[Snyk] Fix for 4 vulnerabilities

[manasouza]

Snyk has created this PR to fix one or more vulnerable packages in the `npm` dependencies of this project.

Changes included in this PR

• Changes to the following files to upgrade the vulnerable dependencies to a fixed version:

  • package.json
  • package-lock.json

• Adding or updating a Snyk policy (.snyk) file; this file is required in order to apply Snyk vulnerability patches. Find out more.

Vulnerabilities that will be fixed

With an upgrade:

Severity	Priority Score (*)	Issue	Breaking Change	Exploit Maturity
	696/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 7.5	Prototype Pollution SNYK-JS-GRPCGRPCJS-1038818	Yes	Proof of Concept
	696/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 7.5	Prototype Pollution SNYK-JS-JSONBIGINT-608659	Yes	Proof of Concept
	686/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 7.3	Prototype Pollution SNYK-JS-NODEFORGE-598677	Yes	Proof of Concept

(*) Note that the real score may have changed since the PR was raised.

Commit messages

Package name: google-spreadsheet

The new version differs by 90 commits.

• 15cbcb4 fix small docs issue
• 30578c2 swap location of readme file and symlink so its within the GH pages publishing source
• 21f97a0 fix test
• 301dfa9 package version bump - 3.0.12
• 626581b fix bug setting background color
• 5c24469 fix addRows offset issue - force google API to start add rows at column A
• b2275eb Merge pull request #380 from mrzmyr/patch-1
• d2fbc5c use symlink for docs readme, add impersonate docs
• 5a5d1be Fix Link to GoogleSpreadsheetCell in README.md
• e5a9e8c Merge branch 'master' of github.com:theoephraim/node-google-spreadsheet
• 505c3e1 Merge pull request #358 from structinfo/feature/serviceAccountImpersonation
• 37084fd add doc.sheetsByTitle getter
• 4ae02d9 bump dependency versions
• 07ff735 Merge pull request #349 from rubenstolk/feature/sheetsByTitle
• 1e30921 short doc for impersonateAs option of useServiceAccountAuth
• c0e4b5f add impersonateAs option for useServiceAccountAuth
• 6dd7cd3 Add sheetsByTitle getter
• 95c3271 Merge branch 'master' of github.com:theoephraim/node-google-spreadsheet
• 15a3619 fix loadCells when using an API key only
• d3516d8 Merge pull request #319 from theoephraim/dependabot/npm_and_yarn/acorn-5.7.4
• 70a1abc Merge pull request #320 from revolunet/patch-1
• 8532ea6 Merge pull request #324 from maximivanov/master
• 53632d0 doc: scroll to page top on navigation
• 0306590 doc: rm getRows side-effect

See the full diff

Package name: googleapis

The new version differs by 130 commits.

• 20409df chore: release 49.0.0 (#2022)
• 7de4e78 chore(deps): update dependency null-loader to v4 (#2044)
• 340f78d chore(deps): update dependency ts-loader to v7 (#2043)
• 254f878 chore: remove unused dev packages (#2042)
• f4eb6e0 chore: update lint ignore files (#2040)
• 0110f3e docs: update readme for drive readme (#2039)
• 73d284b fix(deps): update common and auth (#2038)
• 476b71e test: use discovery docs from fixture (#2037)
• 3a3b61d build: remove unused codecov config (#2034)
• fea414a feat!: regenerate the API (#2028)
• 48a4f05 chore(dep)!: deprecate node 8 (#2021)
• 99ebacf test: the kitchen sink system test sometimes times out (#2020)
• 05090da fix: apache license URL (#468) (#2017)
• d15c656 chore: remove duplicate mocha config (#2016)
• 874edc3 build: update templates (#2013)
• dc16586 build: set AUTOSYNTH_MULTIPLE_COMMITS=true for context aware commits (#2012)
• 741c58b chore: update github actions configuration (#1999)
• 1fe744b chore(deps): update dependency @ types/rimraf to v3 (#1995)
• 5512eb5 chore(deps): update dependency typedoc to ^0.17.0 (#1993)
• 0a4db38 chore: release 48.0.0 (#1979)
• 074f641 fix: allow an empty requestBody to be provided for APIs that support multipart post (#1988)
• 8bcb212 feat!: run the generator (adds: displayvideo, gamesConfiguration, managedidentities, networkmanagement) (#1989)
• 8677588 build(tests): fix coveralls and enable build cop (#1982)
• 0679c78 build: update linkinator config (#1981)

See the full diff

With a Snyk patch:

Severity	Priority Score (*)	Issue	Exploit Maturity
	636/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 6.3	Prototype Pollution SNYK-JS-LODASH-567746	Proof of Concept

(*) Note that the real score may have changed since the PR was raised.

Check the changes in this PR to ensure they won't cause issues with your project.

---

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information: 🧐 View latest project report

🛠 Adjust project settings

📚 Read more about Snyk's upgrade and patch logic

[manasouza]

Should check google-firestore CHANGELOG