[Snyk] Fix for 1 vulnerabilities

[ekmixon]

This PR was automatically created by Snyk using the credentials of a real user.

Snyk has created this PR to fix one or more vulnerable packages in the `npm` dependencies of this project.

Changes included in this PR

• Changes to the following files to upgrade the vulnerable dependencies to a fixed version:
  • src/currencyservice/package.json

Vulnerabilities that will be fixed

With an upgrade:

Severity	Priority Score (*)	Issue	Breaking Change	Exploit Maturity
	823/1000 Why? Proof of Concept exploit, Recently disclosed, Has a fix available, CVSS 8.6	Prototype Pollution SNYK-JS-PROTOBUFJS-5756498	Yes	Proof of Concept

(*) Note that the real score may have changed since the PR was raised.

Commit messages

Package name: @google-cloud/profiler

The new version differs by 94 commits.

• 9bcec9d chore(main): release 5.0.4 (fix: pin terraform providers to specific version GoogleCloudPlatform/cloud-ops-sandbox#864)
• 27f1473 chore(deps): update dependency sinon to v15 (chore(docs): removed $ from sre-recipes README GoogleCloudPlatform/cloud-ops-sandbox#860)
• 01fd87e chore(deps): update dependency js-green-licenses to v4 (feat(terraform): pin terraform version to 1.0 GoogleCloudPlatform/cloud-ops-sandbox#867)
• e414a04 fix(deps): update dependency protobufjs to ~7.2.0 (feat: rebrand hipstershop to Online Boutique GoogleCloudPlatform/cloud-ops-sandbox#868)
• 12fea09 build: have Kokoro grab service account credentials from secret that will be rotated for system tests (chore: release/v0.7.2 GoogleCloudPlatform/cloud-ops-sandbox#866)
• 62d7e4f build: replace wget with pre-installed curl (pin terraform provider versions GoogleCloudPlatform/cloud-ops-sandbox#865)
• 07f69a7 fix: update go installation method (chore: release/v0.7.1 GoogleCloudPlatform/cloud-ops-sandbox#862)
• 3dd65e9 chore(deps): update dependency jsdoc to v4 (feat(terraform): add descriptive id + desc to SLOs GoogleCloudPlatform/cloud-ops-sandbox#858)
• 70457a6 chore(deps): update dependency @ types/node to v18 (feat(terraform): use var instead of static vars + update terraform readme  GoogleCloudPlatform/cloud-ops-sandbox#857)
• f0ef650 chore(main): release 5.0.3 (fix: recipe2 error message GoogleCloudPlatform/cloud-ops-sandbox#853)
• e8e725d fix(deps): update dependency protobufjs to ~7.1.0 (fix: broken website links GoogleCloudPlatform/cloud-ops-sandbox#854)
• 85ddb0f fix: remove pip install statements (#1546) (feat: sre recipes --skip-loadgen flag GoogleCloudPlatform/cloud-ops-sandbox#852)
• f73d713 chore(main): release 5.0.2 (add --skip-loadgenerator flag to sre-recipes GoogleCloudPlatform/cloud-ops-sandbox#850)
• 5536eac fix(deps): update dependency protobufjs to v7 (sre recipe2 error message GoogleCloudPlatform/cloud-ops-sandbox#849)
• 2422047 chore(deps): update dependency linkinator to v4 (chore: update website version number GoogleCloudPlatform/cloud-ops-sandbox#846)
• bb8ecfa chore(main): release 5.0.1 (fix make-release pipeline GoogleCloudPlatform/cloud-ops-sandbox#848)
• 6d9a5ca test: test npm install fix (chore: release/v0.7.1 GoogleCloudPlatform/cloud-ops-sandbox#847)
• 3249ea1 chore: do not specify @ google-cloud/profiler in test package.json (chore: add SECURITY.md GoogleCloudPlatform/cloud-ops-sandbox#845)
• be24c78 chore(main): release 5.0.0 ([Policy Bot] found one or more issues with this repository. GoogleCloudPlatform/cloud-ops-sandbox#839)
• 1af6b0f fix(deps): update dependency @ google-cloud/common to v4 (chore: add policy documents GoogleCloudPlatform/cloud-ops-sandbox#843)
• 1120298 fix(deps): update dependency @ google-cloud/logging-min to v10 (Add tests to make sure services are healthy GoogleCloudPlatform/cloud-ops-sandbox#838)
• 555ec2a chore(deps): update dependency jsdoc-region-tag to v2 (feat: add repo to Cloud Source Repositories GoogleCloudPlatform/cloud-ops-sandbox#842)
• bc8a3b1 chore(deps): update dependency jsdoc-fresh to v2 (chore: add SECURITY.md GoogleCloudPlatform/cloud-ops-sandbox#841)
• 07221ef build!: update library to use Node 12 (Run Terraform fmt and Terraform validate as part CICD  GoogleCloudPlatform/cloud-ops-sandbox#835)

See the full diff

Check the changes in this PR to ensure they won't cause issues with your project.

---

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information:
🧐 View latest project report

🛠 Adjust project settings

📚 Read more about Snyk's upgrade and patch logic

---

Learn how to fix vulnerabilities with free interactive lessons:

🦉 Prototype Pollution

[secure-code-warrior-for-github]

Micro-Learning Topic: Prototype pollution (Detected by phrase)

Matched on "Prototype Pollution"

What is this? (2min video)

By adding or modifying attributes of an object prototype, it is possible to create attributes that exist on every object, or replace critical attributes with malicious ones. This can be problematic if the software depends on existence or non-existence of certain attributes, or uses pre-defined attributes of object prototype (such as hasOwnProperty, toString or valueOf).

Try a challenge in Secure Code Warrior