fix(deps): update dependency @google-cloud/firestore to v6 [security]#129
Open
renovate[bot] wants to merge 1 commit into
Open
fix(deps): update dependency @google-cloud/firestore to v6 [security]#129renovate[bot] wants to merge 1 commit into
renovate[bot] wants to merge 1 commit into
Conversation
renovate
Bot
deleted the
renovate/npm-google-cloud-firestore-vulnerability
branch
September 25, 2024 16:16
renovate
Bot
restored the
renovate/npm-google-cloud-firestore-vulnerability
branch
September 26, 2024 20:22
renovate
Bot
force-pushed
the
renovate/npm-google-cloud-firestore-vulnerability
branch
from
September 26, 2024 20:23
709189b to
53089a8
Compare
renovate
Bot
force-pushed
the
renovate/npm-google-cloud-firestore-vulnerability
branch
from
August 10, 2025 15:44
53089a8 to
a317a26
Compare
renovate
Bot
force-pushed
the
renovate/npm-google-cloud-firestore-vulnerability
branch
from
August 19, 2025 11:45
a317a26 to
b4c7ed7
Compare
renovate
Bot
force-pushed
the
renovate/npm-google-cloud-firestore-vulnerability
branch
from
September 25, 2025 17:45
b4c7ed7 to
ae08c1b
Compare
renovate
Bot
force-pushed
the
renovate/npm-google-cloud-firestore-vulnerability
branch
from
October 21, 2025 18:38
ae08c1b to
3bcd845
Compare
renovate
Bot
force-pushed
the
renovate/npm-google-cloud-firestore-vulnerability
branch
from
November 11, 2025 02:51
3bcd845 to
95dab0b
Compare
renovate
Bot
force-pushed
the
renovate/npm-google-cloud-firestore-vulnerability
branch
from
December 3, 2025 16:13
95dab0b to
64b08a5
Compare
renovate
Bot
force-pushed
the
renovate/npm-google-cloud-firestore-vulnerability
branch
from
January 19, 2026 17:10
64b08a5 to
5fe253b
Compare
renovate
Bot
force-pushed
the
renovate/npm-google-cloud-firestore-vulnerability
branch
from
February 2, 2026 16:08
5fe253b to
45b8226
Compare
renovate
Bot
force-pushed
the
renovate/npm-google-cloud-firestore-vulnerability
branch
from
February 12, 2026 12:13
45b8226 to
4ba5e4c
Compare
renovate
Bot
force-pushed
the
renovate/npm-google-cloud-firestore-vulnerability
branch
from
March 8, 2026 11:46
4ba5e4c to
1e3b8ae
Compare
renovate
Bot
deleted the
renovate/npm-google-cloud-firestore-vulnerability
branch
March 27, 2026 02:43
renovate
Bot
force-pushed
the
renovate/npm-google-cloud-firestore-vulnerability
branch
3 times, most recently
from
April 1, 2026 22:06
f190a84 to
846bbd4
Compare
renovate
Bot
force-pushed
the
renovate/npm-google-cloud-firestore-vulnerability
branch
from
April 8, 2026 15:40
846bbd4 to
6482db3
Compare
renovate
Bot
force-pushed
the
renovate/npm-google-cloud-firestore-vulnerability
branch
3 times, most recently
from
April 29, 2026 17:00
01a2236 to
2f7e727
Compare
renovate
Bot
force-pushed
the
renovate/npm-google-cloud-firestore-vulnerability
branch
2 times, most recently
from
May 18, 2026 13:55
a6a6be8 to
64780d2
Compare
renovate
Bot
force-pushed
the
renovate/npm-google-cloud-firestore-vulnerability
branch
2 times, most recently
from
June 2, 2026 00:41
a0dc121 to
0b7b4f0
Compare
renovate
Bot
force-pushed
the
renovate/npm-google-cloud-firestore-vulnerability
branch
from
June 11, 2026 10:06
0b7b4f0 to
e330158
Compare
renovate
Bot
force-pushed
the
renovate/npm-google-cloud-firestore-vulnerability
branch
from
July 12, 2026 14:16
e330158 to
50c869b
Compare
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
This PR contains the following updates:
^4.15.1→^6.0.0Logging of the firestore key within nodejs-firestore
CVE-2023-6460 / GHSA-4g6q-77j7-vvjc
More information
Details
A potential logging of the firestore key via logging within nodejs-firestore exists - Developers who were logging objects through this._settings would be logging the firestore key as well potentially exposing it to anyone with logs read access. We recommend upgrading to version 6.1.0 to avoid this issue
Severity
CVSS:3.1/AV:L/AC:H/PR:H/UI:R/S:U/C:H/I:N/A:NReferences
This data is provided by the GitHub Advisory Database (CC-BY 4.0).
Release Notes
googleapis/google-cloud-node (@google-cloud/firestore)
v6.2.0Compare Source
Features
Bug Fixes
v6.0.0Compare Source
⚠ BREAKING CHANGES
Features
Bug Fixes
Build System
5.0.2 (2022-01-07)
Bug Fixes
5.0.1 (2021-12-02)
Bug Fixes
v5.0.2Compare Source
v5.0.1Compare Source
Configuration
📅 Schedule: (UTC)
🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.
♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.
🔕 Ignore: Close this PR and you won't be reminded about this update again.
This PR was generated by Mend Renovate. View the repository job log.