Data

Tools

Indexes

Applications

Experiments

Dependabot

An open index of dependabot pull requests across open source projects.

protobufjs

Ecosystem:
npm
Package URL:
pkg:npm/protobufjs
Total PRs:
2,083 Dependabot PRs
Latest PR:
about 8 hours ago
Unique Repositories:
1,524 repositories
Unique Repos (30 days):
232 repositories
Security Advisories
protobufjs: Denial of Service via unbounded recursive JSON descriptor expansion
GHSA-jggg-4jg4-v7c6 CVE-2026-45740 MODERATE published 26 days ago • updated 3 days ago
## Summary protobufjs could recurse without a depth limit while expanding nested JSON descriptors through `Root.fromJSON()` and `Namespace.addJSON...
Arbitrary code execution in protobufjs
GHSA-xq3m-2v4x-88gg CVE-2026-41242 CRITICAL published about 2 months ago • updated 2 days ago
## Summary protobufjs could execute generated JavaScript code derived from protobuf schema metadata. When loading a crafted JSON descriptor, schem...
protobuf.js: Prototype injection in generated message constructors
GHSA-fx83-v9x8-x52w CVE-2026-44292 MODERATE published about 1 month ago • updated 2 days ago
## Summary protobufjs generated message constructors copied enumerable properties from a provided properties object without filtering the `__proto...
protobuf.js: Denial of service through unbounded protobuf recursion
GHSA-685m-2w69-288q CVE-2026-44289 HIGH published about 1 month ago • updated 2 days ago
## Summary protobufjs could recurse without a depth limit while decoding nested protobuf data. This affected both skipping unknown group fields an...
protobufjs has overlong UTF-8 decoding
GHSA-q6x5-8v7m-xcrf CVE-2026-44288 MODERATE published about 1 month ago • updated 2 days ago
## Summary protobufjs includes a minimal UTF-8 decoder used in non-Node and fallback decoding paths. The affected decoder accepted overlong UTF-8 ...
View all 12 advisories
Recent PRs
RSS Feed
Bump protobufjs from 7.3.2 to 7.6.4 in /flashcard-saas

aduuuna/AI-FlashCard-Stripe #2

7.3.2 → 7.6.4 Minor PR
Open about 8 hours ago 1 comment
aduuuna
chore(deps): bump the npm_and_yarn group across 12 directories with 20 updates

Dev-moe-kyawaung/firebase-tools #8

7.5.4 → 7.6.4 Minor PR
Open about 19 hours ago 3 comments
Dev-moe-kyawaung
chore(deps): bump protobufjs from 7.5.4 to 7.6.4 in /python/agents/retail-ai-location-strategy/app/frontend

jgeofil/adk-samples #177

7.5.4 → 7.6.4 Minor PR
Open 1 day ago 1 comment
jgeofil
Bump the npm_and_yarn group across 1 directory with 15 updates

HarleyCoops/chroma #13

7.5.4 → 7.6.4 Minor PR
Open 1 day ago 2 comments
HarleyCoops
chore(deps): bump protobufjs from 7.6.2 to 7.6.4

yagudaev/voiceclaw #481

7.6.2 → 7.6.4 Patch PR
Open 2 days ago 1 comment
yagudaev
build(deps): Bump the npm_and_yarn group across 1 directory with 8 updates

Dev-moe-kyawaung/Lens-lite #1

7.5.4 → 7.6.4 Minor PR
Open 2 days ago 3 comments
Dev-moe-kyawaung
Bump the npm_and_yarn group across 8 directories with 16 updates

dporkka/budibase #16

7.5.4 → 7.6.4 Minor PR
Closed 2 days ago 1 comment
dporkka
chore(deps): bump the npm_and_yarn group across 4 directories with 7 updates

sanjeed5/hermes-agent #12

7.5.6 → 7.6.4 Minor PR
Open 2 days ago 2 comments
sanjeed5
Bump the npm_and_yarn group across 2 directories with 8 updates

mitanshu-bhasin/imgnodus.com #2

7.5.4 → 7.6.4 Minor PR
Open 2 days ago 2 comments
mitanshu-bhasin
Bump the npm_and_yarn group across 11 directories with 5 updates

quazfenton/binG #131

7.5.4 → 7.6.4 Minor PR
Open 2 days ago 10 comments
quazfenton
chore(deps):(deps): bump protobufjs from 7.5.5 to 7.6.4

Universal-Standard/PROJECT-SWARM #114

7.5.5 → 7.6.4 Minor PR
Open 2 days ago 4 comments
Universal-Standard
Chore(deps): Bump the npm_and_yarn group across 7 directories with 12 updates

whitphx/stlite #2059

7.4.0 → 7.6.3 Minor PR
Open 3 days ago 2 comments
whitphx
chore(deps): bump the npm_and_yarn group across 11 directories with 19 updates

Dev-moe-kyawaung/firebase-tools #7

7.5.4 → 7.6.3 Minor PR
Closed 3 days ago 4 comments
Dev-moe-kyawaung
deps(deps): bump protobufjs from 7.5.4 to 7.6.3

cbwinslow/nautalis #98

7.5.4 → 7.6.3 Minor PR
Closed 3 days ago 4 comments
cbwinslow
Bump the npm_and_yarn group across 8 directories with 4 updates

big-jobs/pipecat #42

7.4.0 → 7.6.3 Minor PR
Closed 4 days ago 1 comment
big-jobs
chore(deps): bump protobufjs from 8.4.2 to 8.6.2

bropat/eufy-security-client #912

8.4.2 → 8.6.2 Minor PR
Closed 4 days ago 3 comments
bropat
build(deps): bump protobufjs from 7.5.4 to 8.6.2 in /archive/server_old

iarxii/AI_Codex #67

7.5.4 → 8.6.2 Major PR
Closed 4 days ago 1 comment
iarxii
build(deps-dev): bump protobufjs from 8.6.1 to 8.6.2

Flexpair/mumbling-mole #333

8.6.1 → 8.6.2 Patch PR
Closed 4 days ago 3 comments
Flexpair
chore(deps): bump the test-versions group across 1 directory with 34 updates

DataDog/dd-trace-js #8855

8.4.0 → 8.6.1 Minor PR
Open 5 days ago 3 comments
DataDog
build(deps): bump protobufjs from 7.5.5 to 7.6.3 in /tools/gcloud-console-server

khill1269/servalsheets #309

7.5.5 → 7.6.3 Minor PR
Open 5 days ago 1 comment
khill1269
chore(deps): bump the npm_and_yarn group across 10 directories with 6 updates

jeremydh911/CRM #87

7.5.3 → 7.6.3 Minor PR
Open 5 days ago 1 comment
jeremydh911
chore(deps): bump protobufjs from 8.0.3 to 8.6.1 in /src/Honua.Embed

honua-io/honua-mobile #283

8.0.3 → 8.6.1 Minor PR
Closed 5 days ago 1 comment
honua-io
chore(deps): bump the npm_and_yarn group across 1 directory with 15 updates

lhy8888/uptime #73

7.2.6 → 7.6.2 Minor PR
Closed 6 days ago 2 comments
lhy8888
chore(deps): bump the npm_and_yarn group across 1 directory with 15 updates

lhy8888/uptime #72

7.2.6 → 7.6.2 Minor PR
Closed 6 days ago 2 comments
lhy8888
build(deps): bump the npm_and_yarn group across 3 directories with 11 updates

GlacierEQ/langfuse #12

7.4.0 → 7.5.8 Minor PR
Open 6 days ago 2 comments
GlacierEQ
chore(deps): bump protobufjs from 7.5.4 to 7.6.2

Coding-with-Thang/skill-learn #94

7.5.4 → 7.6.2 Minor PR
Closed 6 days ago 2 comments
Coding-with-Thang
Bump protobufjs from 7.5.4 to 8.6.1 in /typescript

databricks/zerobus-sdk #352

7.5.4 → 8.6.1 Major PR
Open 6 days ago 1 comment
databricks
chore(deps): bump the npm_and_yarn group across 21 directories with 11 updates

pysol-dev/lain #62

7.5.4 → 7.6.2 Minor PR
Closed 6 days ago 1 comment
pysol-dev
chore(deps): bump the npm_and_yarn group across 7 directories with 6 updates

github/cosmo #40

7.5.0 → 7.5.8 Patch PR
Closed 6 days ago 1 comment
github
chore(deps): bump the npm_and_yarn group across 3 directories with 24 updates

tabrezahmed51/genkit #1

7.4.0 → 7.6.2 Minor PR
Closed 7 days ago 3 comments
tabrezahmed51
chore(deps): bump the test-versions group across 1 directory with 33 updates

DataDog/dd-trace-js #8833

8.4.0 → 8.6.0 Minor PR
Open 7 days ago 3 comments
DataDog
build(deps): bump protobufjs from 7.5.4 to 7.6.2

tasmeaykhatun565-png/Onyx-opthon #1

7.5.4 → 7.6.2 Minor PR
Open 8 days ago 4 comments
tasmeaykhatun565-png
🔒 security: Bump the production-dependencies group across 1 directory with 30 updates

Sheikha-Market/Sheikha-Market #127

7.5.8 → 7.6.2 Minor PR
Open 8 days ago 3 comments
Sheikha-Market
build(deps): bump protobufjs from 8.2.0 to 8.5.0

copystring/ioBroker.roborock #1310

8.2.0 → 8.5.0 Minor PR
Closed 8 days ago 1 comment
copystring
Bump protobufjs from 7.5.4 to 7.6.2

Wahzammo/endless_runner #80

7.5.4 → 7.6.2 Minor PR
Closed 9 days ago 2 comments
Wahzammo
chore(deps): bump protobufjs and firebase-admin in /server

76appu33/appu #18

7.2.4 → 7.6.2 Minor PR
Closed 9 days ago 1 comment
76appu33
build(deps): bump the npm_and_yarn group across 6 directories with 7 updates

dporkka/saas-ship #44

7.2.5 → 7.6.2 Minor PR
Closed 10 days ago 1 comment
dporkka
chore(deps): bump protobufjs from 7.5.4 to 7.6.2 in /python/agents/retail-ai-location-strategy/app/frontend

jgeofil/adk-samples #133

7.5.4 → 7.6.2 Minor PR
Closed 11 days ago 2 comments
jgeofil
chore(deps): bump the npm_and_yarn group across 15 directories with 10 updates

mitanshu-bhasin/explyra #73

7.5.4 → 7.6.2 Minor PR
Open 11 days ago 6 comments
mitanshu-bhasin
chore(deps): Bump protobufjs from 7.5.4 to 7.6.2 in /cursor-projects/DOT-Copilot/backend

Dobeu-tech-eco/DOT-Copilot #123

7.5.4 → 7.6.2 Minor PR
Closed 11 days ago 2 comments
Dobeu-tech-eco
Build(deps): bump the npm-minor-patch group across 1 directory with 8 updates

brianwestphal/hotsheet #25

8.4.2 → 8.5.0 Minor PR
Closed 11 days ago 1 comment
brianwestphal
Bump the npm_and_yarn group across 10 directories with 12 updates

danielbodnar/web-ai-demos #22

7.5.4 → 7.6.2 Minor PR
Open 12 days ago 2 comments
danielbodnar
chore(deps): bump the all group across 1 directory with 36 updates

opendatahub-io/odh-dashboard #7772

7.5.4 → 7.6.0 Minor PR
Open 13 days ago 4 comments
opendatahub-io
chore(deps)(deps): bump the production-dependencies group across 1 directory with 69 updates

LLM-Dev-Ops/forge #75

6.11.4 → 6.11.6 Patch PR
Open 13 days ago 2 comments
LLM-Dev-Ops
chore(deps-dev): bump protobufjs from 7.5.4 to 7.6.2 in /apps/web

Prekzursil/Reframe #189

7.5.4 → 7.6.2 Minor PR
Open 13 days ago 3 comments
Prekzursil
build(deps): bump the npm_and_yarn group across 2 directories with 20 updates

beauNate/happier #3

7.5.4 → 7.6.2 Minor PR
Closed 13 days ago 1 comment
beauNate
Bump the npm_and_yarn group across 5 directories with 12 updates

GlacierEQ/langchainjs #7

7.5.4 → 7.6.2 Minor PR
Open 13 days ago 1 comment
GlacierEQ
chore(deps): bump the npm_and_yarn group across 9 directories with 8 updates

BoundaryML/baml #3626

7.5.4 → 7.5.8 Patch PR
Open 13 days ago 10 comments
BoundaryML
chore(deps): bump the test-versions group across 1 directory with 20 updates

DataDog/dd-trace-js #8737

8.4.0 → 8.4.2 Patch PR
Open 14 days ago 3 comments
DataDog
chore(deps): Bump the frontend-minor-patch group across 1 directory with 16 updates

n-i-3/Realestate-matching #16

8.4.2 → 8.5.0 Minor PR
Open 14 days ago 1 comment
n-i-3
Package Details
Name: protobufjs
Ecosystem: npm
PURL Type: npm
Package URL: pkg:npm/protobufjs
JSON API: View JSON
Security Advisories

12

Active advisories
CRITICAL 2
HIGH 5
MODERATE 5
View All npm Advisories
Package Information
Description:

Protocol Buffers for JavaScript (& TypeScript).

Repository: https://github.com/protobufjs/protobuf.js
Homepage: https://protobufjs.github.io/protobuf.js/
Latest Release: 7.5.3
about 1 year ago
Dependent Repos: 377,915
Dependent Packages: 3,418
Downloads: 101,490,294
Ranking: Top 0.0581% by dependent repos Top 0.0256% by downloads Top 0.0247% by dependent pkgs
PR Status
Open 927 (44.6%)
Merged 96 (4.6%)
Closed 977 (47.0%)
PR Types
Major 139 (6.7%)
Minor 718 (34.5%)
Patch 1,136 (54.6%)
Removal 4 (0.2%)