[Snyk] Security upgrade @google-cloud/storage from 1.6.0 to 2.4.3

[DrPaulBrewer]

This PR was automatically created by Snyk using the credentials of a real user.

Snyk has created this PR to fix one or more vulnerable packages in the `npm` dependencies of this project.

Changes included in this PR

• Changes to the following files to upgrade the vulnerable dependencies to a fixed version:
  • package.json
  • package-lock.json

Vulnerabilities that will be fixed

With an upgrade:

Severity	Priority Score (*)	Issue	Breaking Change	Exploit Maturity
	586/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 5.3	Open Redirect SNYK-JS-NODEFORGE-2330875	Yes	Proof of Concept
	529/1000 Why? Has a fix available, CVSS 6.3	Prototype Pollution SNYK-JS-NODEFORGE-2331908	Yes	No Known Exploit
	494/1000 Why? Has a fix available, CVSS 5.6	Improper Verification of Cryptographic Signature SNYK-JS-NODEFORGE-2430337	Yes	No Known Exploit
	579/1000 Why? Has a fix available, CVSS 7.3	Improper Verification of Cryptographic Signature SNYK-JS-NODEFORGE-2430339	Yes	No Known Exploit
	494/1000 Why? Has a fix available, CVSS 5.6	Improper Verification of Cryptographic Signature SNYK-JS-NODEFORGE-2430341	Yes	No Known Exploit
	646/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 6.5	Server-side Request Forgery (SSRF) SNYK-JS-REQUEST-3361831	Yes	Proof of Concept
	646/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 6.5	Prototype Pollution SNYK-JS-TOUGHCOOKIE-5672873	Yes	Proof of Concept

(*) Note that the real score may have changed since the PR was raised.

Commit messages

Package name: @google-cloud/storage

The new version differs by 250 commits.

• f1ef9c6 Release v2.4.3 (#628)
• b80ee22 fix(deps): update dependency @ google-cloud/pubsub to ^0.28.0
• 813ecca tests: fix assertion syntax (#629)
• e24f2d1 fix(deps): update dependency @ google-cloud/paginator to ^0.2.0
• 72a57ab build: Add docuploader credentials to node publish jobs (#624)
• 58d4ea5 fix(deps): update dependency gcs-resumable-upload to v1 (#619)
• 23a3cf0 build: use node10 to run samples-test, system-test etc (#623)
• a5ea8ab fix(deps): update dependency @ google-cloud/pubsub to ^0.27.0 (#620)
• 0a6c134 build: update release configuration
• 5dcb36c fix(deps): update dependency @ google-cloud/pubsub to ^0.26.0 (#618)
• c09f7c2 fix: handle errors from file#createReadStream (#615)
• d10c120 fix(deps): update dependency @ google-cloud/pubsub to ^0.25.0 (#616)
• 1c3bd03 fix: getSigned(Policy|Url) throws if expiration is invalid Date (#614)
• f6acc87 chore(deps): update dependency mocha to v6 (#611)
• c3f3a8e build: use linkinator for docs test (#607)
• 86246f9 docs: update links in contrib guide (#610)
• e29512f fix(deps): update dependency @ google-cloud/promisify to ^0.4.0 (#609)
• e229d60 chore(deps): update dependency @ types/tmp to v0.0.34 (#608)
• 30a2c5d fix(deps): update dependency yargs to v13 (#606)
• 7e32925 build: create docs test npm scripts (#605)
• 4cfa23c build: test using @ grpc/grpc-js in CI (#604)
• 7526624 docs: update contributing path in README (#603)
• c3e1da2 chore: move CONTRIBUTING.md to root (#601)
• 1f8bacf chore: remove console.log in system test (#599)

See the full diff

Check the changes in this PR to ensure they won't cause issues with your project.

---

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information:
🧐 View latest project report

🛠 Adjust project settings

📚 Read more about Snyk's upgrade and patch logic

---

Learn how to fix vulnerabilities with free interactive lessons:

🦉 Open Redirect
🦉 Prototype Pollution
🦉 Server-side Request Forgery (SSRF)