This PR was automatically created by Snyk using the credentials of a real user.
Snyk has created this PR to upgrade @grpc/proto-loader from 0.6.5 to 0.6.12.
![merge advice](https://app.snyk.io/badges/merge-advice/?package_manager=npm&package_name=@grpc/proto-loader&from_version=0.6.5&to_version=0.6.12&pr_id=9db8d42b-f19e-48f1-8466-18231b7bd871&visibility=true&has_feature_flag=false)
:information_source: Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.
- The recommended version is **7 versions** ahead of your current version.
- The recommended version was released **21 days ago**, on 2022-05-05.
The recommended version fixes:
Severity | Issue | PriorityScore (*) | Exploit Maturity |
:-------------------------:|:-------------------------|-------------------------|:-------------------------
| Prototype Pollution [SNYK-JS-PROTOBUFJS-2441248](https://snyk.io/vuln/SNYK-JS-PROTOBUFJS-2441248) | **589/1000** **Why?** Proof of Concept exploit, Recently disclosed, CVSS 8.2 | Proof of Concept
(*) Note that the real score may have changed since the PR was raised.
Release notes Package name: @grpc/proto-loader
Update the dependency on the long library to version 5 to fix some TypeScript type compatibility issues (#2110)
0.6.9 - 2022-01-05
0.6.8 - 2022-01-04
0.6.7 - 2021-11-16
0.6.6 - 2021-10-18
0.6.5 - 2021-09-13
from @grpc/proto-loader GitHub release notes
**Note:** *You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.*
For more information:
🧐 [View latest project report](https://app.snyk.io/org/bluewallet/project/29c066bc-abce-44d9-b68e-064466e610e7?utm_source=github&utm_medium=referral&page=upgrade-pr)
🛠 [Adjust upgrade PR settings](https://app.snyk.io/org/bluewallet/project/29c066bc-abce-44d9-b68e-064466e610e7/settings/integration?utm_source=github&utm_medium=referral&page=upgrade-pr)
🔕 [Ignore this dependency or unsubscribe from future upgrade PRs](https://app.snyk.io/org/bluewallet/project/29c066bc-abce-44d9-b68e-064466e610e7/settings/integration?pkg=@grpc/proto-loader&utm_source=github&utm_medium=referral&page=upgrade-pr#auto-dep-upgrades)
This PR was automatically created by Snyk using the credentials of a real user.
Snyk has created this PR to upgrade @grpc/proto-loader from 0.6.5 to 0.6.12.
![merge advice](https://app.snyk.io/badges/merge-advice/?package_manager=npm&package_name=@grpc/proto-loader&from_version=0.6.5&to_version=0.6.12&pr_id=9db8d42b-f19e-48f1-8466-18231b7bd871&visibility=true&has_feature_flag=false) :information_source: Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.- The recommended version is **7 versions** ahead of your current version. - The recommended version was released **21 days ago**, on 2022-05-05. The recommended version fixes: Severity | Issue | PriorityScore (*) | Exploit Maturity | :-------------------------:|:-------------------------|-------------------------|:-------------------------
[SNYK-JS-PROTOBUFJS-2441248](https://snyk.io/vuln/SNYK-JS-PROTOBUFJS-2441248) | **589/1000**
**Why?** Proof of Concept exploit, Recently disclosed, CVSS 8.2 | Proof of Concept (*) Note that the real score may have changed since the PR was raised.
Release notes
Package name: @grpc/proto-loader
long
dependency to 4.x (#2114)long
to 4.x or 5.x (#2112)long
library to version 5 to fix some TypeScript type compatibility issues (#2110)**Note:** *You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.* For more information: