Skip to content

[Snyk] Upgrade twilio from 4.8.0 to 4.20.0 #89

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
wants to merge 1 commit into
base: main
Choose a base branch
from
Open

[Snyk] Upgrade twilio from 4.8.0 to 4.20.0 #89

wants to merge 1 commit into from

Conversation

Codehackerone
Copy link
Owner

This PR was automatically created by Snyk using the credentials of a real user.


Snyk has created this PR to upgrade twilio from 4.8.0 to 4.20.0.

As this is a private repository, Snyk-bot does not have access. Therefore, this PR has been created automatically, but appears to have been created by a real user.

✨ Snyk has automatically assigned this pull request, set who gets assigned.

ℹ️ Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.

  • The recommended version is 17 versions ahead of your current version.
  • The recommended version was released a month ago, on 2023-12-14.

The recommended version fixes:

Severity Issue PriorityScore (*) Exploit Maturity
Cross-site Request Forgery (CSRF)
SNYK-JS-AXIOS-6032459		 676/1000
Why? Proof of Concept exploit, Has a fix available, CVSS 7.1		 Proof of Concept
Prototype Pollution
SNYK-JS-AXIOS-6144788		 676/1000
Why? Proof of Concept exploit, Has a fix available, CVSS 7.1		 No Known Exploit
Improper Input Validation
SNYK-JS-FOLLOWREDIRECTS-6141137		 676/1000
Why? Proof of Concept exploit, Has a fix available, CVSS 7.1		 Proof of Concept
Regular Expression Denial of Service (ReDoS)
SNYK-JS-AXIOS-6124857		 676/1000
Why? Proof of Concept exploit, Has a fix available, CVSS 7.1		 Proof of Concept

(*) Note that the real score may have changed since the PR was raised.

Release notes
Package name: twilio
  • 4.20.0 - 2023-12-14

    Release Notes

    Api

    • Updated service base url for connect apps and authorized connect apps APIs (breaking change)

    Events

    • Marked as GA

    Insights

    • decommission voice-qualitystats-endpoint role

    Numbers

    • Add Get Port In request api

    Taskrouter

    • Add jitter_buffer_size param in update reservation

    Trusthub

    • Add additional optional fields in compliance_tollfree_inquiry.json

    Verify

    • Remove Tags from Public Docs (breaking change)

    Docs

  • 4.19.3 - 2023-12-01

    Release Notes

    Verify

    • Add VerifyEventSubscriptionEnabled parameter to service create and update endpoints.

    Docs

  • 4.19.0 - 2023-10-19

    Release Notes

    Library - Chore

    Accounts

    • Updated Safelist metadata to correct the docs.
    • Add Global SafeList API changes

    Api

    • Added optional parameter CallToken for create participant api

    Flex

    • Adding offline_config to Flex Configuration

    Intelligence

    • Deleted redacted parameter from fetching transcript in v2 (breaking change)

    Lookups

    • Add new phone_number_quality_score package to the lookup response
    • Remove disposable_phone_number_risk package (breaking change)

    Messaging

    • Update US App To Person documentation with current message_samples requirements

    Taskrouter

    • Remove beta_feature check on task_queue_bulk_real_time_statistics endpoint
    • Add virtual_start_time property to tasks
    • Updating task_queue_data format from map to array in the response of bulk get endpoint of TaskQueue Real Time Statistics API (breaking change)

    Docs

  • 4.18.1 - 2023-10-05

    Release Notes

    Library - Fix

    Lookups

    • Add test api support for Lookup v2

    Docs

  • 4.18.0 - 2023-09-21

    Release Notes

    Conversations

    • Enable conversation email bindings, email address configurations and email message subjects

    Flex

    • Adding console_errors_included to Flex Configuration field debugger_integrations
    • Introducing new channel status as inactive in modify channel endpoint for leave functionality (breaking change)
    • Adding citrix_voice_vdi to Flex Configuration

    Taskrouter

    • Add Update Queues, Workers, Workflow Real Time Statistics API to flex-rt-data-api-v2 endpoint
    • Add Update Workspace Real Time Statistics API to flex-rt-data-api-v2 endpoint

    Docs

  • 4.17.0 - 2023-09-07
  • 4.16.0 - 2023-08-24
  • 4.15.0 - 2023-08-10
  • 4.14.1 - 2023-07-27
  • 4.14.0 - 2023-07-14
  • 4.13.0 - 2023-06-28
  • 4.12.0 - 2023-06-15
  • 4.11.2 - 2023-06-01
  • 4.11.1 - 2023-05-18
  • 4.11.0 - 2023-05-04
  • 4.10.0 - 2023-04-05
  • 4.9.0 - 2023-03-22
  • 4.8.0 - 2023-02-22
from twilio GitHub release notes
Commit messages
Package name: twilio
  • aa7a28b Release 4.20.0
  • a2f90eb [Librarian] Regenerated @ 08c0904bec7ba6e5da9e5db6c4e0f74dfc97fb10
  • 2a51f83 Release 4.19.3
  • 90208b3 [Librarian] Regenerated @ 437c39e3f150e78058f5afb3ef0672e89fc59ec0
  • 00e852f Release 4.19.2
  • 5a3916d [Librarian] Regenerated @ 24dcf52b3ba6769ea21d08329aa544a79742b6c2
  • ce0804c chore: Removing Test Related To Deprecated Endpoint - OAuth (#963)
  • 23eca56 chore: twilio help changes (#958)
  • a981eb0 chore: Update axios to 1.6 to pull in fix for CVE 2023 45857 (#971)
  • e7bbeb1 chore: Removed LTS version (#978)
  • 1f6d8eb Release 4.19.1
  • 31e0189 [Librarian] Regenerated @ 5eb406c4977c9f6976e6053cb5b581056f541a59
  • de63541 Release 4.19.0
  • b86e2e0 [Librarian] Regenerated @ 922c1fef02b8c8fbbbe2315aa9b9d1dba49f3fc0
  • ed8ad97 chore: upgraded semver versions (#966)
  • 75361b2 chore: added feature request issue template (#964)
  • a23ee16 Release 4.18.1
  • 0ccd7ca [Librarian] Regenerated @ a25fe2e20ee404d8f8642d6e5acceff276916c9e
  • 316114b fix: update security method validatessl (#961)
  • 392fedd Release 4.18.0
  • 4af092a [Librarian] Regenerated @ c9ac9b9736431d573d8dec29ad3095eee969cdea
  • b39e374 Release 4.17.0
  • 8c2edfc [Librarian] Regenerated @ b32d3e1eba2177c81eeca51181f67e618fe86dbe
  • 7203ad0 Release 4.16.0

Compare

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.

For more information:

🧐 View latest project report

👩‍💻 Set who automatically gets assigned

🛠 Adjust upgrade PR settings

🔕 Ignore this dependency or unsubscribe from future upgrade PRs

@anuragc2001 anuragc2001 removed their assignment Jan 26, 2024
@anuragc2001 anuragc2001 self-requested a review January 26, 2024 20:45
@anuragc2001 anuragc2001 removed their request for review January 26, 2024 20:45
@Codehackerone Codehackerone reopened this Jan 27, 2024
@anuragc2001 anuragc2001 requested review from anuragc2001 and removed request for anuragc2001 January 27, 2024 19:00
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@Codehackerone @anuragc2001 @snyk-bot