vuln prototype pollution in dependency protobufjs

[a1300]

Reproduction:

git clone https://github.com/ChainSafe/js-libp2p-gossipsub
cd js-libp2p-gossipsub

git checkout 89c82f6c06ee29e0b7c84ef4165ba38ff672394c
npm ci

npm audit
# npm audit report

protobufjs  6.10.0 - 7.2.3
Severity: high
protobufjs Prototype Pollution vulnerability - https://github.com/advisories/GHSA-h755-8qp9-cq85
fix available via `npm audit fix --force`
Will install protobufjs@7.2.4, which is a breaking change
node_modules/protobufjs
node_modules/protons-runtime/node_modules/protobufjs

...
...
...

[twoeths]

should be fixed by #318

[syonfox]

node_modules/protobufjs
  @chainsafe/libp2p-gossipsub  >=3.5.0
  Depends on vulnerable versions of protobufjs
  node_modules/@chainsafe/libp2p-gossipsub
    helia  >=1.1.0
    Depends on vulnerable versions of @chainsafe/libp2p-gossipsub
    node_modules/helia

3 high severity vulnerabilities

here is vs 6.??

js-libp2p-gossipsub/package.json

Line 94 in 83b8e61

"protobufjs": "^6.11.2",

What version of protobufjs should libp2p-gossiphub change to?

if it is fixed what version gossiphub has the fix for helia? Thanks. cool stuff guys