Skip to content

Commit 1da07a6

Browse files
denyeartdenyeart
authored
Update gRPC dependency to address CVE-2024-37168 (#428)
Bump grpc-js to 1.10.9. Bump fabric-protos to 0.2.1. Remove unused proto-loader. Used `rush update` command. Signed-off-by: David Enyeart <[email protected]>
1 parent 86137c5 commit 1da07a6

File tree

2 files changed

+72
-43
lines changed

2 files changed

+72
-43
lines changed

common/config/rush/pnpm-lock.yaml

Lines changed: 70 additions & 40 deletions
Some generated files are not rendered by default. Learn more about customizing how changed files appear on GitHub.

libraries/fabric-shim/package.json

Lines changed: 2 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -54,9 +54,8 @@
5454
},
5555
"dependencies": {
5656
"@fidm/x509": "^1.2.1",
57-
"@grpc/grpc-js": "1.8.15",
58-
"@grpc/proto-loader": "^0.6.6",
59-
"@hyperledger/fabric-protos": "0.1.0-dev.2300102001.1",
57+
"@grpc/grpc-js": "~1.10.9",
58+
"@hyperledger/fabric-protos": "~0.2.1",
6059
"@types/node": "^16.11.1",
6160
"ajv": "^6.12.2",
6261
"fabric-contract-api": "2.5.6",

0 commit comments

Comments
 (0)