chore(deps): resolve protobufjs to versions that don't allow prototype pollution

Because: * Versions of protobufjs <6.11.4 and <7.2.4 are causing security alerts This commit: * Resolve protobufjs version 6 to use v6.11.4 or newer * Resolve protobufjs version 7 to use v7.2.4 or newer * Ran yarn set resolution manually to force yarn.lock update Co-authored-by: Ben Bangert <ben@groovie.org>
2023-09-10 14:20:09 -07:00 · 2023-09-10 14:20:09 -07:00 · 856980609e
--- a/package.json
+++ b/package.json
@ -204,7 +204,7 @@
    "moment:>2.0.0 <3": ">=2.29.4",
    "node-forge": ">=1.3.0",
    "plist": "^3.0.6",
-    "protobufjs:>6.0.0 <7": ">=6.11.3",
+    "protobufjs:>6.0.0 <7": ">=6.11.4",
    "tap/typescript": "^4.5.2",
    "terser:>4.0.0 <5": ">=4.8.1",
    "terser:>5 <6": ">=5.14.2",
--- a/yarn.lock
+++ b/yarn.lock
@ -51260,8 +51260,8 @@ fsevents@~2.1.1:
  linkType: hard

 "protobufjs@npm:6.11.3, protobufjs@npm:^6.10.0, protobufjs@npm:^6.11.2, protobufjs@npm:^6.11.3, protobufjs@npm:^6.8.8":
-  version: 6.11.3
-  resolution: "protobufjs@npm:6.11.3"
+  version: 6.11.4
+  resolution: "protobufjs@npm:6.11.4"
  dependencies:
    "@protobufjs/aspromise": ^1.1.2
    "@protobufjs/base64": ^1.1.2
@ -51279,31 +51279,11 @@ fsevents@~2.1.1:
  bin:
    pbjs: bin/pbjs
    pbts: bin/pbts
-  checksum: 4a6ce1964167e4c45c53fd8a312d7646415c777dd31b4ba346719947b88e61654912326101f927da387d6b6473ab52a7ea4f54d6f15d63b31130ce28e2e15070
+  checksum: b2fc6a01897b016c2a7e43a854ab4a3c57080f61be41e552235436e7a730711b8e89e47cb4ae52f0f065b5ab5d5989fc932f390337ce3a8ccf07203415700850
  languageName: node
  linkType: hard

-"protobufjs@npm:^7.0.0":
-  version: 7.1.2
-  resolution: "protobufjs@npm:7.1.2"
-  dependencies:
-    "@protobufjs/aspromise": ^1.1.2
-    "@protobufjs/base64": ^1.1.2
-    "@protobufjs/codegen": ^2.0.4
-    "@protobufjs/eventemitter": ^1.1.0
-    "@protobufjs/fetch": ^1.1.0
-    "@protobufjs/float": ^1.0.2
-    "@protobufjs/inquire": ^1.1.0
-    "@protobufjs/path": ^1.1.2
-    "@protobufjs/pool": ^1.1.0
-    "@protobufjs/utf8": ^1.1.0
-    "@types/node": ">=13.7.0"
-    long: ^5.0.0
-  checksum: ae41669b1b0372fb1d49f506f2d1f2b0fb3dc3cece85987b17bcb544e4cef7c8d27f480486cdec324146ad0a5d22a327166a7ea864a9b3e49cc3c92a5d3f6500
-  languageName: node
-  linkType: hard
-
-"protobufjs@npm:^7.2.3":
+"protobufjs@npm:^7.0.0, protobufjs@npm:^7.2.3":
  version: 7.2.5
  resolution: "protobufjs@npm:7.2.5"
  dependencies: