search

mafintosh / hyperdb

Distributed scalable database
MIT License
753 stars 75 forks source link

update protocol-buffers to ^4.0.2 #46

Closed kareniel closed 6 years ago

kareniel commented 6 years ago

This pr updates the dependency on protocol-buffers to ^4.0.2

The newest protocol-buffers version doesn't depend on brfs@1.43, which ultimately depends on a vulnerable version of static-eval (@0.2.4) .

ps: There's also a pr on brfs to update it's dependencies.

full depencency graph: hyperdb@2.0.0 › protocol-buffers@3.2.1 › brfs@1.4.3 › static-module@1.5.0 › static-eval@0.2.4

yoshuawuyts commented 6 years ago

@kareniel the tests for the brfs patch are failing, probably need a bit of tweaking (:

yoshuawuyts commented 6 years ago

@kareniel merged & published!

hackergrrl commented 6 years ago

Thanks! hyperdb@2.0.1