[Snyk] Fix for 1 vulnerabilities

[dexmo007]

This PR was automatically created by Snyk using the credentials of a real user.

Snyk has created this PR to fix one or more vulnerable packages in the `npm` dependencies of this project.

Changes included in this PR

• Changes to the following files to upgrade the vulnerable dependencies to a fixed version:
  • functions/package.json

Vulnerabilities that will be fixed

With an upgrade:

Severity	Priority Score (*)	Issue	Breaking Change	Exploit Maturity
	658/1000 Why? Proof of Concept exploit, Recently disclosed, Has a fix available, CVSS 5.3	Regular Expression Denial of Service (ReDoS) SNYK-JS-SEMVER-3247795	Yes	Proof of Concept

(*) Note that the real score may have changed since the PR was raised.

Commit messages

Package name: @google-cloud/pubsub

The new version differs by 35 commits.

• fc84c65 chore: release 1.1.2 (#777)
• 0bebf9b fix(deps): remove direct dependency on @ grpc/grpc-js (#773)
• 8467228 chore: update CONTRIBUTING.md and make releaseType node (#774)
• 74450f3 chore: release 1.1.1 (#762)
• 3c5199d fix(deps): pin @ grpc/grpc-js to ^0.6.6 (#772)
• 1294ce2 chore: update pull request template (#765)
• 060207a fix: use compatible version of google-gax
• 157a86d fix(docs): explain PubSub.v1 property (#766)
• 00d68d7 chore: update pull request template
• 922fe92 fix: update messaging retry timeout durations (#761)
• 86b763f chore: release 1.1.0 (#756)
• fda95c7 fix(deps): update dependency @ grpc/grpc-js to ^0.6.0 (#759)
• 32aab9f feat: .d.ts for protos (#755)
• 82305de fix(deps): update dependency @ google-cloud/pubsub to v1 (#750)
• fb96943 chore: release 1.0.0 (#749)
• 2ef5850 docs: update README release level to GA (#748)
• 2e90c5b chore!: set release level to GA (#745)
• d7a357c build: switch to releasing with GitHub bot (#746)
• 270b2ba docs(subscription): fix batch options type reference (#744)
• 4653bcf chore: release 0.32.1 (#741)
• 1444916 chore(deps): update dependency google-gax to ^1.5.2 (#740)
• ffe9aca docs: update rpc timeout retry settings (#738)
• 3996bea chore: release 0.32.0 (#729)
• 3840cad fix: pull projectId from auth client with emulator (#731)

See the full diff

Package name: firebase-functions

The new version differs by 44 commits.

• 4fdf9db 3.6.2
• f907d68 Update CHANGELOG.md (#694)
• 9431102 fix: move jsonwebtoken to dev dependencies (#677)
• 8d0a6c2 pin @ types/express version (#686)
• 1bd2736 Fixes to reference doc generation for functions.https (#690)
• b1f9b5a Revise docs for handler namespace (#680)
• 5c18afe Modify return type of DataSnapshot.forEach to `boolean | void` (#666)
• df35c1b fix: onCreate, onUpdate and onDelete receive a DocumentQuerySnapshopt (#670)
• 1dde3db [firebase-release] Removed change log and reset repo after 3.6.1 release
• 1fb57c5 3.6.1
• 2784d5d Update TypeScript dependency to v3.8 to fix build issues (Issue #667) (#668)
• d3e8951 [firebase-release] Removed change log and reset repo after 3.6.0 release
• c9a3a0e 3.6.0
• 95d4a4a Update CHANGELOG.md (#640)
• 7f4c957 Enable users to define async HTTP functions (#651)
• e1df823 Adding testlab event to eventTypes list (#649)
• 468455d Updating docs TOC with Testlab paths. (#643)
• 5250110 Add support for europe-west3 region. (#627)
• 0921c78 [firebase-release] Removed change log and reset repo after 3.5.0 release
• 1ed7345 3.5.0
• 15bf0da Update CHANGELOG (#639)
• df543dc Update dependencies to fix TS build issue (#638)
• 9e05b7f Add entry for maxInstances (#636)
• bf52fa3 add support for maxInstances in RuntimeOptions (#624)

See the full diff

Check the changes in this PR to ensure they won't cause issues with your project.

---

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information:
🧐 View latest project report

🛠 Adjust project settings

📚 Read more about Snyk's upgrade and patch logic

---

Learn how to fix vulnerabilities with free interactive lessons:

🦉 Regular Expression Denial of Service (ReDoS)