Bump protobufjs from 7.4.0 to 7.5.5

[dependabot]

Bumps protobufjs from 7.4.0 to 7.5.5.

Release notes

Sourced from protobufjs's releases.

v7.5.5

This release backports two reported security issues to 7.x branch.

• fix: do not allow setting __proto__ in Message constructor (#2126)
• fix: filter invalid characters from the type name (#2127)

Full Changelog: protobufjs/protobuf.js@protobufjs-v7.5.4...protobufjs-v7.5.5

protobufjs: v7.5.4

7.5.4 (2025-08-15)

Bug Fixes

• invalid syntax in descriptor.proto (#2092) (5a3769a)

protobufjs: v7.5.3

7.5.3 (2025-05-28)

Bug Fixes

• descriptor extensions handling post-editions (#2075) (6e255d4)

protobufjs: v7.5.2

7.5.2 (2025-05-14)

Bug Fixes

• ensure that types are always resolved (#2068) (4b51cb2)

protobufjs: v7.5.1

7.5.1 (2025-05-08)

Bug Fixes

• optimize regressions from editions implementations (#2066) (6406d4c)
• reserved field inside group blocks fail parsing (#2058) (56782bf)

protobufjs: v7.5.0

7.5.0 (2025-04-15)

Features

• add Edition 2023 Support (f04ded3)
• add Edition 2023 Support (ac9a3b9)

... (truncated)

Changelog

Sourced from protobufjs's changelog.

Changelog

8.0.3 (2026-04-27)

Bug Fixes

• Accept imports after declarations (#2178) (24651c9)

8.0.2 (2026-04-27)

Bug Fixes

• Accept empty statements in proto definitions (#2176) (a26dd61)
• Correct alternate comment mode line numbers (#2159) (e550cd2)
• Correct ES6 wrapper imports in static-module output (#2151) (88f5a76)
• Don't include [@exports](https://github.com/exports) for enums (#1824) (eb256f0)
• Forward group end tag in lazy decode (#2162) (3a48675)
• Harden input handling (#2163) (6eb3a3b)
• limit depth of recursion in Reader.prototype.skipType (#2143) (0f643d5)
• Parse empty repeated options (#2161) (8c5060f)
• refactor the code to remove subpackages (#2146) (2fe8b09)
• Remove jsdoc includePattern (#2089) (0fead2e)
• Run pbts jsdoc without a shell (#2160) (648b760)
• Support .cjs and .mjs extensions in pbts (#2152) (aef016a)

8.0.1 (2026-03-11)

Bug Fixes

• bump protobufjs dependency version for cli package (#2128) (549b05e)
• correct json syntax in tsconfig.json (#2120) (8065625)
• descriptor: guard oneof index for non-Type parents (#2122) (1cac5cf)
• do not allow setting proto in Message constructor (#2126) (f05e3c3)
• filter invalid characters from the type name (#2127) (535df44)

8.0.0 (2025-12-16)

⚠ BREAKING CHANGES

• add Edition 2024 Support (#2060)

Features

• add Edition 2024 Support (#2060) (53e8492)

7.5.4 (2025-08-15)

... (truncated)

Commits

• b7bdfaf chore: release 7.5.5
• ff7b2af fix: filter invalid characters from the type name (#2127)
• 086b19d fix: do not allow setting proto in Message constructor (#2126)
• 827ff8e chore: release master (#2093)
• 5a3769a fix: invalid syntax in descriptor.proto (#2092)
• f42297b chore: release master (#2076)
• 6e255d4 fix: descriptor extensions handling post-editions (#2075)
• 9467abe chore: release master (#2070)
• 4b51cb2 fix: ensure that types are always resolved (#2068)
• 69cced8 chore: release master (#2067)
• Additional commits viewable in compare view

Maintainer changes

This version was pushed to npm by fenster, a new releaser for protobufjs since your current version.

[dependabot]

Superseded by #13.