[Snyk] Fix for 1 vulnerabilities

[mrheat]

This PR was automatically created by Snyk using the credentials of a real user.

Snyk has created this PR to fix one or more vulnerable packages in the `npm` dependencies of this project.

Changes included in this PR

• Changes to the following files to upgrade the vulnerable dependencies to a fixed version:
  • package.json

Vulnerabilities that will be fixed

With an upgrade:

Severity	Priority Score (*)	Issue	Breaking Change	Exploit Maturity
	823/1000 Why? Proof of Concept exploit, Recently disclosed, Has a fix available, CVSS 8.6	Prototype Pollution SNYK-JS-PROTOBUFJS-5756498	Yes	Proof of Concept

(*) Note that the real score may have changed since the PR was raised.

Commit messages

Package name: libp2p

The new version differs by 18 commits.

• 7678156 chore: release 0.37.0 (#1178)
• f2fd4e3 docs: add migration guide (#1214)
• 3148060 fix: simplify pnet exports (#1213)
• 4837430 fix: encode enums correctly (#1210)
• da3d19b fix: update interfaces (#1207)
• a15254f fix: update to new interfaces (#1206)
• d16817c fix: emit peer:connect after all (#1171)
• fab4f13 fix: update pubsub interfaces (#1194)
• 5397137 fix: use placeholder dht/pubsub (#1193)
• 1473044 fix: expose getPublicKey (#1188)
• 1b9bab6 chore: update deps (#1190)
• c64a586 chore: update aegir to the latest version (#1186)
• 64bfcee fix: expose metrics and registrar, use dht for peer discovery (#1183)
• cc60cfd fix: add transport manager to exports map and fix docs (#1182)
• 8cca8e4 fix: update deps (#1181)
• 199395d feat: convert to typescript (#1172)
• 3cfe4bb docs: update auto relay example code usage (#1163)
• 6a3e37f chore: update js-interfaces URL in examples/transports README (#1150)

See the full diff

Package name: protobufjs

The new version differs by 72 commits.

• 42e5a9c chore: release master (#1900)
• e66379f fix: do not let setProperty change the prototype (#1899)
• 56b1e64 chore: release master (#1879)
• 8817ee6 fix: type names can be split into multiple tokens (#1877)
• e721d04 chore: release master (#1867)
• 14f0536 fix: do not allow to extend same field twice to prevent the error (#1784)
• 644d588 chore: release master (#1865)
• e42eea4 fix(cli): fix relative path to Google pb files (#1859)
• dce9a2e fix: use bundled filename to fix common pb includes (#1860)
• 64e8936 fix: use ES5 style function syntax (#1830)
• 4489fa7 Revert "fix: error should be thrown (#1817)" (#1864)
• 0099ddc chore: release master (#1852)
• 32f2d6a feat(cli): generate static files at the granularity of proto messages (#1840)
• ea7b9a6 build(deps): bump decode-uri-component from 0.2.0 to 0.2.2 (#1837)
• e7a3489 fix: error should be thrown (#1817)
• 82f55e6 build(deps): bump json5 from 2.2.1 to 2.2.3 (#1848)
• 57fe6f5 chore(deps): update dependency jsdoc to v4 (#1833)
• d026849 chore: release master (#1813)
• 119d90a fix(types): nested object can be a oneof (#1812)
• 67fe592 Update CDN (RawGit EOL) (#1806)
• 6254efb chore: release master (#1804)
• 7c27b5a fix: add import long to the generated .d.ts (#1802)
• 7120e93 fix: generate valid js code for aliased enum values (#1801)
• 48457c4 chore: release master (#1772)

See the full diff

Check the changes in this PR to ensure they won't cause issues with your project.

---

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information:
🧐 View latest project report

🛠 Adjust project settings

📚 Read more about Snyk's upgrade and patch logic

---

Learn how to fix vulnerabilities with free interactive lessons:

🦉 Prototype Pollution