function-templates icon indicating copy to clipboard operation
function-templates copied to clipboard

Published 20 hours ago verified publisher icon twilio-labs

[Snyk] Fix for 1 vulnerabilities

Open twilio-product-security opened this issue 2 years ago • 0 comments

Snyk has created this PR to fix one or more vulnerable packages in the `npm` dependencies of this project.

Changes included in this PR

  • Changes to the following files to upgrade the vulnerable dependencies to a fixed version:
    • package.json

Vulnerabilities that will be fixed

With an upgrade:
Severity Priority Score (*) Issue Breaking Change Exploit Maturity
medium severity 556/1000
Why? Recently disclosed, Has a fix available, CVSS 5.4		 Open Redirect
SNYK-JS-GOT-2932019		 Yes No Known Exploit

(*) Note that the real score may have changed since the PR was raised.

Commit messages
Package name: got The new version differs by 250 commits.
  • 5e17bb7 11.8.5
  • bce8ce7 Backport 861ccd9ac2237df762a9e2beed7edd88c60782dc
  • 8ced192 Fix build
  • 670eb04 11.8.4
  • 20f29fe Backport #1543: Initialize globalResponse in case of ignored HTTPError (#2017)
  • 0da732f 11.8.3
  • 9463bb6 Bump cacheable-request dependency (#1921)
  • 0e167b8 HTTPError code set to 'HTTPError' #1711 (#1739)
  • f896aa5 11.8.2
  • 3bd245f Instantiate CacheableLookup only when needed (#1529)
  • a72ed84 11.8.1
  • 4c815c3 Do not throw on custom stack traces (#1491)
  • e0cb820 11.8.0
  • f65c9ef Upgrade dependencies
  • 7acd380 Fix for sending files with size `0` on `stat` (#1488)
  • 6aa86f2 Fix indentation in the readme
  • 3dd2273 `beforeRetry` allows stream body if different from original (#1501)
  • b1afa2b Fix readme example comment (#1505)
  • 390b145 Set default value for an options object (#1495)
  • 87dadd5 Fixed documentation example for `responseType` (#1494)
  • 3bf3e3b Add `lookup` option documentation (#1483)
  • c31366b Add a test for #1438 (#1469)
  • 5d62958 11.7.0
  • 88b32ea Fix a regression where body was sent after redirect

See the full diff

Check the changes in this PR to ensure they won't cause issues with your project.

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information: 🧐 View latest project report

🛠 Adjust project settings

📚 Read more about Snyk's upgrade and patch logic

Learn how to fix vulnerabilities with free interactive lessons:

🦉 Open Redirect

twilio-product-security avatar Jun 19 '22 17:06 twilio-product-security