search

BlueWallet / LndHub

Wrapper for Lightning Network Daemon. It provides separate accounts for end-users
http://LndHub.io
MIT License
745 stars 181 forks source link

[Snyk] Upgrade @grpc/grpc-js from 1.3.7 to 1.6.8 #484

Closed snyk-bot closed 1 year ago

snyk-bot commented 1 year ago

Snyk has created this PR to upgrade @grpc/grpc-js from 1.3.7 to 1.6.8.

merge advice :information_source: Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.

Release notes
Package name: @grpc/grpc-js
  • 1.6.8 - 2022-07-21
  • 1.6.7 - 2022-04-20
    • Fix a bug that could cause double DNS requests in the DNS resolver in some rare cases (#2100)
    • Report request failures when a method expecting a unary response receives no messages (#2102)
    • Fix spurious subchannel shutdowns in channels with the grpc.use_local_subchannel_pool option set (#2103)
  • 1.6.6 - 2022-04-18
    • Fail calls immediately when their connection's keepalive ping times out (#2097)
    • Fix a bug that would cause the DNS resolver to keep making DNS requests forever even if it was not needed (#2098)
  • 1.6.5 - 2022-04-15
    • Consistently trigger name resolution when idle (#2095)
  • 1.6.4 - 2022-04-14
    • Ensure that request failures due to name resolution failure are reported consistently (#2092)
  • 1.6.3 - 2022-04-11
    • Disable per-session memory limit by default. (#2084)
    • Track existing ping timeouts even when there are no active requests on a connection (#2087)
    • Add more details to trace logs of keepalive pings (#2085)
    • Fix entity IDs in trace logs when channelz is disabled (#2082)
  • 1.6.2 - 2022-04-04
  • 1.6.1 - 2022-04-01
  • 1.6.0 - 2022-03-31
  • 1.5.10 - 2022-03-24
  • 1.5.9 - 2022-03-16
  • 1.5.8 - 2022-03-14
  • 1.5.7 - 2022-02-24
  • 1.5.6 - 2022-02-23
  • 1.5.5 - 2022-02-10
  • 1.5.4 - 2022-01-31
  • 1.5.3 - 2022-01-20
  • 1.5.2 - 2022-01-19
  • 1.5.1 - 2022-01-14
  • 1.5.0 - 2022-01-06
  • 1.4.6 - 2022-01-04
  • 1.4.5 - 2021-12-16
  • 1.4.4 - 2021-11-08
  • 1.4.3 - 2021-11-05
  • 1.4.2 - 2021-10-26
  • 1.4.1 - 2021-10-13
  • 1.4.0 - 2021-10-13
  • 1.3.8 - 2021-10-12
  • 1.3.7 - 2021-08-09
from @grpc/grpc-js GitHub release notes

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.

For more information:

🧐 View latest project report

🛠 Adjust upgrade PR settings

🔕 Ignore this dependency or unsubscribe from future upgrade PRs

socket-security[bot] commented 1 year ago

Socket Security Report

Dependency issues detected. If you merge this pull request, you will not be alerted to the instances of these issues again.

📜 New install scripts detected

A dependency change in this PR is introducing new install scripts to your install step.

Package Script field Location
protobufjs@7.0.0 (added) postinstall package.json via @grpc/grpc-js@1.6.8, @grpc/proto-loader@0.7.0
Socket.dev scan summary
Issue Status
Did you mean? ✅ no new possible package typos
Install scripts ⚠️ 1 new install script detected
Telemetry ✅ no new telemetry
Troll package ✅ no new troll packages
Malware ✅ no new malware
Native code ✅ no new native modules

Powered by socket.dev