[Snyk] Security upgrade @parse/push-adapter from 4.1.2 to 4.2.0

[skmezanul]

This PR was automatically created by Snyk using the credentials of a real user.

Snyk has created this PR to fix one or more vulnerable packages in the `npm` dependencies of this project.

Changes included in this PR

• Changes to the following files to upgrade the vulnerable dependencies to a fixed version:
  • package.json
  • package-lock.json

Vulnerabilities that will be fixed

With an upgrade:

Severity	Priority Score (*)	Issue	Breaking Change	Exploit Maturity
	534/1000 Why? Has a fix available, CVSS 6.4	Improper Authentication SNYK-JS-JSONWEBTOKEN-3180022	No	No Known Exploit
	539/1000 Why? Has a fix available, CVSS 6.5	Improper Restriction of Security Token Assignment SNYK-JS-JSONWEBTOKEN-3180024	No	No Known Exploit
	554/1000 Why? Has a fix available, CVSS 6.8	Use of a Broken or Risky Cryptographic Algorithm SNYK-JS-JSONWEBTOKEN-3180026	No	No Known Exploit

(*) Note that the real score may have changed since the PR was raised.

Commit messages

Package name: @parse/push-adapter

The new version differs by 5 commits.

• fdf59e7 chore(release): 4.2.0 [skip ci]
• 3b932d1 feat: Upgrade @ parse/node-apn from 5.1.3 to 5.2.1 (Schema mismatch for _Session.expiresAt parse-community/parse-server#220)
• ac13329 chore(release): 4.1.3 [skip ci]
• 598cb84 fix: Validate push notification payload; fixes a security vulnerability in which the adapter can crash Parse Server due to an invalid push notification payload (Adds proper http request to match parse original implementation parse-community/parse-server#217)
• 346781d ci: Fix CI not running due to outdated ubuntu version (Saving anonymous users results in account already exists error parse-community/parse-server#218)

See the full diff

Check the changes in this PR to ensure they won't cause issues with your project.

---

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information:
🧐 View latest project report

🛠 Adjust project settings

📚 Read more about Snyk's upgrade and patch logic

---

Learn how to fix vulnerabilities with free interactive lessons:

🦉 Use of a Broken or Risky Cryptographic Algorithm

[codecov-commenter]

Codecov Report

❗ No coverage uploaded for pull request base (master@656bca6). Click here to learn what that means.
Patch has no changes to coverable lines.

❗ Your organization is not using the GitHub App Integration. As a result you may experience degraded service beginning May 15th. Please install the Github App Integration for your organization. Read more.

Additional details and impacted files

@@            Coverage Diff            @@
##             master      #14   +/-   ##
=========================================
  Coverage          ?   94.31%           
=========================================
  Files             ?      182           
  Lines             ?    14438           
  Branches          ?        0           
=========================================
  Hits              ?    13617           
  Misses            ?      821           
  Partials          ?        0           

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.