[Snyk] Upgrade @google-cloud/debug-agent from 4.0.1 to 4.2.2

[EitanGayor]

This PR was automatically created by Snyk using the credentials of a real user.

Snyk has created this PR to upgrade @google-cloud/debug-agent from 4.0.1 to 4.2.2.

ℹ️ Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.

---

• The recommended version is 7 versions ahead of your current version.
• The recommended version was released 4 years ago, on 2020-01-23.

The recommended version fixes:

Severity	Issue	PriorityScore (*)	Exploit Maturity
	Regular Expression Denial of Service (ReDoS) SNYK-JS-ACORN-559469	375/1000 Why? CVSS 7.5	No Known Exploit
	Command Injection SNYK-JS-LODASH-1040724	375/1000 Why? CVSS 7.5	Proof of Concept
	Prototype Pollution SNYK-JS-LODASH-567746	375/1000 Why? CVSS 7.5	Proof of Concept
	Prototype Pollution SNYK-JS-LODASH-608086	375/1000 Why? CVSS 7.5	Proof of Concept
	Prototype Pollution SNYK-JS-NODEFORGE-598677	375/1000 Why? CVSS 7.5	Proof of Concept
	Regular Expression Denial of Service (ReDoS) SNYK-JS-SEMVER-3247795	375/1000 Why? CVSS 7.5	Proof of Concept
	Regular Expression Denial of Service (ReDoS) SNYK-JS-ACORN-559469	375/1000 Why? CVSS 7.5	No Known Exploit
	Prototype Pollution SNYK-JS-GRPC-598671	375/1000 Why? CVSS 7.5	Proof of Concept
	Prototype Pollution SNYK-JS-INI-1048974	375/1000 Why? CVSS 7.5	Proof of Concept
	Regular Expression Denial of Service (ReDoS) SNYK-JS-SEMVER-3247795	375/1000 Why? CVSS 7.5	Proof of Concept
	Arbitrary File Overwrite SNYK-JS-TAR-1536528	375/1000 Why? CVSS 7.5	No Known Exploit
	Arbitrary File Overwrite SNYK-JS-TAR-1536531	375/1000 Why? CVSS 7.5	No Known Exploit
	Arbitrary File Write SNYK-JS-TAR-1579147	375/1000 Why? CVSS 7.5	No Known Exploit
	Arbitrary File Write SNYK-JS-TAR-1579152	375/1000 Why? CVSS 7.5	No Known Exploit
	Arbitrary File Write SNYK-JS-TAR-1579155	375/1000 Why? CVSS 7.5	No Known Exploit
	Prototype Pollution SNYK-JS-Y18N-1021887	375/1000 Why? CVSS 7.5	Proof of Concept
	Regular Expression Denial of Service (ReDoS) SNYK-JS-LODASH-1018905	375/1000 Why? CVSS 7.5	Proof of Concept
	Information Exposure SNYK-JS-NODEFETCH-2342118	375/1000 Why? CVSS 7.5	No Known Exploit
	Denial of Service SNYK-JS-NODEFETCH-674311	375/1000 Why? CVSS 7.5	No Known Exploit
	Regular Expression Denial of Service (ReDoS) SNYK-JS-MINIMATCH-3050818	375/1000 Why? CVSS 7.5	No Known Exploit
	Regular Expression Denial of Service (ReDoS) SNYK-JS-PATHPARSE-1077067	375/1000 Why? CVSS 7.5	Proof of Concept
	Prototype Pollution SNYK-JS-MINIMIST-559764	375/1000 Why? CVSS 7.5	Proof of Concept
	Prototype Pollution SNYK-JS-MINIMIST-559764	375/1000 Why? CVSS 7.5	Proof of Concept
	Regular Expression Denial of Service (ReDoS) SNYK-JS-HOSTEDGITINFO-1088355	375/1000 Why? CVSS 7.5	Proof of Concept
	Man-in-the-Middle (MitM) SNYK-JS-HTTPSPROXYAGENT-469131	375/1000 Why? CVSS 7.5	Proof of Concept
	Regular Expression Denial of Service (ReDoS) npm:debug:20170905	375/1000 Why? CVSS 7.5	Proof of Concept
	Prototype Pollution SNYK-JS-MINIMIST-2429795	375/1000 Why? CVSS 7.5	Proof of Concept
	Prototype Pollution SNYK-JS-MINIMIST-2429795	375/1000 Why? CVSS 7.5	Proof of Concept
	Regular Expression Denial of Service (ReDoS) SNYK-JS-TAR-1536758	375/1000 Why? CVSS 7.5	No Known Exploit
	Regular Expression Denial of Service (ReDoS) npm:debug:20170905	375/1000 Why? CVSS 7.5	Proof of Concept

(*) Note that the real score may have changed since the PR was raised.

Release notes

Package name: @google-cloud/debug-agent

• 4.2.2 - 2020-01-23
  

  Bug Fixes

  • breakpoints work on windows (#815) (8309839), closes #795
• 4.2.1 - 2019-12-16
  

  Bug Fixes

  • deps: pin TypeScript below 3.7.0 (35589fb)
  • deps: update dependency semver to v7 (#800) (70edb78)
• 4.2.0 - 2019-11-21
  

  Features

  • improve experience when multiple files match a breakpoint location (#784) (8b50f38)

  Bug Fixes

  • docs: add jsdoc-region-tag plugin (#783) (94e7255)
• 4.1.0 - 2019-11-09
  

  Features

  • introduce javascriptFileExtensions config parameter. (#779) (bf79ce8)
• 4.0.4 - 2019-10-04
  

  Bug Fixes

  • deps: update dependency gcp-metadata to v3 (#757) (77d0d93)
• 4.0.3 - 2019-08-22
  

  Bug Fixes

  • correct column numbers for line-1 breakpoints (#751) (f6d4f76)
• 4.0.2 - 2019-08-21
  

  Bug Fixes

  • allow calls with no request, add JSON proto (bb1bcc9)
  • warn if maxDataSize=0 (#744) (e322b6c)
  • deps: update @ sindresorhus/is to v1 (#747) (dac1102)
  • deps: update dependency acorn to v7 (#748) (ddc3629)
  • deps: use the latest extend (#735) (2d60f49)
  • docs: link to reference docs section on googleapis.dev (#724) (6d809e6)
• 4.0.1 - 2019-06-24
  

  Bug Fixes

  • docs: add repo-metadata file (#722) (1390590)

from @google-cloud/debug-agent GitHub release notes

Commit messages

Package name: @google-cloud/debug-agent

• d4e3184 chore: release 4.2.2 ([Snyk] Upgrade @grpc/proto-loader from 0.1.0 to 0.7.5 #816)
• 8309839 fix: breakpoints work on windows ([Snyk] Upgrade snyk from 1.101.1 to 1.1114.0 #815)
• d5a17b2 chore(deps): update dependency teeny-request to v6 ([Snyk] Upgrade @grpc/proto-loader from 0.1.0 to 0.7.5 #813)
• 24c5b30 chore(deps): update dependency @ types/estree to v0.0.42 ([Snyk] Upgrade @grpc/proto-loader from 0.1.0 to 0.7.5 #810)
• b2cc780 chore(deps): update dependency mocha to v7 ([Snyk] Upgrade snyk from 1.101.1 to 1.1111.0 #809)
• d6ec749 chore: update .nycrc
• cee4991 chore(deps): update dependency execa to v4 ([Snyk] Upgrade snyk from 1.101.1 to 1.1108.0 #801)
• fedc60e refactor: use explicit mocha imports ([Snyk] Upgrade @grpc/proto-loader from 0.1.0 to 0.7.5 #807)
• c295588 chore(deps): update dependency @ types/estree to v0.0.41 ([Snyk] Upgrade snyk from 1.101.1 to 1.1109.0 #805)
• 64a9b5d docs: update jsdoc license/samples-README ([Snyk] Upgrade body-parser from 1.9.0 to 1.20.2 #802)
• a183b08 chore: release 4.2.1 ([Snyk] Upgrade @grpc/proto-loader from 0.1.0 to 0.7.5 #799)
• 70edb78 fix(deps): update dependency semver to v7 ([Snyk] Security upgrade actionpack from 4.2.5 to 6.1.7.3 #800)
• 7421783 chore(deps): update dependency @ types/estree to v0.0.40 ([Snyk] Upgrade grpc from 1.22.2 to 1.24.11 #796)
• 35589fb fix(deps): pin TypeScript below 3.7.0
• 00ed081 chore: update license headers
• a8e9183 chore: release 4.2.0 ([Snyk] Security upgrade actionpack from 4.2.5 to 4.2.5 #791)
• 8b50f38 feat: improve experience when multiple files match a breakpoint location ([Snyk] Fix for 1 vulnerabilities #784)
• 56fe969 test: make install tests explicit ([Snyk] Fix for 1 vulnerabilities #789)
• ef036c3 chore: run format on synth ([Snyk] Fix for 1 vulnerabilities #788)
• 94e7255 fix(docs): add jsdoc-region-tag plugin ([Snyk] Fix for 1 vulnerabilities #783)
• a4a6090 chore: add gitattributes to kokoro ([Snyk] Fix for 3 vulnerabilities #786)
• 0a23fa9 chore: release 4.1.0 ([Snyk] Security upgrade actionpack from 4.2.5 to 4.2.11.3 #782)
• bf79ce8 feat: introduce javascriptFileExtensions config parameter. ([Snyk] Fix for 1 vulnerabilities #779)
• 92a56db chore(deps): update dependency typescript to ~3.7.0 ([Snyk] Fix for 3 vulnerabilities #781)

Compare

---

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.

For more information:

🧐 View latest project report

🛠 Adjust upgrade PR settings

🔕 Ignore this dependency or unsubscribe from future upgrade PRs