moleculer-addons
moleculer-addons copied to clipboard
Published
20 hours ago •
moleculerjs
moleculerjs
[Snyk] Security upgrade twilio from 3.69.0 to 4.0.0
This PR was automatically created by Snyk using the credentials of a real user.
Snyk has created this PR to fix one or more vulnerable packages in the `npm` dependencies of this project.
Changes included in this PR
- Changes to the following files to upgrade the vulnerable dependencies to a fixed version:
- packages/moleculer-twilio/package.json
- packages/moleculer-twilio/package-lock.json
Vulnerabilities that will be fixed
With an upgrade:
| Severity | Priority Score (*) | Issue | Breaking Change | Exploit Maturity |
|---|---|---|---|---|
 |
599/1000 Why? Has a fix available, CVSS 7.7 |
Improper Input Validation SNYK-JS-JSONWEBTOKEN-3180020 |
Yes | No Known Exploit |
 |
534/1000 Why? Has a fix available, CVSS 6.4 |
Improper Authentication SNYK-JS-JSONWEBTOKEN-3180022 |
Yes | No Known Exploit |
|
539/1000 Why? Has a fix available, CVSS 6.5 |
Improper Restriction of Security Token Assignment SNYK-JS-JSONWEBTOKEN-3180024 |
Yes | No Known Exploit |
|
554/1000 Why? Has a fix available, CVSS 6.8 |
Use of a Broken or Risky Cryptographic Algorithm SNYK-JS-JSONWEBTOKEN-3180026 |
Yes | No Known Exploit |
(*) Note that the real score may have changed since the PR was raised.
Commit messages
Package name: twilio
The new version differs by 119 commits.- ccbb504 Release 4.0.0
- 32a9a06 [Librarian] Regenerated @ a72b955e51d75514f3c944c81b9db17278cfad69
- 3e712b0 fix: remove Flex shortcuts for removed APIs (#902)
- 21ad190 docs: update link to exceptions example for 4.x release (#901)
- 449f5b2 docs: use long property descriptions if available (#899)
- 8da34f6 docs: add relevant Refer/Say/ssml links to upgrade guide; formatting (#895)
- 3c68014 fix: use break() for method names rather than break_() (#897)
- 6dff2f9 chore: readd ts tests to test rule (#888)
- b471067 feat!: Merge branch '4.0.0-rc' to main (#883)
- d9244e3 Release 3.84.1
- c0e0b62 [Librarian] Regenerated @ 82775d167bff9b55d1399fe288c2934a02411e8c
- fafd110 docs: updated the year in the license
- cb21935 test: bypass audit failures until v4 release (#848)
- b2a3738 Release 3.84.0
- b1d283a [Librarian] Regenerated @ 964f1611ab7481d828261f49551385a276499e30
- 08d60d4 docs: add commands to install release candidates (#821)
- ad711a4 Release 3.83.4
- b4d67a4 [Librarian] Regenerated @ 262cdcd92a729094d792ceac9c0d3fcf895fea3d
- 0810481 Release 3.83.3
- 860f240 [Librarian] Regenerated @ 2df4ac3e3d4eef8966d6e3125164dfe43634b9d7
- 096cf01 chore: upgrade GitHub Actions dependencies (#823)
- 44409a3 docs: update the year in the license
- 9bef73e Release 3.83.2
- 92974a5 [Librarian] Regenerated @ 18375def60d612c8e8bd57ea6e45050211ba4c08
Check the changes in this PR to ensure they won't cause issues with your project.
Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.
For more information:
🧐 View latest project report
📚 Read more about Snyk's upgrade and patch logic
Learn how to fix vulnerabilities with free interactive lessons:
🦉 Use of a Broken or Risky Cryptographic Algorithm
