Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Update dependency nexmo to v2.2.1 (main) #7

Open
wants to merge 1 commit into
base: main
Choose a base branch
from
Open

Update dependency nexmo to v2.2.1 (main) #7

wants to merge 1 commit into from

Conversation

mend-for-github.aaakk.us.kg[bot]
Copy link

@mend-for-github.aaakk.us.kg mend-for-github.aaakk.us.kg bot commented Apr 30, 2024
edited
Loading

This PR contains the following updates:

Package Type Update Change
nexmo dependencies minor 2.0.2 -> 2.2.1

By merging this PR, the issue #2 will be automatically resolved and closed:

Severity CVSS Score CVE Reachability
High High 8.8 CVE-2018-3728
High High 7.5 CVE-2017-18214
High High 7.5 CVE-2022-24785
High High 7.5 CVE-2022-31129
High High 7.1 WS-2018-0096

Release Notes

nexmo/nexmo-node (nexmo)

v2.2.1

Compare Source

  • Update dependencies to fix security vulnerability (See #​179)

v2.2.0

Compare Source

  • Add support for media API

v2.1.1

Compare Source

Bug Fixes
  • #​125 - Prevent default headers being overwritten in HTTPClient (@​poying)
  • #​155 - Handle 204 status code as a success, not an error (@​AverageMarcus)
  • You can now change the port in HTTPClient (previously forced to use 443)
Documentation
New Features
  • #​139 - Search SMS messages
  • #​140 - Search SMS rejections
  • #​141 - Report conversion data to Nexmo (if enabled on your account)
  • #​169 - Trigger an auto-reload top-up
Other goodies
  • #​111 - We now officially support all LTS node.js versions + the latest current
  • Added Prettier as our formatting tool via eslint. Run npm run lint-fix to automatically fix any formatting issues
  • Added NYC for code coverage. There are currently no thresholds - we'll be adding these in the future
Q&A

Q. What happened to 2.1.0?
A. @​mheap can't computer correctly and published the wrong thing to NPM. As NPM (quite rightly) doesn't let you overwrite tags, we're having to skip to 2.1.1

  • If you want to rebase/retry this PR, check this box

@mend-for-github.aaakk.us.kg mend-for-github.aaakk.us.kg bot added the security fix Security fix generated by Mend label Apr 30, 2024
@mend-for-github.aaakk.us.kg mend-for-github.aaakk.us.kg bot force-pushed the whitesource-remediate/main-nexmo-2.x-lockfile branch from c2fe925 to 3724485 Compare May 22, 2024 03:45
@mend-for-github.aaakk.us.kg mend-for-github.aaakk.us.kg bot force-pushed the whitesource-remediate/main-nexmo-2.x-lockfile branch from 3724485 to cfa0261 Compare August 6, 2024 04:21
@mend-for-github.aaakk.us.kg mend-for-github.aaakk.us.kg bot force-pushed the whitesource-remediate/main-nexmo-2.x-lockfile branch from cfa0261 to 727437f Compare August 29, 2024 03:37
@mend-for-github.aaakk.us.kg mend-for-github.aaakk.us.kg bot force-pushed the whitesource-remediate/main-nexmo-2.x-lockfile branch from 727437f to be9d9c9 Compare November 9, 2024 05:24
@mend-for-github.aaakk.us.kg mend-for-github.aaakk.us.kg bot force-pushed the whitesource-remediate/main-nexmo-2.x-lockfile branch 2 times, most recently from c2a724b to d2aee97 Compare November 29, 2024 04:20
@mend-for-github.aaakk.us.kg mend-for-github.aaakk.us.kg bot force-pushed the whitesource-remediate/main-nexmo-2.x-lockfile branch from d2aee97 to 5cefa39 Compare December 3, 2024 04:02
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
security fix Security fix generated by Mend
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
0 participants