[Snyk] Security upgrade aegir from 37.12.1 to 42.0.1

[adamlaska]

This PR was automatically created by Snyk using the credentials of a real user.

Snyk has created this PR to fix one or more vulnerable packages in the `npm` dependencies of this project.

Changes included in this PR

• Changes to the following files to upgrade the vulnerable dependencies to a fixed version:
  • packages/ipfs-grpc-protocol/package.json

Vulnerabilities that will be fixed

With an upgrade:

Severity	Priority Score (*)	Issue	Breaking Change	Exploit Maturity
	631/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 6.2	Missing Release of Resource after Effective Lifetime SNYK-JS-INFLIGHT-6095116	Yes	Proof of Concept

(*) Note that the real score may have changed since the PR was raised.

Commit messages

Package name: aegir

The new version differs by 197 commits.

• dd98696 chore(release): 42.0.1 [skip ci]
• 4dde4a3 deps: bump eslint-plugin-jsdoc from 46.10.1 to 48.0.2 (chore: update mfs dep to make interop tests pass ipfs/js-ipfs#1439)
• 313cd61 deps: bump c8 from 8.0.1 to 9.0.0 (Make js-ipfs capable of working with cidv1b32 ipfs/js-ipfs#1440)
• 95493be chore(release): 42.0.0 [skip ci]
• a66384a fix!: check for missing production dependencies (docs: add MFS API ipfs/js-ipfs#1426)
• f8e63d3 chore(release): 41.3.5 [skip ci]
• 57934c9 deps: bump p-queue from 7.4.1 to 8.0.1 (docs: fix libp2p peer discovery modules config key ipfs/js-ipfs#1433)
• 8189645 deps: bump undici from 5.28.2 to 6.2.1 (fix: aegir docs fails if outer function is called pin ipfs/js-ipfs#1429)
• aa3eabe chore(release): 41.3.4 [skip ci]
• e1c4dfc deps: bump lilconfig from 2.1.0 to 3.0.0 (fix: update hlsjs-ipfs-loader version (#1422) ipfs/js-ipfs#1427)
• cfae15f deps(dev): bump @ types/gh-pages from 5.0.1 to 6.1.0 (chore: update fe example dep ipfs/js-ipfs#1431)
• 85abe2a deps: bump uint8arrays from 4.0.10 to 5.0.1 (chore: fix changelog ipfs/js-ipfs#1428)
• 9869be9 deps: bump p-map from 6.0.0 to 7.0.1 (j s-ipfs runs on the phone but a heavy CPU load, so can it reduce power consumption? ipfs/js-ipfs#1435)
• a6c4b12 chore(release): 41.3.3 [skip ci]
• dbd0690 chore: increase dependabot limit
• 5ea4468 deps: bump playwright-test from 12.6.1 to 14.0.0 (LibP2P code breaks Pubsub when compiled ipfs/js-ipfs#1417)
• 2b061c1 deps: bump @ electron/get from 2.0.3 to 3.0.0 (test: use pin tests ipfs/js-ipfs#1405)
• 3cd2fa0 deps: bump update-notifier from 6.0.2 to 7.0.0 (fix(tests): loosen assertion for bitswap.stat test ipfs/js-ipfs#1404)
• 3ff7bac deps: bump read-pkg-up from 10.1.0 to 11.0.0 (fix: allow put empty block & add X-Stream-Output header on get ipfs/js-ipfs#1408)
• 239307d deps: bump globby from 13.2.2 to 14.0.0 (test: Remove CircleCI ipfs/js-ipfs#1412)
• 5a25c03 chore(release): 41.3.2 [skip ci]
• 705c899 fix: revert CI change
• 0aa7a96 chore(release): 41.3.1 [skip ci]
• f0750cb fix: default to concurrency 1 in ci

See the full diff

Check the changes in this PR to ensure they won't cause issues with your project.

---

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information:
🧐 View latest project report

🛠 Adjust project settings

📚 Read more about Snyk's upgrade and patch logic

---

Learn how to fix vulnerabilities with free interactive lessons:

🦉 Learn about vulnerability in an interactive lesson of Snyk Learn.

[google-cla]

Thanks for your pull request! It looks like this may be your first contribution to a Google open source project. Before we can look at your pull request, you'll need to sign a Contributor License Agreement (CLA).

View this failed invocation of the CLA check for more information.

For the most up to date status, view the checks section at the bottom of the pull request.

[codecov]

Codecov Report

All modified and coverable lines are covered by tests ✅

Comparison is base (8f351a8) 79.04% compared to head (67d5db8) 60.60%.
Report is 18 commits behind head on master.

Additional details and impacted files

@@             Coverage Diff             @@
##           master     #121       +/-   ##
===========================================
- Coverage   79.04%   60.60%   -18.45%     
===========================================
  Files         557        3      -554     
  Lines       36428       99    -36329     
  Branches     2923        4     -2919     
===========================================
- Hits        28795       60    -28735     
+ Misses       7633       39     -7594     

Flag	Coverage Δ
chrome	60.60% <ø> (-8.26%)	⬇️
node	?

Flags with carried forward coverage won't be shown. Click here to find out more.

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

[socket-security]

New dependencies detected. Learn more about Socket for GitHub ↗︎

Packages	Version	New capabilities	Transitives	Size	Publisher
aegir	42.0.1	environment	+285	496 MB	npm-service-account-ipfs