[Snyk] Upgrade google-auth-library from 1.4.0 to 1.6.1

[snyk-bot]

Snyk has created this PR to upgrade google-auth-library from 1.4.0 to 1.6.1.

ℹ️ Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.

---

• The recommended version is 3 versions ahead of your current version.
• The recommended version was released 4 years ago, on 2018-06-07.

The recommended version fixes:

Severity	Issue	PriorityScore (*)	Exploit Maturity
	Uninitialized Memory Exposure npm:base64url:20180511	526/1000 Why? Mature exploit, CVSS 7.1	Mature
	Prototype Pollution SNYK-JS-NODEFORGE-598677	526/1000 Why? Mature exploit, CVSS 7.1	Proof of Concept

(*) Note that the real score may have changed since the PR was raised.

Release notes

Package name: google-auth-library

• 1.6.1 - 2018-06-07
  

  This release includes a fix for the issue where --esModuleInterop was required for the TypeScript compiler to pass.

  5a0a9b3 fix: do not use synthetic imports for nodejs core (#382)

• 1.6.0 - 2018-06-07
  

  Greetings folks! This minor release has a few new features! Most of these have been added to help support the migration away from google-auto-auth. Enjoy 🎉

  Features

  8294685 feat: enable custom service account with compute client (#378)
  2472be0 feat: add sign method to JWT (#375)
  c085f14 feat: add a getProjectId method for google-auto-auth compat (#374)

  Fixes

  23fe447 fix: limit situations where we retry (#373)
  1477db8 chore: fix lint task in circle config (#377)
  3f54935 docs: consistent header sizing, small grammar changes (#366)

  Keepin the lights on

  6e88edd chore: upgrade all the dependencies (#372)
  8cdd31a chore(package): update nyc to version 12.0.2 (#376)
  b4d62a0 chore(package): update @ types/sinon to version 5.0.0 (#367)

• 1.5.0 - 2018-05-16
  

  In this release:

  • The redirect_uri and client_id used in the subsequent call to getToken() (and passed to the code exchange endpoint) can now be overridden.
  • The order in which credentials and keyFilename fields in GoogleAuthOptions are read is now swapped if both are present (it will be in the order [credentials, keyFilename]).

  Commits

  1f92e9c fix: read credentials field before keyFilename (#361)
  35ed34b chore: update dependencies (#358)
  4e2c298 chore(package): update @ types/node to version 10.0.3 (#357)
  dd63531 chore(package): update sinon to version 5.0.1 (#356)
  9328fa6 chore: add nodejs 10 to test matrix (#353)
  8a2b53b fix: add generic type to request (#354)
  e40a5ef test: fix possible EXDEV in fs.rename (#350)
  d3e1b15 feat: Allow overrides to getToken that are used with corresponding generateAuthUrl (#349)

• 1.4.0 - 2018-04-06
  Read more

from google-auth-library GitHub release notes

Commit messages

Package name: google-auth-library

• 9923d3f chore: release 1.6.1 (Change last googleapis to google in readme googleapis/google-api-nodejs-client#383)
• 5a0a9b3 fix: do not use synthetic imports for nodejs core (err.toString returned from getToken will throw illegal access exception googleapis/google-api-nodejs-client#382)
• 711109d chore: release 1.6.0 (Change extend util to check hasOwnProperty googleapis/google-api-nodejs-client#380)
• 23fe447 fix: limit situations where we retry (Code breaking while authenticating googleapis/google-api-nodejs-client#373)
• 8294685 feat: enable custom service account with compute client (Possible to insert a spreadsheet with multiple worksheeats? googleapis/google-api-nodejs-client#378)
• 2472be0 feat: add sign method to JWT (Avoid using delete operator googleapis/google-api-nodejs-client#375)
• 1477db8 chore: fix lint task in circle config (Browsable documentation for the API googleapis/google-api-nodejs-client#377)
• c085f14 feat: add a getProjectId method for google-auto-auth compat (Adds usable auth, taking a dependency on the google-auth-library repo. googleapis/google-api-nodejs-client#374)
• 6e88edd chore: upgrade all the dependencies (API key with Storage API returns null googleapis/google-api-nodejs-client#372)
• 8cdd31a chore(package): update nyc to version 12.0.2 (Question about backward compatibility and versioning googleapis/google-api-nodejs-client#376)
• b4d62a0 chore(package): update @ types/sinon to version 5.0.0 (Error in example code [README.md] googleapis/google-api-nodejs-client#367)
• 3f54935 docs: consistent header sizing, small grammar changes (Return list of supported APIs googleapis/google-api-nodejs-client#366)
• ffb378d chore: release 1.5.0 (Sending emails for a service account googleapis/google-api-nodejs-client#362)
• 1f92e9c fix: read credentials field before keyFilename (Handle 500 errors that include an error message. googleapis/google-api-nodejs-client#361)
• 35ed34b chore: update dependencies (Using Service Token for Google Webmaster Tools does provide access googleapis/google-api-nodejs-client#358)
• 4e2c298 chore(package): update @ types/node to version 10.0.3 (Document list api deprecation googleapis/google-api-nodejs-client#357)
• dd63531 chore(package): update sinon to version 5.0.1 (appsactivity.activities.list with jwt auth always returns 400 googleapis/google-api-nodejs-client#356)
• 9328fa6 chore: add nodejs 10 to test matrix ( credentials.expiry_date problem googleapis/google-api-nodejs-client#353)
• 8a2b53b fix: add generic type to request (Added GoogleAuth wrapper to simplify authorization logic. googleapis/google-api-nodejs-client#354)
• e40a5ef test: fix possible EXDEV in fs.rename (OAuth2Client.getToken returns empty error, no token googleapis/google-api-nodejs-client#350)
• d3e1b15 feat: Allow overrides to getToken that are used with corresponding generateAuthUrl (Do not output stuff to console during testing googleapis/google-api-nodejs-client#349)

Compare

---

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.

For more information:

🧐 View latest project report

🛠 Adjust upgrade PR settings

🔕 Ignore this dependency or unsubscribe from future upgrade PRs