◐ Shell
clean mode source ↗

chore(deps): bump protobufjs from 7.5.4 to 7.5.8 in /ui by dependabot[bot] · Pull Request #6426 · feast-dev/feast

dependabot

Conversation

@dependabot

@dependabot dependabot Bot commented on behalf of github

May 21, 2026

edited

Loading

Copy link Copy Markdown

Contributor

Bumps protobufjs from 7.5.4 to 7.5.8.

Release notes

Sourced from protobufjs's releases.

protobufjs: v7.5.8

7.5.8 (2026-05-12)

Bug Fixes

protobufjs: v7.5.7

7.5.7 (2026-05-09)

Bug Fixes

protobufjs: v7.5.6

7.5.6 (2026-04-27)

Bug Fixes

  • Backport input hardening and CLI fixes to 7.x (#2173) (75392ea)

v7.5.5

This release backports two reported security issues to 7.x branch.

  • fix: do not allow setting __proto__ in Message constructor (#2126)
  • fix: filter invalid characters from the type name (#2127)

Full Changelog: protobufjs/protobuf.js@protobufjs-v7.5.4...protobufjs-v7.5.5

Changelog

Sourced from protobufjs's changelog.

7.5.8 (2026-05-12)

Bug Fixes

7.5.7 (2026-05-09)

Bug Fixes

7.5.6 (2026-04-27)

Bug Fixes

  • Backport input hardening and CLI fixes to 7.x (#2173) (75392ea)
Commits
Maintainer changes

This version was pushed to npm by GitHub Actions, a new releaser for protobufjs since your current version.

@dependabot dependabot Bot added dependencies

Pull requests that update a dependency file

javascript

Pull requests that update Javascript code

labels

May 21, 2026

@dependabot dependabot Bot requested a review from a team as a code owner

May 21, 2026 07:02

@dependabot dependabot Bot added dependencies

Pull requests that update a dependency file

javascript

Pull requests that update Javascript code

labels

May 21, 2026 
Bumps [protobufjs](https://github.com/protobufjs/protobuf.js) from 7.5.4 to 7.5.8.
- [Release notes](https://github.com/protobufjs/protobuf.js/releases)
- [Changelog](https://github.com/protobufjs/protobuf.js/blob/protobufjs-v7.5.8/CHANGELOG.md)
- [Commits](protobufjs/protobuf.js@protobufjs-v7.5.4...protobufjs-v7.5.8)

---
updated-dependencies:
- dependency-name: protobufjs
  dependency-version: 7.5.8
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>

@dependabot dependabot Bot changed the title chore(deps): Bump protobufjs from 7.5.4 to 7.5.8 in /ui chore(deps): bump protobufjs from 7.5.4 to 7.5.8 in /ui

Jun 8, 2026

@dependabot dependabot Bot force-pushed the dependabot/npm_and_yarn/ui/protobufjs-7.5.8 branch from 864794d to 7149c17 Compare

June 8, 2026 16:32

@dependabot @github

dependabot Bot commented on behalf of github

Jun 15, 2026

Copy link Copy Markdown

Contributor Author

Superseded by #6523.

@dependabot dependabot Bot closed this

Jun 15, 2026

@dependabot dependabot Bot deleted the dependabot/npm_and_yarn/ui/protobufjs-7.5.8 branch

June 15, 2026 18:19

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

dependencies

Pull requests that update a dependency file

javascript

Pull requests that update Javascript code

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

0 participants