[Snyk] Upgrade redis from 4.5.1 to 4.6.5

snyk-bot commented 1 year ago

Snyk has created this PR to upgrade redis from 4.5.1 to 4.6.5.

:information_source: Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.

The recommended version is 6 versions ahead of your current version.
The recommended version was released a month ago, on 2023-02-24.

Release notes

Package name: redis

4.6.5 - 2023-02-24
Enhancements
- upgrade @ redis/client from 1.5.5 to 1.5.6
- upgrade @ redis/search from 1.1.1 to 1.1.2
4.6.4 - 2023-01-30
Enhancements
- upgrade @ redis/client from 1.5.4 to 1.5.5
4.6.3 - 2023-01-28
Enhancements
- upgrade @ redis/client from 1.5.3 to 1.5.4
4.6.2 - 2023-01-27
Enhancements
- upgrade @ redis/client from 1.5.2 to 1.5.3
4.6.1 - 2023-01-26
Enhancements
- upgrade @ redis/client from 1.5.0 to 1.5.2
4.6.0 - 2023-01-25
4.5.1 - 2022-11-24

from redis GitHub release notes

Commit messages

Package name: redis

4745fae ugprade subpackages
f756d9a Release client@1.5.6
f0794ec Release search@1.1.2
4937efc upgrade dependencies (#2426)
e95b258 fix #2419 - fix RESP2 array decoder in edge cases (#2424)
63e5228 fix #2411 - export RedisFlushModes (#2425)
26e057e fix FT.SEARCH RETURN [] (#2421)
0f28dad Execute empty MULTI (#2423)
1be8422 Remove redundant UNF sub-option in JSON example (#2418)
9ffae59 Release redis@4.6.4
9209245 upgrade subpackages
e4229a4 Release client@1.5.5
7cb467a fix #2398 - fix `v4` interface in `legacyMode` (#2402)
b3c260a fix graph tests
bb9a024 fix: Fix small typo in Redis Pub/Sub docs (#2400)
7a0334f Release redis@4.6.3
a891553 upgrade subpackages
f1e951d Release client@1.5.4
b3cd785 fix reconnecting event (#2396)
58e572b Release redis@4.6.2
c00b20f upgrade subpackages
be335ef Release client@1.5.3
2dba7f2 fix #2392 - handle errors in `legacyMode` (#2394)
00e3652 Release redis@4.6.1

Compare

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.

For more information:

🧐 View latest project report

🛠 Adjust upgrade PR settings

🔕 Ignore this dependency or unsubscribe from future upgrade PRs

socket-security[bot] commented 1 year ago

New dependency changes detected. Learn more about Socket for GitHub ↗︎

👍 No new dependency issues detected in pull request

Bot Commands

To ignore an alert, reply with a comment starting with @SocketSecurity ignore followed by a space separated list of package-name@version specifiers. e.g. @SocketSecurity ignore foo@1.0.0 bar@* or ignore all packages with @SocketSecurity ignore-all

Pull request alert summary

Issue	Status
Install scripts	✅ 0 issues
Native code	✅ 0 issues
Bin script shell injection	✅ 0 issues
Unresolved require	✅ 0 issues
Invalid package.json	✅ 0 issues
HTTP dependency	✅ 0 issues
Git dependency	✅ 0 issues
Potential typo squat	✅ 0 issues
Known Malware	✅ 0 issues
Telemetry	✅ 0 issues
Protestware/Troll package	✅ 0 issues