Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[Snyk] Upgrade @grpc/grpc-js from 1.7.3 to 1.10.11 #141

Closed
wants to merge 1 commit into from
Closed

[Snyk] Upgrade @grpc/grpc-js from 1.7.3 to 1.10.11 #141

wants to merge 1 commit into from

Conversation

vroldanbet
Copy link
Contributor

snyk-top-banner

Snyk has created this PR to upgrade @grpc/grpc-js from 1.7.3 to 1.10.11.

ℹ️ Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.

  • The recommended version is 51 versions ahead of your current version.

  • The recommended version was released on 22 days ago.

Issues fixed by the recommended upgrade:

Issue Score Exploit Maturity
medium severity Uncontrolled Resource Consumption
SNYK-JS-GRPCGRPCJS-7242922		 65 No Known Exploit
Release notes
Package name: @grpc/grpc-js
  • 1.10.11 - 2024-07-10
  • 1.10.10 - 2024-06-24
  • 1.10.9 - 2024-06-10
  • 1.10.8 - 2024-05-15
  • 1.10.7 - 2024-05-01
  • 1.10.6 - 2024-04-03
  • 1.10.5 - 2024-04-01
  • 1.10.4 - 2024-03-26
  • 1.10.3 - 2024-03-15
  • 1.10.2 - 2024-03-11
  • 1.10.1 - 2024-02-15

    Node changes:

    • Update dependency on node-pre-gyp to version 0.7.0 (#245)

    C core changes:

  • 1.10.0 - 2024-02-06

    C Core Changes

  • 1.9.15 - 2024-06-10
  • 1.9.14 - 2024-01-16
  • 1.9.13 - 2023-12-12
  • 1.9.12 - 2023-11-27
  • 1.9.11 - 2023-11-16
  • 1.9.10 - 2023-11-14
  • 1.9.9 - 2023-10-30
  • 1.9.8 - 2023-10-27
  • 1.9.7 - 2023-10-19
  • 1.9.6 - 2023-10-17
  • 1.9.5 - 2023-10-02
  • 1.9.4 - 2023-09-26
  • 1.9.3 - 2023-09-13
  • 1.9.2 - 2023-08-31
  • 1.9.1 - 2023-08-22
    • Fix usage of Protobuf.js Message type in TypeScript type definitions file (#177)
    • Fix handling of undefined values for optional call arguments (#179)
  • 1.9.0 - 2023-08-01
    • Further improve the error output when failing to load an installed precompiled binary (#175)
    • Fix type definition documentation for KeyCertPair (#171)
    • Fix server segfault on invalid HTTP/2 (grpc/grpc#14199)
    • LB policies request re-resolution without shutting down (grpc/grpc#12829)
    • On server, include receiving HTTP/2 settings in handshake timeout (grpc/grpc#13336)
    • Fix max connection idleness crash (grpc/grpc#14122)
    • Report metadata plugin auth errors with an UNAVAILABLE status instead of UNAUTHENTICATED (grpc/grpc#13363).
  • 1.8.22 - 2024-06-10
  • 1.8.21 - 2023-07-28
  • 1.8.20 - 2023-07-25
  • 1.8.19 - 2023-07-24
  • 1.8.18 - 2023-07-13
  • 1.8.17 - 2023-06-27
  • 1.8.16 - 2023-06-20
  • 1.8.15 - 2023-06-05
  • 1.8.14 - 2023-04-12
  • 1.8.13 - 2023-03-23
  • 1.8.12 - 2023-03-07
  • 1.8.11 - 2023-02-24
  • 1.8.10 - 2023-02-22
  • 1.8.9 - 2023-02-15
  • 1.8.8 - 2023-02-08
  • 1.8.7 - 2023-01-25
  • 1.8.6 - 2023-01-25
  • 1.8.5 - 2023-01-23
  • 1.8.4 - 2023-01-12
    • Add error code name and number to status Error objects for easier debugging. The status details string is now available in the Error object's details field. (#126)
    • Made a build process change that may fix some installation errors
    • Add more informative error for a missing callback to the Server#tryShutdown method (#143)
    • Removed extraneous files from published package
    • Mark some network errors with an UNAVAILABLE status (grpc/grpc#13917)
    • Fix HTTP/2 PING issues (grpc/grpc#13950)
  • 1.8.3 - 2023-01-11
  • 1.8.2 - 2023-01-09
  • 1.8.1 - 2023-01-03
  • 1.8.0 - 2022-12-07
    • Publish precompiled binaries for Alpine Linux
    • Improve the error output when failing to load an installed precompiled binary (#106).
  • 1.7.3 - 2022-10-21
from @grpc/grpc-js GitHub release notes

Important

  • Check the changes in this PR to ensure they won't cause issues with your project.
  • This PR was automatically created by Snyk using the credentials of a real user.
  • Max score is 1000. Note that the real score may have changed since the PR was raised.

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.

For more information:

@snyk-bot
fix: upgrade @grpc/grpc-js from 1.7.3 to 1.10.11
bc418f7 
Snyk has created this PR to upgrade @grpc/grpc-js from 1.7.3 to 1.10.11.

See this package in npm:
@grpc/grpc-js

See this project in Snyk:
https://app.snyk.io/org/authzed/project/9adf7318-b664-4f28-9405-d494eb85f245?utm_source=github&utm_medium=referral&page=upgrade-pr
@vroldanbet vroldanbet requested a review from a team August 1, 2024 06:05
@tstirrat15
Copy link
Contributor

Superseded.

@tstirrat15 tstirrat15 closed this Oct 2, 2024
@github-actions github-actions bot locked and limited conversation to collaborators Oct 2, 2024
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@vroldanbet @tstirrat15 @snyk-bot