.md
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,6 @@
---
'@firebase/firestore': patch
'@firebase/rules-unit-testing': patch
---

Update `@grpc/proto-loader` and `firebase-admin` dependencies to address `protobufjs` security issue.
6 changes: 4 additions & 2 deletions .github/workflows/test-all.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -20,10 +20,10 @@ jobs:
sudo apt-get update
sudo apt-get install google-chrome-stable
- uses: actions/checkout@v2
- name: Set up Node (14)
- name: Set up Node (16)
uses: actions/setup-node@v2
with:
node-version: 14.x
node-version: 16.x
- name: Bump Node memory limit
run: echo "NODE_OPTIONS=--max_old_space_size=4096" >> $GITHUB_ENV
- name: Test setup and yarn install
Expand All @@ -38,6 +38,8 @@ jobs:
run: |
xvfb-run yarn test:ci
node scripts/print_test_logs.js
env:
FIREBASE_TOKEN: ${{ secrets.FIREBASE_CLI_TOKEN }}
- name: Generate coverage file
run: yarn ci:coverage
- name: Run coverage
Expand Down
8 changes: 5 additions & 3 deletions .github/workflows/test-changed-misc.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -13,10 +13,10 @@ jobs:
with:
# This makes Actions fetch all Git history so run-changed script can diff properly.
fetch-depth: 0
- name: Set up Node (14)
- name: Set up Node (16)
uses: actions/setup-node@v2
with:
node-version: 14.x
node-version: 16.x
- name: install Chrome stable
run: |
sudo apt-get update
Expand All @@ -30,4 +30,6 @@ jobs:
- name: build
run: yarn build:changed misc
- name: Run tests
run: yarn test:changed misc
run: yarn test:changed misc
env:
FIREBASE_TOKEN: ${{ secrets.FIREBASE_CLI_TOKEN }}
2 changes: 1 addition & 1 deletion config/functions/package.json
View file
Original file line number Diff line number Diff line change
Expand Up @@ -3,7 +3,7 @@
"description": "Cloud Functions for Firebase",
"dependencies": {
"cors": "2.8.5",
"firebase-admin": "10.2.0",
"firebase-admin": "11.0.0",
"firebase-functions": "3.21.0"
},
"private": true,
Expand Down
2 changes: 1 addition & 1 deletion package.json
View file
Original file line number Diff line number Diff line change
Expand Up @@ -107,7 +107,7 @@
"express": "4.18.1",
"find-free-port": "2.0.0",
"firebase-functions": "3.21.0",
"firebase-tools": "9.23.3",
"firebase-tools": "11.2.2",
"glob": "7.2.0",
"http-server": "14.1.0",
"indexeddbshim": "8.0.0",
Expand Down
2 changes: 1 addition & 1 deletion packages/auth-compat/demo/functions/package.json
View file
Original file line number Diff line number Diff line change
Expand Up @@ -9,7 +9,7 @@
"logs": "firebase functions:log"
},
"dependencies": {
"firebase-admin": "10.2.0",
"firebase-admin": "11.0.0",
"firebase-functions": "3.21.0"
},
"private": true
Expand Down
2 changes: 1 addition & 1 deletion packages/auth/demo/functions/package.json
View file
Original file line number Diff line number Diff line change
Expand Up @@ -9,7 +9,7 @@
"logs": "firebase functions:log"
},
"dependencies": {
"firebase-admin": "10.2.0",
"firebase-admin": "11.0.0",
"firebase-functions": "3.21.0"
},
"private": true,
Expand Down
2 changes: 1 addition & 1 deletion packages/firestore/package.json
View file
Original file line number Diff line number Diff line change
Expand Up @@ -84,7 +84,7 @@
"@firebase/util": "1.6.3",
"@firebase/webchannel-wrapper": "0.6.2",
"@grpc/grpc-js": "^1.3.2",
"@grpc/proto-loader": "^0.6.0",
"@grpc/proto-loader": "^0.6.13",
"node-fetch": "2.6.7",
"tslib": "^2.1.0"
},
Expand Down
5 changes: 4 additions & 1 deletion packages/rules-unit-testing/functions/package.json
View file
Original file line number Diff line number Diff line change
Expand Up @@ -8,7 +8,10 @@
},
"private": true,
"dependencies": {
"firebase-admin": "10.2.0",
"firebase-admin": "11.0.0",
"firebase-functions": "3.21.0"
},
"engines": {
"node": "16"
}
}

0 comments on commit 1703bb3

Please sign in to comment.