Skip to content

[Snyk] Upgrade twilio from 4.8.0 to 4.19.3 #73

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
wants to merge 1 commit into
base: main
Choose a base branch
from
Open

[Snyk] Upgrade twilio from 4.8.0 to 4.19.3 #73

wants to merge 1 commit into from

Conversation

Codehackerone
Copy link
Owner

This PR was automatically created by Snyk using the credentials of a real user.


Snyk has created this PR to upgrade twilio from 4.8.0 to 4.19.3.

As this is a private repository, Snyk-bot does not have access. Therefore, this PR has been created automatically, but appears to have been created by a real user.

✨ Snyk has automatically assigned this pull request, set who gets assigned.

ℹ️ Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.

  • The recommended version is 16 versions ahead of your current version.
  • The recommended version was released 21 days ago, on 2023-12-01.

The recommended version fixes:

Severity Issue PriorityScore (*) Exploit Maturity
Cross-site Request Forgery (CSRF)
SNYK-JS-AXIOS-6032459		 676/1000
Why? Proof of Concept exploit, Has a fix available, CVSS 7.1		 Proof of Concept

(*) Note that the real score may have changed since the PR was raised.

Release notes
Package name: twilio
  • 4.19.3 - 2023-12-01

    Release Notes

    Verify

    • Add VerifyEventSubscriptionEnabled parameter to service create and update endpoints.

    Docs

  • 4.19.0 - 2023-10-19

    Release Notes

    Library - Chore

    Accounts

    • Updated Safelist metadata to correct the docs.
    • Add Global SafeList API changes

    Api

    • Added optional parameter CallToken for create participant api

    Flex

    • Adding offline_config to Flex Configuration

    Intelligence

    • Deleted redacted parameter from fetching transcript in v2 (breaking change)

    Lookups

    • Add new phone_number_quality_score package to the lookup response
    • Remove disposable_phone_number_risk package (breaking change)

    Messaging

    • Update US App To Person documentation with current message_samples requirements

    Taskrouter

    • Remove beta_feature check on task_queue_bulk_real_time_statistics endpoint
    • Add virtual_start_time property to tasks
    • Updating task_queue_data format from map to array in the response of bulk get endpoint of TaskQueue Real Time Statistics API (breaking change)

    Docs

  • 4.18.1 - 2023-10-05

    Release Notes

    Library - Fix

    Lookups

    • Add test api support for Lookup v2

    Docs

  • 4.18.0 - 2023-09-21

    Release Notes

    Conversations

    • Enable conversation email bindings, email address configurations and email message subjects

    Flex

    • Adding console_errors_included to Flex Configuration field debugger_integrations
    • Introducing new channel status as inactive in modify channel endpoint for leave functionality (breaking change)
    • Adding citrix_voice_vdi to Flex Configuration

    Taskrouter

    • Add Update Queues, Workers, Workflow Real Time Statistics API to flex-rt-data-api-v2 endpoint
    • Add Update Workspace Real Time Statistics API to flex-rt-data-api-v2 endpoint

    Docs

  • 4.17.0 - 2023-09-07

    Release Notes

    Api

    • Make message tagging parameters public (breaking change)

    Flex

    • Adding agent_conv_end_methods to Flex Configuration

    Messaging

    • Mark Mesasging Services fallback_to_long_code feature obsolete

    Numbers

    • Add Create Port In request api
    • Renaming sid for bulk_hosting_sid and remove account_sid response field in numbers/v2/BulkHostedNumberOrders (breaking change)

    Pricing

    • gate resources behind a beta_feature

    Docs

  • 4.16.0 - 2023-08-24

    Release Notes

    Api

    • Add new property RiskCheck for SMS pumping protection feature only (public beta to be available soon): Include this parameter with a value of disable to skip any kind of risk check on the respective message request

    Flex

    • Changing sid<UO> path param to sid<UT> in interaction channel participant update endpoint (breaking change)

    Messaging

    • Add Channel Sender api
    • Fixing country code docs and removing Zipwhip references

    Numbers

    • Request status changed in numbers/v2/BulkHostedNumberOrders (breaking change)
    • Add bulk hosting orders API under version `/v2

    Docs

  • 4.15.0 - 2023-08-10

    Release Notes

    Library - Fix

    Insights

    • Normalize annotations parameters in list summary api to be prefixed

    Numbers

    • Change Bulk_hosted_sid from BHR to BH prefix in HNO and dependent under version /v2 API's. (breaking change)
    • Added parameter target_account_sid to portability and account_sid to response body

    Verify

    • Remove beta feature flag to list attempts API.
    • Remove beta feature flag to verifications summary attempts API.

    Docs

  • 4.14.1 - 2023-07-27
  • 4.14.0 - 2023-07-14
  • 4.13.0 - 2023-06-28
  • 4.12.0 - 2023-06-15
  • 4.11.2 - 2023-06-01
  • 4.11.1 - 2023-05-18
  • 4.11.0 - 2023-05-04
  • 4.10.0 - 2023-04-05
  • 4.9.0 - 2023-03-22
  • 4.8.0 - 2023-02-22
from twilio GitHub release notes
Commit messages
Package name: twilio
  • 2a51f83 Release 4.19.3
  • 90208b3 [Librarian] Regenerated @ 437c39e3f150e78058f5afb3ef0672e89fc59ec0
  • 00e852f Release 4.19.2
  • 5a3916d [Librarian] Regenerated @ 24dcf52b3ba6769ea21d08329aa544a79742b6c2
  • ce0804c chore: Removing Test Related To Deprecated Endpoint - OAuth (#963)
  • 23eca56 chore: twilio help changes (#958)
  • a981eb0 chore: Update axios to 1.6 to pull in fix for CVE 2023 45857 (#971)
  • e7bbeb1 chore: Removed LTS version (#978)
  • 1f6d8eb Release 4.19.1
  • 31e0189 [Librarian] Regenerated @ 5eb406c4977c9f6976e6053cb5b581056f541a59
  • de63541 Release 4.19.0
  • b86e2e0 [Librarian] Regenerated @ 922c1fef02b8c8fbbbe2315aa9b9d1dba49f3fc0
  • ed8ad97 chore: upgraded semver versions (#966)
  • 75361b2 chore: added feature request issue template (#964)
  • a23ee16 Release 4.18.1
  • 0ccd7ca [Librarian] Regenerated @ a25fe2e20ee404d8f8642d6e5acceff276916c9e
  • 316114b fix: update security method validatessl (#961)
  • 392fedd Release 4.18.0
  • 4af092a [Librarian] Regenerated @ c9ac9b9736431d573d8dec29ad3095eee969cdea
  • b39e374 Release 4.17.0
  • 8c2edfc [Librarian] Regenerated @ b32d3e1eba2177c81eeca51181f67e618fe86dbe
  • 7203ad0 Release 4.16.0
  • b4e6952 [Librarian] Regenerated @ 38fb28edc02f73b8635b45a5612c5ae33eab39fe
  • 70bc328 Release 4.15.0

Compare

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.

For more information:

🧐 View latest project report

👩‍💻 Set who automatically gets assigned

🛠 Adjust upgrade PR settings

🔕 Ignore this dependency or unsubscribe from future upgrade PRs

@anuragc2001 anuragc2001 removed their assignment Jan 26, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@Codehackerone @anuragc2001 @snyk-bot