chore(deps): bump protobufjs

[yasnagat]

Proposed changes (including videos or screenshots)

This PR updates Protobufjs (7.5.5 -> 7.5.6) to address related CVEs.

Issue(s)

SB-995

Steps to test or reproduce

Further comments

Summary by CodeRabbit

• Chores
  • Updated a project dependency to the latest patch version.

[dionisio-bot]

Looks like this PR is ready to merge! 🎉
If you have any trouble, please check the PR guidelines

[changeset-bot]

⚠️ No Changeset found

Latest commit: 05cc7d8

Merging this PR will not cause a version bump for any packages. If these changes should not result in a new version, you're good to go. If these changes should result in a version bump, you need to add a changeset.

This PR includes no changesets

When changesets are added to this PR, you'll see the packages that this PR includes changesets for and the associated semver types

Click here to learn what changesets are, and how to add one.

Click here if you're a maintainer who wants to add a changeset to this PR

[coderabbitai]

No actionable comments were generated in the recent review. 🎉

ℹ️ Recent review info

⚙️ Run configuration

Configuration used: Organization UI

Review profile: CHILL

Plan: Pro

Run ID: f8a4da1c-533e-47fb-9ae8-e958a47310b5

📥 Commits

Reviewing files that changed from the base of the PR and between 0ae9ab0 and 05cc7d8.

⛔ Files ignored due to path filters (1)

• yarn.lock is excluded by !**/yarn.lock, !**/*.lock

📒 Files selected for processing (1)

• package.json

📜 Recent review details

⏰ Context from checks skipped due to timeout of 90000ms. You can increase the timeout in your CodeRabbit configuration to a maximum of 15 minutes (900000ms). (3)

• GitHub Check: 📦 Build Packages
• GitHub Check: CodeQL-Build
• GitHub Check: CodeQL-Build

🔇 Additional comments (1)

package.json (1)

71-71: Update to protobufjs 7.5.6 is appropriate and addresses multiple critical CVEs.

Version 7.5.6 is available on npm and fixes four critical security vulnerabilities (CVE-2026-44290, CVE-2026-44291, CVE-2026-44294, CVE-2026-44289) that affected version 7.5.5 and earlier. The update correctly resolves the stated CVE mitigation objectives.

---

Walkthrough

The protobufjs Yarn resolution is updated from version 7.5.5 to 7.5.6 in package.json, ensuring that the project uses the newer patch version across the dependency tree.

Changes

Protobufjs Dependency Update

Layer / File(s)	Summary
Update protobufjs resolution package.json	The resolutions.protobufjs entry is bumped from 7.5.5 to 7.5.6.

🎯 1 (Trivial) | ⏱️ ~2 minutes

type: chore

🚥 Pre-merge checks | ✅ 5

✅ Passed checks (5 passed)

Check name	Status	Explanation
Description Check	✅ Passed	Check skipped - CodeRabbit’s high-level summary is enabled.
Title check	✅ Passed	The title 'chore(deps): bump protobufjs' directly and accurately reflects the main change: updating the protobufjs dependency version in package.json.
Docstring Coverage	✅ Passed	No functions found in the changed files to evaluate docstring coverage. Skipping docstring coverage check.
Linked Issues check	✅ Passed	Check skipped because no linked issues were found for this pull request.
Out of Scope Changes check	✅ Passed	Check skipped because no linked issues were found for this pull request.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

Warning

Review ran into problems

🔥 Problems

Errors were encountered while retrieving linked issues.

Errors (1)

• SB-995: Request failed with status code 401

Tip

💬 Introducing Slack Agent: The best way for teams to turn conversations into code.

Slack Agent is built on CodeRabbit's deep understanding of your code, so your team can collaborate across the entire SDLC without losing context.

• Generate code and open pull requests
• Plan features and break down work
• Investigate incidents and troubleshoot customer tickets together
• Automate recurring tasks and respond to alerts with triggers
• Summarize progress and report instantly

Built for teams:

• Shared memory across your entire org—no repeating context
• Per-thread sandboxes to safely plan and execute work
• Governance built-in—scoped access, auditability, and budget controls

One agent for your entire SDLC. Right inside Slack.

👉 Get started

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[codecov]

Codecov Report

✅ All modified and coverable lines are covered by tests.
✅ Project coverage is 69.63%. Comparing base (0ae9ab0) to head (05cc7d8).
⚠️ Report is 2 commits behind head on develop.

Additional details and impacted files

@@             Coverage Diff             @@
##           develop   #40520      +/-   ##
===========================================
+ Coverage    69.61%   69.63%   +0.02%     
===========================================
  Files         3324     3324              
  Lines       122651   122651              
  Branches     21864    21837      -27     
===========================================
+ Hits         85381    85412      +31     
+ Misses       33939    33898      -41     
- Partials      3331     3341      +10     

Flag	Coverage Δ
e2e	59.22% <ø> (+0.02%)	⬆️
e2e-api	46.25% <ø> (+0.01%)	⬆️
unit	70.33% <ø> (+0.01%)	⬆️

Flags with carried forward coverage won't be shown. Click here to find out more.

🚀 New features to boost your workflow:

• ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.
• 📦 JS Bundle Analysis: Save yourself from yourself by tracking and limiting bundle sizes in JS merges.

[julio-rocketchat]

/backport 8.4.2

[dionisio-bot]

Pull request #40575 added to Project: "Patch 8.4.2"