[Snyk] Upgrade azure-storage from 2.10.2 to 2.10.7

[CxsLucyfer]

This PR was automatically created by Snyk using the credentials of a real user.

Snyk has created this PR to upgrade azure-storage from 2.10.2 to 2.10.7.

ℹ️ Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.

---

• The recommended version is 5 versions ahead of your current version.
• The recommended version was released 2 years ago, on 2022-01-04.

The recommended version fixes:

Severity	Issue	PriorityScore (*)	Exploit Maturity
	Arbitrary Code Injection SNYK-JS-UNDERSCORE-1080984	382/1000 Why? Proof of Concept exploit, CVSS 5.5	Proof of Concept
	Regular Expression Denial of Service (ReDoS) SNYK-JS-VALIDATOR-1090599	382/1000 Why? Proof of Concept exploit, CVSS 5.5	Proof of Concept
	Regular Expression Denial of Service (ReDoS) SNYK-JS-VALIDATOR-1090600	382/1000 Why? Proof of Concept exploit, CVSS 5.5	Proof of Concept
	Regular Expression Denial of Service (ReDoS) SNYK-JS-VALIDATOR-1090601	382/1000 Why? Proof of Concept exploit, CVSS 5.5	Proof of Concept
	Regular Expression Denial of Service (ReDoS) SNYK-JS-VALIDATOR-1090602	382/1000 Why? Proof of Concept exploit, CVSS 5.5	Proof of Concept

(*) Note that the real score may have changed since the PR was raised.

Release notes

Package name: azure-storage

• 2.10.7 - 2022-01-04
• 2.10.6 - 2021-12-17
• 2.10.5 - 2021-10-11
• 2.10.4 - 2021-05-20
• 2.10.3 - 2019-04-16
  

  2019.04 Version 2.10.3

  • Fixed callback not being called in _getBlobToLocalFile.
  • Removed retryInfo.retryable check in retrypolicyfilter.js.
  • Removed comment about maxResults.
  • Fixed Travis-CI failed validation.
  • Updated latest links and descriptions to V10 SDK in readme.md.
  • Fixed some errors are thrown in a inner async callback which cannot be caught.
• 2.10.2 - 2018-10-16
  

  2018.10 Version 2.10.2

  ALL

  • Upgrade xmlbuilder to 9.0.7 and extend to 3.0.2 to avoid vulnerabilities.
  • Removed deprecated Buffer constructor calls in favor of static methods Buffer.from and Buffer.alloc.
  • Added JSv10 link and docs.microsoft.com link.
  • Improved documents.

  BLOB

  • Added typescript declarations to listBlobDirectoriesSegmented and listBlobDirectoriesSegmentedWithPrefix.

  FILE

  • Fixed an issue that empty text isn’t supported in createFileFromText.

  TABLE

  • Fixed an issue that uncaught TypeError could be thrown from createTable when request is not sent properly.

from azure-storage GitHub release notes

Commit messages

Package name: azure-storage

• 30a84ff Merge pull request Bump Magick.NET-Q16-AnyCPU from 7.17.0 to 7.21.0 imgbot/Imgbot#711 from EmmaZhu/readme
• 9c91937 Remove details about of the readme to only redirect to latest storage JS SDKs and indicate that the package is deprecated.
• 1f29b33 Merge pull request Bump @babel/core from 7.9.6 to 7.10.5 in /Web imgbot/Imgbot#708 from EmmaZhu/migrationguide
• dc4a53b Add migration guide link into readme.
• a1d23d4 Merge pull request Bump marked from 1.0.0 to 1.1.1 in /Web imgbot/Imgbot#707 from ramya-rao-a/patch-4
• f40c22d Indicate that azure-storage is legacy package
• 2571d0f Merge pull request Bump autoprefixer from 9.7.6 to 9.8.5 in /Web imgbot/Imgbot#705 from EmmaZhu/dependencies
• 3eaa32a Update dependency mark to make it use more recent version automatically.
• 34aabd8 Merge pull request Bump Microsoft.NET.Sdk.Functions from 1.0.24 to 3.0.9 imgbot/Imgbot#706 from ramya-rao-a/patch-2
• 2e530df Bring more attention to the note on newer packages
• ad8472f Merge pull request Bump Microsoft.NET.Sdk.Functions from 1.0.24 to 3.0.8 imgbot/Imgbot#702 from EmmaZhu/master
• ddc7e8b Upgrade json-schema to 0.4.0. fixed an issue where customized retry interval doesn't take effact.
• 7a42c7b Merge pull request Bump autoprefixer from 9.7.6 to 9.8.4 in /Web imgbot/Imgbot#699 from Azure/dependabot/npm_and_yarn/validator-13.7.0
• 5c5f836 Bump validator from 13.6.0 to 13.7.0
• c422631 Merge pull request Bump autoprefixer from 9.7.6 to 9.8.2 in /Web imgbot/Imgbot#695 from EmmaZhu/validator
• cf37807 Update package version to 2.10.5
• 35676b4 Upgrade validator 13.6.0.
• c2656be Merge pull request Bump dotnet/core/sdk from 2.2 to 3.1.301 imgbot/Imgbot#684 from Azure/dependabot/npm_and_yarn/lodash-4.17.21
• d813bde Merge pull request Bump webpack-cli from 3.3.11 to 3.3.12 in /Web imgbot/Imgbot#690 from Azure/dependabot/npm_and_yarn/postcss-7.0.36
• 58c92d1 Bump lodash from 4.17.19 to 4.17.21
• b120cd5 Merge pull request Bump Magick.NET-Q16-AnyCPU from 7.17.0 to 7.20.0 imgbot/Imgbot#692 from Azure/dependabot/npm_and_yarn/path-parse-1.0.7
• 0036af3 Merge pull request Bump Magick.NET-Q16-AnyCPU from 7.17.0 to 7.19.0 imgbot/Imgbot#682 from Azure/dependabot/npm_and_yarn/handlebars-4.7.7
• 92dac84 Merge pull request Bump MSTest.TestFramework from 2.1.1 to 2.1.2 imgbot/Imgbot#681 from Azure/dependabot/npm_and_yarn/grunt-1.3.0
• 9efb7bc Merge pull request Bump @babel/core from 7.9.6 to 7.10.2 in /Web imgbot/Imgbot#674 from Azure/dependabot/npm_and_yarn/elliptic-6.5.4

Compare

---

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.

For more information:

🧐 View latest project report

🛠 Adjust upgrade PR settings

🔕 Ignore this dependency or unsubscribe from future upgrade PRs