[Snyk] Upgrade @sendgrid/mail from 7.4.7 to 7.6.2

[snyk-bot]

Snyk has created this PR to upgrade @sendgrid/mail from 7.4.7 to 7.6.2.

:information_source: Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.

---

• The recommended version is 4 versions ahead of your current version.
• The recommended version was released a month ago, on 2022-03-09.

The recommended version fixes:

Severity	Issue	PriorityScore (*)	Exploit Maturity
	Directory Traversal SNYK-JS-MOMENT-2440688	661/1000 Why? Recently disclosed, Has a fix available, CVSS 7.5	No Known Exploit
	Prototype Pollution SNYK-JS-ASYNC-2441827	661/1000 Why? Recently disclosed, Has a fix available, CVSS 7.5	Proof of Concept
	Regular Expression Denial of Service (ReDoS) SNYK-JS-RAMDA-1582370	661/1000 Why? Recently disclosed, Has a fix available, CVSS 7.5	No Known Exploit
	Information Exposure SNYK-JS-FOLLOWREDIRECTS-2332181	661/1000 Why? Recently disclosed, Has a fix available, CVSS 7.5	Proof of Concept
	Prototype Pollution SNYK-JS-MINIMIST-2429795	661/1000 Why? Recently disclosed, Has a fix available, CVSS 7.5	No Known Exploit
	Information Exposure SNYK-JS-FOLLOWREDIRECTS-2396346	661/1000 Why? Recently disclosed, Has a fix available, CVSS 7.5	No Known Exploit

(*) Note that the real score may have changed since the PR was raised.

Release notes

Package name: @sendgrid/mail

• 7.6.2 - 2022-03-09
  

  Release Notes

  Library - Chore

  • PR #1347: update Axios dependency. Thanks to @ JenniferMah!
  • PR #1341: push Datadog Release Metric upon deploy success. Thanks to @ eshanholtz!

  Library - Docs

  • PR #1342: fix broken image links on npm. Thanks to @ IObert!
  • PR #1340: Update docs with bodyParser exclusion for webhook signature verification. Thanks to @ danmana!
• 7.6.1 - 2022-02-09
  

  Release Notes

  Library - Chore

  • PR #1334: upgrade supported language versions. Thanks to @ childish-sambino!
  • PR #1329: migrate to gh actions. Thanks to @ shwetha-manvinkurke!
  • PR #1320: adjust 'packages/mail/src/mail.d.ts'. Thanks to @ collierrgbsitisfise!
  • PR #1325: update license year. Thanks to @ JenniferMah!

  Library - Test

  • PR #1330: set the right version for tests. Thanks to @ shwetha-manvinkurke!
  • PR #1327: get the integration tests running again. Thanks to @ shwetha-manvinkurke!

  Library - Fix

  • PR #1326: Revert "chore: adjust 'packages/mail/src/mail.d.ts' (#1320)". Thanks to @ eshanholtz!

  Library - Docs

  • PR #1324: fix npm docs link. Thanks to @ arvindell!
• 7.6.0 - 2021-11-03
  

  Release Notes

  Library - Docs

  • PR #1314: Fix example of creating a transactional template in usage.md. Thanks to @ robbieaverill!

  Library - Feature

  • PR #1312: allow personalization of the From name & email for each email recipient. Thanks to @ beebzz!
• 7.5.0 - 2021-10-18
  

  Release Notes

  Library - Feature

  • PR #1303: Added support of replyToList in the library, #339:. Thanks to @ subinoy7!

  Library - Docs

  • PR #1308: improve signed webhook validation instruction. Thanks to @ shwetha-manvinkurke!

  Library - Test

  • PR #1305: fix issue with new client overriding previously set api key. Thanks to @ seantcanavan!
• 7.4.7 - 2021-09-22
  

  Release Notes

  Library - Chore

  • PR #1296: Bump Axios to 0.21.4 to fix ReDoS. Thanks to @ LuisOsta!

from @sendgrid/mail GitHub release notes

Commit messages

Package name: @sendgrid/mail

• 6beced7 Release 7.6.2
• b205a0b [Librarian] Version Bump
• 2491d4f chore: update Axios dependency (#1347)
• 723b753 docs:fix broken image links on npm (#1342)
• 4c78c28 chore: push Datadog Release Metric upon deploy success (#1341)
• 6ef5e9a docs: Update docs with bodyParser exclusion for webhook signature verification (#1340)
• da8220e Release 7.6.1
• eb82b89 [Librarian] Version Bump
• c23bdee chore: upgrade supported language versions (#1334)
• a136110 fix: only do a Docker Login if the secrets are available
• 0c491ce chore: make Slack message consistent across all repos
• e9a3600 test: set the right version for tests (#1330)
• 3251610 chore: migrate to gh actions (#1329)
• 2aed5b2 "fixing" the tests (#1327)
• f782b84 Revert "chore: adjust 'packages/mail/src/mail.d.ts' (#1320)" (#1326)
• a6a83d1 chore: adjust 'packages/mail/src/mail.d.ts' (#1320)
• 9dc9f0f docs: fix npm docs link (#1324)
• 3e9d37f chore: update license year (#1325)
• 8623510 Release 7.6.0
• b963e38 [Librarian] Version Bump
• 4eb4e31 docs: Fix example of creating a transactional template in usage.md (#1314)
• a068f9d feat: allow personalization of the From name & email for each email recipient (#1312)
• a3307fd Release 7.5.0
• 150da7d [Librarian] Version Bump

Compare

---

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.

For more information:

🧐 View latest project report

🛠 Adjust upgrade PR settings

🔕 Ignore this dependency or unsubscribe from future upgrade PRs