search

turkdevops / web.dev

The frontend, backend, and content source code for web.dev
https://web.dev
Other
0 stars 0 forks source link

Bump cacheable-request, firebase-tools and gts #184

Open dependabot[bot] opened 1 year ago

dependabot[bot] commented 1 year ago

Removes cacheable-request. It's no longer used after updating ancestor dependencies cacheable-request, firebase-tools and gts. These dependencies need to be updated together.

Removes cacheable-request

Updates firebase-tools from 9.16.0 to 11.22.0

Release notes

Sourced from firebase-tools's releases.

v11.22.0

  • Refactors Functions Emulator. (#5422)
  • Fixes race condition when discovering functions. (#5444)
  • Added support for Nuxt 2 and Nuxt 3. (#5321)
  • Fixes issue where init firestore was unecessarilly checking for default resource location. (#5230 and #5452)
  • Pass trailingSlash from Next.js config to firebase.json (#5445)
  • Don't use Next.js internal redirects for the backend test (#5445)
  • Fix issue where pnpm support broke for function emulation and deployment. (#5467)
  • Fix bug where .env.local files were not picked up during function emulation. (#5477)

v11.21.0

  • Fix bug where CLI was unable to deploy Firebase Functions in some monorepo setups (#5391)
  • Upgrade Storage Rules Runtime to v1.1.3 to support ternary operators (#5370)
  • Fixes an issue where already deployed functions with the same remote configuration do not get skipped (#5354)
  • App Distribution: Links to new releases are now available. These links help you manage binaries and ensure that testers and other developers have the right release. (#5405)

v11.20.0

  • Fixes a bug in the pubsub emulator by forcing a shutdown if it didn't end cleanly. (#5294)
  • Fixes an issue where dependencies for emulated Extensions would not be installed on Windows - thanks @​stfsy! (#5372)
  • Adds emulator support for Extensions with schedule triggers - thanks @​stsfy! (#5374)
  • Update the Emulator Suite UI to v1.11.2 to capture a set of accessibility improvements. (#5394)
  • Fixes an issue in the Functions emulator where secret values were undefined after hot reload with the --inspect-functions flag. (#5384)
  • Fixes a bug where functions:delete command did not recognize '-' as delimiter. (#5290)
  • Reintroduces an updated Hosting emulator with i18n (#4879) and Windows path (#5133) fixes.

v11.19.0

  • Support for string list typed parameters in functions deployment (#5137)
  • Respect .npmrc in backends spun up for web frameworks (#5235)
  • Remove esbuild dependency, instead bundle Next.js configuration on deploy with NPX (#5336)
  • Add sharp NPM module to Cloud Functions when using Next.js Image Optimization (#5238)
  • Adds user-defined env vars into the functions emulator (#5330).
  • Support Next.js Middleware (#5320)
  • Log the reason for a Cloud Function if needed in Next.js (#5320)
  • Fixed service enablement when installing extensions with v2 functions (#5338)
  • Fix bug where functions:shell command didn't connect to emulators running on other processes. (#5269)
  • Fixed bug with Cross-Service Rules integration for Firestore documents containing nulls (#5342)

v11.18.0

  • Add support for Firestore TTL (#5267)
  • Fix bug where secrets were not loaded when emulating functions with --inpsect-functions. (#4605)
  • Handle Next.js rewrites/redirects/headers incompatible with firebase.json in Cloud Functions (#5212)
  • Filter out Next.js prerendered routes that matches rewrites/redirects/headers rules from SSG content directory (#5212)
  • Warn if a web framework's package.json contains anything other than the framework default build command.
  • Add support for nodejs18 for Cloud Functions for Firebase (#5319)

v11.17.0

  • Fix bug where disabling background triggers did nothing. (#5221)
  • Fix bug in auth emulator where empty string should throw invalid email instead of missing email. (#3898)
  • Fix bug in auth emulator in which createdAt was not set for signInWithIdp new users. (#5203)
  • Add region warning for emulated database functions (#5143)

... (truncated)

Commits


Updates gts from 3.1.0 to 3.1.1

Changelog

Sourced from gts's changelog.

Changelog

4.0.1 (2023-01-09)

Bug Fixes

  • deps: bump json5 from 2.2.1 to 2.2.2 addressing CVE-2022-46175 (2a1fd61)

4.0.0 (2022-07-04)

⚠ BREAKING CHANGES

  • drop support for node.js 10.x (#686)

Features

Bug Fixes

  • deps: update dependency eslint-config-prettier to v8 (#624) (23a4abb)
  • deps: update dependency eslint-plugin-prettier to v4 (#657) (5408bfe)
  • deps: update dependency prettier to ~2.5.0 (#660) (8789fd4)
  • deps: update dependency prettier to ~2.6.0 (#670) (2feba2c)
  • deps: update dependency prettier to ~2.7.0 (#696) (3c677fd)
  • deps: update dependency write-file-atomic to v4 (#687) (f16a3e1)
  • deps: update typescript-eslint monorepo to v5 (#688) (ed2fd0c)
  • deps: upgrade to eslint 8.x (#693) (7ae5c8b)
  • drop update notifier (#706) (cab7704)
  • pin prettier to 2.3.x (#641) (323fb4a)

Build System

Commits


Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) - `@dependabot use these labels` will set the current labels as the default for future PRs for this repo and language - `@dependabot use these reviewers` will set the current reviewers as the default for future PRs for this repo and language - `@dependabot use these assignees` will set the current assignees as the default for future PRs for this repo and language - `@dependabot use this milestone` will set the current milestone as the default for future PRs for this repo and language You can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/turkdevops/web.dev/network/alerts).
guardrails[bot] commented 1 year ago

:warning: We detected 81 security issues in this pull request:

Mode: paranoid | Total findings: 81 | Considered vulnerability: 81

Vulnerable Libraries (81)
Severity | Details ----- | -------- High | [pkg:npm/clean-css@4.2.3@4.2.3](https://github.com/turkdevops/web.dev/blob/74aa6840f9c2c4b319f245270e91337da57aab99/package-lock.json) (t) - **no patch available** Medium | [pkg:npm/mustache@2.3.2@2.3.2](https://github.com/turkdevops/web.dev/blob/74aa6840f9c2c4b319f245270e91337da57aab99/package-lock.json) (t) - **no patch available** N/A | [pkg:npm/shelljs@0.6.1@0.6.1](https://github.com/turkdevops/web.dev/blob/74aa6840f9c2c4b319f245270e91337da57aab99/package-lock.json) (t) upgrade to: *0.8.5* High | [pkg:npm/ansi-regex@3.0.0@3.0.0](https://github.com/turkdevops/web.dev/blob/74aa6840f9c2c4b319f245270e91337da57aab99/package-lock.json) (t) upgrade to: *6.0.1,5.0.1,4.1.1,3.0.1* Medium | [pkg:npm/postcss@7.0.36@7.0.36](https://github.com/turkdevops/web.dev/blob/74aa6840f9c2c4b319f245270e91337da57aab99/package-lock.json) (t) - **no patch available** N/A | [pkg:npm/axios@0.21.1@0.21.1](https://github.com/turkdevops/web.dev/blob/74aa6840f9c2c4b319f245270e91337da57aab99/package-lock.json) (t) - **no patch available** Low | [pkg:npm/node-fetch@2.6.1@2.6.1](https://github.com/turkdevops/web.dev/blob/74aa6840f9c2c4b319f245270e91337da57aab99/package-lock.json) (t) - **no patch available** High | [pkg:npm/terser@4.8.0@4.8.0](https://github.com/turkdevops/web.dev/blob/74aa6840f9c2c4b319f245270e91337da57aab99/package-lock.json) (t) - **no patch available** Medium | [pkg:npm/node-fetch@2.6.7@2.6.7](https://github.com/turkdevops/web.dev/blob/74aa6840f9c2c4b319f245270e91337da57aab99/package-lock.json) (t) - **no patch available** High | [pkg:npm/nth-check@1.0.2@1.0.2](https://github.com/turkdevops/web.dev/blob/74aa6840f9c2c4b319f245270e91337da57aab99/package-lock.json) (t) upgrade to: *2.0.1* High | [pkg:npm/jszip@3.7.0@3.7.0](https://github.com/turkdevops/web.dev/blob/74aa6840f9c2c4b319f245270e91337da57aab99/package-lock.json) (t) - **no patch available** High | [pkg:npm/selenium-webdriver@4.0.0-beta.4@4.0.0-beta.4](https://github.com/turkdevops/web.dev/blob/74aa6840f9c2c4b319f245270e91337da57aab99/package-lock.json) (t) - **no patch available** N/A | [pkg:npm/debug@2.6.9@2.6.9](https://github.com/turkdevops/web.dev/blob/74aa6840f9c2c4b319f245270e91337da57aab99/package-lock.json) (t) upgrade to: *3.1.0* High | [pkg:npm/json-stable-stringify@1.0.1@1.0.1](https://github.com/turkdevops/web.dev/blob/74aa6840f9c2c4b319f245270e91337da57aab99/package-lock.json) (t) - **no patch available** High | [pkg:npm/follow-redirects@1.14.1@1.14.1](https://github.com/turkdevops/web.dev/blob/74aa6840f9c2c4b319f245270e91337da57aab99/package-lock.json) (t) upgrade to: *1.14.7* Critical | [pkg:npm/unset-value@1.0.0@1.0.0](https://github.com/turkdevops/web.dev/blob/74aa6840f9c2c4b319f245270e91337da57aab99/package-lock.json) (t) - **no patch available** Critical | [pkg:npm/front-matter@2.1.2@2.1.2](https://github.com/turkdevops/web.dev/blob/74aa6840f9c2c4b319f245270e91337da57aab99/package-lock.json) (t) - **no patch available** Medium | [pkg:npm/minimist@1.1.3@1.1.3](https://github.com/turkdevops/web.dev/blob/74aa6840f9c2c4b319f245270e91337da57aab99/package-lock.json) (t) upgrade to: *0.2.1,1.2.3* High | [pkg:npm/terser@5.7.1@5.7.1](https://github.com/turkdevops/web.dev/blob/74aa6840f9c2c4b319f245270e91337da57aab99/package-lock.json) (t) - **no patch available** High | [pkg:npm/express@4.18.2@4.18.2](https://github.com/turkdevops/web.dev/blob/74aa6840f9c2c4b319f245270e91337da57aab99/package-lock.json) (t) - **no patch available** High | [pkg:npm/mocha@6.2.3@6.2.3](https://github.com/turkdevops/web.dev/blob/74aa6840f9c2c4b319f245270e91337da57aab99/package-lock.json) (t) - **no patch available** Critical | [pkg:npm/socket.io@4.4.1@4.4.1](https://github.com/turkdevops/web.dev/blob/74aa6840f9c2c4b319f245270e91337da57aab99/package-lock.json) (t) - **no patch available** High | [pkg:npm/http-cache-semantics@4.1.0@4.1.0](https://github.com/turkdevops/web.dev/blob/74aa6840f9c2c4b319f245270e91337da57aab99/package-lock.json) (t) upgrade to: *4.1.1,4.1.1* Medium | [pkg:npm/ua-parser-js@0.7.28@0.7.28](https://github.com/turkdevops/web.dev/blob/74aa6840f9c2c4b319f245270e91337da57aab99/package-lock.json) (t) - **no patch available** High | [pkg:npm/glob-parent@2.0.0@2.0.0](https://github.com/turkdevops/web.dev/blob/74aa6840f9c2c4b319f245270e91337da57aab99/package-lock.json) (t) upgrade to: *5.1.2* High | [pkg:npm/lodash.template@4.5.0@4.5.0](https://github.com/turkdevops/web.dev/blob/74aa6840f9c2c4b319f245270e91337da57aab99/package-lock.json) (t) - **no patch available** Critical | [pkg:npm/socket.io-parser@4.0.4@4.0.4](https://github.com/turkdevops/web.dev/blob/74aa6840f9c2c4b319f245270e91337da57aab99/package-lock.json) (t) upgrade to: *4.0.5,4.2.1* High | [pkg:npm/css-what@4.0.0@4.0.0](https://github.com/turkdevops/web.dev/blob/74aa6840f9c2c4b319f245270e91337da57aab99/package-lock.json) (t) upgrade to: *5.0.1* High | [pkg:npm/minimist@1.2.0@1.2.0](https://github.com/turkdevops/web.dev/blob/74aa6840f9c2c4b319f245270e91337da57aab99/package-lock.json) (t) - **no patch available** Critical | [pkg:npm/lodash@4.17.15@4.17.15](https://github.com/turkdevops/web.dev/blob/74aa6840f9c2c4b319f245270e91337da57aab99/package-lock.json) (t) - **no patch available** N/A | [pkg:npm/engine.io@6.1.3@6.1.3](https://github.com/turkdevops/web.dev/blob/74aa6840f9c2c4b319f245270e91337da57aab99/package-lock.json) (t) upgrade to: *3.6.1,6.2.1* N/A | [pkg:npm/nth-check@2.0.0@2.0.0](https://github.com/turkdevops/web.dev/blob/74aa6840f9c2c4b319f245270e91337da57aab99/package-lock.json) (t) - **no patch available** High | [pkg:npm/minimatch@3.0.4@3.0.4](https://github.com/turkdevops/web.dev/blob/74aa6840f9c2c4b319f245270e91337da57aab99/package-lock.json) (t) upgrade to: *3.0.5* Critical | [pkg:npm/minimist@1.2.5@1.2.5](https://github.com/turkdevops/web.dev/blob/74aa6840f9c2c4b319f245270e91337da57aab99/package-lock.json) (t) upgrade to: *1.2.6* High | [pkg:npm/socket.io-parser@3.3.2@3.3.2](https://github.com/turkdevops/web.dev/blob/74aa6840f9c2c4b319f245270e91337da57aab99/package-lock.json) (t) - **no patch available** Critical | [pkg:npm/uglify-js@3.17.4@3.17.4](https://github.com/turkdevops/web.dev/blob/74aa6840f9c2c4b319f245270e91337da57aab99/package-lock.json) (t) - **no patch available** Critical | [pkg:npm/socket.io@2.4.0@2.4.0](https://github.com/turkdevops/web.dev/blob/74aa6840f9c2c4b319f245270e91337da57aab99/package-lock.json) (t) - **no patch available** Critical | [pkg:npm/json-schema@0.2.3@0.2.3](https://github.com/turkdevops/web.dev/blob/74aa6840f9c2c4b319f245270e91337da57aab99/package-lock.json) (t) upgrade to: *0.4.0* Medium | [pkg:npm/request@2.88.2@2.88.2](https://github.com/turkdevops/web.dev/blob/74aa6840f9c2c4b319f245270e91337da57aab99/package-lock.json) (t) - **no patch available** Medium | [pkg:npm/uglify-js@3.13.10@3.13.10](https://github.com/turkdevops/web.dev/blob/74aa6840f9c2c4b319f245270e91337da57aab99/package-lock.json) (t) - **no patch available** High | [pkg:npm/ansi-regex@4.1.0@4.1.0](https://github.com/turkdevops/web.dev/blob/74aa6840f9c2c4b319f245270e91337da57aab99/package-lock.json) (t) upgrade to: *6.0.1,5.0.1,4.1.1,3.0.1* Critical | [pkg:npm/express@4.17.1@4.17.1](https://github.com/turkdevops/web.dev/blob/74aa6840f9c2c4b319f245270e91337da57aab99/package-lock.json) (t) - **no patch available** Critical | [pkg:npm/set-value@2.0.1@2.0.1](https://github.com/turkdevops/web.dev/blob/74aa6840f9c2c4b319f245270e91337da57aab99/package-lock.json) (t) - **no patch available** Critical | [pkg:npm/loader-utils@1.4.0@1.4.0](https://github.com/turkdevops/web.dev/blob/74aa6840f9c2c4b319f245270e91337da57aab99/package-lock.json) (t) upgrade to: *2.0.3* High | [pkg:npm/selenium-webdriver@4.0.0-beta.1@4.0.0-beta.1](https://github.com/turkdevops/web.dev/blob/74aa6840f9c2c4b319f245270e91337da57aab99/package-lock.json) (t) - **no patch available** High | [pkg:npm/liquidjs@6.4.3@6.4.3](https://github.com/turkdevops/web.dev/blob/74aa6840f9c2c4b319f245270e91337da57aab99/package-lock.json) (t) - **no patch available** N/A | [pkg:npm/qs@6.2.3@6.2.3](https://github.com/turkdevops/web.dev/blob/74aa6840f9c2c4b319f245270e91337da57aab99/package-lock.json) (t) - **no patch available** High | [pkg:npm/braces@1.8.5@1.8.5](https://github.com/turkdevops/web.dev/blob/74aa6840f9c2c4b319f245270e91337da57aab99/package-lock.json) (t) - **no patch available** Medium | [pkg:npm/yargs-parser@5.0.1@5.0.1](https://github.com/turkdevops/web.dev/blob/74aa6840f9c2c4b319f245270e91337da57aab99/package-lock.json) (t) - **no patch available** N/A | [pkg:npm/flat@4.1.1@4.1.1](https://github.com/turkdevops/web.dev/blob/74aa6840f9c2c4b319f245270e91337da57aab99/package-lock.json) (t) upgrade to: *5.0.1* High | [pkg:npm/follow-redirects@1.12.1@1.12.1](https://github.com/turkdevops/web.dev/blob/74aa6840f9c2c4b319f245270e91337da57aab99/package-lock.json) (t) upgrade to: *1.14.7* High | [pkg:npm/remove-markdown@0.3.0@0.3.0](https://github.com/turkdevops/web.dev/blob/74aa6840f9c2c4b319f245270e91337da57aab99/package-lock.json) (t) - **no patch available** Medium | [pkg:npm/postcss@6.0.1@6.0.1](https://github.com/turkdevops/web.dev/blob/74aa6840f9c2c4b319f245270e91337da57aab99/package-lock.json) (t) upgrade to: *8.2.13,7.0.36* Medium | [pkg:npm/postcss@6.0.23@6.0.23](https://github.com/turkdevops/web.dev/blob/74aa6840f9c2c4b319f245270e91337da57aab99/package-lock.json) (t) upgrade to: *8.2.13,7.0.36* Medium | [pkg:npm/eslint@2.13.1@2.13.1](https://github.com/turkdevops/web.dev/blob/74aa6840f9c2c4b319f245270e91337da57aab99/package-lock.json) (t) - **no patch available** High | [pkg:npm/protobufjs@6.11.2@6.11.2](https://github.com/turkdevops/web.dev/blob/74aa6840f9c2c4b319f245270e91337da57aab99/package-lock.json) (t) upgrade to: *6.11.3* Medium | [pkg:npm/istanbul-reports@3.0.2@3.0.2](https://github.com/turkdevops/web.dev/blob/74aa6840f9c2c4b319f245270e91337da57aab99/package-lock.json) (t) - **no patch available** High | [pkg:npm/glob-parent@3.1.0@3.1.0](https://github.com/turkdevops/web.dev/blob/74aa6840f9c2c4b319f245270e91337da57aab99/package-lock.json) (t) upgrade to: *5.1.2* High | [pkg:npm/markdown-it@10.0.0@10.0.0](https://github.com/turkdevops/web.dev/blob/74aa6840f9c2c4b319f245270e91337da57aab99/package-lock.json) (t) - **no patch available** High | [pkg:npm/async@3.2.0@3.2.0](https://github.com/turkdevops/web.dev/blob/74aa6840f9c2c4b319f245270e91337da57aab99/package-lock.json) (t) upgrade to: *3.2.2,2.6.4* High | [pkg:npm/trim@0.0.1@0.0.1](https://github.com/turkdevops/web.dev/blob/74aa6840f9c2c4b319f245270e91337da57aab99/package-lock.json) (t) upgrade to: *0.0.3* High | [pkg:npm/acorn@3.3.0@3.3.0](https://github.com/turkdevops/web.dev/blob/74aa6840f9c2c4b319f245270e91337da57aab99/package-lock.json) (t) - **no patch available** High | [pkg:npm/css-what@3.4.2@3.4.2](https://github.com/turkdevops/web.dev/blob/74aa6840f9c2c4b319f245270e91337da57aab99/package-lock.json) (t) - **no patch available** High | [pkg:npm/luxon@1.28.0@1.28.0](https://github.com/turkdevops/web.dev/blob/74aa6840f9c2c4b319f245270e91337da57aab99/package-lock.json) (t) upgrade to: *1.28.1,2.5.2,3.2.1* High | [pkg:npm/html-minifier@4.0.0@4.0.0](https://github.com/turkdevops/web.dev/blob/74aa6840f9c2c4b319f245270e91337da57aab99/package-lock.json) (t) - **no patch available** Critical | [pkg:npm/socket.io-parser@3.4.1@3.4.1](https://github.com/turkdevops/web.dev/blob/74aa6840f9c2c4b319f245270e91337da57aab99/package-lock.json) (t) upgrade to: *4.0.5,4.2.1* Critical | [pkg:npm/qs@6.5.2@6.5.2](https://github.com/turkdevops/web.dev/blob/74aa6840f9c2c4b319f245270e91337da57aab99/package-lock.json) (t) - **no patch available** High | [pkg:npm/prismjs@1.27.0@1.27.0](https://github.com/turkdevops/web.dev/blob/74aa6840f9c2c4b319f245270e91337da57aab99/package-lock.json) (t) - **no patch available** N/A | [pkg:npm/node-forge@0.10.0@0.10.0](https://github.com/turkdevops/web.dev/blob/74aa6840f9c2c4b319f245270e91337da57aab99/package-lock.json) (t) upgrade to: *1.0.0* N/A | [pkg:npm/decode-uri-component@0.2.0@0.2.0](https://github.com/turkdevops/web.dev/blob/74aa6840f9c2c4b319f245270e91337da57aab99/package-lock.json) (t) - **no patch available** High | [pkg:npm/json5@1.0.1@1.0.1](https://github.com/turkdevops/web.dev/blob/74aa6840f9c2c4b319f245270e91337da57aab99/package-lock.json) (t) upgrade to: *2.2.2* High | [pkg:npm/engine.io@3.5.0@3.5.0](https://github.com/turkdevops/web.dev/blob/74aa6840f9c2c4b319f245270e91337da57aab99/package-lock.json) (t) upgrade to: *4.0.0* High | [pkg:npm/json5@2.2.0@2.2.0](https://github.com/turkdevops/web.dev/blob/74aa6840f9c2c4b319f245270e91337da57aab99/package-lock.json) (t) upgrade to: *2.2.2* Medium | [pkg:npm/ejs@2.7.4@2.7.4](https://github.com/turkdevops/web.dev/blob/74aa6840f9c2c4b319f245270e91337da57aab99/package-lock.json) (t) - **no patch available** Medium | [pkg:npm/ua-parser-js@0.7.31@0.7.31](https://github.com/turkdevops/web.dev/blob/74aa6840f9c2c4b319f245270e91337da57aab99/package-lock.json) (t) - **no patch available** Critical | [pkg:npm/jsonpointer@4.1.0@4.1.0](https://github.com/turkdevops/web.dev/blob/74aa6840f9c2c4b319f245270e91337da57aab99/package-lock.json) (t) - **no patch available** High | [pkg:npm/merge@1.2.1@1.2.1](https://github.com/turkdevops/web.dev/blob/74aa6840f9c2c4b319f245270e91337da57aab99/package-lock.json) (t) upgrade to: *2.1.1* High | [pkg:npm/ansi-regex@5.0.0@5.0.0](https://github.com/turkdevops/web.dev/blob/74aa6840f9c2c4b319f245270e91337da57aab99/package-lock.json) (t) upgrade to: *6.0.1,5.0.1,4.1.1,3.0.1* Critical | [pkg:npm/js-beautify@1.14.0@1.14.0](https://github.com/turkdevops/web.dev/blob/74aa6840f9c2c4b319f245270e91337da57aab99/package-lock.json) (t) - **no patch available** Critical | [pkg:npm/qs@6.7.0@6.7.0](https://github.com/turkdevops/web.dev/blob/74aa6840f9c2c4b319f245270e91337da57aab99/package-lock.json) (t) - **no patch available** N/A | [pkg:npm/ajv@4.11.8@4.11.8](https://github.com/turkdevops/web.dev/blob/74aa6840f9c2c4b319f245270e91337da57aab99/package-lock.json) (t) - **no patch available** More info on how to fix Vulnerable Libraries in [JavaScript](https://docs.guardrails.io/docs/en/vulnerabilities/javascript/using_vulnerable_libraries.html?utm_source=ghpr#).

👉 Go to the dashboard for detailed results.

📥 Happy? Share your feedback with us.