[Snyk] Upgrade dotenv from 16.0.3 to 16.3.2

This PR was automatically created by Snyk using the credentials of a real user.

Snyk has created this PR to upgrade dotenv from 16.0.3 to 16.3.2.

:information_source: Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.

- The recommended version is **11 versions** ahead of your current version. - The recommended version was released **21 days ago**, on 2024-01-19. The recommended version fixes: Severity | Issue | PriorityScore (*) | Exploit Maturity | :-------------------------:|:-------------------------|-------------------------|:-------------------------

| Regular Expression Denial of Service (ReDoS)
[SNYK-JS-SEMVER-3247795](https://snyk.io/vuln/SNYK-JS-SEMVER-3247795) | **482/1000**
**Why?** Proof of Concept exploit, CVSS 7.5 | Proof of Concept

| Regular Expression Denial of Service (ReDoS)
[SNYK-JS-ADOBECSSTOOLS-6096077](https://snyk.io/vuln/SNYK-JS-ADOBECSSTOOLS-6096077) | **482/1000**
**Why?** Proof of Concept exploit, CVSS 7.5 | No Known Exploit

| Improper Input Validation
[SNYK-JS-FOLLOWREDIRECTS-6141137](https://snyk.io/vuln/SNYK-JS-FOLLOWREDIRECTS-6141137) | **482/1000**
**Why?** Proof of Concept exploit, CVSS 7.5 | Proof of Concept

| Prototype Pollution
[SNYK-JS-TOUGHCOOKIE-5672873](https://snyk.io/vuln/SNYK-JS-TOUGHCOOKIE-5672873) | **482/1000**
**Why?** Proof of Concept exploit, CVSS 7.5 | Proof of Concept

| Regular Expression Denial of Service (ReDoS)
[SNYK-JS-ADOBECSSTOOLS-5871286](https://snyk.io/vuln/SNYK-JS-ADOBECSSTOOLS-5871286) | **482/1000**
**Why?** Proof of Concept exploit, CVSS 7.5 | No Known Exploit

| Regular Expression Denial of Service (ReDoS)
[SNYK-JS-WORDWRAP-3149973](https://snyk.io/vuln/SNYK-JS-WORDWRAP-3149973) | **482/1000**
**Why?** Proof of Concept exploit, CVSS 7.5 | Proof of Concept

| Incomplete List of Disallowed Inputs
[SNYK-JS-BABELTRAVERSE-5962462](https://snyk.io/vuln/SNYK-JS-BABELTRAVERSE-5962462) | **482/1000**
**Why?** Proof of Concept exploit, CVSS 7.5 | Proof of Concept (*) Note that the real score may have changed since the PR was raised.

Release notes

Package name: dotenv

16.3.2 - 2024-01-19

16.3.2

  </li>
  <li>
    <b>16.3.1</b> - <a href="https://snyk.io/redirect/github/motdotla/dotenv/releases/tag/v16.3.1">2023-06-17</a></br><p>16.3.1</p>
  </li>
  <li>
    <b>16.3.0</b> - <a href="https://snyk.io/redirect/github/motdotla/dotenv/releases/tag/v16.3.0">2023-06-16</a></br><p>16.3.0</p>
  </li>
  <li>
    <b>16.2.0</b> - <a href="https://snyk.io/redirect/github/motdotla/dotenv/releases/tag/v16.2.0">2023-06-16</a></br><p>16.2.0</p>
  </li>
  <li>
    <b>16.1.4</b> - <a href="https://snyk.io/redirect/github/motdotla/dotenv/releases/tag/v16.1.4">2023-06-04</a></br><p>16.1.4</p>
  </li>
  <li>
    <b>16.1.3</b> - <a href="https://snyk.io/redirect/github/motdotla/dotenv/releases/tag/v16.1.3">2023-05-31</a></br><p>16.1.3</p>
  </li>
  <li>
    <b>16.1.2</b> - <a href="https://snyk.io/redirect/github/motdotla/dotenv/releases/tag/v16.1.2">2023-05-31</a></br><p>16.1.2</p>
  </li>
  <li>
    <b>16.1.1</b> - <a href="https://snyk.io/redirect/github/motdotla/dotenv/releases/tag/v16.1.1">2023-05-31</a></br><p>v16.1.1</p>
  </li>
  <li>
    <b>16.1.0</b> - <a href="https://snyk.io/redirect/github/motdotla/dotenv/releases/tag/v16.1.0">2023-05-30</a></br><p>Update CHANGELOG and README</p>
  </li>
  <li>
    <b>16.1.0-rc2</b> - <a href="https://snyk.io/redirect/github/motdotla/dotenv/releases/tag/v16.1.0-rc2">2023-05-21</a></br><p>Version 16.1.0-rc2</p>
  </li>
  <li>
    <b>16.1.0-rc1</b> - 2023-04-07
  </li>
  <li>
    <b>16.0.3</b> - 2022-09-29
  </li>
</ul>
from <a href="https://snyk.io/redirect/github/motdotla/dotenv/releases">dotenv GitHub release notes</a>

Commit messages

Package name: dotenv

883d6a6 16.3.2
0489c7d Merge pull request #793 from zshnb/fix-buffer-slice
8609b84 update CHANGELOG
54d54e9 update CHANGELOG
630d2a0 Merge pull request #735 from anthonyshibitov/encoding-fix
823d0b8 Merge branch 'master' of github.com:motdotla/dotenv
2cffe84 update CHANGELOG
27e4c2b Merge pull request #792 from phuvinhbmt/fix/populate-return-type
1548c27 Update README
2eed66b Update README
6979f94 fix: use subarray instead of slice
c5b7592 refactor: remove redundant params
060db4f refactor doc of populate() signature
5d00dd9 Merge branch 'master' of github.com:motdotla/dotenv
01000f0 Remove retool
fc60b1b Merge pull request #779 from AnirudhKaranth/master
fab349b Add note in README
677b113 Change order of steps
101e1a7 Updated a link in README.md
cf4c569 Adjust example links to /usage
5924934 Merge pull request #762 from hoangdesu/patch-2
c8085ae Fix link to 12factor methodology
aa03dca Fix broken link
fa3cb05 Remove redundant key

Compare

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.

For more information:

🧐 View latest project report

🛠 Adjust upgrade PR settings

🔕 Ignore this dependency or unsubscribe from future upgrade PRs

Name	Link
Latest commit	964316a144bde744d28e66f0deef3e4469d33335
Latest deploy log	https://app.netlify.com/sites/otlio/deploys/65c6625cd398ba00086b62f0
Deploy Preview	https://deploy-preview-429--otlio.netlify.app
Preview on mobile	Toggle QR Code... Use your smartphone camera to open QR code link.
Lighthouse	1 paths audited Performance: 68 (🟢 up 1 from production) Accessibility: 97 (🟢 up 3 from production) Best Practices: 92 (🟢 up 9 from production) SEO: 97 (no change from production) PWA: 70 (no change from production) View the detailed breakdown and full score reports

stanleyowen / otlio