[Snyk] Security upgrade @google-cloud/profiler from 2.0.2 to 4.1.2

[tsmithv11]

This PR was automatically created by Snyk using the credentials of a real user.

Snyk has created this PR to fix one or more vulnerable packages in the `npm` dependencies of this project.

Changes included in this PR

• Changes to the following files to upgrade the vulnerable dependencies to a fixed version:
  • src/paymentservice/package.json
  • src/paymentservice/package-lock.json

Vulnerabilities that will be fixed

With an upgrade:

Severity	Priority Score (*)	Issue	Breaking Change	Exploit Maturity
	731/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 8.2	Prototype Pollution SNYK-JS-PROTOBUFJS-2441248	Yes	Proof of Concept

(*) Note that the real score may have changed since the PR was raised.

Commit messages

Package name: @google-cloud/profiler

The new version differs by 162 commits.

• df22483 chore: release 4.1.2 (chore(deps): update dependency google-api-python-client to v1.12.10 GoogleCloudPlatform/microservices-demo#734)
• 33abbeb fix(deps): update dependency protobufjs to ~6.11.0 (chore(deps): update dependency golang to v1.17.7 GoogleCloudPlatform/microservices-demo#733)
• bb51a1a chore: add SECURITY.md (chore(deps): update dependency cachetools to v4.2.4 pt2 GoogleCloudPlatform/microservices-demo#730)
• ba96e49 fix(deps): update dependency pprof to v3.1.0 (chore(deps): update dependency charset-normalizer to v2.0.12 GoogleCloudPlatform/microservices-demo#731)
• 1086dd5 build: warn uses when they edit auto-generated files (chore(deps): update dependency flask to v1.1.4 GoogleCloudPlatform/microservices-demo#732)
• aaf1e6c chore: regenerate common templates (Dependency Dashboard GoogleCloudPlatform/microservices-demo#728)
• d372427 chore(deps): update dependency sinon to v10 (chore(deps): pin dependency semistandard to 16.0.1 GoogleCloudPlatform/microservices-demo#726)
• 31dbceb chore: release 4.1.1 (Updated to protobuf==3.15.0 in src/emailservices/requirements.in & src/recommendation/requirements.in GoogleCloudPlatform/microservices-demo#723)
• fcd1239 fix(deps): update dependency parse-duration to v1 (Enable dependabot to use pip-compile by default GoogleCloudPlatform/microservices-demo#725)
• 98d43e1 fix(deps): update dependency delay to v5 (Adservice not serving ads when deployed outside of GKE GoogleCloudPlatform/microservices-demo#722)
• fc75f6b chore: update CODEOWNERS config (Broken URL go/microservices-demo GoogleCloudPlatform/microservices-demo#721)
• 765bd5e refactor(nodejs): move build cop to flakybot (Setup ci GoogleCloudPlatform/microservices-demo#719)
• 6087629 chore: switch to the proftest API that logs the VM output per test (trying some bug fix GoogleCloudPlatform/microservices-demo#720)
• 4c9d7d0 chore: make git clone idempotent so that it retries properly (Removed checkout in cleanup workflow GoogleCloudPlatform/microservices-demo#718)
• a52b67a chore(deps): update dependency js-green-licenses to v3 (Decouple release manifests GoogleCloudPlatform/microservices-demo#716)
• 33e19f2 docs: add instructions for authenticating for system tests (cleanup: rsa pin GoogleCloudPlatform/microservices-demo#714)
• 5206e89 docs: spelling correction for "targetting" (Remove pyyaml==6.0 as Direct Dependency GoogleCloudPlatform/microservices-demo#713)
• 9fd4bad build: use standard CI config (Updating httplib2 to 0.19.0 GoogleCloudPlatform/microservices-demo#710)
• 9b1dd71 docs: updated code of conduct (Remove semistandard GoogleCloudPlatform/microservices-demo#712)
• ee57844 chore: release 4.1.0 (Pinning pyyaml to 6.0 for now to get past critical security alert GoogleCloudPlatform/microservices-demo#711)
• 3b8f4ad feat: add support for Node 14 (cleanup: Update ansi-regex, node-forge, & json-schema in currency and payment service GoogleCloudPlatform/microservices-demo#709)
• 51c5f36 build: sync metadata for synthtool
• f3a333d chore: clean up Node.js TOC for cloud-rad (Release v0.3.6 GoogleCloudPlatform/microservices-demo#705)
• 23c9ecf chore(deps): update pprof to v3.0.0 (Bump node-fetch from 2.6.6 to 2.6.7 in /src/currencyservice GoogleCloudPlatform/microservices-demo#708)

See the full diff

Check the changes in this PR to ensure they won't cause issues with your project.

---

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information:
🧐 View latest project report

🛠 Adjust project settings

📚 Read more about Snyk's upgrade and patch logic

---

Learn how to fix vulnerabilities with free interactive lessons:

🦉 Prototype Pollution

[github-actions]

🦙 MegaLinter status: ❌ ERROR

Descriptor	Linter	Files	Fixed	Errors	Elapsed time
❌ COPYPASTE	jscpd	yes		30	3.71s
✅ JSON	eslint-plugin-jsonc	2	0	0	2.31s
✅ JSON	jsonlint	2		0	0.35s
✅ JSON	prettier	2	0	0	0.92s
✅ JSON	v8r	2		0	6.19s
❌ REPOSITORY	checkov	yes		382	20.92s
❌ REPOSITORY	devskim	yes		8	1.43s
✅ REPOSITORY	dustilock	yes		no	5.67s
✅ REPOSITORY	gitleaks	yes		no	2.07s
✅ REPOSITORY	git_diff	yes		no	0.07s
✅ REPOSITORY	secretlint	yes		no	2.1s
✅ REPOSITORY	syft	yes		no	0.78s
❌ REPOSITORY	trivy	yes		1	29.4s
❌ SPELL	cspell	3		7	4.27s
✅ SPELL	misspell	2	0	0	0.12s

See detailed report in MegaLinter reports
Set VALIDATE_ALL_CODEBASE: true in mega-linter.yml to validate all sources, not only the diff

MegaLinter is graciously provided by