Skip to content
New issue

Have a question about this project? # for a free GitHub account to open an issue and contact its maintainers and the community.

#

By clicking “#”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? # to your account

Jump to bottom

[Snyk] Upgrade @grpc/grpc-js from 1.5.4 to 1.12.2 #292

Open
wants to merge 1 commit into
base: main
Choose a base branch
from
Open

[Snyk] Upgrade @grpc/grpc-js from 1.5.4 to 1.12.2 #292

wants to merge 1 commit into from

Conversation

thiswayman
Copy link
Owner

snyk-top-banner

Snyk has created this PR to upgrade @grpc/grpc-js from 1.5.4 to 1.12.2.

ℹ️ Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.

  • The recommended version is 81 versions ahead of your current version.

  • The recommended version was released on a month ago.

Issues fixed by the recommended upgrade:

Issue Score Exploit Maturity
high severity Prototype Pollution
SNYK-JS-PROTOBUFJS-5756498		 559 Proof of Concept
medium severity Uncontrolled Resource Consumption
SNYK-JS-GRPCGRPCJS-7242922		 559 No Known Exploit
Release notes
Package name: @grpc/grpc-js
  • 1.12.2 - 2024-10-09
    • Use util.promisify instead of fs/promises for Node 12 compatibility (#2838)
  • 1.12.1 - 2024-10-08
    • Port bugfixes from 1.11.x into 1.12.x (#2836)
  • 1.12.0 - 2024-10-03
    • Enable dualstack socket support by default in xDS clients (#2832)
  • 1.11.3 - 2024-09-17
    • Ensure the client queries the name resolver again after connections drop while using the round_robin load balancing policy (#2825)
  • 1.11.2 - 2024-09-05
    • Fix client crash on receiving a custom error code (#2801 contributed by @ hastom)
    • Report connection errors more consistently (#2808)
    • Avoid computing the channel constructor trace log when that tracer is not enabled (#2817 contributed by @ ygalbel)
  • 1.11.1 - 2024-07-16
    • Revert a change that used APIs that were not available in early minor versions of Node 14 (#2799 contributed by @ xqin)
  • 1.11.0 - 2024-07-15
    • Add xDS Servers (#2783)
      • Note: this is primarily a foundation for future features. It doesn't actually do much right now.
    • Add support for dualstack socket support in xDS clients (#2665)
  • 1.10.11 - 2024-07-10
    • Fix a bug that caused clients to reconnect unnecessarily while no requests are pending. (#2784)
    • Fix a bug that caused clients to fail to re-establish existing connections while waiting for DNS results (#2784)
    • Fix a bug that caused servers to sometimes not close idle connections depending on timing (#2790)
    • Fix a bug that caused calls to be pending indefinitely while unable to start after a channel is closed (#2791)
  • 1.10.10 - 2024-06-24
  • 1.10.9 - 2024-06-10
  • 1.10.8 - 2024-05-15
  • 1.10.7 - 2024-05-01
  • 1.10.6 - 2024-04-03
  • 1.10.5 - 2024-04-01
  • 1.10.4 - 2024-03-26
  • 1.10.3 - 2024-03-15
  • 1.10.2 - 2024-03-11
  • 1.10.1 - 2024-02-15
  • 1.10.0 - 2024-02-06
  • 1.9.15 - 2024-06-10
  • 1.9.14 - 2024-01-16
  • 1.9.13 - 2023-12-12
  • 1.9.12 - 2023-11-27
  • 1.9.11 - 2023-11-16
  • 1.9.10 - 2023-11-14
  • 1.9.9 - 2023-10-30
  • 1.9.8 - 2023-10-27
  • 1.9.7 - 2023-10-19
  • 1.9.6 - 2023-10-17
  • 1.9.5 - 2023-10-02
  • 1.9.4 - 2023-09-26
  • 1.9.3 - 2023-09-13
  • 1.9.2 - 2023-08-31
  • 1.9.1 - 2023-08-22
  • 1.9.0 - 2023-08-01
  • 1.8.22 - 2024-06-10
  • 1.8.21 - 2023-07-28
  • 1.8.20 - 2023-07-25
  • 1.8.19 - 2023-07-24
  • 1.8.18 - 2023-07-13
  • 1.8.17 - 2023-06-27
  • 1.8.16 - 2023-06-20
  • 1.8.15 - 2023-06-05
  • 1.8.14 - 2023-04-12
  • 1.8.13 - 2023-03-23
  • 1.8.12 - 2023-03-07
  • 1.8.11 - 2023-02-24
  • 1.8.10 - 2023-02-22
  • 1.8.9 - 2023-02-15
  • 1.8.8 - 2023-02-08
  • 1.8.7 - 2023-01-25
  • 1.8.6 - 2023-01-25
  • 1.8.5 - 2023-01-23
  • 1.8.4 - 2023-01-12
  • 1.8.3 - 2023-01-11
  • 1.8.2 - 2023-01-09
  • 1.8.1 - 2023-01-03
  • 1.8.0 - 2022-12-07
  • 1.7.3 - 2022-10-21
  • 1.7.2 - 2022-10-14
  • 1.7.1 - 2022-09-21
  • 1.7.0 - 2022-09-08
  • 1.6.12 - 2022-08-31
  • 1.6.11 - 2022-08-29
  • 1.6.10 - 2022-08-15
  • 1.6.9 - 2022-08-09
  • 1.6.8 - 2022-07-21
  • 1.6.7 - 2022-04-20
  • 1.6.6 - 2022-04-18
  • 1.6.5 - 2022-04-15
  • 1.6.4 - 2022-04-14
  • 1.6.3 - 2022-04-11
  • 1.6.2 - 2022-04-04
  • 1.6.1 - 2022-04-01
  • 1.6.0 - 2022-03-31
  • 1.5.10 - 2022-03-24
  • 1.5.9 - 2022-03-16
  • 1.5.8 - 2022-03-14
  • 1.5.7 - 2022-02-24
  • 1.5.6 - 2022-02-23
  • 1.5.5 - 2022-02-10
  • 1.5.4 - 2022-01-31
from @grpc/grpc-js GitHub release notes

Important

  • Check the changes in this PR to ensure they won't cause issues with your project.
  • This PR was automatically created by Snyk using the credentials of a real user.
  • Max score is 1000. Note that the real score may have changed since the PR was raised.

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.

For more information:

@snyk-bot
fix: upgrade @grpc/grpc-js from 1.5.4 to 1.12.2
a711d4e 
Snyk has created this PR to upgrade @grpc/grpc-js from 1.5.4 to 1.12.2.

See this package in npm:
@grpc/grpc-js

See this project in Snyk:
https://app.snyk.io/org/jwayman/project/43aad472-0f3a-4e57-934e-2cf46df5eef8?utm_source=github&utm_medium=referral&page=upgrade-pr
# for free to join this conversation on GitHub. Already have an account? # to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@thiswayman @snyk-bot