collaborative-code-conference icon indicating copy to clipboard operation
collaborative-code-conference copied to clipboard

Published 20 hours ago verified publisher icon crcastle

[Snyk] Security upgrade twilio from 3.2.0-edge to 3.17.1

Open crcastle opened this issue 3 years ago • 0 comments

This PR was automatically created by Snyk using the credentials of a real user.


Snyk has created this PR to fix one or more vulnerable packages in the `npm` dependencies of this project.

merge advice

Changes included in this PR

  • Changes to the following files to upgrade the vulnerable dependencies to a fixed version:
    • package.json

Vulnerabilities that will be fixed

With an upgrade:
Severity Priority Score (*) Issue Breaking Change Exploit Maturity
high severity 584/1000
Why? Has a fix available, CVSS 7.4		 Regular Expression Denial of Service (ReDoS)
SNYK-JS-HAWK-2808852		 No No Known Exploit

(*) Note that the real score may have changed since the PR was raised.

Commit messages
Package name: twilio The new version differs by 250 commits.
  • 7d5ef03 Release 3.17.1
  • 956090b [Librarian] Regenerated @ eb708812c2f90eac9e066ed4b9026bfb1276d419
  • 914dfe8 Update Contributing section in README.md (#349)
  • d6f393b Update dependencies to fix vulnerabilities (#343) (#347)
  • a7efaef Update request dependency (#351)
  • 8b5d3b4 Release 3.17.0
  • 52285b4 [Librarian] Regenerated @ a7d73bbe66630cbe95e957d5c5b4df5d1692ca33
  • 20a277c Update request version RE sec. advisory #606 (#340)
  • 86771b7 Release 3.16.0
  • 07d9617 [Librarian] Regenerated @ c4079ef2e396aaadcdc4dfcbebb16b4a9a34a1dc
  • 3693092 Upgrade lodash (#337)
  • 84a2dde Release 3.15.1
  • 4baa5eb [Librarian] Regenerated @ bdf3a23dbbe31ed526223499c081c55c48ccd0f5
  • 2dd44f0 Release 3.15.0
  • e3f04ab [Librarian] Regenerated @ affbf0251ae3f327c6613374357247a3417b863e
  • 01878d0 Add incoming.allow to AccessToken VoiceGrant (#334)
  • 51e3cab use _.isDate to check if object is a Date object (#335)
  • cba0803 Release 3.14.0
  • 1df7b5e [Librarian] Regenerated @ 0d6397ea462cf38ccee74f7de204ee1261bb0d8f
  • 91a31e7 Release 3.13.1
  • e3b51c7 [Librarian] Regenerated @ ffacdca4676a6b497016d64a881c854bbb1af883
  • b5f475e Release 3.13.0
  • acc8791 Update changelog for 3.13.0
  • 257abb9 [Librarian] Regenerated @ 3b48cf0f942eba0164733cfb8f58950a7a8bcab7

See the full diff

Check the changes in this PR to ensure they won't cause issues with your project.

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information: 🧐 View latest project report

🛠 Adjust project settings

📚 Read more about Snyk's upgrade and patch logic

Learn how to fix vulnerabilities with free interactive lessons:

🦉 Learn about vulnerability in an interactive lesson of Snyk Learn.

crcastle avatar Jun 30 '22 03:06 crcastle