update package.json

[nyo]

updated protobufjs to version 6.8.6 (and above) because of a vulnerability, see this hackerone report

[DoctorMcKay]

You can't just change version numbers like that. Protobuf.js version 6 introduces breaking changes and everything would need to be updated accordingly.

The vulnerability in question is minor in nature due to the fact that we don't parse untrusted proto files, so for now I'm not going to rush it.

[nyo]

well, sorry, i'm new to node.js and I thought it would be a good idea to report it, my bad :expressionless:

[DoctorMcKay]

I appreciate the report, I hadn't heard of the vulnerability and it's always good to look into them.