Skip to content

Commit 4e96139

Browse files
jeremymengjeremymeng
authored
[engsys] upgrade protobufjs dependencies (Azure#25366)
- `protobufjs` to v7.2.2 - `protobufjs-cli` to v1.1.1 This is to address a security warning about indirect dependency of `taffydb` (https://nvd.nist.gov/vuln/detail/CVE-2019-10790)
1 parent d713489 commit 4e96139

File tree

2 files changed

+46
-44
lines changed

2 files changed

+46
-44
lines changed

common/config/rush/pnpm-lock.yaml

Lines changed: 44 additions & 42 deletions
Some generated files are not rendered by default. Learn more about customizing how changed files appear on GitHub.

sdk/web-pubsub/web-pubsub-client-protobuf/package.json

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -63,7 +63,7 @@
6363
"tslib": "^2.2.0",
6464
"@azure/logger": "^1.0.0",
6565
"@azure/web-pubsub-client": "1.0.0-beta.2",
66-
"protobufjs": "~7.1.2",
66+
"protobufjs": "~7.2.2",
6767
"long": "^5.2.1"
6868
},
6969
"devDependencies": {
@@ -111,7 +111,7 @@
111111
"mock-socket": "^9.1.5",
112112
"util": "^0.12.1",
113113
"@types/ws": "^7.4.5",
114-
"protobufjs-cli": "1.0.2",
114+
"protobufjs-cli": "^1.1.1",
115115
"copyfiles": "2.4.1"
116116
},
117117
"//sampleConfiguration": {

0 commit comments

Comments
 (0)