From d0ce763a6fddf32169771662cea3932e1d66ba60 Mon Sep 17 00:00:00 2001 From: snyk-bot Date: Fri, 14 Jun 2024 08:01:02 +0000 Subject: [PATCH] fix: src/paymentservice/package.json & src/paymentservice/package-lock.json to reduce vulnerabilities The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-JS-GRPCGRPCJS-7242922 --- src/paymentservice/package-lock.json | 15 ++++++++------- src/paymentservice/package.json | 2 +- 2 files changed, 9 insertions(+), 8 deletions(-) diff --git a/src/paymentservice/package-lock.json b/src/paymentservice/package-lock.json index f280e146a8e..32c7bca3cbb 100644 --- a/src/paymentservice/package-lock.json +++ b/src/paymentservice/package-lock.json @@ -10,7 +10,7 @@ "license": "ISC", "dependencies": { "@google-cloud/profiler": "6.0.0", - "@grpc/grpc-js": "1.9.5", + "@grpc/grpc-js": "^1.9.15", "@grpc/proto-loader": "0.7.10", "@opentelemetry/api": "1.6.0", "@opentelemetry/exporter-otlp-grpc": "0.26.0", @@ -298,9 +298,10 @@ } }, "node_modules/@grpc/grpc-js": { - "version": "1.9.5", - "resolved": "https://registry.npmjs.org/@grpc/grpc-js/-/grpc-js-1.9.5.tgz", - "integrity": "sha512-iouYNlPxRAwZ2XboDT+OfRKHuaKHiqjB5VFYZ0NFrHkbEF+AV3muIUY9olQsp8uxU4VvRCMiRk9ftzFDGb61aw==", + "version": "1.9.15", + "resolved": "https://registry.npmjs.org/@grpc/grpc-js/-/grpc-js-1.9.15.tgz", + "integrity": "sha512-nqE7Hc0AzI+euzUwDAy0aY5hCp10r734gMGRdU+qOPX0XSceI2ULrcXB5U2xSc5VkWwalCj4M7GzCAygZl2KoQ==", + "license": "Apache-2.0", "dependencies": { "@grpc/proto-loader": "^0.7.8", "@types/node": ">=12.12.47" @@ -4042,9 +4043,9 @@ "integrity": "sha512-z1CjRjtQyBOYL+5Qr9DdYIfrdLBe746jRTYfaYU6MeXkqp7UfYs/jX16lFFVzZ7PGEJvqZNqYUEtb1mvDww4pA==" }, "@grpc/grpc-js": { - "version": "1.9.5", - "resolved": "https://registry.npmjs.org/@grpc/grpc-js/-/grpc-js-1.9.5.tgz", - "integrity": "sha512-iouYNlPxRAwZ2XboDT+OfRKHuaKHiqjB5VFYZ0NFrHkbEF+AV3muIUY9olQsp8uxU4VvRCMiRk9ftzFDGb61aw==", + "version": "1.9.15", + "resolved": "https://registry.npmjs.org/@grpc/grpc-js/-/grpc-js-1.9.15.tgz", + "integrity": "sha512-nqE7Hc0AzI+euzUwDAy0aY5hCp10r734gMGRdU+qOPX0XSceI2ULrcXB5U2xSc5VkWwalCj4M7GzCAygZl2KoQ==", "requires": { "@grpc/proto-loader": "^0.7.8", "@types/node": ">=12.12.47" diff --git a/src/paymentservice/package.json b/src/paymentservice/package.json index 8aee74311c6..82e37ed9d5a 100644 --- a/src/paymentservice/package.json +++ b/src/paymentservice/package.json @@ -11,7 +11,7 @@ "license": "ISC", "dependencies": { "@google-cloud/profiler": "6.0.0", - "@grpc/grpc-js": "1.9.5", + "@grpc/grpc-js": "1.9.15", "@grpc/proto-loader": "0.7.10", "@opentelemetry/api": "1.6.0", "@opentelemetry/exporter-otlp-grpc": "0.26.0",