Skip to content

Commit 0708887

Browse files
brendan-kellamclaude
brendan-kellam
and
claude
committed
Refresh yarn.lock to bump transitive protobufjs from 7.5.4 to 7.6.2. All requester ranges already allowed this version (^7.x), so only the lockfile changed. Clears the open protobufjs CVE cluster (SOU-1115-1120, SOU-1282, SOU-1283). Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
1 parent 2ad06aa commit 0708887

2 files changed

Lines changed: 29 additions & 27 deletions

File tree

CHANGELOG.md

Lines changed: 3 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -7,6 +7,9 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
77

88
## [Unreleased]
99

10+
### Fixed
11+
- Upgraded `protobufjs` to `^7.6.2` to address security vulnerabilities. [#PR](https://github.com/sourcebot-dev/sourcebot/pull/PR)
12+
1013
## [5.0.1] - 2026-06-04
1114

1215
### Fixed

yarn.lock

Lines changed: 26 additions & 27 deletions
Original file line numberDiff line numberDiff line change
@@ -5469,27 +5469,26 @@ __metadata:
54695469
languageName: node
54705470
linkType: hard
54715471

5472-
"@protobufjs/codegen@npm:^2.0.4":
5473-
version: 2.0.4
5474-
resolution: "@protobufjs/codegen@npm:2.0.4"
5475-
checksum: 10c0/26ae337c5659e41f091606d16465bbcc1df1f37cc1ed462438b1f67be0c1e28dfb2ca9f294f39100c52161aef82edf758c95d6d75650a1ddf31f7ddee1440b43
5472+
"@protobufjs/codegen@npm:^2.0.5":
5473+
version: 2.0.5
5474+
resolution: "@protobufjs/codegen@npm:2.0.5"
5475+
checksum: 10c0/1b8a2ae56ee60a56e9d205cd4b6072a1503c5069b8ebb905710f974ff0098a0d0700641c137e0a8d98dedf14423156a106a9433695cbf52574810f55000fdcab
54765476
languageName: node
54775477
linkType: hard
54785478

5479-
"@protobufjs/eventemitter@npm:^1.1.0":
5480-
version: 1.1.0
5481-
resolution: "@protobufjs/eventemitter@npm:1.1.0"
5482-
checksum: 10c0/1eb0a75180e5206d1033e4138212a8c7089a3d418c6dfa5a6ce42e593a4ae2e5892c4ef7421f38092badba4040ea6a45f0928869989411001d8c1018ea9a6e70
5479+
"@protobufjs/eventemitter@npm:^1.1.1":
5480+
version: 1.1.1
5481+
resolution: "@protobufjs/eventemitter@npm:1.1.1"
5482+
checksum: 10c0/8e06193d4629c5e7c09d4f8c2ddba8fc4dfa739f0149f33a1d901568d35bb7b8b5277a4e8452baf3bdd0b302fd599cf255d193267aa93a0a4747e23cd073c4ac
54835483
languageName: node
54845484
linkType: hard
54855485

5486-
"@protobufjs/fetch@npm:^1.1.0":
5487-
version: 1.1.0
5488-
resolution: "@protobufjs/fetch@npm:1.1.0"
5486+
"@protobufjs/fetch@npm:^1.1.1":
5487+
version: 1.1.1
5488+
resolution: "@protobufjs/fetch@npm:1.1.1"
54895489
dependencies:
54905490
"@protobufjs/aspromise": "npm:^1.1.1"
5491-
"@protobufjs/inquire": "npm:^1.1.0"
5492-
checksum: 10c0/cda6a3dc2d50a182c5865b160f72077aac197046600091dbb005dd0a66db9cce3c5eaed6d470ac8ed49d7bcbeef6ee5f0bc288db5ff9a70cbd003e5909065233
5491+
checksum: 10c0/a497ff5433854e8577f0427983ea39b9113b49a8120f94515291d763327061d2c3013e60e24ea436d091dafae01a0f6eb1867e3b1616045d96a31d8b3c646ed4
54935492
languageName: node
54945493
linkType: hard
54955494

@@ -5521,10 +5520,10 @@ __metadata:
55215520
languageName: node
55225521
linkType: hard
55235522

5524-
"@protobufjs/utf8@npm:^1.1.0":
5525-
version: 1.1.0
5526-
resolution: "@protobufjs/utf8@npm:1.1.0"
5527-
checksum: 10c0/a3fe31fe3fa29aa3349e2e04ee13dc170cc6af7c23d92ad49e3eeaf79b9766264544d3da824dba93b7855bd6a2982fb40032ef40693da98a136d835752beb487
5523+
"@protobufjs/utf8@npm:^1.1.1":
5524+
version: 1.1.1
5525+
resolution: "@protobufjs/utf8@npm:1.1.1"
5526+
checksum: 10c0/641fc145f00626405e8984b6e90b9edcbcc072ffc82d0647ca3176e09c730b2d022f988e65f011a7a17e2e4d77cde7733643aa10d8ac2bfa30f134dbcad553fd
55285527
languageName: node
55295528
linkType: hard
55305529

@@ -16842,7 +16841,7 @@ __metadata:
1684216841
languageName: node
1684316842
linkType: hard
1684416843

16845-
"long@npm:^5.0.0":
16844+
"long@npm:^5.0.0, long@npm:^5.3.2":
1684616845
version: 5.3.2
1684716846
resolution: "long@npm:5.3.2"
1684816847
checksum: 10c0/7130fe1cbce2dca06734b35b70d380ca3f70271c7f8852c922a7c62c86c4e35f0c39290565eca7133c625908d40e126ac57c02b1b1a4636b9457d77e1e60b981
@@ -19458,22 +19457,22 @@ __metadata:
1945819457
linkType: hard
1945919458

1946019459
"protobufjs@npm:^7.3.0, protobufjs@npm:^7.4.0, protobufjs@npm:^7.5.3, protobufjs@npm:^7.5.4":
19461-
version: 7.5.4
19462-
resolution: "protobufjs@npm:7.5.4"
19460+
version: 7.6.2
19461+
resolution: "protobufjs@npm:7.6.2"
1946319462
dependencies:
1946419463
"@protobufjs/aspromise": "npm:^1.1.2"
1946519464
"@protobufjs/base64": "npm:^1.1.2"
19466-
"@protobufjs/codegen": "npm:^2.0.4"
19467-
"@protobufjs/eventemitter": "npm:^1.1.0"
19468-
"@protobufjs/fetch": "npm:^1.1.0"
19465+
"@protobufjs/codegen": "npm:^2.0.5"
19466+
"@protobufjs/eventemitter": "npm:^1.1.1"
19467+
"@protobufjs/fetch": "npm:^1.1.1"
1946919468
"@protobufjs/float": "npm:^1.0.2"
19470-
"@protobufjs/inquire": "npm:^1.1.0"
19469+
"@protobufjs/inquire": "npm:^1.1.2"
1947119470
"@protobufjs/path": "npm:^1.1.2"
1947219471
"@protobufjs/pool": "npm:^1.1.0"
19473-
"@protobufjs/utf8": "npm:^1.1.0"
19472+
"@protobufjs/utf8": "npm:^1.1.1"
1947419473
"@types/node": "npm:>=13.7.0"
19475-
long: "npm:^5.0.0"
19476-
checksum: 10c0/913b676109ffb3c05d3d31e03a684e569be91f3bba8613da4a683d69d9dba948daa2afd7d2e7944d1aa6c417890c35d9d9a8883c1160affafb0f9670d59ef722
19474+
long: "npm:^5.3.2"
19475+
checksum: 10c0/3c552dfe3cbcfad2d6c312a76cd189cf5be9fb36b203f6292f79c6020d675f7f33d5531ce312441c42ae75deb24ced32760e64fe4aa3d5b3c2295fd67cea270c
1947719476
languageName: node
1947819477
linkType: hard
1947919478

0 commit comments

Comments
 (0)